[Custom Descriptors] Update Heap2Local

[tlively]

When optimizing allocations of structs with descriptors, store the
descriptor in a local the same way we store normal fields. Update
ref.get_desc on optimized allocations to simply get the local holding
the descriptor. Lower ref.cast_desc to unreachable when the optimized
allocation flows in as the descriptor because it cannot have also been
the descriptor on the cast value without being considered to have
escaped. When the optimized allocation is itself the cast value, compare
the local containing its descriptor to the target descriptor to
determine whether the cast would have succeeded.

[kripken]

Why is this checking the interaction? I can't figure that out. What other interaction is being ruled out?

[tlively]

We're optimizing an allocation that flows into the cast either as the ref or as the desc. This intends to differentiate between those two cases.

(I guess maybe I also have to check the case where the same allocation flows into both locations...)

[kripken]

Ah, right, thanks. Makes sense.

(I think the case of flowing into both is already handled, by the first case?)

[tlively]

It was, but not optimally, and adding a test revealed a segfault when the allocation target does not have a descriptor. PTAL at the fixes.

[kripken]

Side question about the spec, why is this instruction called ref.cast_desc and given a type to cast to, if what it actually does is compare the desc for equality? Seems like ref.eq_desc..?

[tlively]

If all you want to do is check equality of descriptors, you can already do that with ref.get_desc and ref.eq. If that check succeeds, you know what type the described value must have, but the type system does not have that information. So the main point of this instruction is to be a cast, i.e. to check that a value has a particular type and use that type in further validation. It just happens to implement that cast by checking equality of descriptors.

[kripken]

I see, thanks. The name seems slightly odd but I get the use case.

[kripken]

Suggested change

	// the descriptor, since it cannot possible have been used in the
	// the descriptor, since it cannot possibly have been used in the

[tlively]

Wow my typing correctness has really gone downhill recently 😓

[tlively]

Looks like CI found some unrelated UB when running the clusterfuzz tests:

======================================================================
FAIL: test_run_py (test.unit.test_cluster_fuzz.ClusterFuzz.test_run_py)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/runner/work/binaryen/binaryen/test/unit/test_cluster_fuzz.py", line 116, in test_run_py
    self.assertEqual(stderr, '')
    ~~~~~~~~~~~~~~~~^^^^^^^^^^^^
AssertionError: "/home/runner/work/binaryen/binaryen/src/[256 chars]2:24" != ''
- /home/runner/work/binaryen/binaryen/src/passes/OptimizeInstructions.cpp:3612:24: runtime error: shift exponent 64 is too large for 64-bit type 'unsigned long long'
- SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /home/runner/work/binaryen/binaryen/src/passes/OptimizeInstructions.cpp:3612:24