Currently we don't actually sandbox the memory at all, so you can do evil things
like read and write the host's memory. We also don't support growing memory or
cranelift-compatible ABI that passes the memory offset as an argument.
We also always immediately allocate the buffer when encountering a memory section,
there is preliminary support for translating a buffer which can then have the real
offset replaced using relocations (and returning a different type when doing so)
but I haven't written the code that actually does relocation so it doesn't work yet.
