Refrain from setting array indices outside the array length

The code `array[i] = foo` where `i >= array.length` does, for obvious
reasons, not work inside unchecked contexts. Code like this was the
cause of crashes when compiling with `--uncheckedBehavior always`. In
my opinion, this practice is sloppy, although my workarounds can be
considered equally sloppy.

Author: CountBleck

src/builtins.ts

@@ -10329,17 +10329,17 @@ export function compileVisitMembers(compiler: Compiler): void {
     let instanceId = _keys[i];
     assert(instanceId == nextId++);
     let instance = assert(managedClasses.get(instanceId));
-    names[i] = instance.internalName;
+    names.push(instance.internalName);
     if (instance.isPointerfree) {
-      cases[i] = module.return();
+      cases.push(module.return());
     } else {
-      cases[i] = module.block(null, [
+      cases.push(module.block(null, [
         module.call(`${instance.internalName}~visit`, [
           module.local_get(0, sizeTypeRef), // this
           module.local_get(1, TypeRef.I32)  // cookie
         ], TypeRef.None),
         module.return()
-      ], TypeRef.None);
+      ], TypeRef.None));
       ensureVisitMembersOf(compiler, instance);
     }
   }

src/compiler.ts

@@ -6379,7 +6379,7 @@ export class Compiler extends DiagnosticEmitter {
     }
     let numOptional = assert(maxOperands - minOperands);
 
-    let forwardedOperands = new Array<ExpressionRef>(minOperands);
+    let forwardedOperands = new Array<ExpressionRef>(maxOperands);
     let operandIndex = 0;
     let stmts = new Array<ExpressionRef>();
 
@@ -6609,7 +6609,7 @@ export class Compiler extends DiagnosticEmitter {
     let body: ExpressionRef;
     let instanceClass = instance.getBoundClassOrInterface();
     if (!instance.is(CommonFlags.Abstract) && !(instanceClass && instanceClass.kind == ElementKind.Interface)) {
-      let paramExprs = new Array<ExpressionRef>(numParameters);
+      let paramExprs = new Array<ExpressionRef>(numParameters + 1);
       paramExprs[0] = module.local_get(0, sizeTypeRef); // this
       for (let i = 0, k = parameterTypes.length; i < k; ++i) {
         paramExprs[1 + i] = module.local_get(1 + i, parameterTypes[i].toRef());

src/flow.ts

@@ -524,15 +524,25 @@ export class Flow {
   setLocalFlag(index: i32, flag: LocalFlags): void {
     if (index < 0) return;
     let localFlags = this.localFlags;
-    let flags = index < localFlags.length ? unchecked(localFlags[index]) : 0;
+    let flags = 0;
+    if (index < localFlags.length) {
+      flags = unchecked(localFlags[index]);
+    } else {
+      localFlags.length = index + 1;
+    }
     localFlags[index] = flags | flag;
   }
 
   /** Unsets the specified flag or flags on the local at the specified index. */
   unsetLocalFlag(index: i32, flag: LocalFlags): void {
     if (index < 0) return;
     let localFlags = this.localFlags;
-    let flags = index < localFlags.length ? unchecked(localFlags[index]) : 0;
+    let flags = 0;
+    if (index < localFlags.length) {
+      flags = unchecked(localFlags[index]);
+    } else {
+      localFlags.length = index + 1;
+    }
     localFlags[index] = flags & ~flag;
   }
 

src/passes/shadowstack.ts

@@ -467,7 +467,7 @@ export class ShadowStackPass extends Pass {
     let results = _BinaryenFunctionGetResults(funcRef);
     let body = assert(_BinaryenFunctionGetBody(funcRef));
     let numVars = _BinaryenFunctionGetNumVars(funcRef);
-    let vars = new Array<TypeRef>();
+    let vars = new Array<TypeRef>(numVars);
     for (let i: Index = 0; i < numVars; ++i) {
       vars[i] = _BinaryenFunctionGetVar(funcRef, i);
     }