Fix SafeHeap crash when start function calls an imported function (#8306)

`findCalledFunctions` in SafeHeap transitively walks all functions
called from the start function to determine which functions should not
be instrumented. When the start function calls an imported function, the
import was added to the worklist and then `FindAll<Call>` was called on
its null body, causing an assertion failure in the walker.

Fix: Skip imported functions in the traversal since they have no body to
walk.

Author: sumleo

src/passes/SafeHeap.cpp

@@ -139,6 +139,9 @@ static std::set<Name> findCalledFunctions(Module* module, Name startFunc) {
       auto next = toVisit.back();
       toVisit.pop_back();
       auto* func = module->getFunction(next);
+      if (func->imported()) {
+        continue;
+      }
       for (auto* call : FindAll<Call>(func->body).list) {
         addFunction(call->target);
       }

test/lit/passes/safe-heap-start-import.wast

@@ -0,0 +1,25 @@
+;; NOTE: Assertions have been generated by update_lit_checks.py and should not be edited.
+;; RUN: wasm-opt %s --safe-heap -S -o - | filecheck %s
+
+;; Test that safe-heap does not crash when the start function calls an imported
+;; function. The findCalledFunctions helper transitively walks all called
+;; functions from the start, and must skip imported functions which have no body.
+
+(module
+  ;; CHECK:      (import "env" "some_import" (func $import))
+  (import "env" "some_import" (func $import))
+  (memory 1 1)
+
+  ;; CHECK:      (start $start)
+  (start $start)
+
+  ;; CHECK:      (func $start
+  ;; CHECK-NEXT:  (call $import)
+  ;; CHECK-NEXT: )
+  (func $start
+    ;; The start function calls an imported function. Previously this would
+    ;; crash because findCalledFunctions would try to walk the null body of
+    ;; the imported function.
+    (call $import)
+  )
+)