[wasm] add any.convert_extern, extern.convert_any

Liedtke · V8-internal LUCI CQ · commit 3956462aa359 · 2025-07-29T01:59:07.000-07:00
Very boring instructions but these instructions use the newly added subtyping of heap types, so an `extern.convert_any` can consume an indexed struct, indexed array, i31ref, or any other subtype of anyref including non-nullable types. Bug: 430171132 Change-Id: I948535446b6f340cf6ff2f55e6cb68cdfb6f3d2a Reviewed-on: https://chrome-internal-review.googlesource.com/c/v8/fuzzilli/+/8457859 Reviewed-by: Manos Koukoutos <manoskouk@google.com> Commit-Queue: Matthias Liedtke <mliedtke@google.com>
diff --git a/Sources/Fuzzilli/Base/ProgramBuilder.swift b/Sources/Fuzzilli/Base/ProgramBuilder.swift
@@ -3776,6 +3776,16 @@ public class ProgramBuilder {
         public func wasmI31Get(_ refI31: Variable, isSigned: Bool) -> Variable {
             return b.emit(WasmI31Get(isSigned: isSigned), withInputs: [refI31], types: [.wasmI31Ref]).output
         }
+
+        @discardableResult
+        public func wasmAnyConvertExtern(_ ref: Variable) -> Variable {
+            b.emit(WasmAnyConvertExtern(), withInputs: [ref], types: [.wasmExternRef]).output
+        }
+
+        @discardableResult
+        public func wasmExternConvertAny(_ ref: Variable) -> Variable {
+            b.emit(WasmExternConvertAny(), withInputs: [ref], types: [.wasmAnyRef]).output
+        }
     }
 
     public class WasmModule {
diff --git a/Sources/Fuzzilli/CodeGen/CodeGeneratorWeights.swift b/Sources/Fuzzilli/CodeGen/CodeGeneratorWeights.swift
@@ -337,4 +337,6 @@ public let codeGeneratorWeights = [
     "WasmRefIsNullGenerator":                   5,
     "WasmRefI31Generator":                      5,
     "WasmI31GetGenerator":                      5,
+    "WasmAnyConvertExternGenerator":            5,
+    "WasmExternConvertAnyGenerator":            5,
 ]
diff --git a/Sources/Fuzzilli/CodeGen/WasmCodeGenerators.swift b/Sources/Fuzzilli/CodeGen/WasmCodeGenerators.swift
@@ -248,6 +248,14 @@ public let WasmCodeGenerators: [CodeGenerator] = [
         b.currentWasmModule.currentWasmFunction.wasmI31Get(ref, isSigned: Bool.random())
     },
 
+    CodeGenerator("WasmAnyConvertExternGenerator", inContext: .wasmFunction, inputs: .required(.wasmExternRef)) { b, ref in
+        b.currentWasmModule.currentWasmFunction.wasmAnyConvertExtern(ref)
+    },
+
+    CodeGenerator("WasmExternConvertAnyGenerator", inContext: .wasmFunction, inputs: .required(.wasmAnyRef)) { b, ref in
+        b.currentWasmModule.currentWasmFunction.wasmExternConvertAny(ref)
+    },
+
     // Primitive Value Generators
 
     ValueGenerator("WasmLoadi32Generator", inContext: .wasmFunction) { b, n in
diff --git a/Sources/Fuzzilli/FuzzIL/Instruction.swift b/Sources/Fuzzilli/FuzzIL/Instruction.swift
@@ -1551,6 +1551,10 @@ extension Instruction: ProtobufConvertible {
                 $0.wasmI31Get = Fuzzilli_Protobuf_WasmI31Get.with {
                     $0.isSigned = op.isSigned
                 }
+            case .wasmAnyConvertExtern(_):
+                $0.wasmAnyConvertExtern = Fuzzilli_Protobuf_WasmAnyConvertExtern()
+            case .wasmExternConvertAny(_):
+                $0.wasmExternConvertAny = Fuzzilli_Protobuf_WasmExternConvertAny()
             }
         }
 
@@ -2495,6 +2499,10 @@ extension Instruction: ProtobufConvertible {
             op = WasmAtomicLoad(loadType: try convertEnum(p.loadType, WasmAtomicLoadType.allCases), offset: p.offset)
         case .wasmAtomicStore(let p):
             op = WasmAtomicStore(storeType: try convertEnum(p.storeType, WasmAtomicStoreType.allCases), offset: p.offset)
+        case .wasmAnyConvertExtern(_):
+            op = WasmAnyConvertExtern()
+        case .wasmExternConvertAny(_):
+            op = WasmExternConvertAny()
         }
 
         guard op.numInputs + op.numOutputs + op.numInnerOutputs == inouts.count else {
diff --git a/Sources/Fuzzilli/FuzzIL/JSTyper.swift b/Sources/Fuzzilli/FuzzIL/JSTyper.swift
@@ -810,6 +810,14 @@ public struct JSTyper: Analyzer {
                 setType(of: instr.output, to: .wasmRefI31)
             case .wasmI31Get(_):
                 setType(of: instr.output, to: .wasmi32)
+            case .wasmAnyConvertExtern(_):
+                // any.convert_extern forwards the nullability bit from the input.
+                let null = type(of: instr.input(0)).wasmReferenceType!.nullability
+                setType(of: instr.output, to: .wasmRef(.Abstract(.WasmAny), nullability: null))
+            case .wasmExternConvertAny(_):
+                // extern.convert_any forwards the nullability bit from the input.
+                let null = type(of: instr.input(0)).wasmReferenceType!.nullability
+                setType(of: instr.output, to: .wasmRef(.Abstract(.WasmExtern), nullability: null))
             default:
                 if instr.numInnerOutputs + instr.numOutputs != 0 {
                     fatalError("Missing typing of outputs for \(instr.op.opcode)")
diff --git a/Sources/Fuzzilli/FuzzIL/Opcodes.swift b/Sources/Fuzzilli/FuzzIL/Opcodes.swift
@@ -351,4 +351,6 @@ enum Opcode {
     case wasmRefIsNull(WasmRefIsNull)
     case wasmRefI31(WasmRefI31)
     case wasmI31Get(WasmI31Get)
+    case wasmAnyConvertExtern(WasmAnyConvertExtern)
+    case wasmExternConvertAny(WasmExternConvertAny)
 }
diff --git a/Sources/Fuzzilli/FuzzIL/TypeSystem.swift b/Sources/Fuzzilli/FuzzIL/TypeSystem.swift
@@ -226,10 +226,14 @@ public struct ILType: Hashable {
     public static let wasmf32 = ILType(definiteType: .wasmf32)
     public static let wasmf64 = ILType(definiteType: .wasmf64)
     public static let wasmExternRef = ILType.wasmRef(.Abstract(.WasmExtern), nullability: true)
+    public static let wasmRefExtern = ILType.wasmRef(.Abstract(.WasmExtern), nullability: false)
     public static let wasmFuncRef = ILType.wasmRef(.Abstract(.WasmFunc), nullability: true)
     public static let wasmExnRef = ILType.wasmRef(.Abstract(.WasmExn), nullability: true)
     public static let wasmI31Ref = ILType.wasmRef(.Abstract(.WasmI31), nullability: true)
     public static let wasmAnyRef = ILType.wasmRef(.Abstract(.WasmAny), nullability: true)
+    public static let wasmRefAny = ILType.wasmRef(.Abstract(.WasmAny), nullability: false)
+    public static let wasmNullRef = ILType.wasmRef(.Abstract(.WasmNone), nullability: true)
+    public static let wasmNullExternRef = ILType.wasmRef(.Abstract(.WasmNoExtern), nullability: true)
     public static let wasmEqRef = ILType.wasmRef(.Abstract(.WasmEq), nullability: true)
     public static let wasmStructRef = ILType.wasmRef(.Abstract(.WasmStruct), nullability: true)
     public static let wasmArrayRef = ILType.wasmRef(.Abstract(.WasmArray), nullability: true)
diff --git a/Sources/Fuzzilli/FuzzIL/WasmOperations.swift b/Sources/Fuzzilli/FuzzIL/WasmOperations.swift
@@ -2095,6 +2095,22 @@ class WasmI31Get: WasmOperation {
     }
 }
 
+class WasmAnyConvertExtern: WasmOperation {
+    override var opcode: Opcode { .wasmAnyConvertExtern(self) }
+
+    init() {
+        super.init(numInputs: 1, numOutputs: 1, requiredContext: [.wasmFunction])
+    }
+}
+
+class WasmExternConvertAny: WasmOperation {
+    override var opcode: Opcode { .wasmExternConvertAny(self) }
+
+    init() {
+        super.init(numInputs: 1, numOutputs: 1, requiredContext: [.wasmFunction])
+    }
+}
+
 /// An atomic load from Wasm memory.
 /// The accessed address is base + offset.
 final class WasmAtomicLoad: WasmOperation {
diff --git a/Sources/Fuzzilli/Lifting/FuzzILLifter.swift b/Sources/Fuzzilli/Lifting/FuzzILLifter.swift
@@ -1269,6 +1269,12 @@ public class FuzzILLifter: Lifter {
         case .wasmI31Get(let op):
             w.emit("\(output()) <- WasmI31Get \(op.isSigned ? "signed" : "unsigned") \(input(0))")
 
+        case .wasmAnyConvertExtern(_):
+            w.emit("\(output()) <- WasmAnyConvertExtern \(input(0))")
+
+        case .wasmExternConvertAny(_):
+            w.emit("\(output()) <- WasmExternConvertAny \(input(0))")
+
         case .wasmBeginTypeGroup(_):
             w.emit("WasmBeginTypeGroup")
             w.increaseIndentionLevel()
diff --git a/Sources/Fuzzilli/Lifting/JavaScriptLifter.swift b/Sources/Fuzzilli/Lifting/JavaScriptLifter.swift
@@ -1698,7 +1698,9 @@ public class JavaScriptLifter: Lifter {
                  .wasmRefNull(_),
                  .wasmRefIsNull(_),
                  .wasmRefI31(_),
-                 .wasmI31Get(_):
+                 .wasmI31Get(_),
+                 .wasmAnyConvertExtern(_),
+                 .wasmExternConvertAny(_):
                  fatalError("unreachable")
             }
 
diff --git a/Sources/Fuzzilli/Lifting/WasmLifter.swift b/Sources/Fuzzilli/Lifting/WasmLifter.swift
@@ -2067,6 +2067,10 @@ public class WasmLifter {
         case .wasmI31Get(let op):
             let opCode: UInt8 = op.isSigned ? 0x1D : 0x1E
             return Data([Prefix.GC.rawValue, opCode])
+        case .wasmAnyConvertExtern(_):
+            return Data([Prefix.GC.rawValue, 0x1A])
+        case .wasmExternConvertAny(_):
+            return Data([Prefix.GC.rawValue, 0x1B])
 
         default:
              fatalError("unreachable")
diff --git a/Sources/Fuzzilli/Mutators/OperationMutator.swift b/Sources/Fuzzilli/Mutators/OperationMutator.swift
@@ -653,7 +653,9 @@ public class OperationMutator: BaseInstructionMutator {
              .wasmStructSet(_),
              .wasmRefNull(_),
              .wasmRefIsNull(_),
-             .wasmRefI31(_):
+             .wasmRefI31(_),
+             .wasmAnyConvertExtern(_),
+             .wasmExternConvertAny(_):
              assert(!instr.isOperationMutable)
              fatalError("Unexpected Operation")
         }
diff --git a/Sources/Fuzzilli/Protobuf/operations.pb.swift b/Sources/Fuzzilli/Protobuf/operations.pb.swift
@@ -5574,6 +5574,26 @@ public struct Fuzzilli_Protobuf_WasmAtomicStore: Sendable {
   public init() {}
 }
 
+public struct Fuzzilli_Protobuf_WasmAnyConvertExtern: Sendable {
+  // SwiftProtobuf.Message conformance is added in an extension below. See the
+  // `Message` and `Message+*Additions` files in the SwiftProtobuf library for
+  // methods supported on all messages.
+
+  public var unknownFields = SwiftProtobuf.UnknownStorage()
+
+  public init() {}
+}
+
+public struct Fuzzilli_Protobuf_WasmExternConvertAny: Sendable {
+  // SwiftProtobuf.Message conformance is added in an extension below. See the
+  // `Message` and `Message+*Additions` files in the SwiftProtobuf library for
+  // methods supported on all messages.
+
+  public var unknownFields = SwiftProtobuf.UnknownStorage()
+
+  public init() {}
+}
+
 // MARK: - Code below here is support for the SwiftProtobuf runtime.
 
 fileprivate let _protobuf_package = "fuzzilli.protobuf"
@@ -15438,3 +15458,41 @@ extension Fuzzilli_Protobuf_WasmAtomicStore: SwiftProtobuf.Message, SwiftProtobu
     return true
   }
 }
+
+extension Fuzzilli_Protobuf_WasmAnyConvertExtern: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding {
+  public static let protoMessageName: String = _protobuf_package + ".WasmAnyConvertExtern"
+  public static let _protobuf_nameMap = SwiftProtobuf._NameMap()
+
+  public mutating func decodeMessage<D: SwiftProtobuf.Decoder>(decoder: inout D) throws {
+    // Load everything into unknown fields
+    while try decoder.nextFieldNumber() != nil {}
+  }
+
+  public func traverse<V: SwiftProtobuf.Visitor>(visitor: inout V) throws {
+    try unknownFields.traverse(visitor: &visitor)
+  }
+
+  public static func ==(lhs: Fuzzilli_Protobuf_WasmAnyConvertExtern, rhs: Fuzzilli_Protobuf_WasmAnyConvertExtern) -> Bool {
+    if lhs.unknownFields != rhs.unknownFields {return false}
+    return true
+  }
+}
+
+extension Fuzzilli_Protobuf_WasmExternConvertAny: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding {
+  public static let protoMessageName: String = _protobuf_package + ".WasmExternConvertAny"
+  public static let _protobuf_nameMap = SwiftProtobuf._NameMap()
+
+  public mutating func decodeMessage<D: SwiftProtobuf.Decoder>(decoder: inout D) throws {
+    // Load everything into unknown fields
+    while try decoder.nextFieldNumber() != nil {}
+  }
+
+  public func traverse<V: SwiftProtobuf.Visitor>(visitor: inout V) throws {
+    try unknownFields.traverse(visitor: &visitor)
+  }
+
+  public static func ==(lhs: Fuzzilli_Protobuf_WasmExternConvertAny, rhs: Fuzzilli_Protobuf_WasmExternConvertAny) -> Bool {
+    if lhs.unknownFields != rhs.unknownFields {return false}
+    return true
+  }
+}
diff --git a/Sources/Fuzzilli/Protobuf/operations.proto b/Sources/Fuzzilli/Protobuf/operations.proto
@@ -1559,3 +1559,9 @@ message WasmAtomicStore {
   WasmAtomicStoreType storeType = 1;
   int64 offset = 2;
 }
+
+message WasmAnyConvertExtern {
+}
+
+message WasmExternConvertAny {
+}
diff --git a/Sources/Fuzzilli/Protobuf/program.pb.swift b/Sources/Fuzzilli/Protobuf/program.pb.swift
@@ -2553,6 +2553,22 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable {
     set {operation = .wasmI31Get(newValue)}
   }
 
+  public var wasmAnyConvertExtern: Fuzzilli_Protobuf_WasmAnyConvertExtern {
+    get {
+      if case .wasmAnyConvertExtern(let v)? = operation {return v}
+      return Fuzzilli_Protobuf_WasmAnyConvertExtern()
+    }
+    set {operation = .wasmAnyConvertExtern(newValue)}
+  }
+
+  public var wasmExternConvertAny: Fuzzilli_Protobuf_WasmExternConvertAny {
+    get {
+      if case .wasmExternConvertAny(let v)? = operation {return v}
+      return Fuzzilli_Protobuf_WasmExternConvertAny()
+    }
+    set {operation = .wasmExternConvertAny(newValue)}
+  }
+
   public var unknownFields = SwiftProtobuf.UnknownStorage()
 
   public enum OneOf_Operation: Equatable, Sendable {
@@ -2869,6 +2885,8 @@ public struct Fuzzilli_Protobuf_Instruction: Sendable {
     case wasmRefIsNull(Fuzzilli_Protobuf_WasmRefIsNull)
     case wasmRefI31(Fuzzilli_Protobuf_WasmRefI31)
     case wasmI31Get(Fuzzilli_Protobuf_WasmI31Get)
+    case wasmAnyConvertExtern(Fuzzilli_Protobuf_WasmAnyConvertExtern)
+    case wasmExternConvertAny(Fuzzilli_Protobuf_WasmExternConvertAny)
 
   }
 
@@ -3232,6 +3250,8 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M
     312: .same(proto: "wasmRefIsNull"),
     313: .same(proto: "wasmRefI31"),
     314: .same(proto: "wasmI31Get"),
+    315: .same(proto: "wasmAnyConvertExtern"),
+    316: .same(proto: "wasmExternConvertAny"),
   ]
 
   public mutating func decodeMessage<D: SwiftProtobuf.Decoder>(decoder: inout D) throws {
@@ -7305,6 +7325,32 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M
           self.operation = .wasmI31Get(v)
         }
       }()
+      case 315: try {
+        var v: Fuzzilli_Protobuf_WasmAnyConvertExtern?
+        var hadOneofValue = false
+        if let current = self.operation {
+          hadOneofValue = true
+          if case .wasmAnyConvertExtern(let m) = current {v = m}
+        }
+        try decoder.decodeSingularMessageField(value: &v)
+        if let v = v {
+          if hadOneofValue {try decoder.handleConflictingOneOf()}
+          self.operation = .wasmAnyConvertExtern(v)
+        }
+      }()
+      case 316: try {
+        var v: Fuzzilli_Protobuf_WasmExternConvertAny?
+        var hadOneofValue = false
+        if let current = self.operation {
+          hadOneofValue = true
+          if case .wasmExternConvertAny(let m) = current {v = m}
+        }
+        try decoder.decodeSingularMessageField(value: &v)
+        if let v = v {
+          if hadOneofValue {try decoder.handleConflictingOneOf()}
+          self.operation = .wasmExternConvertAny(v)
+        }
+      }()
       default: break
       }
     }
@@ -8571,6 +8617,14 @@ extension Fuzzilli_Protobuf_Instruction: SwiftProtobuf.Message, SwiftProtobuf._M
       guard case .wasmI31Get(let v)? = self.operation else { preconditionFailure() }
       try visitor.visitSingularMessageField(value: v, fieldNumber: 314)
     }()
+    case .wasmAnyConvertExtern?: try {
+      guard case .wasmAnyConvertExtern(let v)? = self.operation else { preconditionFailure() }
+      try visitor.visitSingularMessageField(value: v, fieldNumber: 315)
+    }()
+    case .wasmExternConvertAny?: try {
+      guard case .wasmExternConvertAny(let v)? = self.operation else { preconditionFailure() }
+      try visitor.visitSingularMessageField(value: v, fieldNumber: 316)
+    }()
     case nil: break
     }
     try unknownFields.traverse(visitor: &visitor)
diff --git a/Sources/Fuzzilli/Protobuf/program.proto b/Sources/Fuzzilli/Protobuf/program.proto
@@ -338,6 +338,8 @@ message Instruction {
         WasmRefIsNull wasmRefIsNull = 312;
         WasmRefI31 wasmRefI31 = 313;
         WasmI31Get wasmI31Get = 314;
+        WasmAnyConvertExtern wasmAnyConvertExtern = 315;
+        WasmExternConvertAny wasmExternConvertAny = 316;
     }
 }
 
diff --git a/Tests/FuzzilliTests/WasmTests.swift b/Tests/FuzzilliTests/WasmTests.swift
@@ -4337,6 +4337,52 @@ class WasmGCTests: XCTestCase {
         let jsProg = fuzzer.lifter.lift(prog)
         testForOutput(program: jsProg, runner: runner, outputString: "42\n-42\n42,42\n-42,2147483606\n")
     }
+
+    func testExternAnyConversions() throws {
+        let runner = try GetJavaScriptExecutorOrSkipTest()
+        let liveTestConfig = Configuration(logLevel: .error, enableInspection: true)
+        let fuzzer = makeMockFuzzer(config: liveTestConfig, environment: JavaScriptEnvironment())
+        let b = fuzzer.makeBuilder()
+
+        let module = b.buildWasmModule { wasmModule in
+            wasmModule.addWasmFunction(with: [.wasmi32] => [.wasmRefExtern]) { function, label, args in
+                // As ref.i31 produces a non null `ref i31`, the result of extern.convert_any is a
+                // non-nullable `ref extern`.
+                let result = function.wasmExternConvertAny(function.wasmRefI31(args[0]))
+                XCTAssertEqual(b.type(of: result), .wasmRefExtern)
+                return [result]
+            }
+
+            wasmModule.addWasmFunction(with: [.wasmRefExtern] => [.wasmRefAny]) { function, label, args in
+                let result = function.wasmAnyConvertExtern(args[0])
+                XCTAssertEqual(b.type(of: result), .wasmRefAny)
+                return [result]
+            }
+
+            wasmModule.addWasmFunction(with: [] => [.wasmExternRef]) { function, label, args in
+                let result = function.wasmExternConvertAny(function.wasmRefNull(type: .wasmNullRef))
+                XCTAssertEqual(b.type(of: result), .wasmExternRef)
+                return [result]
+            }
+
+            wasmModule.addWasmFunction(with: [] => [.wasmAnyRef]) { function, label, args in
+                let result = function.wasmAnyConvertExtern(function.wasmRefNull(type: .wasmNullExternRef))
+                XCTAssertEqual(b.type(of: result), .wasmAnyRef)
+                return [result]
+            }
+        }
+
+        let exports = module.loadExports()
+        let outputFunc = b.createNamedVariable(forBuiltin: "output")
+        for i in 0..<4 {
+            let result = b.callMethod(module.getExportedMethod(at: i), on: exports, withArgs: [b.loadInt(42)])
+            b.callFunction(outputFunc, withArgs: [result])
+        }
+
+        let prog = b.finalize()
+        let jsProg = fuzzer.lifter.lift(prog)
+        testForOutput(program: jsProg, runner: runner, outputString: "42\n42\nnull\nnull\n")
+    }
 }
 
 class WasmNumericalTests: XCTestCase {

Original file line number	Diff line number	Diff line change
`@@ -337,4 +337,6 @@ public let codeGeneratorWeights = [`
`337`	`337`	`"WasmRefIsNullGenerator": 5,`
`338`	`338`	`"WasmRefI31Generator": 5,`
`339`	`339`	`"WasmI31GetGenerator": 5,`
	`340`	`+ "WasmAnyConvertExternGenerator": 5,`
	`341`	`+ "WasmExternConvertAnyGenerator": 5,`
`340`	`342`	`]`
Original file line number	Diff line number	Diff line change
`@@ -1551,6 +1551,10 @@ extension Instruction: ProtobufConvertible {`
`1551`	`1551`	`$0.wasmI31Get = Fuzzilli_Protobuf_WasmI31Get.with {`
`1552`	`1552`	`$0.isSigned = op.isSigned`
`1553`	`1553`	`}`
	`1554`	`+ case .wasmAnyConvertExtern(_):`
	`1555`	`+ $0.wasmAnyConvertExtern = Fuzzilli_Protobuf_WasmAnyConvertExtern()`
	`1556`	`+ case .wasmExternConvertAny(_):`
	`1557`	`+ $0.wasmExternConvertAny = Fuzzilli_Protobuf_WasmExternConvertAny()`
`1554`	`1558`	`}`
`1555`	`1559`	`}`
`1556`	`1560`
`@@ -2495,6 +2499,10 @@ extension Instruction: ProtobufConvertible {`
`2495`	`2499`	`op = WasmAtomicLoad(loadType: try convertEnum(p.loadType, WasmAtomicLoadType.allCases), offset: p.offset)`
`2496`	`2500`	`case .wasmAtomicStore(let p):`
`2497`	`2501`	`op = WasmAtomicStore(storeType: try convertEnum(p.storeType, WasmAtomicStoreType.allCases), offset: p.offset)`
	`2502`	`+ case .wasmAnyConvertExtern(_):`
	`2503`	`+ op = WasmAnyConvertExtern()`
	`2504`	`+ case .wasmExternConvertAny(_):`
	`2505`	`+ op = WasmExternConvertAny()`
`2498`	`2506`	`}`
`2499`	`2507`
`2500`	`2508`	`guard op.numInputs + op.numOutputs + op.numInnerOutputs == inouts.count else {`
Original file line number	Diff line number	Diff line change
`@@ -351,4 +351,6 @@ enum Opcode {`
`351`	`351`	`case wasmRefIsNull(WasmRefIsNull)`
`352`	`352`	`case wasmRefI31(WasmRefI31)`
`353`	`353`	`case wasmI31Get(WasmI31Get)`
	`354`	`+ case wasmAnyConvertExtern(WasmAnyConvertExtern)`
	`355`	`+ case wasmExternConvertAny(WasmExternConvertAny)`
`354`	`356`	`}`