Translator: Fix miscompilation in relinking optimization

All instructions that just pop values but do not push anything should
invalidate the relinking state.

Author: kateinoigakukun

FuzzTesting/FailCases/FuzzDifferential/diff-259df1650a6738711fc751c0ff56f40b0327b49e.wasm

@@ -959,6 +959,7 @@ struct InstructionTranslator<Context: TranslatorContext>: InstructionVisitor {
         guard try checkBeforePop(typeHint: type) else {
             return nil
         }
+        iseqBuilder.resetLastEmission()
         return try valueStack.pop(type)
     }
 
@@ -976,6 +977,7 @@ struct InstructionTranslator<Context: TranslatorContext>: InstructionVisitor {
         guard try checkBeforePop(typeHint: nil) else {
             return (.unknown, nil)
         }
+        iseqBuilder.resetLastEmission()
         return try valueStack.pop()
     }
 

Sources/WasmKit/Translator.swift

@@ -12,3 +12,21 @@
 
 (assert_return (invoke "brif_not_taken" (i32.const 3)) (i32.const 6))
 
+(module
+  (func (export "check")
+    (local i64 i32 f32)
+    i64.const 4
+    ;; use non-const nor local instruction to force
+    ;; leaving local.set at runtime
+    i64.clz
+
+    i32.const 0
+    i32.eqz
+    ;; popping the i32.eqz should invalidate the relinking state
+    br_if 0
+    local.set 0
+    unreachable)
+)
+
+
+(invoke "check")