1pub mod wit;
2
3use crate::capability_granter::CapabilityGranter;
4use crate::{ExtensionManifest, ExtensionSettings};
5use anyhow::{Context as _, Result, anyhow, bail};
6use async_trait::async_trait;
7use dap::{DebugRequest, StartDebuggingRequestArgumentsRequest};
8use extension::{
9 CodeLabel, Command, Completion, ContextServerConfiguration, DebugAdapterBinary,
10 DebugTaskDefinition, ExtensionCapability, ExtensionHostProxy, KeyValueStoreDelegate,
11 ProjectDelegate, SlashCommand, SlashCommandArgumentCompletion, SlashCommandOutput, Symbol,
12 WorktreeDelegate,
13};
14use fs::Fs;
15use futures::future::LocalBoxFuture;
16use futures::{
17 Future, FutureExt, StreamExt as _,
18 channel::{
19 mpsc::{self, UnboundedSender},
20 oneshot,
21 },
22 future::BoxFuture,
23};
24use gpui::{App, AsyncApp, BackgroundExecutor, Task};
25use http_client::HttpClient;
26use language::LanguageName;
27use lsp::LanguageServerName;
28use moka::sync::Cache;
29use node_runtime::NodeRuntime;
30use release_channel::ReleaseChannel;
31use semver::Version;
32use settings::Settings;
33use std::{
34 borrow::Cow,
35 path::{Path, PathBuf},
36 sync::{Arc, LazyLock, OnceLock},
37 time::Duration,
38};
39use task::{DebugScenario, SpawnInTerminal, TaskTemplate, ZedDebugConfig};
40use util::paths::SanitizedPath;
41use wasmtime::{
42 CacheStore, Engine, Store,
43 component::{Component, ResourceTable},
44};
45use wasmtime_wasi::p2::{self as wasi, IoView as _};
46use wit::Extension;
47
48pub struct WasmHost {
49 engine: Engine,
50 release_channel: ReleaseChannel,
51 http_client: Arc<dyn HttpClient>,
52 node_runtime: NodeRuntime,
53 pub(crate) proxy: Arc<ExtensionHostProxy>,
54 fs: Arc<dyn Fs>,
55 pub work_dir: PathBuf,
56 /// The capabilities granted to extensions running on the host.
57 pub(crate) granted_capabilities: Vec<ExtensionCapability>,
58 _main_thread_message_task: Task<()>,
59 main_thread_message_tx: mpsc::UnboundedSender<MainThreadCall>,
60}
61
62#[derive(Clone, Debug)]
63pub struct WasmExtension {
64 tx: UnboundedSender<ExtensionCall>,
65 pub manifest: Arc<ExtensionManifest>,
66 pub work_dir: Arc<Path>,
67 #[allow(unused)]
68 pub zed_api_version: Version,
69 _task: Arc<Task<Result<(), gpui_tokio::JoinError>>>,
70}
71
72impl Drop for WasmExtension {
73 fn drop(&mut self) {
74 self.tx.close_channel();
75 }
76}
77
78#[async_trait]
79impl extension::Extension for WasmExtension {
80 fn manifest(&self) -> Arc<ExtensionManifest> {
81 self.manifest.clone()
82 }
83
84 fn work_dir(&self) -> Arc<Path> {
85 self.work_dir.clone()
86 }
87
88 async fn language_server_command(
89 &self,
90 language_server_id: LanguageServerName,
91 language_name: LanguageName,
92 worktree: Arc<dyn WorktreeDelegate>,
93 ) -> Result<Command> {
94 self.call(|extension, store| {
95 async move {
96 let resource = store.data_mut().table().push(worktree)?;
97 let command = extension
98 .call_language_server_command(
99 store,
100 &language_server_id,
101 &language_name,
102 resource,
103 )
104 .await?
105 .map_err(|err| store.data().extension_error(err))?;
106
107 Ok(command.into())
108 }
109 .boxed()
110 })
111 .await?
112 }
113
114 async fn language_server_initialization_options(
115 &self,
116 language_server_id: LanguageServerName,
117 language_name: LanguageName,
118 worktree: Arc<dyn WorktreeDelegate>,
119 ) -> Result<Option<String>> {
120 self.call(|extension, store| {
121 async move {
122 let resource = store.data_mut().table().push(worktree)?;
123 let options = extension
124 .call_language_server_initialization_options(
125 store,
126 &language_server_id,
127 &language_name,
128 resource,
129 )
130 .await?
131 .map_err(|err| store.data().extension_error(err))?;
132 anyhow::Ok(options)
133 }
134 .boxed()
135 })
136 .await?
137 }
138
139 async fn language_server_workspace_configuration(
140 &self,
141 language_server_id: LanguageServerName,
142 worktree: Arc<dyn WorktreeDelegate>,
143 ) -> Result<Option<String>> {
144 self.call(|extension, store| {
145 async move {
146 let resource = store.data_mut().table().push(worktree)?;
147 let options = extension
148 .call_language_server_workspace_configuration(
149 store,
150 &language_server_id,
151 resource,
152 )
153 .await?
154 .map_err(|err| store.data().extension_error(err))?;
155 anyhow::Ok(options)
156 }
157 .boxed()
158 })
159 .await?
160 }
161
162 async fn language_server_additional_initialization_options(
163 &self,
164 language_server_id: LanguageServerName,
165 target_language_server_id: LanguageServerName,
166 worktree: Arc<dyn WorktreeDelegate>,
167 ) -> Result<Option<String>> {
168 self.call(|extension, store| {
169 async move {
170 let resource = store.data_mut().table().push(worktree)?;
171 let options = extension
172 .call_language_server_additional_initialization_options(
173 store,
174 &language_server_id,
175 &target_language_server_id,
176 resource,
177 )
178 .await?
179 .map_err(|err| store.data().extension_error(err))?;
180 anyhow::Ok(options)
181 }
182 .boxed()
183 })
184 .await?
185 }
186
187 async fn language_server_additional_workspace_configuration(
188 &self,
189 language_server_id: LanguageServerName,
190 target_language_server_id: LanguageServerName,
191 worktree: Arc<dyn WorktreeDelegate>,
192 ) -> Result<Option<String>> {
193 self.call(|extension, store| {
194 async move {
195 let resource = store.data_mut().table().push(worktree)?;
196 let options = extension
197 .call_language_server_additional_workspace_configuration(
198 store,
199 &language_server_id,
200 &target_language_server_id,
201 resource,
202 )
203 .await?
204 .map_err(|err| store.data().extension_error(err))?;
205 anyhow::Ok(options)
206 }
207 .boxed()
208 })
209 .await?
210 }
211
212 async fn labels_for_completions(
213 &self,
214 language_server_id: LanguageServerName,
215 completions: Vec<Completion>,
216 ) -> Result<Vec<Option<CodeLabel>>> {
217 self.call(|extension, store| {
218 async move {
219 let labels = extension
220 .call_labels_for_completions(
221 store,
222 &language_server_id,
223 completions.into_iter().map(Into::into).collect(),
224 )
225 .await?
226 .map_err(|err| store.data().extension_error(err))?;
227
228 Ok(labels
229 .into_iter()
230 .map(|label| label.map(Into::into))
231 .collect())
232 }
233 .boxed()
234 })
235 .await?
236 }
237
238 async fn labels_for_symbols(
239 &self,
240 language_server_id: LanguageServerName,
241 symbols: Vec<Symbol>,
242 ) -> Result<Vec<Option<CodeLabel>>> {
243 self.call(|extension, store| {
244 async move {
245 let labels = extension
246 .call_labels_for_symbols(
247 store,
248 &language_server_id,
249 symbols.into_iter().map(Into::into).collect(),
250 )
251 .await?
252 .map_err(|err| store.data().extension_error(err))?;
253
254 Ok(labels
255 .into_iter()
256 .map(|label| label.map(Into::into))
257 .collect())
258 }
259 .boxed()
260 })
261 .await?
262 }
263
264 async fn complete_slash_command_argument(
265 &self,
266 command: SlashCommand,
267 arguments: Vec<String>,
268 ) -> Result<Vec<SlashCommandArgumentCompletion>> {
269 self.call(|extension, store| {
270 async move {
271 let completions = extension
272 .call_complete_slash_command_argument(store, &command.into(), &arguments)
273 .await?
274 .map_err(|err| store.data().extension_error(err))?;
275
276 Ok(completions.into_iter().map(Into::into).collect())
277 }
278 .boxed()
279 })
280 .await?
281 }
282
283 async fn run_slash_command(
284 &self,
285 command: SlashCommand,
286 arguments: Vec<String>,
287 delegate: Option<Arc<dyn WorktreeDelegate>>,
288 ) -> Result<SlashCommandOutput> {
289 self.call(|extension, store| {
290 async move {
291 let resource = if let Some(delegate) = delegate {
292 Some(store.data_mut().table().push(delegate)?)
293 } else {
294 None
295 };
296
297 let output = extension
298 .call_run_slash_command(store, &command.into(), &arguments, resource)
299 .await?
300 .map_err(|err| store.data().extension_error(err))?;
301
302 Ok(output.into())
303 }
304 .boxed()
305 })
306 .await?
307 }
308
309 async fn context_server_command(
310 &self,
311 context_server_id: Arc<str>,
312 project: Arc<dyn ProjectDelegate>,
313 ) -> Result<Command> {
314 self.call(|extension, store| {
315 async move {
316 let project_resource = store.data_mut().table().push(project)?;
317 let command = extension
318 .call_context_server_command(store, context_server_id.clone(), project_resource)
319 .await?
320 .map_err(|err| store.data().extension_error(err))?;
321 anyhow::Ok(command.into())
322 }
323 .boxed()
324 })
325 .await?
326 }
327
328 async fn context_server_configuration(
329 &self,
330 context_server_id: Arc<str>,
331 project: Arc<dyn ProjectDelegate>,
332 ) -> Result<Option<ContextServerConfiguration>> {
333 self.call(|extension, store| {
334 async move {
335 let project_resource = store.data_mut().table().push(project)?;
336 let Some(configuration) = extension
337 .call_context_server_configuration(
338 store,
339 context_server_id.clone(),
340 project_resource,
341 )
342 .await?
343 .map_err(|err| store.data().extension_error(err))?
344 else {
345 return Ok(None);
346 };
347
348 Ok(Some(configuration.try_into()?))
349 }
350 .boxed()
351 })
352 .await?
353 }
354
355 async fn suggest_docs_packages(&self, provider: Arc<str>) -> Result<Vec<String>> {
356 self.call(|extension, store| {
357 async move {
358 let packages = extension
359 .call_suggest_docs_packages(store, provider.as_ref())
360 .await?
361 .map_err(|err| store.data().extension_error(err))?;
362
363 Ok(packages)
364 }
365 .boxed()
366 })
367 .await?
368 }
369
370 async fn index_docs(
371 &self,
372 provider: Arc<str>,
373 package_name: Arc<str>,
374 kv_store: Arc<dyn KeyValueStoreDelegate>,
375 ) -> Result<()> {
376 self.call(|extension, store| {
377 async move {
378 let kv_store_resource = store.data_mut().table().push(kv_store)?;
379 extension
380 .call_index_docs(
381 store,
382 provider.as_ref(),
383 package_name.as_ref(),
384 kv_store_resource,
385 )
386 .await?
387 .map_err(|err| store.data().extension_error(err))?;
388
389 anyhow::Ok(())
390 }
391 .boxed()
392 })
393 .await?
394 }
395
396 async fn get_dap_binary(
397 &self,
398 dap_name: Arc<str>,
399 config: DebugTaskDefinition,
400 user_installed_path: Option<PathBuf>,
401 worktree: Arc<dyn WorktreeDelegate>,
402 ) -> Result<DebugAdapterBinary> {
403 self.call(|extension, store| {
404 async move {
405 let resource = store.data_mut().table().push(worktree)?;
406 let dap_binary = extension
407 .call_get_dap_binary(store, dap_name, config, user_installed_path, resource)
408 .await?
409 .map_err(|err| store.data().extension_error(err))?;
410 let dap_binary = dap_binary.try_into()?;
411 Ok(dap_binary)
412 }
413 .boxed()
414 })
415 .await?
416 }
417 async fn dap_request_kind(
418 &self,
419 dap_name: Arc<str>,
420 config: serde_json::Value,
421 ) -> Result<StartDebuggingRequestArgumentsRequest> {
422 self.call(|extension, store| {
423 async move {
424 let kind = extension
425 .call_dap_request_kind(store, dap_name, config)
426 .await?
427 .map_err(|err| store.data().extension_error(err))?;
428 Ok(kind.into())
429 }
430 .boxed()
431 })
432 .await?
433 }
434
435 async fn dap_config_to_scenario(&self, config: ZedDebugConfig) -> Result<DebugScenario> {
436 self.call(|extension, store| {
437 async move {
438 let kind = extension
439 .call_dap_config_to_scenario(store, config)
440 .await?
441 .map_err(|err| store.data().extension_error(err))?;
442 Ok(kind)
443 }
444 .boxed()
445 })
446 .await?
447 }
448
449 async fn dap_locator_create_scenario(
450 &self,
451 locator_name: String,
452 build_config_template: TaskTemplate,
453 resolved_label: String,
454 debug_adapter_name: String,
455 ) -> Result<Option<DebugScenario>> {
456 self.call(|extension, store| {
457 async move {
458 extension
459 .call_dap_locator_create_scenario(
460 store,
461 locator_name,
462 build_config_template,
463 resolved_label,
464 debug_adapter_name,
465 )
466 .await
467 }
468 .boxed()
469 })
470 .await?
471 }
472 async fn run_dap_locator(
473 &self,
474 locator_name: String,
475 config: SpawnInTerminal,
476 ) -> Result<DebugRequest> {
477 self.call(|extension, store| {
478 async move {
479 extension
480 .call_run_dap_locator(store, locator_name, config)
481 .await?
482 .map_err(|err| store.data().extension_error(err))
483 }
484 .boxed()
485 })
486 .await?
487 }
488}
489
490pub struct WasmState {
491 manifest: Arc<ExtensionManifest>,
492 pub table: ResourceTable,
493 ctx: wasi::WasiCtx,
494 pub host: Arc<WasmHost>,
495 pub(crate) capability_granter: CapabilityGranter,
496}
497
498type MainThreadCall = Box<dyn Send + for<'a> FnOnce(&'a mut AsyncApp) -> LocalBoxFuture<'a, ()>>;
499
500type ExtensionCall = Box<
501 dyn Send + for<'a> FnOnce(&'a mut Extension, &'a mut Store<WasmState>) -> BoxFuture<'a, ()>,
502>;
503
504fn wasm_engine(executor: &BackgroundExecutor) -> wasmtime::Engine {
505 static WASM_ENGINE: OnceLock<wasmtime::Engine> = OnceLock::new();
506 WASM_ENGINE
507 .get_or_init(|| {
508 let mut config = wasmtime::Config::new();
509 config.wasm_component_model(true);
510 config.async_support(true);
511 config
512 .enable_incremental_compilation(cache_store())
513 .unwrap();
514 // Async support introduces the issue that extension execution happens during `Future::poll`,
515 // which could block an async thread.
516 // https://docs.rs/wasmtime/latest/wasmtime/struct.Config.html#execution-in-poll
517 //
518 // Epoch interruption is a lightweight mechanism to allow the extensions to yield control
519 // back to the executor at regular intervals.
520 config.epoch_interruption(true);
521
522 let engine = wasmtime::Engine::new(&config).unwrap();
523
524 // It might be safer to do this on a non-async thread to make sure it makes progress
525 // regardless of if extensions are blocking.
526 // However, due to our current setup, this isn't a likely occurrence and we'd rather
527 // not have a dedicated thread just for this. If it becomes an issue, we can consider
528 // creating a separate thread for epoch interruption.
529 let engine_ref = engine.weak();
530 let executor2 = executor.clone();
531 executor
532 .spawn(async move {
533 // Somewhat arbitrary interval, as it isn't a guaranteed interval.
534 // But this is a rough upper bound for how long the extension execution can block on
535 // `Future::poll`.
536 const EPOCH_INTERVAL: Duration = Duration::from_millis(100);
537 loop {
538 executor2.timer(EPOCH_INTERVAL).await;
539 // Exit the loop and thread once the engine is dropped.
540 let Some(engine) = engine_ref.upgrade() else {
541 break;
542 };
543 engine.increment_epoch();
544 }
545 })
546 .detach();
547
548 engine
549 })
550 .clone()
551}
552
553fn cache_store() -> Arc<IncrementalCompilationCache> {
554 static CACHE_STORE: LazyLock<Arc<IncrementalCompilationCache>> =
555 LazyLock::new(|| Arc::new(IncrementalCompilationCache::new()));
556 CACHE_STORE.clone()
557}
558
559impl WasmHost {
560 pub fn new(
561 fs: Arc<dyn Fs>,
562 http_client: Arc<dyn HttpClient>,
563 node_runtime: NodeRuntime,
564 proxy: Arc<ExtensionHostProxy>,
565 work_dir: PathBuf,
566 cx: &mut App,
567 ) -> Arc<Self> {
568 let (tx, mut rx) = mpsc::unbounded::<MainThreadCall>();
569 let task = cx.spawn(async move |cx| {
570 while let Some(message) = rx.next().await {
571 message(cx).await;
572 }
573 });
574
575 let extension_settings = ExtensionSettings::get_global(cx);
576
577 Arc::new(Self {
578 engine: wasm_engine(cx.background_executor()),
579 fs,
580 work_dir,
581 http_client,
582 node_runtime,
583 proxy,
584 release_channel: ReleaseChannel::global(cx),
585 granted_capabilities: extension_settings.granted_capabilities.clone(),
586 _main_thread_message_task: task,
587 main_thread_message_tx: tx,
588 })
589 }
590
591 pub fn load_extension(
592 self: &Arc<Self>,
593 wasm_bytes: Vec<u8>,
594 manifest: &Arc<ExtensionManifest>,
595 cx: &AsyncApp,
596 ) -> Task<Result<WasmExtension>> {
597 let this = self.clone();
598 let manifest = manifest.clone();
599 let executor = cx.background_executor().clone();
600
601 // Parse version and compile component on gpui's background executor.
602 // These are cpu-bound operations that don't require a tokio runtime.
603 let compile_task = {
604 let manifest_id = manifest.id.clone();
605 let engine = this.engine.clone();
606
607 executor.spawn(async move {
608 let zed_api_version = parse_wasm_extension_version(&manifest_id, &wasm_bytes)?;
609 let component = Component::from_binary(&engine, &wasm_bytes)
610 .context("failed to compile wasm component")?;
611
612 anyhow::Ok((zed_api_version, component))
613 })
614 };
615
616 let load_extension = |zed_api_version: Version, component| async move {
617 let wasi_ctx = this.build_wasi_ctx(&manifest).await?;
618 let mut store = wasmtime::Store::new(
619 &this.engine,
620 WasmState {
621 ctx: wasi_ctx,
622 manifest: manifest.clone(),
623 table: ResourceTable::new(),
624 host: this.clone(),
625 capability_granter: CapabilityGranter::new(
626 this.granted_capabilities.clone(),
627 manifest.clone(),
628 ),
629 },
630 );
631 // Store will yield after 1 tick, and get a new deadline of 1 tick after each yield.
632 store.set_epoch_deadline(1);
633 store.epoch_deadline_async_yield_and_update(1);
634
635 let mut extension = Extension::instantiate_async(
636 &executor,
637 &mut store,
638 this.release_channel,
639 zed_api_version.clone(),
640 &component,
641 )
642 .await?;
643
644 extension
645 .call_init_extension(&mut store)
646 .await
647 .context("failed to initialize wasm extension")?;
648
649 let (tx, mut rx) = mpsc::unbounded::<ExtensionCall>();
650 let extension_task = async move {
651 while let Some(call) = rx.next().await {
652 (call)(&mut extension, &mut store).await;
653 }
654 };
655
656 anyhow::Ok((
657 extension_task,
658 manifest.clone(),
659 this.work_dir.join(manifest.id.as_ref()).into(),
660 tx,
661 zed_api_version,
662 ))
663 };
664
665 cx.spawn(async move |cx| {
666 let (zed_api_version, component) = compile_task.await?;
667
668 // Run wasi-dependent operations on tokio.
669 // wasmtime_wasi internally uses tokio for I/O operations.
670 let (extension_task, manifest, work_dir, tx, zed_api_version) =
671 gpui_tokio::Tokio::spawn(cx, load_extension(zed_api_version, component)).await??;
672
673 // Run the extension message loop on tokio since extension
674 // calls may invoke wasi functions that require a tokio runtime.
675 let task = Arc::new(gpui_tokio::Tokio::spawn(cx, extension_task));
676
677 Ok(WasmExtension {
678 manifest,
679 work_dir,
680 tx,
681 zed_api_version,
682 _task: task,
683 })
684 })
685 }
686
687 async fn build_wasi_ctx(&self, manifest: &Arc<ExtensionManifest>) -> Result<wasi::WasiCtx> {
688 let extension_work_dir = self.work_dir.join(manifest.id.as_ref());
689 self.fs
690 .create_dir(&extension_work_dir)
691 .await
692 .context("failed to create extension work dir")?;
693
694 let file_perms = wasmtime_wasi::FilePerms::all();
695 let dir_perms = wasmtime_wasi::DirPerms::all();
696 let path = SanitizedPath::new(&extension_work_dir).to_string();
697 #[cfg(target_os = "windows")]
698 let path = path.replace('\\', "/");
699
700 let mut ctx = wasi::WasiCtxBuilder::new();
701 ctx.inherit_stdio()
702 .env("PWD", &path)
703 .env("RUST_BACKTRACE", "full");
704
705 ctx.preopened_dir(&path, ".", dir_perms, file_perms)?;
706 ctx.preopened_dir(&path, &path, dir_perms, file_perms)?;
707
708 Ok(ctx.build())
709 }
710
711 pub async fn writeable_path_from_extension(
712 &self,
713 id: &Arc<str>,
714 path: &Path,
715 ) -> Result<PathBuf> {
716 let canonical_work_dir = self
717 .fs
718 .canonicalize(&self.work_dir)
719 .await
720 .with_context(|| format!("canonicalizing work dir {:?}", self.work_dir))?;
721 let extension_work_dir = canonical_work_dir.join(id.as_ref());
722
723 let absolute = if path.is_relative() {
724 extension_work_dir.join(path)
725 } else {
726 path.to_path_buf()
727 };
728
729 let normalized = util::paths::normalize_lexically(&absolute)
730 .map_err(|_| anyhow!("path {path:?} escapes its parent"))?;
731
732 // Canonicalize the nearest existing ancestor to resolve any symlinks
733 // in the on-disk portion of the path. Components beyond that ancestor
734 // are re-appended, which lets this work for destinations that don't
735 // exist yet (e.g. nested directories created by tar extraction).
736 let mut existing = normalized.as_path();
737 let mut tail_components = Vec::new();
738 let canonical_prefix = loop {
739 match self.fs.canonicalize(existing).await {
740 Ok(canonical) => break canonical,
741 Err(_) => {
742 if let Some(file_name) = existing.file_name() {
743 tail_components.push(file_name.to_owned());
744 }
745 existing = existing
746 .parent()
747 .context(format!("cannot resolve path {path:?}"))?;
748 }
749 }
750 };
751
752 let mut resolved = canonical_prefix;
753 for component in tail_components.into_iter().rev() {
754 resolved.push(component);
755 }
756
757 anyhow::ensure!(
758 resolved.starts_with(&extension_work_dir),
759 "cannot write to path {resolved:?}",
760 );
761 Ok(resolved)
762 }
763}
764
765pub fn parse_wasm_extension_version(extension_id: &str, wasm_bytes: &[u8]) -> Result<Version> {
766 let mut version = None;
767
768 for part in wasmparser::Parser::new(0).parse_all(wasm_bytes) {
769 if let wasmparser::Payload::CustomSection(s) =
770 part.context("error parsing wasm extension")?
771 && s.name() == "zed:api-version"
772 {
773 version = parse_wasm_extension_version_custom_section(s.data());
774 if version.is_none() {
775 bail!(
776 "extension {} has invalid zed:api-version section: {:?}",
777 extension_id,
778 s.data()
779 );
780 }
781 }
782 }
783
784 // The reason we wait until we're done parsing all of the Wasm bytes to return the version
785 // is to work around a panic that can happen inside of Wasmtime when the bytes are invalid.
786 //
787 // By parsing the entirety of the Wasm bytes before we return, we're able to detect this problem
788 // earlier as an `Err` rather than as a panic.
789 version.with_context(|| format!("extension {extension_id} has no zed:api-version section"))
790}
791
792fn parse_wasm_extension_version_custom_section(data: &[u8]) -> Option<Version> {
793 if data.len() == 6 {
794 Some(Version::new(
795 u16::from_be_bytes([data[0], data[1]]) as _,
796 u16::from_be_bytes([data[2], data[3]]) as _,
797 u16::from_be_bytes([data[4], data[5]]) as _,
798 ))
799 } else {
800 None
801 }
802}
803
804impl WasmExtension {
805 pub async fn load(
806 extension_dir: &Path,
807 manifest: &Arc<ExtensionManifest>,
808 wasm_host: Arc<WasmHost>,
809 cx: &AsyncApp,
810 ) -> Result<Self> {
811 let path = extension_dir.join("extension.wasm");
812
813 let mut wasm_file = wasm_host
814 .fs
815 .open_sync(&path)
816 .await
817 .context(format!("opening wasm file, path: {path:?}"))?;
818
819 let mut wasm_bytes = Vec::new();
820 wasm_file
821 .read_to_end(&mut wasm_bytes)
822 .context(format!("reading wasm file, path: {path:?}"))?;
823
824 wasm_host
825 .load_extension(wasm_bytes, manifest, cx)
826 .await
827 .with_context(|| format!("loading wasm extension: {}", manifest.id))
828 }
829
830 pub async fn call<T, Fn>(&self, f: Fn) -> Result<T>
831 where
832 T: 'static + Send,
833 Fn: 'static
834 + Send
835 + for<'a> FnOnce(&'a mut Extension, &'a mut Store<WasmState>) -> BoxFuture<'a, T>,
836 {
837 let (return_tx, return_rx) = oneshot::channel();
838 self.tx
839 .unbounded_send(Box::new(move |extension, store| {
840 async {
841 let result = f(extension, store).await;
842 return_tx.send(result).ok();
843 }
844 .boxed()
845 }))
846 .map_err(|_| {
847 anyhow!(
848 "wasm extension channel should not be closed yet, extension {} (id {})",
849 self.manifest.name,
850 self.manifest.id,
851 )
852 })?;
853 return_rx.await.with_context(|| {
854 format!(
855 "wasm extension channel, extension {} (id {})",
856 self.manifest.name, self.manifest.id,
857 )
858 })
859 }
860}
861
862impl WasmState {
863 fn on_main_thread<T, Fn>(&self, f: Fn) -> impl 'static + Future<Output = T>
864 where
865 T: 'static + Send,
866 Fn: 'static + Send + for<'a> FnOnce(&'a mut AsyncApp) -> LocalBoxFuture<'a, T>,
867 {
868 let (return_tx, return_rx) = oneshot::channel();
869 self.host
870 .main_thread_message_tx
871 .clone()
872 .unbounded_send(Box::new(move |cx| {
873 async {
874 let result = f(cx).await;
875 return_tx.send(result).ok();
876 }
877 .boxed_local()
878 }))
879 .unwrap_or_else(|_| {
880 panic!(
881 "main thread message channel should not be closed yet, extension {} (id {})",
882 self.manifest.name, self.manifest.id,
883 )
884 });
885 let name = self.manifest.name.clone();
886 let id = self.manifest.id.clone();
887 async move {
888 return_rx.await.unwrap_or_else(|_| {
889 panic!("main thread message channel, extension {name} (id {id})")
890 })
891 }
892 }
893
894 fn work_dir(&self) -> PathBuf {
895 self.host.work_dir.join(self.manifest.id.as_ref())
896 }
897
898 fn extension_error(&self, message: String) -> anyhow::Error {
899 anyhow!(
900 "from extension \"{}\" version {}: {}",
901 self.manifest.name,
902 self.manifest.version,
903 message
904 )
905 }
906}
907
908impl wasi::IoView for WasmState {
909 fn table(&mut self) -> &mut ResourceTable {
910 &mut self.table
911 }
912}
913
914impl wasi::WasiView for WasmState {
915 fn ctx(&mut self) -> &mut wasi::WasiCtx {
916 &mut self.ctx
917 }
918}
919
920/// Wrapper around a mini-moka bounded cache for storing incremental compilation artifacts.
921/// Since wasm modules have many similar elements, this can save us a lot of work at the
922/// cost of a small memory footprint. However, we don't want this to be unbounded, so we use
923/// a LFU/LRU cache to evict less used cache entries.
924#[derive(Debug)]
925struct IncrementalCompilationCache {
926 cache: Cache<Vec<u8>, Vec<u8>>,
927}
928
929impl IncrementalCompilationCache {
930 fn new() -> Self {
931 let cache = Cache::builder()
932 // Cap this at 32 MB for now. Our extensions turn into roughly 512kb in the cache,
933 // which means we could store 64 completely novel extensions in the cache, but in
934 // practice we will more than that, which is more than enough for our use case.
935 .max_capacity(32 * 1024 * 1024)
936 .weigher(|k: &Vec<u8>, v: &Vec<u8>| (k.len() + v.len()).try_into().unwrap_or(u32::MAX))
937 .build();
938 Self { cache }
939 }
940}
941
942impl CacheStore for IncrementalCompilationCache {
943 fn get(&self, key: &[u8]) -> Option<Cow<'_, [u8]>> {
944 self.cache.get(key).map(|v| v.into())
945 }
946
947 fn insert(&self, key: &[u8], value: Vec<u8>) -> bool {
948 self.cache.insert(key.to_vec(), value);
949 true
950 }
951}
952
953#[cfg(test)]
954mod tests {
955 use super::*;
956 use extension::ExtensionHostProxy;
957 use fs::FakeFs;
958 use gpui::TestAppContext;
959 use http_client::FakeHttpClient;
960 use node_runtime::NodeRuntime;
961 use serde_json::json;
962 use settings::SettingsStore;
963
964 fn init_test(cx: &mut TestAppContext) {
965 cx.update(|cx| {
966 let store = SettingsStore::test(cx);
967 cx.set_global(store);
968 release_channel::init(semver::Version::new(0, 0, 0), cx);
969 extension::init(cx);
970 gpui_tokio::init(cx);
971 });
972 }
973
974 #[gpui::test]
975 async fn test_writeable_path_rejects_escape_attempts(cx: &mut TestAppContext) {
976 init_test(cx);
977
978 let fs = FakeFs::new(cx.executor());
979 fs.insert_tree(
980 "/work",
981 json!({
982 "test-extension": {
983 "legit.txt": "legitimate content"
984 }
985 }),
986 )
987 .await;
988 fs.insert_tree("/outside", json!({ "secret.txt": "sensitive data" }))
989 .await;
990 fs.insert_symlink("/work/test-extension/escape", PathBuf::from("/outside"))
991 .await;
992
993 let host = cx.update(|cx| {
994 WasmHost::new(
995 fs.clone(),
996 FakeHttpClient::with_200_response(),
997 NodeRuntime::unavailable(),
998 Arc::new(ExtensionHostProxy::default()),
999 PathBuf::from("/work"),
1000 cx,
1001 )
1002 });
1003
1004 let extension_id: Arc<str> = "test-extension".into();
1005
1006 // A path traversing through a symlink that points outside the work dir
1007 // must be rejected. Canonicalization resolves the symlink before the
1008 // prefix check, so this is caught.
1009 let result = host
1010 .writeable_path_from_extension(
1011 &extension_id,
1012 Path::new("/work/test-extension/escape/secret.txt"),
1013 )
1014 .await;
1015 assert!(
1016 result.is_err(),
1017 "symlink escape should be rejected, but got: {result:?}",
1018 );
1019
1020 // A path using `..` to escape the extension work dir must be rejected.
1021 let result = host
1022 .writeable_path_from_extension(
1023 &extension_id,
1024 Path::new("/work/test-extension/../../outside/secret.txt"),
1025 )
1026 .await;
1027 assert!(
1028 result.is_err(),
1029 "parent traversal escape should be rejected, but got: {result:?}",
1030 );
1031
1032 // A legitimate path within the extension work dir should succeed.
1033 let result = host
1034 .writeable_path_from_extension(
1035 &extension_id,
1036 Path::new("/work/test-extension/legit.txt"),
1037 )
1038 .await;
1039 assert!(
1040 result.is_ok(),
1041 "legitimate path should be accepted, but got: {result:?}",
1042 );
1043
1044 // A relative path with non-existent intermediate directories should
1045 // succeed, mirroring the integration test pattern where an extension
1046 // downloads a tar to e.g. "gleam-v1.2.3" (creating the directory)
1047 // and then references "gleam-v1.2.3/gleam" inside it.
1048 let result = host
1049 .writeable_path_from_extension(&extension_id, Path::new("new-dir/nested/binary"))
1050 .await;
1051 assert!(
1052 result.is_ok(),
1053 "relative path with non-existent parents should be accepted, but got: {result:?}",
1054 );
1055
1056 // A symlink deeper than the immediate parent must still be caught.
1057 // Here "escape" is a symlink to /outside, so "escape/deep/file.txt"
1058 // has multiple non-existent components beyond the symlink.
1059 let result = host
1060 .writeable_path_from_extension(&extension_id, Path::new("escape/deep/nested/file.txt"))
1061 .await;
1062 assert!(
1063 result.is_err(),
1064 "symlink escape through deep non-existent path should be rejected, but got: {result:?}",
1065 );
1066 }
1067}