<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/159990>159990</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            ScalarEvolution eats more than 8MB stack space
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            new issue
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          sjoerdmeijer
      </td>
    </tr>
</table>

<pre>
    Compiling this input results in a segfault on my machine when compiled with `-O3`:

```
#include <algorithm>
int a;
extern char b[];
long *c;
void e(bool d, bool f[][0][0]) {
#pragma clang loop unroll(enable)
  for (int g = 0; g < 10; g++)
#pragma clang loop unroll(enable)
    for (int h = 0; h < 10; h++) {
      b[h] = 1;
 for (short i = 0; i < 8 + 2; i += 2)
        for (short j(std::max((unsigned long long)1849463778,
                              (unsigned long long)d) >>
                     f[g][1][g]);
             j < 7; j += 4)
 a &= c[j];
    }
}
```

On my machine, the stack space size is 8MB, and with `ulimit -s unlimited`, compilation is not aborted.

It all start here:

```
#11749 0x0000aaaab24e146c in llvm::InductionDescriptor::isInductionPHI (Phi=0xaaaabab30858, TheLoop=0xaaaabac8cf80, SE=0xaaaaba91e480, D=..., Expr=0x0, CastsToIgnore=0x0) at /llvm-project/llvm/lib/Analysis/IVDescriptors.cpp:1619
#11750 0x0000aaaab3c245fc in (anonymous namespace)::CanonicalizeFreezeInLoopsImpl::run (this=0xffffffff34c8) at /llvm-project/llvm/lib/Transforms/Utils/CanonicalizeFreezeInLoops.cpp:160
#11751 0x0000aaaab3c252e4 in (anonymous namespace)::CanonicalizeFreezeInLoops::runOnLoop (this=0xaaaabb7342d0, L=0xaaaabac8cf80) at /llvm-project/llvm/lib/Transforms/Utils/CanonicalizeFreezeInLoops.cpp:251
```

And then it endlessly disappears in various ScalarEvolution helper functions. The full back trace is very long, I have attached it for completeness here: [gdb.txt](https://github.com/user-attachments/files/22452759/gdb.txt)
It must be hitting a corner case of an inefficient algorithm or something like that, but I haven't looked further into yet. 


</pre>
<img width="1" height="1" alt="" src="http://email.email.llvm.org/o/eJy0Vluv2yoW_jXkZWlHGNux_ZCHXPbWROqoldqZd4yXDSkGC3C6018_AmfvpJ326BwdHWSZyzIf61s3zL1Xg0HcknJPyuOKz0Fat_Vni64bUZ3RrVrbXbcHO05KKzNAkMqDMtMcwKGfdYgz4OBx6PmsA1gD4xVGLqQyCN8kGhBpN3bwTQUJZEOfPuZkQ0m-IzQ9G3p76I6wXBmh5w6B5AeuB-tUkCPJnwndKROAk3xP6A5fAzoDQnIH7aL-ItDWDEDYTizTi1UdIGF1a62GjrADpFF_21Pu6UPHGiDVflFjcnwYOQjNzQDa2glm46zWhNVoeKuRsIbQHUBvHRBWR-UGIPkRKMn3aXiAbBkTtk9P8xehfwCXd3D5AC7fwW-6Q2rRKJKUx7QpW4zxhualdQHUHU8lvBoI2wO7LbB9FLO7Kg_qLADnOApd9GO-G_krYTVh9WxSUHWQPBFfhDVZXTTFJq-qmrDDA96v2-9QukQyf16i4Zdbo1-HxaPZ0g2LY28WeGznxLqKfM9vfIsbXw6EbeKCIOX-_B5dSbvqGN24vB9Dl-4-PgZ_jLUgEXzg4iv4iQsEr74jKA_1v_dRzM09KWatRhXgycNs0hC7iMsOt_zhQVkT9xobgLfWBezWy7GnAFzreJALINHh71Iry6qiAfpKKaWcc96yArNiI2IOa30ZF1eeTDeLeNoRvXBqCtYtAuXfRZ_-dYpu-iQVyY_0NYHxNqd1GT0MXyR-sHZ6kIla9HWi8_n5YbnJsFiWjyQ_rtfrOHx-nVz6JgkO3Af_xZ4GYyOzZbkBHoCwl6j10-TsGUW4TWOnWsJedobrq1eesJfTf-9c_FpME8l32SZr3s1S0kez5IIVZZ_MQljNjTXX0c4eDB8xOTIFVDTJIQqV4Fp9xxeH-B1PJjL3p3HSyyduTiixcibt-1vLC1H_OSJfHDe-t26MVP4TlI79b09-p3d3epn9xK5kWPwddu_MPqb5D_zSGW2VF6xL_vvwiyj4x1izMvv_tNyZLmaiARUATafRe32FTnk-TchdusIu3KlohM-Ca-6eL1bPKeEk6gkd9LNJce_XMbahn7WGNuZ1cDGvlYcLuuutUB3gBJJfEHgIXEjs4sGxdMZM1hjQoPdviQqxRnXtOryGVKlqGcJiYPZC2MuggpzbtbDRMLNH97SAjmhCNEivNMaesaJkVdnELTe0VMlOAcbZB2gRpAoh3uEchHUGHQjuEWwP3IAy2PdKKIxX7NutC9aBtyMGGbdp9RUhSB7SJTqHG0lDWBXiLfYVO-hnFyQ6UCZYuGJYw-KBVbfNuyZv-Aq3WVXWRUXLulnJbdn0fdFXfZaXvYh3REZ7UXaVaFhV97xfqS2jrKQNy7INzWmz7gUvKiaKkuZdUWwoKSiOXOl1DJ61dcNKeT_jNiubpqErzVvUPv3hMGbwGyQpYSz-8LhtCsB2HjwpqFY--DtMUEHj9ud4QB48jNYlU5hYyB8L_Gp2evsHDnwL8B_DPqkUnXjT-bJl_wsAAP__2ujqEw">