Fuzzer: Don't legalize if there is an imported module to fuzz with (#8027)

If we import another module in a fuzz testcase, legalization could break
the contract between them.

Author: kripken

src/tools/fuzzing/fuzzing.cpp

@@ -323,8 +323,11 @@ void TranslateToFuzzReader::pickPasses(OptimizationOptions& options) {
 
   // Prune things that error in JS if we call them (like SIMD), some of the
   // time. This alters the wasm/JS boundary quite a lot, so testing both forms
-  // is useful.
-  if (oneIn(2)) {
+  // is useful. Note that we do not do this if there is an imported module,
+  // because in that case legalization could alter the contract between the two
+  // (that is, if the first module has an i64 param, we must call it like that,
+  // and not as two i32s which we'd get after legalization).
+  if (!importedModule && oneIn(2)) {
     options.passes.push_back("legalize-and-prune-js-interface");
   }
 

src/tools/wasm-opt.cpp

@@ -346,15 +346,15 @@ For more on how to optimize effectively, see
   if (translateToFuzz) {
     TranslateToFuzzReader reader(
       wasm, options.extra["infile"], options.passOptions.closedWorld);
-    if (fuzzPasses) {
-      reader.pickPasses(options);
-    }
     reader.setAllowMemory(fuzzMemory);
     reader.setAllowOOB(fuzzOOB);
     reader.setPreserveImportsAndExports(fuzzPreserveImportsAndExports);
     if (!fuzzImport.empty()) {
       reader.setImportedModule(fuzzImport);
     }
+    if (fuzzPasses) {
+      reader.pickPasses(options);
+    }
     reader.build();
     if (options.passOptions.validate) {
       if (!WasmValidator().validate(wasm, options.passOptions)) {