https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95188
David Malcolm <dmalcolm at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|0 |1
Last reconfirmed| |2020-09-16
Status|UNCONFIRMED |ASSIGNED
--- Comment #2 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
(In reply to CVS Commits from comment #1)
> The master branch has been updated by David Malcolm <dmalc...@gcc.gnu.org>:
>
> https://gcc.gnu.org/g:b28491dc2d79763ecbff4f0b9f1f3e48a443be1d
>
> commit r11-3245-gb28491dc2d79763ecbff4f0b9f1f3e48a443be1d
> Author: David Malcolm <dmalc...@redhat.com>
> Date: Tue Aug 18 18:52:17 2020 -0400
>
> analyzer: bulk merger/processing of runs of nodes at CFG join points
[...]
> The patch fixes a state explosion seen in bzip2.c seen when attempting
> to reproduce PR analyzer/95188, in a switch statement in a loop for
> argument parsing. With this patch, the analyzer successfully
> consolidates the state after the argument parsing to a single exploded
> node.
[...]
As noted above, I'm currently not able to reproduce this bug. My guess is that
there was a pre-existing failure to fully explore the program and we previously
were lucky to explore enough to trigger the bug, but at some point (probably
the reimplementation of state tracking of
r11-2694-g808f4dfeb3a95f50f15e71148e5c1067f90a126d) the bug is now in the
unexplored section.
The above commit from comment #1 will help, but I'm still not able to reproduce
the bug. Marking as ASSIGNED since the state-explosion issue ought to be
fixed, and I can at least reproduce that.
