Skip to content

Releases: WasmCert/WasmCert-Coq

Release 2.0.1

17 Oct 17:34
@raoxiaojia raoxiaojia
v2.0.1
f050e87
Compare
Choose a tag to compare
Release 2.0.1 Latest
Latest

Release 2.0.1

This release is a cumulative update for the repository since the initial release for Wasm 2.0 features, including a bump on the dependency versions (now using Coq 8.19) and several refactorings and feature additions.

Upgrade to Coq 8.19

The codebase is now updated to work with Coq 8.19. The other dependencies have also been upgraded correspondingly.

Context interpreter refactoring

The context interpreter has been refactored to provide a more faithful version of the progress property.

Bugfix for certain numeric operations

The behaviour of shl_s has been fixed according to the spec. Further tests are still required as the numerical part is severely under-tested.

Added opaque implementation of vector instructions (SIMD)

Added the necessary instructions for the new 2.0 SIMD instructions to be parsed but without any concrete implementations. In a future version, add some hooks to the OCaml implementation of the reference interpreter to support concrete SIMD operations.

Binary printer backwards-compatibility

Added an additional check in the binary printer that tries to provide 1.0-compatible binary modules when a Wasm module only used the features from the Wasm 1.0 semantics set.

What's Changed

Full Changelog: v2.0...v2.0.1

Contributors

raoxiaojia and womeier
Assets 2
Loading

v2.0

16 Apr 14:34
@raoxiaojia raoxiaojia
v2.0
058984f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.0

Release 2.0 + Subtyping

This release for Wasm 2.0 + Subtyping implemented the following changes in the official spec release 2.0:

  • Multiple-value blocks;
  • Reference types;
  • Table instructions;
  • Multiple tables;
  • Bulk memory and table instructions.

In addition, this release also implemented the subtyping system from the future funcref/GC proposals.

The new sign extension, non-trapping float-to-int conversion, and vector types are added but without any concrete implementation.

Updated Components:

  • Base opsem/typing definitions;
  • Preservation theorems;
  • Interpreter and progress theorem;
  • Instantiation;
  • Instantiation soundness theorems;
  • Type checker;
  • Type checker correctness theorem;
  • Binary printer/parser;
  • Code pretty printer;
  • Subtyping.

Major Structural Changes

Values vs Instructions

Due to the introduction of reference values, values are no longer necessarily basic instructions; function references and external references are expressed as administrative instructions due to their direct usage of store addresses instead of module indices. This change has broken some assumptions that many original proofs and definitions based on -- mostly those related to value typing (see below).
Total and partial conversion operations are now provided for conversion between values and their corresponding instructions:

  • v_to_e/e_to_v for total conversions;
  • e_to_v_opt for partial operations.

Value Typing and the Store

Due to the use of store addresses, the new reference values can only be typed given a store. This necessitated the introduction
of a separate value_typing relation with respect to a store. In addition, value typing relation now has to be done at the
e_typing level (for administrative instructions) as they can no longer be converted to basic instructions and typed using the const rule in be_typing. New value typing inversion lemmas were added to help reasoning with this change; search for terms involving value_typing and values_typing.

Threads

Threads are now properly spelt out as a separate type that constitutes the configuration tuple. The old thread-related definitions (e.g. s_typing) are renamed to the names used in the standard (e.g. thread_typing).

Type System and Subtyping

In addition, this release also implements subtyping introduced in the future funcret/GC proposal as a forward-looking move. There is currently no observable effect in Wasm 2.0 except for typing instructions past unconditional branches, as there is no non-trivial subtypings between any of the base value types. There exists a principal type (potentially with some free type parameters) for every value/instruction, which all possible types of it are supertypes of.
The largest impact of this type system change is that, in the future, values can no longer uniquely typed even if it is well typed. This is not the case in Wasm 2.0 yet, but examples can be introduced in future proposals.
The old weakening typing rules are replaced by a subtyping rule as a result of this change, which reflects the shift in the future proposals.

Refactorings and Feature Improvements

Host Formulation

The parametric host language is now defined using typeclasses.
The main major benefit is the automatic filling of implicit host parameter, instead of needing to redefine all operations involving anything downstream from function instances and stores. The proof context is also greatly simplified since all these redefinitions no longer exist to occupy a major chunk of the buffer window.

Numerics

  • Refactored the old collection of conversion operations cvtop to be split up by their individual constructors to better match the spec.

Name Changes

  • Changed the name of some types, instructions, and constructors to better match the official spec.
  • Instance indices are now simplified to the base u32 type without additional constructors.

Pretty Printer

  • Implemented pretty printing for conversion operations.

Typing

  • Massively improved the scope and automation of the typing inversion lemmas.
  • Provided a new tactic resolve_e_typing that automatically tries to resolve e_typing goals, dealing mostly with the operands.
  • Provided a separate file for the new subtyping lemmas and tactics.

Type Checker

  • Completely reimplemented the type checker, which should now be slightly more efficient (although this should hardly be observable).

Miscellaneous

  • Introduced many additional excerpts in comments from the official spec for various definitions.

Bug Fixes

  • Fixed a bug where the binary printer incorrectly prints all types of reinterpret conversions to 0xBC.
  • Fixed a bug where the binary printer sometimes prints indices via a conversion to nat first.

What's Changed

Full Changelog: v1.0...v2.0

Contributors

raoxiaojia
Assets 2
Loading

v1.0

15 Apr 14:55
@raoxiaojia raoxiaojia
v1.0
1fda06e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0

Release for Wasm 1.0. This release is published to create a permanent reference for Wasm 1.0 while the master branch moves on to the more recent versions of Wasm.

What's Changed

  • Interpreter with improved context representation, and massive context refactoring by @raoxiaojia in #35
  • Refactors for composition inversion lemmas and improved typing inversion tactics by @raoxiaojia in #36
  • Computable version of inst_typing, and some associated fixes for cl_typing by @raoxiaojia in #37

Full Changelog: 0.2...v1.0

Contributors

raoxiaojia
Assets 2
Loading