TitleCharacterizing and Detecting WebAssembly Runtime Bugs
AuthorsZhang, Yixuan
Cao, Shangtong
Wang, Haoyu
Chen, Zhenpeng
Luo, Xiapu
Mu, Dongliang
Ma, Yun
Huang, Gang
Liu, Xuanzhe
AffiliationPeking Univ, Minist Educ, Key Lab High Confidence Software Technol Peking U, Sch Comp Sci, Beijing, Peoples R China
Beijing Univ Posts & Telecommun, Beijing, Peoples R China
Huazhong Univ Sci & Technol, Wuhan, Peoples R China
UCL, London, England
Hong Kong Polytecn Univ, Hong Kong, Peoples R China
Peking Univ, Sch Comp Sci, Beijing, Peoples R China
Natl Key Lab Data Space Technol & Syst, Beijing, Peoples R China
Peking Univ, 5 Yiheyuan Rd, Beijing, Peoples R China
Issue DateFeb-2024
PublisherACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY
AbstractWebAssembly (abbreviated WASM) has emerged as a promising language of the Web and also been used for a wide spectrum of software applications such as mobile applications and desktop applications. These applications, named WASM applications, commonly run in WASM runtimes. Bugs in WASM runtimes are frequently reported by developers and cause the crash of WASM applications. However, these bugs have not been well studied. To fill in the knowledge gap, we present a systematic study to characterize and detect bugs in WASM runtimes. We first harvest a dataset of 311 real-world bugs from hundreds of related posts on GitHub. Based on the collected high-quality bug reports, we distill 31 bug categories of WASM runtimes and summarize their common fix strategies. Furthermore, we develop a pattern-based bug detection framework to automatically detect bugs inWASM runtimes. We apply the detection framework to seven popular WASM runtimes and successfully uncover 60 bugs that have never been reported previously, among which 13 have been confirmed and 9 have been fixed by runtime developers.
URIhttp://hdl.handle.net/20.500.11897/710964
ISSN1049-331X
DOI10.1145/3624743
IndexedSCI(E)
Appears in Collections:信息科学技术学院
高可信软件技术教育部重点实验室

Files in This Work
There are no files associated with this item.

Web of Science®



Checked on Last Week

Scopus®



Checked on Current Time

百度学术™



Checked on Current Time

Google Scholar™





License: See PKU IR operational policies.