rust: implement safer execution wrapper #652
Conversation
Codecov Report
@@ Coverage Diff @@
## master #652 +/- ##
=======================================
Coverage 99.31% 99.31%
=======================================
Files 72 72
Lines 10628 10628
=======================================
Hits 10555 10555
Misses 73 73
Flags with carried forward coverage won't be shown. Click here to find out more. |
axic
force-pushed
the
rust-safe-execute
branch
from
1151a2a to
ccac5fc
Compare
bindings/rust/src/lib.rs
Outdated
| @@ -160,6 +160,11 @@ impl From<ExecutionResult> for sys::FizzyExecutionResult { | |||
| } | |||
|
|
|||
| impl Instance { | |||
| /// Get a read-only pointer to the module. | |||
| unsafe fn get_instance_module(&self) -> *const sys::FizzyModule { | |||
There was a problem hiding this comment.
| unsafe fn get_instance_module(&self) -> *const sys::FizzyModule { | |
| unsafe fn get_module(&self) -> *const sys::FizzyModule { |
There was a problem hiding this comment.
Good point. I tried to mirror the underlying C API names, but probably it makes no sense.
bindings/rust/src/lib.rs
Outdated
| // TODO: validate input types too | ||
|
|
||
| let ret = unsafe { self.unsafe_execute(func_idx, args, depth) }; | ||
| // Fail if output is expected, but none was returned. |
There was a problem hiding this comment.
It shouldn't happen unless there're bugs in execution, so maybe this should be an assertion?
There was a problem hiding this comment.
The opposite could also be asserted: function type is void, but something is returned.
There was a problem hiding this comment.
We should use assertions when there is an API bug, and errors when it is a user validation question. I guess in this case assertion is fine as we get the func_idx from the name.
There was a problem hiding this comment.
I think this should do it?
if !ret.trapped()
{
assert!((func_type.output == sys::FizzyValueTypeVoid) == !ret.value().is_some());
}
a84f843 to
7f24a40
Compare
| depth: i32, | ||
| ) -> Result<ExecutionResult, ()> { | ||
| let func_idx = self.find_exported_function_index(&name); | ||
| if func_idx.is_none() { |
There was a problem hiding this comment.
If get #677 merged, these could be replaced with let func_idx = self.find_exported_function_index(&name)?; where the question mark operator means errors are bubbled up.
I would however go with this PR as is first, and then merge the error one showing the improvement.
| @@ -29,6 +29,8 @@ fn main() { | |||
| // https://github.com/rust-lang-nursery/rust-bindgen/issues/947#issuecomment-327100002 | |||
| .layout_tests(false) | |||
| .whitelist_function("fizzy_.*") | |||
| .whitelist_var("Fizzy.*") | |||
There was a problem hiding this comment.
Needed for FizzyValueTypeVoid.
| if func_type.inputs_size != args.len() { | ||
| return Err(()); | ||
| } | ||
| // TODO: validate input types too |
There was a problem hiding this comment.
For type validation need to revamp the type of Value (turning it into an enum data type with conversions) here to include type information. Maybe better separately as it is quite large.
The last line with |
axic
force-pushed
the
rust-safe-execute
branch
from
6c67475 to
bd46cf2
Compare
axic
force-pushed
the
rust-safe-execute
branch
from
bd46cf2 to
8fe90d3
Compare
axic
force-pushed
the
rust-safe-execute
branch
3 times, most recently
from
448c9a9 to
693ad0d
Compare
axic
force-pushed
the
rust-safe-execute
branch
from
693ad0d to
5e5e43f
Compare
No description provided.