2021-03-23 18:15:14 +00:00
contract C {
uint [ ] a ;
uint l ;
function p ( ) public {
require ( a . length < type ( uint ) . max - 1 ) ;
a . push ( ) ;
++ l ;
}
function q ( ) public {
require ( a . length > 0 ) ;
a . pop ( ) ;
-- l ;
}
function r ( ) public view returns ( uint ) {
require ( l > 0 ) ;
return a [ l ] ; // oob access
}
}
2021-03-31 15:11:54 +00:00
// ====
// SMTEngine: all
2021-10-06 09:53:03 +00:00
// SMTIgnoreOS: macos
2021-03-23 18:15:14 +00:00
// ----
2021-03-31 15:11:54 +00:00
// Warning 4984: (112-115): CHC: Overflow (resulting value larger than 2**256 - 1) might happen here.
2021-08-20 16:47:30 +00:00
// Warning 6368: (259-263): CHC: Out of bounds access happens here.\nCounterexample:\na = [0], l = 1\n = 0\n\nTransaction trace:\nC.constructor()\nState: a = [], l = 0\nC.p()\nState: a = [0], l = 1\nC.r()
2021-11-23 17:08:36 +00:00
// Info 1180: Contract invariant(s) for :C:\n((a.length + ((- 1) * l)) <= 0)\n
2021-03-31 15:11:54 +00:00
// Warning 2661: (112-115): BMC: Overflow (resulting value larger than 2**256 - 1) happens here.