wip

See https://github.com/bytecodealliance/wasmtime/issues/8799

I will make a 1.4.1 release after this is merged

README.md

@@ -51,7 +51,7 @@ started:
 | Java SDK    | <img alt="Java SDK" src="https://extism.org/img/sdk-languages/java-android.svg" width="50px"/> | https://github.com/extism/java-sdk                                      | [Sonatype](https://central.sonatype.com/artifact/org.extism.sdk/extism) |
 | .NET SDK    | <img alt=".NET SDK" src="https://extism.org/img/sdk-languages/dotnet.svg" width="50px"/>       | https://github.com/extism/dotnet-sdk <br/>(supports C# & F#!)           | [Nuget](https://www.nuget.org/packages/Extism.Sdk)                      |
 | OCaml SDK   | <img alt="OCaml SDK" src="https://extism.org/img/sdk-languages/ocaml.svg" width="50px"/>       | https://github.com/extism/ocaml-sdk                                     | [opam](https://opam.ocaml.org/packages/extism/)                         |
-| Perl SDK    | <img alt="Perl SDK" src="https://extism.org/img/sdk-languages/perl.svg" width="50px"/>         | https://github.com/extism/perl-sdk                                      | N/A                                                                     |
+| Perl SDK    | <img alt="Perl SDK" src="https://extism.org/img/sdk-languages/perl.svg" width="50px"/>         | https://github.com/extism/perl-sdk                                      | [CPAN](https://metacpan.org/pod/Extism)                                 |
 | PHP SDK     | <img alt="PHP SDK" src="https://extism.org/img/sdk-languages/php.svg" width="50px"/>           | https://github.com/extism/php-sdk                                       | [Packagist](https://packagist.org/packages/extism/extism)               |
 | Python SDK  | <img alt="Python SDK" src="https://extism.org/img/sdk-languages/python.svg" width="50px"/>     | https://github.com/extism/python-sdk                                    | [PyPi](https://pypi.org/project/extism/)                                |
 | Ruby SDK    | <img alt="Ruby SDK" src="https://extism.org/img/sdk-languages/ruby.svg" width="50px"/>         | https://github.com/extism/ruby-sdk                                      | [RubyGems](https://rubygems.org/gems/extism)                            |

kernel/.gitignore

@@ -0,0 +1,3 @@
+owi-out
+*.wat
+proofs

kernel/Cargo.toml

@@ -7,6 +7,7 @@ edition = "2021"
 
 [dev-dependencies]
 wasm-bindgen-test = "0.3.39"
+owi = {git = "https://github.com/dylibso/owi-rs"}
 
 [features]
 default = ["bounds-checking"]
@@ -15,4 +16,4 @@ bounds-checking = []
 [workspace]
 members = [
   "."
-]
+]

kernel/build.sh

@@ -1,5 +1,7 @@
 #!/usr/bin/env bash
 
+set -e
+
 export CARGO_FLAGS=""
 
 while getopts d flag

kernel/examples/alloc_length.rs

@@ -0,0 +1,21 @@
+#![no_main]
+#![no_std]
+use extism_runtime_kernel::*;
+use owi::*;
+
+main!({
+    let n = alloc(1024);
+
+    let x = u64();
+    assume(x > 0);
+
+    let m = alloc(x);
+
+    // 1. Length should equal `x` while active
+    assert(length(m) == x);
+
+    // 2. Length should equal `0` after free
+    free(m); // Free the block
+    assert(length(m) == 0);
+    free(n);
+});

kernel/examples/error.rs

@@ -0,0 +1,24 @@
+#![no_main]
+#![no_std]
+use extism_runtime_kernel::*;
+use owi::*;
+
+main!({
+    let x = u64();
+    let n = u64();
+    let m = u64();
+    assume(x > 0);
+    assume(n > 0);
+    assume(m > 0);
+
+    alloc(n);
+    alloc(m);
+    let n = alloc(x);
+    assert(error_get() == 0);
+
+    error_set(n);
+    assert(error_get() == n);
+    alloc(m);
+    error_set(0);
+    assert(error_get() == 0);
+});

kernel/examples/load_store.rs

@@ -0,0 +1,17 @@
+#![no_main]
+#![no_std]
+use extism_runtime_kernel::*;
+use owi::*;
+
+main!({
+    let x = u64();
+    assume(x > 0);
+
+    let m = alloc(x);
+    assert(length(m) == x);
+    for i in 0..x {
+        store_u8(m + i, i as u8);
+        assert(load_u8(m + i) == i as u8);
+    }
+    free(m);
+});

kernel/examples/reuse.rs

@@ -0,0 +1,39 @@
+#![no_main]
+#![no_std]
+use extism_runtime_kernel::*;
+use owi::*;
+
+main!({
+    let x = u64();
+    assume(x > 0);
+
+    let y = u64();
+    assume(y > 0);
+
+    let mut tmp = 0;
+
+    for _ in 0..y {
+        let m = alloc(x);
+        if tmp == 0 {
+            tmp = m;
+        } else {
+            // Check that the existing block is being re-used
+            assert(m == tmp);
+        }
+
+        assert(length(m) == x);
+        free(m); // Free the block
+    }
+
+    let y = u64();
+    assume(y == x + 1);
+    let n = alloc(y);
+    assert(n > tmp);
+
+    let z = u64();
+    assume(z <= x);
+    assume(x - z < 32);
+    assume(z > 0);
+    let p = alloc(z);
+    assert(p == tmp);
+});

kernel/src/bin/extism-runtime.rs

@@ -1,5 +1,5 @@
-#![no_main]
 #![no_std]
+#![no_main]
 
 pub use extism_runtime_kernel::*;
 

kernel/src/lib.rs

@@ -175,7 +175,7 @@ impl MemoryRoot {
         core::ptr::write_bytes(
             self.blocks.as_mut_ptr() as *mut u8,
             MemoryStatus::Unused as u8,
-            self_position as usize,
+            self_position as usize - core::mem::size_of::<MemoryRoot>(),
         );
 
         // Clear extism runtime metadata
@@ -638,4 +638,15 @@ mod test {
 
         assert_eq!(last, 0);
     }
+
+    #[wasm_bindgen_test]
+    fn test_sym() {
+        unsafe {
+            reset();
+            let a = alloc(47);
+            let b = alloc(20);
+            assert_eq!(length(a), 47);
+            assert_eq!(length(b), 20);
+        }
+    }
 }

kernel/verify.sh

@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+
+set -e
+
+OUT_DIR=./target/wasm32-unknown-unknown/release/examples/
+get_proof() {
+   cp "$OUT_DIR/$1.wasm" "./proofs/$1.wasm"
+}
+
+cargo build --examples --release --target wasm32-unknown-unknown --no-default-features
+
+mkdir -p proofs
+get_proof alloc_length
+get_proof load_store
+get_proof reuse
+get_proof error
+
+for proof in $(ls proofs/*.wasm); do
+  echo "Checking $proof"
+  owi  conc "$proof" $@
+  echo
+  echo "---"
+done

runtime/Cargo.toml

@@ -10,7 +10,7 @@ version.workspace = true
 
 [dependencies]
 wasmtime = ">= 20.0.0, < 22.0.0"
-wasmtime-wasi = ">= 20.0.0, < 22.0.0"
+wasi-common = ">= 20.0.0, < 22.0.0"
 anyhow = "1"
 serde = {version = "1", features = ["derive"]}
 serde_json = "1"

runtime/src/current_plugin.rs

@@ -311,33 +311,29 @@ impl CurrentPlugin {
         id: uuid::Uuid,
     ) -> Result<Self, Error> {
         let wasi = if wasi {
-            let mut ctx = wasmtime_wasi::WasiCtxBuilder::new();
-
-            // Disable sockets/DNS lookup
-            ctx.allow_ip_name_lookup(false)
-                .allow_tcp(false)
-                .allow_udp(false)
-                .allow_blocking_current_thread(true);
+            let auth = wasi_common::sync::ambient_authority();
+            let random = wasi_common::sync::random_ctx();
+            let clocks = wasi_common::sync::clocks_ctx();
+            let sched = wasi_common::sync::sched_ctx();
+            let table = wasi_common::Table::new();
+            let ctx = wasi_common::WasiCtx::new(random, clocks, sched, table);
 
             if let Some(a) = &manifest.allowed_paths {
                 for (k, v) in a.iter() {
-                    ctx.preopened_dir(
-                        k,
-                        v.to_string_lossy(),
-                        wasmtime_wasi::DirPerms::READ | wasmtime_wasi::DirPerms::MUTATE,
-                        wasmtime_wasi::FilePerms::READ | wasmtime_wasi::FilePerms::WRITE,
-                    )?;
+                    let file = Box::new(wasi_common::sync::dir::Dir::from_cap_std(
+                        wasi_common::sync::Dir::open_ambient_dir(k, auth)?,
+                    ));
+                    ctx.push_preopened_dir(file, v)?;
                 }
             }
 
             // Enable WASI output, typically used for debugging purposes
             if std::env::var("EXTISM_ENABLE_WASI_OUTPUT").is_ok() {
-                ctx.inherit_stdout().inherit_stderr();
+                ctx.set_stderr(Box::new(wasi_common::sync::stdio::stderr()));
+                ctx.set_stdout(Box::new(wasi_common::sync::stdio::stdout()));
             }
 
-            Some(Wasi {
-                ctx: ctx.build_p1(),
-            })
+            Some(Wasi { ctx })
         } else {
             None
         };

runtime/src/internal.rs

@@ -3,7 +3,7 @@ use crate::*;
 /// WASI context
 pub struct Wasi {
     /// wasi
-    pub ctx: wasmtime_wasi::preview1::WasiP1Ctx,
+    pub ctx: wasi_common::WasiCtx,
 }
 
 /// InternalExt provides a unified way of acessing `memory`, `store` and `internal` values

runtime/src/plugin.rs

@@ -250,7 +250,7 @@ fn relink(
 
     // If wasi is enabled then add it to the linker
     if with_wasi {
-        wasmtime_wasi::preview1::add_to_linker_sync(&mut linker, |x: &mut CurrentPlugin| {
+        wasi_common::sync::add_to_linker(&mut linker, |x: &mut CurrentPlugin| {
             &mut x.wasi.as_mut().unwrap().ctx
         })?;
     }
@@ -834,7 +834,7 @@ impl Plugin {
                     }
                 }
 
-                let wasi_exit_code = e.downcast_ref::<wasmtime_wasi::I32Exit>().map(|e| e.0);
+                let wasi_exit_code = e.downcast_ref::<wasi_common::I32Exit>().map(|e| e.0);
                 if let Some(exit_code) = wasi_exit_code {
                     debug!(
                         plugin = self.id.to_string(),