Solidity Bug Info
| Bug Name | Description | Severity |
|---|---|---|
LostStorageArrayWriteOnSlotOverflowOperations that involve clearing or copying from arrays that straddle the end of storage could result in silent data retention. | Solidity makes it possible to define variables that extend past the last (2**256-th) slot of storage, which results in wrap-around back to slot zero. Since EVM uses 256-bit integer arithmetic, most operations on such variables just work. The only situation which requires special attention is iteration against absolute slot addresses: the invariant that the last slot belonging to a variable has the highest address does not hold. When implemented incorrectly, a loop over an array will immediately terminate if the container spans the end of storage - due to the initial position already being greater than the end position. This affected storage array clearing loops generated by both evmasm and IR pipelines. Additionally, (only in the evmasm pipeline) copying operations whose source was an array straddling the end of storage were also affected. At the language level, the buggy code would be generated for array assignment, array initialization, delete operator, - Link: https://blog.soliditylang.org/2025/12/18/lost-storage-array-write-on-slot-overflow-bug/ - First Introduced: 0.1.0 - Fixed in Version: 0.8.32 - Published: - Severity<: low | low |