From 73650c8733fb46d44168010d8e9b082b058bce7a Mon Sep 17 00:00:00 2001 From: Yi LIU Date: Wed, 25 Feb 2026 23:06:33 +0800 Subject: [PATCH 1/5] Fix wrong condition in Memory64 data segment loading The condition for selecting between imported and defined memories uses `import_memory_count > 0` when it should use `mem_index < import_memory_count`. When a module has both imported and defined memories and a data segment targets a defined memory (mem_index >= import_memory_count), the current condition incorrectly reads from the import_memories array out of bounds. --- core/iwasm/interpreter/wasm_loader.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/iwasm/interpreter/wasm_loader.c b/core/iwasm/interpreter/wasm_loader.c index 796b046ed3..6ff3cceb5c 100644 --- a/core/iwasm/interpreter/wasm_loader.c +++ b/core/iwasm/interpreter/wasm_loader.c @@ -5159,7 +5159,7 @@ load_data_segment_section(const uint8 *buf, const uint8 *buf_end, #if WASM_ENABLE_MEMORY64 != 0 /* This memory_flag is from memory instead of data segment */ uint8 memory_flag; - if (module->import_memory_count > 0) { + if (mem_index < module->import_memory_count) { memory_flag = module->import_memories[mem_index] .u.memory.mem_type.flags; } From 8d880727800c563eda3ac75d040c583a5d869504 Mon Sep 17 00:00:00 2001 From: Yi LIU Date: Thu, 26 Feb 2026 12:42:27 +0800 Subject: [PATCH 2/5] Refactor Memory64 data segment flag check to use has_module_memory64 Replace the manual import/defined memory flag lookup with a call to the existing has_module_memory64() helper, which already encapsulates this logic correctly. Apply the same change to wasm_mini_loader.c. --- core/iwasm/interpreter/wasm_loader.c | 17 +++-------------- core/iwasm/interpreter/wasm_mini_loader.c | 17 +++-------------- 2 files changed, 6 insertions(+), 28 deletions(-) diff --git a/core/iwasm/interpreter/wasm_loader.c b/core/iwasm/interpreter/wasm_loader.c index 6ff3cceb5c..aaaed2cd32 100644 --- a/core/iwasm/interpreter/wasm_loader.c +++ b/core/iwasm/interpreter/wasm_loader.c @@ -5157,20 +5157,9 @@ load_data_segment_section(const uint8 *buf, const uint8 *buf_end, #endif { #if WASM_ENABLE_MEMORY64 != 0 - /* This memory_flag is from memory instead of data segment */ - uint8 memory_flag; - if (mem_index < module->import_memory_count) { - memory_flag = module->import_memories[mem_index] - .u.memory.mem_type.flags; - } - else { - memory_flag = - module - ->memories[mem_index - module->import_memory_count] - .flags; - } - mem_offset_type = memory_flag & MEMORY64_FLAG ? VALUE_TYPE_I64 - : VALUE_TYPE_I32; + mem_offset_type = has_module_memory64(module) + ? VALUE_TYPE_I64 + : VALUE_TYPE_I32; #else mem_offset_type = VALUE_TYPE_I32; #endif diff --git a/core/iwasm/interpreter/wasm_mini_loader.c b/core/iwasm/interpreter/wasm_mini_loader.c index 1e2aa08c62..a00b3603b7 100644 --- a/core/iwasm/interpreter/wasm_mini_loader.c +++ b/core/iwasm/interpreter/wasm_mini_loader.c @@ -2030,20 +2030,9 @@ load_data_segment_section(const uint8 *buf, const uint8 *buf_end, #endif /* WASM_ENABLE_BULK_MEMORY */ { #if WASM_ENABLE_MEMORY64 != 0 - /* This memory_flag is from memory instead of data segment */ - uint8 memory_flag; - if (module->import_memory_count > 0) { - memory_flag = module->import_memories[mem_index] - .u.memory.mem_type.flags; - } - else { - memory_flag = - module - ->memories[mem_index - module->import_memory_count] - .flags; - } - mem_offset_type = memory_flag & MEMORY64_FLAG ? VALUE_TYPE_I64 - : VALUE_TYPE_I32; + mem_offset_type = has_module_memory64(module) + ? VALUE_TYPE_I64 + : VALUE_TYPE_I32; #else mem_offset_type = VALUE_TYPE_I32; #endif /* WASM_ENABLE_MEMORY64 */ From fc9feebc328acdb3fde94971df9aec10054c7873 Mon Sep 17 00:00:00 2001 From: Yi LIU Date: Fri, 27 Feb 2026 15:52:37 +0800 Subject: [PATCH 3/5] Fix clang-format compliance in loader files --- core/iwasm/interpreter/wasm_loader.c | 5 ++--- core/iwasm/interpreter/wasm_mini_loader.c | 5 ++--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/core/iwasm/interpreter/wasm_loader.c b/core/iwasm/interpreter/wasm_loader.c index aaaed2cd32..1aeaaf8c5f 100644 --- a/core/iwasm/interpreter/wasm_loader.c +++ b/core/iwasm/interpreter/wasm_loader.c @@ -5157,9 +5157,8 @@ load_data_segment_section(const uint8 *buf, const uint8 *buf_end, #endif { #if WASM_ENABLE_MEMORY64 != 0 - mem_offset_type = has_module_memory64(module) - ? VALUE_TYPE_I64 - : VALUE_TYPE_I32; + mem_offset_type = has_module_memory64(module) ? VALUE_TYPE_I64 + : VALUE_TYPE_I32; #else mem_offset_type = VALUE_TYPE_I32; #endif diff --git a/core/iwasm/interpreter/wasm_mini_loader.c b/core/iwasm/interpreter/wasm_mini_loader.c index a00b3603b7..a6ed3632cd 100644 --- a/core/iwasm/interpreter/wasm_mini_loader.c +++ b/core/iwasm/interpreter/wasm_mini_loader.c @@ -2030,9 +2030,8 @@ load_data_segment_section(const uint8 *buf, const uint8 *buf_end, #endif /* WASM_ENABLE_BULK_MEMORY */ { #if WASM_ENABLE_MEMORY64 != 0 - mem_offset_type = has_module_memory64(module) - ? VALUE_TYPE_I64 - : VALUE_TYPE_I32; + mem_offset_type = has_module_memory64(module) ? VALUE_TYPE_I64 + : VALUE_TYPE_I32; #else mem_offset_type = VALUE_TYPE_I32; #endif /* WASM_ENABLE_MEMORY64 */ From fe09cd83c126645cb3a64a09ab4fd1d2fa8f0aa6 Mon Sep 17 00:00:00 2001 From: Yi LIU Date: Sun, 1 Mar 2026 13:35:20 +0800 Subject: [PATCH 4/5] Retrigger CI From b256520f88743dd9f1db020fa27dc1c0fa3ec527 Mon Sep 17 00:00:00 2001 From: Yi LIU Date: Tue, 3 Mar 2026 00:45:44 +0800 Subject: [PATCH 5/5] Retrigger CI