Skip to content
Tech News
← Back to articles

The quadratic problem nobody fixed

2026-03-19 | original
read original more articles
Why This Matters

This article highlights a long-standing and critical limitation in regex engines: their inability to guarantee linear time performance when retrieving all matches, especially in worst-case scenarios. This issue, present since the 1970s, poses significant challenges for developers and impacts the efficiency of text processing tasks across the tech industry. Addressing this problem is essential for building more reliable and performant pattern matching tools, which are fundamental in many software applications and security systems.

Key Takeaways

every regex engine that promises linear time breaks that promise the moment you ask for all matches. the problem has been there since the 70s, hiding in plain sight.

search a document for a pattern and it takes a second. search one a hundred times larger and it doesn't take a hundred seconds - it can take almost three hours. every regex engine, in every language, has had this problem since the 1970s, and nobody fixed it.

(this is a follow-up to RE#: how we built the world's fastest regex engine in F# and symbolic derivatives and the rust rewrite of RE#)

every regex engine that advertises linear-time matching - RE2, Go's regexp , rust's regex crate, .NET's NonBacktracking mode - means linear time for a single match. the moment you call find_iter or FindAll , that guarantee evaporates. the rust regex crate docs are the only ones honest enough to say it outright:

the worst case time complexity for iterators is O(m * n²). [...] if both patterns and haystacks are untrusted and you're iterating over all matches, you're susceptible to worst case quadratic time complexity. There is no way to avoid this. One possible way to mitigate this is to [...] immediately stop as soon as a match has been found. Enabling this mode will thus restore the worst case O(m * n) time complexity bound, but at the cost of different semantics.

the mechanism is simple. take the pattern .*a|b and a haystack of n b's. at each position, the engine tries .*a first - scans the entire remaining haystack looking for an a , finds none, fails. then the b branch matches a single character. advance one position, repeat. that's n + (n-1) + (n-2) + ... = O(n²) work to report n single-character matches. a textbook triangular sum. hit play to see it:

matching .*a|b against "bbbbbbbbbb" - finding all matches play

Russ Cox described this exact problem back in 2009, noting that even the original awk by Aho himself used the naive quadratic "loop around a DFA" for leftmost-longest matching. BurntSushi's rebar benchmark suite confirms it empirically across RE2, Go, and rust - the throughput halves when the input doubles. as he put it: "even for automata oriented engines, it provokes a case that is unavoidably O(m * n²)".

how did this go unnoticed for so long? almost all academic regex papers focus exclusively on the single-match problem and then handwave the rest away with "just iterate". part of the reason is that the theory of regexes boils everything down to a single yes/no question - does this string match or not? that's clean and great for proving theorems, but it throws away nearly everything that matters in practice: where the matches are, how long they are, and how many there are. once you reduce regexes to "match or no match", the all-matches problem simply disappears from view - pigeonholed into a framing that bears little resemblance to what people actually use regexes for.

backtracking is worse, and still the default

... continue reading

Explore topics: regex engines re2 rust regex crate .net nonbacktracking quadratic time
Related:
Finding all regex matches has always been O(n²)

© 2026 GoKawiil

About | Editorial Policy | Contact