=?UTF-8?B?0JXQs9C+0YAg0KfQuNC90LTRj9GB0LrQuNC9?= <kyzeva...@mail.ru> writes: > Therefore, Alexander Lakhin and I decided to deal with this issue and > Alexander developed a methodology. We processed src/backend/*/*.c with "clang > -emit-llvm ... | opt -analyze -print-calgraph" to find all the functions > that call themselves directly. I checked each of them for features that > protect against stack overflows. > We analyzed 4 catalogs: regex, tsearch, snowball and adt. > Firstly, we decided to test the regex catalog functions and found 6 of them > that lack the check_stach_depth() call.
Nice work! I wonder if you can make the regex crashes reachable by reducing the value of max_stack_depth enough that it's hit before reaching the "regular expression is too complex" limit. regards, tom lane