You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
That was a finding from -fsantitize=memory before it crashed with this error:
$ make sanitize_memory
Running memory sanitizer
FATAL: Code 0xaaab4cc9c1e0 is out of application range. Non-PIE build?
FATAL: MemorySanitizer can not mmap the shadow memory.
FATAL: Make sure to compile with -fPIE and to link with -pie.
FATAL: Disabling ASLR is known to cause this error.
FATAL: If running under GDB, try 'set disable-randomization off'.
I felt like because of the error, it was showing an incomplete list of findings. I plan to investigate why this is happening more later, but I suspect it's because blst isn't built with -fsanitize=memory. It seemed wrong to fix one instance when there are other instances of the same thing elsewhere, for example the original + one more:
Unfortunately, from_mont_256() which is called by blst_uint64_from_fr() is assembly so it's hard to comprehensively review.
However, I find it quite unlikely that a function whose purpose is to fill an input array would expect that array to be initialized. There is no reason to read from that array, except from places it has already written in. I think it's reasonable to close this ticket, but I will let @jtraglia also take a look as he raised the concern first.
This is a discussion from #196:
That was a finding from
-fsantitize=memory
before it crashed with this error:I felt like because of the error, it was showing an incomplete list of findings. I plan to investigate why this is happening more later, but I suspect it's because
blst
isn't built with-fsanitize=memory
. It seemed wrong to fix one instance when there are other instances of the same thing elsewhere, for example the original + one more:c-kzg-4844/src/c_kzg_4844.c
Lines 228 to 232 in da83e45
c-kzg-4844/src/c_kzg_4844.c
Lines 243 to 248 in da83e45
I may make this change again later. I don't think they are crucial though.
Originally posted by @jtraglia in #196 (comment)
The text was updated successfully, but these errors were encountered: