Bring back Module::deserialize (#2858)

* Bring back `Module::deserialize` I thought I was being clever suggesting that `Module::deserialize` was removed from #2791 by funneling all module constructors into `Module::new`. As our studious fuzzers have found, though, this means that `Module::new` is not safe currently to pass arbitrary user-defined input into. Now one might pretty reasonable expect to be able to do that, however, being a WebAssembly engine and all. This PR as a result separates the `deserialize` part of `Module::new` back into `Module::deserialize`. This means that binary blobs created with `Module::serialize` and `Engine::precompile_module` will need to be passed to `Module::deserialize` to "rehydrate" them back into a `Module`. This restores the property that it should be safe to pass arbitrary input to `Module::new` since it's always expected to be a wasm module. This also means that fuzzing will no longer attempt to fuzz `Module::deserialize` which isn't something we want to do anyway. * Fix an example * Mark `Module::deserialize` as `unsafe`
2021-04-27 10:55:12 -05:00
parent 4a830b1159
commit 8384f3a347
10 changed files with 110 additions and 65 deletions
--- a/tests/all/module.rs
+++ b/tests/all/module.rs
@@ -27,35 +27,37 @@ fn caches_across_engines() {
        .serialize()
        .unwrap();

-    let res = Module::new(&Engine::new(&Config::new()).unwrap(), &bytes);
-    assert!(res.is_ok());
+    unsafe {
+        let res = Module::deserialize(&Engine::new(&Config::new()).unwrap(), &bytes);
+        assert!(res.is_ok());

-    // differ in shared cranelift flags
-    let res = Module::new(
-        &Engine::new(Config::new().cranelift_nan_canonicalization(true)).unwrap(),
-        &bytes,
-    );
-    assert!(res.is_err());
-
-    // differ in cranelift settings
-    let res = Module::new(
-        &Engine::new(Config::new().cranelift_opt_level(OptLevel::None)).unwrap(),
-        &bytes,
-    );
-    assert!(res.is_err());
-
-    // Missing required cpu flags
-    if cfg!(target_arch = "x86_64") {
-        let res = Module::new(
-            &Engine::new(
-                Config::new()
-                    .target(&target_lexicon::Triple::host().to_string())
-                    .unwrap(),
-            )
-            .unwrap(),
+        // differ in shared cranelift flags
+        let res = Module::deserialize(
+            &Engine::new(Config::new().cranelift_nan_canonicalization(true)).unwrap(),
            &bytes,
        );
        assert!(res.is_err());
+
+        // differ in cranelift settings
+        let res = Module::deserialize(
+            &Engine::new(Config::new().cranelift_opt_level(OptLevel::None)).unwrap(),
+            &bytes,
+        );
+        assert!(res.is_err());
+
+        // Missing required cpu flags
+        if cfg!(target_arch = "x86_64") {
+            let res = Module::deserialize(
+                &Engine::new(
+                    Config::new()
+                        .target(&target_lexicon::Triple::host().to_string())
+                        .unwrap(),
+                )
+                .unwrap(),
+                &bytes,
+            );
+            assert!(res.is_err());
+        }
    }
 }

@@ -66,7 +68,7 @@ fn aot_compiles() -> Result<()> {
        "(module (func (export \"f\") (param i32) (result i32) local.get 0))".as_bytes(),
    )?;

-    let module = Module::from_binary(&engine, &bytes)?;
+    let module = unsafe { Module::deserialize(&engine, &bytes)? };

    let store = Store::new(&engine);
    let instance = Instance::new(&store, &module, &[])?;