a.c

#include <emscripten.h>

extern void launch_missiles();

extern void foo_checkin();
extern void bar_checkin();

void (*mutable_global)() = &launch_missiles;

void benign() {}

void foo_internal(void (**func_ptr_ptr)()) { foo_checkin(); }

EMSCRIPTEN_KEEPALIVE
void foo() {
 void (*func_ptr)() = &benign;
 foo_internal(&func_ptr);
 (*func_ptr)();
}

void bar_internal(int *int_ptr) { bar_checkin(); }
EMSCRIPTEN_KEEPALIVE
int bar(int input) { bar_internal(&input); return input; }

a.wat

;; result of
;; ./emcc a.c -w -O0 --profiling -s ERROR_ON_UNDEFINED_SYMBOLS=0
;; wasm-opt a.out.wasm -O
;; (running emcc -O1 or above optimizes away too much code!)

 (func $foo (; has Stack IR ;)
  (local $0 i32)
  (local $1 i32)
  (global.set $__stack_pointer
   (local.tee $0
    (i32.sub
     (global.get $__stack_pointer)
     (i32.const 16)
    )
   )
  )
  (i32.store offset=12
   (local.get $0)
   (i32.const 1)
  )
  (global.set $__stack_pointer
   (local.tee $1
    (i32.sub
     (global.get $__stack_pointer)
     (i32.const 16)
    )
   )
  )
  (i32.store offset=12
   (local.get $1)
   (i32.add
    (local.get $0)
    (i32.const 12)
   )
  )
  (call $foo_checkin)
  (global.set $__stack_pointer
   (i32.add
    (local.get $1)
    (i32.const 16)
   )
  )
  (call_indirect (type $0)
   (i32.load offset=12
    (local.get $0)
   )
  )
  (global.set $__stack_pointer
   (i32.add
    (local.get $0)
    (i32.const 16)
   )
  )
 )