LegalizeJSInterface: Fix up RefFuncs in global code too (#8061)

kripken · web-flow · commit a9829f975b19 · 2025-11-19T09:59:59.000-08:00
Without this, after we turn an import into an internal function, a
`ref.func` in a global init might not get updated to inexact, and
error in the fuzzer.
diff --git a/src/passes/LegalizeJSInterface.cpp b/src/passes/LegalizeJSInterface.cpp
@@ -412,6 +412,7 @@ struct LegalizeAndPruneJSInterface : public LegalizeJSInterface {
 
     // RefFunc types etc. need updating.
     ReFinalize().run(getPassRunner(), module);
+    ReFinalize().runOnModuleCode(getPassRunner(), module);
 
     // TODO: globals etc.
   }
diff --git a/test/lit/passes/legalize-and-prune-js-interface.wast b/test/lit/passes/legalize-and-prune-js-interface.wast
@@ -45,6 +45,14 @@
 
   ;; CHECK:      (import "env" "imported-64" (func $legalimport$imported-64 (type $9) (param i32 f64) (result i32)))
 
+  ;; CHECK:      (global $global funcref (ref.func $imported-v128))
+  (global $global funcref
+    ;; The ref target will turn from an import into an internal function. We'd
+    ;; error if we do not update this ref.func while doing so, to make its type
+    ;; exact.
+    (ref.func $imported-v128)
+  )
+
   ;; CHECK:      (func $imported-v128 (type $0) (result v128)
   ;; CHECK-NEXT:  (v128.const i32x4 0x00000000 0x00000000 0x00000000 0x00000000)
   ;; CHECK-NEXT: )

Original file line number	Diff line number	Diff line change
`@@ -412,6 +412,7 @@ struct LegalizeAndPruneJSInterface : public LegalizeJSInterface {`
`412`	`412`
`413`	`413`	`// RefFunc types etc. need updating.`
`414`	`414`	`ReFinalize().run(getPassRunner(), module);`
	`415`	`+ ReFinalize().runOnModuleCode(getPassRunner(), module);`
`415`	`416`
`416`	`417`	`// TODO: globals etc.`
`417`	`418`	`}`