Created attachment 473855 [details] program.js ### Description WebKit does not enforce the restriction that element segment initializers can only reference imported globals. According to the [WebAssembly specification](https://webassembly.github.io/spec/core/valid/instructions.html#constant-expressions), globals are not recursive and cannot be accessed within constant expressions when they are defined locally, affecting the initialization of element segments. ### Environment - OS: Ubuntu 20.04 - CPU: amd64 - WebKit Version: 146fa28a329d220785d2972c1d691555141e6406 ### Steps to Reproduce Run the following WebAssembly module: ``` ./JSCOnly/Debug/bin/jsc ./program.js ``` ### Current State ```plaintext (no error or warning) ``` ### Expected Behavior Per the [WebAssembly specification](https://webassembly.github.io/spec/core/valid/instructions.html#constant-expressions), element segment initializers should only be able to reference imported globals. If a locally defined global is accessed, the module should fail validation with an error similar to: ``` initializer expression can only reference an imported global ```