Merge commit from fork

Septa2112 · web-flow · commit 95f506a6e77d · 2025-09-15T15:19:51.000+08:00
* fix overflow in check_bulk_memory_overflow

* add comment
diff --git a/core/iwasm/compilation/aot_emit_memory.c b/core/iwasm/compilation/aot_emit_memory.c
@@ -1486,7 +1486,7 @@ LLVMValueRef
 check_bulk_memory_overflow(AOTCompContext *comp_ctx, AOTFuncContext *func_ctx,
                            LLVMValueRef offset, LLVMValueRef bytes)
 {
-    LLVMValueRef maddr, max_addr, cmp, cmp1;
+    LLVMValueRef maddr, max_addr, cmp, cmp1, offset1;
     LLVMValueRef mem_base_addr;
     LLVMBasicBlockRef block_curr = LLVMGetInsertBlock(comp_ctx->builder);
     LLVMBasicBlockRef check_succ;
@@ -1539,8 +1539,18 @@ check_bulk_memory_overflow(AOTCompContext *comp_ctx, AOTFuncContext *func_ctx,
         if (mem_data_size > 0 && mem_offset + mem_len <= mem_data_size) {
             /* inside memory space */
             /* maddr = mem_base_addr + moffset */
+            /* Perform zero extension in advance to avoid LLVMBuildInBoundsGEP2
+             * interpreting a negative address due to sign extension when
+             * mem_offset >= 2GiB */
+            if (comp_ctx->pointer_size == sizeof(uint64)) {
+                offset1 = I64_CONST(mem_offset);
+            }
+            else {
+                offset1 = I32_CONST((uint32)mem_offset);
+            }
+            CHECK_LLVM_CONST(offset1);
             if (!(maddr = LLVMBuildInBoundsGEP2(comp_ctx->builder, INT8_TYPE,
-                                                mem_base_addr, &offset, 1,
+                                                mem_base_addr, &offset1, 1,
                                                 "maddr"))) {
                 aot_set_last_error("llvm build add failed.");
                 goto fail;
