Recognise the proxy slot pattern (#95)

This commit implements a feature for the analyzer to recognise the
commonly used proxy-slot pattern. It does this by a limited form of
constant folding for values that are likely to be hashes of encoded
strings.

This commit also improves the analyzer by causing it to constant fold
lengths in memory reads, thereby giving itself more accurate information
about the values actually being passed around in the program.

Author: iamrecursion

src/analyzer/mod.rs

@@ -244,6 +244,7 @@ impl Analyzer<state::VMReady> {
 impl Analyzer<state::ExecutionComplete> {
     /// Takes thew results of execution and uses them to prepare a new inference
     /// engine.
+    #[allow(clippy::missing_panics_doc)] // Explicit closure can never return Err
     #[must_use]
     pub fn prepare_unifier(self) -> Analyzer<state::InferenceReady> {
         unsafe {

src/constant.rs

@@ -91,6 +91,9 @@ pub const DEFAULT_CONDITIONAL_JUMP_PER_TARGET_FORK_LIMIT: usize = 50;
 /// culled.
 pub const DEFAULT_VALUE_SIZE_LIMIT: usize = 250;
 
-/// The number of loop iterations the analyzer will wait before polling the
-/// watchdog.
+/// The default number of loop iterations the analyzer will wait before polling
+/// the watchdog.
 pub const DEFAULT_WATCHDOG_POLL_LOOP_ITERATIONS: usize = 100;
+
+/// The value that solidity uses to type tag `string` in ABI encoding.
+pub const SOLIDITY_STRING_POINTER: usize = 0x20;

src/inference/lift/dynamic_array_access.rs

@@ -73,8 +73,13 @@ impl Lift for DynamicArrayIndex {
             } else {
                 return None;
             }
-            .clone()
-            .constant_fold();
+            .clone();
+
+            let data = match data.data() {
+                RSVD::Concat { values } if values.len() == 1 => values[0].clone().constant_fold(),
+                RSVD::Concat { .. } => return None,
+                _ => data,
+            };
 
             let access = RSVD::DynamicArrayIndex {
                 slot:  data.transform_data(lift_dyn_array_accesses),

src/inference/lift/mod.rs

@@ -7,6 +7,7 @@ pub mod mapping_index;
 pub mod mapping_offset;
 pub mod mul_shifted;
 pub mod packed_encoding;
+pub mod proxy_slots;
 pub mod recognise_hashed_slots;
 pub mod storage_slots;
 pub mod sub_word;
@@ -27,6 +28,7 @@ use crate::{
             mapping_offset::MappingOffset,
             mul_shifted::MulShiftedValue,
             packed_encoding::PackedEncoding,
+            proxy_slots::ProxySlots,
             recognise_hashed_slots::StorageSlotHashes,
             storage_slots::StorageSlots,
             sub_word::SubWordValue,
@@ -130,6 +132,7 @@ impl Default for LiftingPasses {
         Self {
             passes: vec![
                 StorageSlotHashes::new(),
+                ProxySlots::new(),
                 MappingIndex::new(),
                 SubWordValue::new(),
                 MulShiftedValue::new(),