This is a discussion from #196:

Just out of curiosity, what happened in f4c2749 ?

That was a finding from -fsantitize=memory before it crashed with this error:

$ make sanitize_memory
Running memory sanitizer
FATAL: Code 0xaaab4cc9c1e0 is out of application range. Non-PIE build?
FATAL: MemorySanitizer can not mmap the shadow memory.
FATAL: Make sure to compile with -fPIE and to link with -pie.
FATAL: Disabling ASLR is known to cause this error.
FATAL: If running under GDB, try 'set disable-randomization off'.

I felt like because of the error, it was showing an incomplete list of findings. I plan to investigate why this is happening more later, but I suspect it's because blst isn't built with -fsanitize=memory. It seemed wrong to fix one instance when there are other instances of the same thing elsewhere, for example the original + one more:

I may make this change again later. I don't think they are crucial though.

Originally posted by @jtraglia in #196 (comment)

Unfortunately, from_mont_256() which is called by blst_uint64_from_fr() is assembly so it's hard to comprehensively review.

However, I find it quite unlikely that a function whose purpose is to fill an input array would expect that array to be initialized. There is no reason to read from that array, except from places it has already written in. I think it's reasonable to close this ticket, but I will let @jtraglia also take a look as he raised the concern first.

Yeah, I don't think this is an issue.