Enhance type checking for function types in loader and improve error handling (#4294)

Especially when GC is enabled, a valid item of `module->types` needs additional
checks before casting to WASMFuncType.

Also, avoid overflowing if reftype_map_count is 0.

Additionally, correctly set IN_OSS_FUZZ based on CFLAGS_ENV for sanitizer
configuration. Update ASan and UBSan messages for clarity in non-oss-fuzz
environments.

tests/fuzz/wasm-mutator-fuzz/CMakeLists.txt

@@ -181,7 +181,12 @@ add_link_options(-fsanitize=fuzzer -fno-sanitize=vptr)
 
 # Enable sanitizers if not in oss-fuzz environment
 set(CFLAGS_ENV $ENV{CFLAGS})
-string(FIND "${CFLAGS_ENV}" "-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION" IN_OSS_FUZZ)
+string(FIND "${CFLAGS_ENV}" "-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION" FUZZ_POS)
+if (FUZZ_POS GREATER -1)
+  set(IN_OSS_FUZZ 1)
+else()
+  set(IN_OSS_FUZZ 0)
+endif()
 
 add_subdirectory(aot-compiler)
 add_subdirectory(wasm-mutator)

tests/fuzz/wasm-mutator-fuzz/aot-compiler/CMakeLists.txt

@@ -68,7 +68,7 @@ target_link_directories(aotclib PUBLIC ${LLVM_LIBRARY_DIR})
 target_link_libraries(aotclib PUBLIC ${REQUIRED_LLVM_LIBS})
 
 if(NOT IN_OSS_FUZZ)
-  message(STATUS "Enable ASan and UBSan in non-oss-fuzz environment")
+  message(STATUS "Enable ASan and UBSan in non-oss-fuzz environment for aotclib")
   target_compile_options(aotclib PUBLIC
     -fprofile-instr-generate -fcoverage-mapping
     -fno-sanitize-recover=all

tests/fuzz/wasm-mutator-fuzz/wasm-mutator/CMakeLists.txt

@@ -58,7 +58,7 @@ add_executable(wasm_mutator_fuzz wasm_mutator_fuzz.cc)
 target_link_libraries(wasm_mutator_fuzz PRIVATE vmlib m)
 
 if(NOT IN_OSS_FUZZ)
-  message(STATUS "Enable ASan and UBSan in non-oss-fuzz environment")
+  message(STATUS "Enable ASan and UBSan in non-oss-fuzz environment for vmlib")
   target_compile_options(vmlib PUBLIC
     -fprofile-instr-generate -fcoverage-mapping
     -fno-sanitize-recover=all