[wasm] Add bounds check in debug opcode printing

In debug builds of Liftoff, the opcode of the next instruction is
printed as a code comment. For multi-byte opcodes, all but the first
byte have to be extracted explicitly from the wasm code in the
{NextInstruction} function. The bounds check for this extraction was
missing.

R=clemensb@chromium.org

Bug: chromium:1061304
Change-Id: I16a05d54e50506c1387970ad84082d7e76108fc0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2100996Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66696}

src/wasm/baseline/liftoff-compiler.cc

@@ -666,7 +666,8 @@ class LiftoffCompiler {
     TraceCacheState(decoder);
 #ifdef DEBUG
     SLOW_DCHECK(__ ValidateCacheState());
-    if (WasmOpcodes::IsPrefixOpcode(opcode)) {
+    if (WasmOpcodes::IsPrefixOpcode(opcode) &&
+        decoder->pc() + 1 < decoder->end()) {
       byte op_index = *(decoder->pc() + 1);
       opcode = static_cast<WasmOpcode>(opcode << 8 | op_index);
     }