Why REGEX functions in SQL SERVER 2025 can melt you CPU? Try yourself!

SQL Server 2025 REGEXP_LIKE Can Melt Your CPU 😱

Hi SQL SERVER Guys,

With the introduction of REGEX functions in SQL Server 2025, we finally have powerful pattern matching inside the engine. But… there is a very interesting (and dangerous) behavior that many developers don’t expect.

It is called catastrophic backtracking.


PS. if you missed my previous post: SQL Server 2025 LocalDB Crash – REGEXP Functions Break Due to Missing RegExpr.dll

What is Catastrophic Backtracking?

In the world of Regular Expressions, catastrophic backtracking happens when:

  • the pattern contains nested repetitions
  • the regex engine tries millions of combinations

The result?

  • CPU spikes to 100%
  • queries look stuck
  • execution time grows exponentially

A Simple Test Query

This is a safe but very effective demo:

DECLARE @s NVARCHAR(MAX) = 
REPLICATE('aaaaaaaaaaaaaaaaaaaaaaaaaaaa', 10) + 'b';

SELECT REGEXP_LIKE(@s,'(a+)+b');

At first glance, this looks harmless.

But the pattern:

(a+)+b

is exactly what creates the problem.

It tells the engine:

  • match many 'a'
  • inside another repetition
  • then find 'b'

The engine will try all possible combinations.

Watch the CPU 😅

If you increase the input size:

DECLARE @s NVARCHAR(MAX) = 
REPLICATE('a',10000) + 'b';

SELECT REGEXP_LIKE(@s,'(a+)+b');

You may observe:

sqlservr.exe → 100% CPU

The query can take seconds… or even minutes.

Even More Interesting Case

This version makes the issue very clear:

DECLARE @s NVARCHAR(MAX) = 
REPLICATE('a',20000) + 'X';

SELECT REGEXP_LIKE(@s,'(a+)+$');

Here the engine tries to verify that the string contains only 'a'.

But it doesn’t… because of the final 'X'.

So SQL Server explores thousands (or millions) of backtracking paths before failing.

Why This Happens

Most regex engines are backtracking engines.

This means they:

  • try one possibility
  • fail
  • go back and try another

Some patterns are linear:

O(n)

Others become:

O(2^n)

That’s where things explode.

How to Avoid It

Write safer patterns.

❌ Dangerous

(a+)+
(.*)+
(.+)+

✔ Better

a+
a{1,}
.*

Avoid nested quantifiers.

Real World Impact

Imagine a query like this:

SELECT *
FROM Logs
WHERE REGEXP_LIKE(Message,'(.*error)+')

On a large table, this can lead to:

  • massive CPU spikes
  • very slow queries
  • server performance degradation

Final Thought

Regex in SQL Server 2025 is powerful… but with great power comes great responsibility 😉

A small pattern can:

  • run instantly
  • or bring your server to its knees

Understanding how the engine works is more important than ever.

See you in the next deep dive 👌


Luca Biondi @2026

Comments

Post a Comment

I Post più popolari

Speaking to Sql Server, sniffing the TDS protocol

Image
Hello friends!  If yesterday you read my post and found it definitely boring (for the topic of course and not for how it was written to the author 😁) well today I promise you that the topic will be much more interesting! Let's talk about Sniffing , let's talk about going to see what happens when we "log in" or when we send a Query to SQL Server.  We will do this by taking a look to the little known tabular data stream (TDS) protocol built on top of the TCP/IP protocol. Ready! The TDS protocol What is the Tabular data stream (TDS) protocol?  The TDS is the protocol used by the SQL Server client Net-Library to communicates with SQL Server . TDS is specific to SQL Server and it is a low-level protocol that specifies both commands and data in a specific arrangement.  TDS encapsulate the TCP/IP protocol. Sniffing TDS packets you can read from the network the requests that your application do to the SQL Server and read the answer .   How to Sniff data from the ne...
Read more

SQL Server, find text in a Trigger, Stored Procedures, View and Function. Two ways and what ways is better

Image
Hi guys, Welcome back! Today a light post about a question that has been asked to me several times. The question is: how to  search for text inside a trigger or a stored procedure ? We have two different ways. A first way using a system view called syscomments: SELECT obj.xtype, text , * FROM sysobjects obj JOIN syscomments com on obj.id = com.id WHERE TEXT like '%text_that_i_am_searching_for%' A second way using a system view called sql_module: SELECT o. name AS Object_Name, o. type_desc , m. definition FROM sys.sql_modules m JOIN sys.objects o ON m. object_id = o. object_id WHERE m. definition Like '%text_that_i_am_searching_for%' ;   Another question is? What differences do we have in using one way instead of the other? Which solution is better? You have to consider that the system view sys.syscomment is obsolete and will be removed sooner or later. So don't use it in production enviroiments. The sys.sql_m...
Read more

SQL Server, Avoid that damn Table Spool!

Image
Hi guys, Welcome back for another post! A light one inspired from what i do during my work: many times I optimize queries rewriting them or adding index and i like it very much! Sometimes you need to use a little imagination, but everything you learn ... sooner or later it will come in handy! Enjoy the reading mates! Avoid the Table Spool, when you can A few days ago I came across a query whose execution time was very high ... or so it was for the client complaining about the problem. Before recreating it, let's create the structures and fill the tables with some data Create table PriceList (Id int identity (1,1) primary Key ,Code Varchar (20)) Insert into PriceList (code) select top 1000 right( '0000' + cast ( row_number () over ( order by id) as varchar (4)),4) from artico Insert into PriceList (code) select top 4000 right( '1000' + cast ( row_number () over ( order by id) as varchar (4)),4) from artico Create table OrdersList (Id int identity...
Read more