| Ján Jančár on Sun, 15 Jul 2018 21:33:10 +0200 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: SIGSEGV on isprime |
On 15/07/18 15:05, Karim Belabas wrote: > * Bill Allombert [2018-07-11 17:25]: >> On Wed, Jul 11, 2018 at 04:48:24PM +0200, Ján Jančár wrote: >>>>> I have now tested: >>>>> >>>>> --enable-tls --kernel=none --> works >>>>> --enable-tls --kernel=none-gmp --> SEGVs! >>>>> --enalbe-tls --kernel=auto-none --> works >> >> My guess is that there is a buffer overflow in the function >> red_montgomery in the file src/kernel/gmp/mp.c which only >> cause a SEGV when the stack ends on a page boundary. > > Not exactly a buffer overflow but an off-by-1 error causing us to read > one word beyond the boundary of the modulus 'N'. In this particular > case, N happens to be the first object on the PARI stack and we read > 1 word in unallocated memory [ and disregard its value, making the bug > very hard to spot ]. > > I believe the problem is solved in 'master' HEAD. > > Cheers, > > K.B. > -- > Karim Belabas, IMB (UMR 5251) Tel: (+33) (0)5 40 00 26 17 > Universite de Bordeaux Fax: (+33) (0)5 40 00 21 23 > 351, cours de la Liberation http://www.math.u-bordeaux.fr/~kbelabas/ > F-33405 Talence (France) http://pari.math.u-bordeaux.fr/ [PARI/GP] > ` > Great, thanks for solving this! Cheers, -- Jan ______________________________________________________ /\ # PGP: 362056ADA8F2F4E421565EF87F4A448FE68F329D /__\ # https://neuromancer.sk /\ /\ # Eastern Seaboard Phishing Authority /__\/__\ #
Attachment:
signature.asc
Description: OpenPGP digital signature