diff --git a/mercurial/revset.py b/mercurial/revset.py
--- a/mercurial/revset.py
+++ b/mercurial/revset.py
@@ -1599,6 +1599,75 @@ symbols = {
     "_list": _list,
 }
 
+# symbols which can't be used for a DoS attack for any given input
+# (e.g. those which accept regexes as plain strings shouldn't be included)
+# functions that just return a lot of changesets (like all) don't count here
+safesymbols = set([
+    "adds",
+    "all",
+    "ancestor",
+    "ancestors",
+    "_firstancestors",
+    "author",
+    "bisect",
+    "bisected",
+    "bookmark",
+    "branch",
+    "branchpoint",
+    "bumped",
+    "bundle",
+    "children",
+    "closed",
+    "converted",
+    "date",
+    "desc",
+    "descendants",
+    "_firstdescendants",
+    "destination",
+    "divergent",
+    "draft",
+    "extinct",
+    "extra",
+    "file",
+    "filelog",
+    "first",
+    "follow",
+    "_followfirst",
+    "head",
+    "heads",
+    "hidden",
+    "id",
+    "keyword",
+    "last",
+    "limit",
+    "_matchfiles",
+    "max",
+    "merge",
+    "min",
+    "modifies",
+    "obsolete",
+    "origin",
+    "outgoing",
+    "p1",
+    "p2",
+    "parents",
+    "present",
+    "public",
+    "remote",
+    "removes",
+    "rev",
+    "reverse",
+    "roots",
+    "sort",
+    "secret",
+    "matching",
+    "tag",
+    "tagged",
+    "user",
+    "unstable",
+    "_list",
+])
+
 methods = {
     "range": rangeset,
     "dagrange": dagrange,