https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95188
David Malcolm <dmalcolm at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Last reconfirmed| |2020-09-16 Status|UNCONFIRMED |ASSIGNED --- Comment #2 from David Malcolm <dmalcolm at gcc dot gnu.org> --- (In reply to CVS Commits from comment #1) > The master branch has been updated by David Malcolm <dmalc...@gcc.gnu.org>: > > https://gcc.gnu.org/g:b28491dc2d79763ecbff4f0b9f1f3e48a443be1d > > commit r11-3245-gb28491dc2d79763ecbff4f0b9f1f3e48a443be1d > Author: David Malcolm <dmalc...@redhat.com> > Date: Tue Aug 18 18:52:17 2020 -0400 > > analyzer: bulk merger/processing of runs of nodes at CFG join points [...] > The patch fixes a state explosion seen in bzip2.c seen when attempting > to reproduce PR analyzer/95188, in a switch statement in a loop for > argument parsing. With this patch, the analyzer successfully > consolidates the state after the argument parsing to a single exploded > node. [...] As noted above, I'm currently not able to reproduce this bug. My guess is that there was a pre-existing failure to fully explore the program and we previously were lucky to explore enough to trigger the bug, but at some point (probably the reimplementation of state tracking of r11-2694-g808f4dfeb3a95f50f15e71148e5c1067f90a126d) the bug is now in the unexplored section. The above commit from comment #1 will help, but I'm still not able to reproduce the bug. Marking as ASSIGNED since the state-explosion issue ought to be fixed, and I can at least reproduce that.