clear memory on unknown write.

Author: chriseth

src/evaluator.rs

@@ -155,7 +155,7 @@ impl Evaluator {
             .collect::<Vec<_>>();
         let result = match (builtin.name, &arg_values[..]) {
             (
-                "add" | "sub" | "mul" | "div" | "shl" | "shr" | "and" | "or" | "datasize" | "dataoffset" | "not" | "iszero",
+                "add" | "sub" | "mul" | "div" | "shl" | "shr" | "and" | "or" | "datasize" | "dataoffset" | "not" | "iszero" | "lt" | "gt" | "slt" | "sgt" | "eq" | "callvalue",
                 _
                 // TODO fewer clones
             ) => Some(Value::Op(builtin.name, arg_values.to_vec())),
@@ -164,6 +164,7 @@ impl Evaluator {
                 if let Value::DataRef(offset) = &offset[0] {
                     self.memory_slices.insert(addr.clone(), Value::DataRef(offset.clone()));
                 }
+                self.unknown_memory_write_above(addr);
                 None
             }
             ("calldatasize", []) => {
@@ -193,10 +194,22 @@ impl Evaluator {
                 self.write_memory(addr.clone(), Some(value.clone()));
                 None
             }
+            ("mstore", ..) => {
+                println!("Unknown memory write!");
+                self.unknown_memory_write();
+                None
+            }
             ("mload", [Value::Concrete(addr)]) => {
                 //println!("mload({})", addr);
                 self.read_memory(addr)
             }
+            ("returndatacopy", ..) => {
+                println!("Unknown memory write!");
+                // TODO: Problem: If we have an unknown memory write and join this with another
+                // branch, we also do need to clear that memory!
+                self.unknown_memory_write();
+                None
+            }
             ("sstore", [Value::Concrete(addr), value]) => {
                 //println!("sstore({}, {})", addr, value);
                 self.storage.insert(addr.clone(), value.clone());
@@ -206,7 +219,18 @@ impl Evaluator {
                 //println!("sload({})", addr);
                 self.storage.get(addr).cloned()
             }
-            _ => None,
+            ("revert", ..) => {
+                println!("Reverted!");
+                None
+            }
+            ("return", ..) => {
+                println!("Returned!");
+                None
+            }
+            (op, ..) => {
+                println!("Unhandled opcode: {op}");
+                None
+            }
         };
         if let Some(result) = result.map(simplify) {
             self.ssa_values.insert(return_vars[0].name.clone(), result);
@@ -351,6 +375,15 @@ impl Evaluator {
                 }
             })
     }
+
+    fn unknown_memory_write(&mut self) {
+        self.memory.clear();
+        self.unknown_memory_is_zero = false;
+    }
+    fn unknown_memory_write_above(&mut self, offset: &BigUint) {
+        self.memory.retain(|addr, _| addr < offset);
+        self.unknown_memory_is_zero = false;
+    }
 }
 
 fn wrap(mut x: BigUint) -> BigUint {