Rattle never finishes for some contracts

[itszn]

I tried analyzing the wallet contract from RealWorldCTF, but rattle never output anything or finished running. It appears to be stuck in some kind of infinite loop.

I ran the contract with python3.6 rattle-cli.py --input ./inputs/multisig.bin

Here is the contract with only the seemingly important parts left that cause the hang (removing either public function causes the hang to go away):

pragma solidity ^0.4.24;
contract MultiSigWallet {
    struct Transaction{
        address target; // 3
        uint amount; // 4
        bool isDelegate; // 5
        bytes data; // 6
    }
    Transaction[] transactions;
    mapping(address => bool) isOwner;
    mapping(address => bool) isTrusted;
    Transaction tx;

    constructor() public{
        isOwner[msg.sender] = true;
    }

    // ...

    function deleteTransaction(uint id) public{
        for (uint i = id; i < transactions.length-1; i++){
            transactions[i] = transactions[i+1];
        }
        popTransaction();
    }

    // ...

    // there's no pop impl in solidity, sad :(
    function popTransaction() internal {
        require(transactions.length >= 0);
        transactions.length --;
    }

    function submitTransaction(address target, uint amount, bool isDelegate, bytes data) public returns(uint){
        tx = Transaction(target, amount, isDelegate, data);
        if (isOwner[msg.sender]) {
            transactions.push(tx);
        }
        return transactions.length-1;
    }

    // ...
}

Here is the runtime bin:

YIBgQFJgBDYQYQBLV2AANXwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJAEY/////8WgGLp
wAYUYQBQV4BjxqxT/RRhAH1XW2AAgP1bNIAVYQBcV2AAgP1bUGEAe2AEgDYDgQGQgIA1kGAgAZCS
kZBQUFBhATBWWwBbNIAVYQCJV2AAgP1bUGEBGmAEgDYDgQGQgIA1c///////////////////////
////FpBgIAGQkpGQgDWQYCABkJKRkIA1FRWQYCABkJKRkIA1kGAgAZCCAYA1kGAgAZCAgGAfAWAg
gJEEAmAgAWBAUZCBAWBAUoCTkpGQgYFSYCABg4OAgoQ3ggGRUFBQUFBQkZKRkpBQUFBhAmVWW2BA
UYCCgVJgIAGRUFBgQFGAkQOQ81tgAIGQUFtgAWAAgFSQUAOBEBVhAllXYABgAYIBgVSBEBUVYQFY
V/5bkGAAUmAgYAAgkGAEAgFgAIKBVIEQFRVhAXVX/luQYABSYCBgACCQYAQCAWAAggFgAJBUkGEB
AAqQBHP//////////////////////////xaBYAABYABhAQAKgVSBc///////////////////////
////AhkWkINz//////////////////////////8WAheQVVBgAYIBVIFgAQFVYAKCAWAAkFSQYQEA
CpAEYP8WgWACAWAAYQEACoFUgWD/AhkWkIMVFQIXkFVQYAOCAYFgAwGQgFRgAYFgARYVYQEAAgMW
YAKQBGECSJKRkGEEvlZbUJBQUICAYAEBkVBQYQE2VlthAmFhBJJWW1BQVltgAGCAYEBRkIEBYEBS
gIZz//////////////////////////8WgVJgIAGFgVJgIAGEFRWBUmAgAYOBUlBgA2AAggFRgWAA
AWAAYQEACoFUgXP//////////////////////////wIZFpCDc///////////////////////////
FgIXkFVQYCCCAVGBYAEBVWBAggFRgWACAWAAYQEACoFUgWD/AhkWkIMVFQIXkFVQYGCCAVGBYAMB
kIBRkGAgAZBhAzCSkZBhBUVWW1CQUFBgAWAAM3P//////////////////////////xZz////////
//////////////////8WgVJgIAGQgVJgIAFgACBgAJBUkGEBAAqQBGD/FhVhBH9XYABgA5CAYAGB
VAGAglWAkVBQkGABggOQYABSYCBgACCQYAQCAWAAkJGSkJGQkVBgAIIBYACQVJBhAQAKkARz////
//////////////////////8WgWAAAWAAYQEACoFUgXP//////////////////////////wIZFpCD
c///////////////////////////FgIXkFVQYAGCAVSBYAEBVWACggFgAJBUkGEBAAqQBGD/FoFg
AgFgAGEBAAqBVIFg/wIZFpCDFRUCF5BVUGADggGBYAMBkIBUYAGBYAEWFWEBAAIDFmACkARhBHqS
kZBhBL5WW1BQUFBbYAFgAIBUkFADkFCUk1BQUFBWW2AAgIBUkFAQFRUVYQSmV2AAgP1bYACAVICR
kGABkANhBLuRkGEFxVZbUFZbgoBUYAGBYAEWFWEBAAIDFmACkASQYABSYCBgACCQYB8BYCCQBIEB
koJgHxBhBPdXgFSFVWEFNFZbgoABYAEBhVWCFWEFNFdgAFJgIGAAIJFgHwFgIJAEggFbgoERFWEF
M1eCVIJVkWABAZGQYAEBkGEFGFZbW1CQUGEFQZGQYQX3VltQkFZbgoBUYAGBYAEWFWEBAAIDFmAC
kASQYABSYCBgACCQYB8BYCCQBIEBkoJgHxBhBYZXgFFg/xkWg4ABF4VVYQW0VluCgAFgAQGFVYIV
YQW0V5GCAVuCgREVYQWzV4JRglWRYCABkZBgAQGQYQWYVltbUJBQYQXBkZBhBfdWW1CQVluBVIGD
VYGBERVhBfJXYAQCgWAEAoNgAFJgIGAAIJGCAZEBYQXxkZBhBhxWW1tQUFBWW2EGGZGQW4CCERVh
BhVXYACBYACQVVBgAQFhBf1WW1CQVluQVlthBouRkFuAghEVYQaHV2AAgIIBYABhAQAKgVSQc///
////////////////////////AhkWkFVgAYIBYACQVWACggFgAGEBAAqBVJBg/wIZFpBVYAOCAWAA
YQZ+kZBhBo5WW1BgBAFhBiJWW1CQVluQVltQgFRgAYFgARYVYQEAAgMWYAKQBGAAglWAYB8QYQa0
V1BhBtNWW2AfAWAgkASQYABSYCBgACCQgQGQYQbSkZBhBfdWW1tQVgChZWJ6enIwWCAbe61E3sWJ
0c6/B9JA0mzBEzjnj+NdskoxZ3jjn6YVtwAp

[withzombies]

With 301b80b, rattle completes now but it's ugly. The functions aren't identified and split off, so the graph is huge and confusing. Sorry, I'll have to look into a better solution.