Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SMTChecker: Incorrectly determines insufficient balance. #15015

Open
Subway2023 opened this issue Apr 12, 2024 · 1 comment · May be fixed by #15086
Open

SMTChecker: Incorrectly determines insufficient balance. #15015

Subway2023 opened this issue Apr 12, 2024 · 1 comment · May be fixed by #15086
Assignees
@pgebal
Labels
needs investigation nice to have We don’t see a good reason not to have it but won’t go out of our way to implement it. smt
Projects
SMT Checker

Comments

@Subway2023
Copy link

Description

When the transfer amount is 0, SMTChecker incorrectly determines insufficient balance

Environment

  • Compiler version:
  • Target EVM version (as per compiler settings):
  • Framework/IDE (e.g. Truffle or Remix):
  • EVM execution environment / backend / blockchain client:
  • Operating system:

Steps to Reproduce

contract C{
    address payable recipient;
    uint amount=0;

    function f() public {
        uint tempAmount = address(this).balance ;
        recipient.transfer(tempAmount);
        recipient.transfer(amount);
    }
}
solc-0825 C.sol --model-checker-engine all

1712927020472
@cameel cameel added the smt label Apr 12, 2024
@blishko blishko added this to To Do in SMT Checker via automation Apr 25, 2024
@blishko
Copy link
Contributor

blishko commented Apr 29, 2024

This is again the problem with BMC not tracking the state of the contract.
Since it is doing only a local check, it does not know that the state variable amount is always 0 and cannot change.
So this is not a bug, but false positive due to BMC's over-approximating modeling.

The problem is that CHC currently does not attempts to verify the verification target Insufficient funds for transfer.
But maybe it should.

@blishko blishko added nice to have We don’t see a good reason not to have it but won’t go out of our way to implement it. needs investigation and removed bug 🐛 labels Apr 29, 2024
@pgebal pgebal linked a pull request May 8, 2024 that will close this issue
Draft
@pgebal pgebal moved this from To Do to In Progress in SMT Checker May 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pgebal pgebal

Labels
needs investigation nice to have We don’t see a good reason not to have it but won’t go out of our way to implement it. smt
Projects
SMT Checker
  
In Progress
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

SMTChecker: add insufficient funds verification target for CHC engine pgebal/solidity
4 participants
@cameel @blishko @pgebal @Subway2023