[False-Positive]: unused-state-variables for bytes calldata slicing

[An-dz]

Describe the false alarm that Slither raise and how you know it's inaccurate:

When using the variable for slicing bytes calldata slither can't recognise my constants are being used. The minimal reproducible code below triggers unused-state-variables for every constant except for _OPERATION_CODE_END that is used in the if statement. This does not seem to be related with #112.

Frequency

Occasionally

Code example to reproduce the issue:

// SPDX-License-Identifier: CC0
pragma solidity ^0.8.18;

import { UserOperation } from "src/interfaces/UserOperation.sol";

contract SlitherFails {
    uint256 private constant _OPERATION_CODE_START = 0;
    uint256 private constant _OPERATION_CODE_END   = 4;

    uint256 private constant _OFFSET_NUM1 = 4 + 32;
    uint256 private constant _OFFSET_NUM2 = 4 + 32 * 4;

    function test(bytes calldata data) external pure {
        bytes calldata data2 = data[_OFFSET_NUM2:];

        bytes4 operationCode = 0;
        if (data.length >= _OPERATION_CODE_END) {
            operationCode = bytes4(data[_OPERATION_CODE_START:_OPERATION_CODE_END]);
        }

        data[_OFFSET_NUM1:_OFFSET_NUM2];
    }
}

Version:

0.10.0

Relevant log output:

INFO:Detectors:
SlitherFails._OPERATION_CODE_START (src/slither.sol#7) is never used in SlitherFails (src/slither.sol#6-23)
SlitherFails._OFFSET_NUM1 (src/slither.sol#10) is never used in SlitherFails (src/slither.sol#6-23)
SlitherFails._OFFSET_NUM2 (src/slither.sol#11) is never used in SlitherFails (src/slither.sol#6-23)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-state-variable

[0xalpharush]

This is caused by our oversimplification of array slices that does not keep track off the start/stop and consider it as read.
We will need to probably represent IndexRangeAccess in slithIR to fix
ref #1096