mirrors/z3
3
0
Fork 0
mirror of https://github.com/Z3Prover/z3 synced 2025-05-11 09:44:43 +00:00
Code Activity

Z3str3: safety checks for substr and propagate (#4528)

Browse source 
* z3str3: handle str.substr arguments missing arith values in model construction safely

* z3str3: reset propagation vectors on scope pop
This commit is contained in:
Murphy Berzish 2020-06-24 12:14:03 -05:00 committed by GitHub
parent 7f3bdea0d5
commit b0633ecc86
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/smt/theory_str_mc.cpp
View file

@ -686,8 +686,14 @@ namespace smt {
rational pos, len;
bool pos_exists = v.get_value(arg1, pos);
bool len_exists = v.get_value(arg2, len);
ENSURE(pos_exists);
ENSURE(len_exists);
if (!pos_exists) {
cex = expr_ref(m.mk_or(m_autil.mk_ge(arg1, mk_int(0)), m_autil.mk_le(arg1, mk_int(0))), m);
return false;
}
if (!len_exists) {
cex = expr_ref(m.mk_or(m_autil.mk_ge(arg2, mk_int(0)), m_autil.mk_le(arg2, mk_int(0))), m);
return false;
}
TRACE("str_fl", tout << "reduce substring term: base=" << mk_pp(term, m) << " (length="<<base_chars.size()<<"), pos=" << pos.to_string() << ", len=" << len.to_string() << std::endl;);
// Case 1: pos < 0 or pos >= strlen(base) or len < 0
// ==> (Substr ...) = ""