ABSTRACT
WebAssembly is the new low-level language for the web and has now been implemented in all major browsers since over a year. To ensure the security, performance, and correctness of future web applications, there is a strong need for dynamic analysis tools for WebAssembly. However, building such tools from scratch requires knowledge of low-level details of the language and its runtime environment. This paper presents Wasabi, the first general-purpose framework for dynamically analyzing WebAssembly. Wasabi provides an easy-to-use, high-level API that supports heavyweight dynamic analyses. It is based on binary instrumentation, which inserts calls to analysis functions written in JavaScript into a WebAssembly binary. Dynamically analyzing WebAssembly comes with several unique challenges, such as the problem of tracing type-polymorphic instructions with analysis functions that have a fixed type, which we address through on-demand monomorphization. Our evaluation on compute-intensive benchmarks and real-world applications shows that Wasabi (i) faithfully preserves the original program behavior, (ii) imposes an overhead that is reasonable for heavyweight dynamic analysis, and (iii) makes it straightforward to implement various dynamic analyses, including instruction counting, call graph extraction, memory access tracing, and taint analysis.
- Hiralal Agrawal and Joseph R. Horgan. 1990. Dynamic Program Slicing. In Proceedings of the ACM SIGPLAN 1990 Conference on Programming Language Design and Implementation (PLDI '90). ACM, New York, NY, USA, 246--256. Google ScholarDigital Library
- Esben Andreasen, Liang Gong, Anders Møller, Michael Pradel, Marija Selakovic, Koushik Sen, and Cristian-Alexandru Staicu. 2017. A Survey of Dynamic Analysis and Test Generation for JavaScript. ACM Comput. Surv., Vol. 50, 5, Article 66 (Sept. 2017), bibinfonumpages36 pages. Google ScholarDigital Library
- Jason Ansel, Petr Marchenko, Úlfar Erlingsson, Elijah Taylor, Brad Chen, Derek L. Schuff, David Sehr, Cliff L. Biffle, and Bennet Yee. 2011. Language-independent Sandboxing of Just-in-time Compilation and Self-modifying Code. In Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI '11). ACM, New York, NY, USA, 355--366. Google ScholarDigital Library
- Nuttapong Attrapadung, Goichiro Hanaoka, Shigeo Mitsunari, Yusuke Sakai, Kana Shimizu, and Tadanori Teruya. 2018. Efficient Two-level Homomorphic Encryption in Prime-order Bilinear Groups and A Fast Implementation in WebAssembly. In Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security (ASIACCS '18). ACM, New York, NY, USA, 685--697. Google ScholarDigital Library
- Thoms Ball. 1999. The Concept of Dynamic Analysis. In ACM SIGSOFT Software Engineering Notes, Vol. 24. Springer-Verlag, 216--234. Google ScholarDigital Library
- Michael D. Bond, Nicholas Nethercote, Stephen W. Kent, Samuel Z. Guyer, and Kathryn S. McKinley. 2007. Tracking Bad Apples: Reporting the Origin of Null and Undefined Value Errors. In Proceedings of the 22nd Annual ACM SIGPLAN Conference on Object-oriented Programming Systems and Applications (OOPSLA '07). ACM, New York, NY, USA, 405--422. Google ScholarDigital Library
- Derek Bruening, Timothy Garnett, and Saman Amarasinghe. 2003. An Infrastructure for Adaptive Optimization. In Proceedings of the International Symposium on Code Generation and Optimization: Feedback-directed and Runtime Optimization (CGO '03). IEEE Computer Society, Washington, DC, USA, 265--275. http://dl.acm.org/citation.cfm?id=776261.776290 Google ScholarDigital Library
- Derek Bruening and Qin Zhao. 2011. Practical Memory Checking with Dr. Memory. In Proceedings of the 9th Annual IEEE/ACM International Symposium on Code Generation and Optimization (CGO '11). IEEE Computer Society, Washington, DC, USA, 213--223. http://dl.acm.org/citation.cfm?id=2190025.2190067 Google ScholarCross Ref
- Sebastian Burckhardt, Pravesh Kothari, Madanlal Musuvathi, and Santosh Nagarakatte. 2010. A Randomized Scheduler with Probabilistic Guarantees of Finding Bugs. In Proceedings of the Fifteenth Edition of ASPLOS on Architectural Support for Programming Languages and Operating Systems (ASPLOS XV). ACM, New York, NY, USA, 167--178. Google ScholarDigital Library
- P. P. Chang and W. W. Hwu. 1988. Trace Selection for Compiling Large C Application Programs to Microcode. In Proceedings of the 21st Annual Workshop on Microprogramming and Microarchitecture (MICRO 21). IEEE Computer Society Press, Los Alamitos, CA, USA, 21--29. http://dl.acm.org/citation.cfm?id=62504.62511 Google ScholarDigital Library
- Trishul M. Chilimbi and Vinod Ganapathy. 2006. HeapMD: Identifying Heap-based Bugs Using Anomaly Detection. In Proceedings of the 12th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS XII). ACM, New York, NY, USA, 219--228. Google ScholarDigital Library
- Microsoft Corp. 1996. Microsoft Announces ActiveX Technologies. https://news.microsoft.com/1996/03/12/microsoft-announces-activex-technologies/ Retrieved August 6, 2018 fromGoogle Scholar
- Alex Crichton. 2017. Enable WebAssembly backend by default. Github Rust repository. https://github.com/rust-lang/rust/pull/46115 Retrieved August 6, 2018 fromGoogle Scholar
- William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. 2014. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. ACM Trans. Comput. Syst., Vol. 32, 2, Article 5 (June 2014), bibinfonumpages29 pages. Google ScholarDigital Library
- Michael D Ernst. 2003. Static and dynamic analysis: Synergy and duality. In WODA 2003: ICSE Workshop on Dynamic Analysis. New Mexico State University Portland, OR, 24--27.Google Scholar
- Richard Finney and Daoud Meerzaman. 2018. Chromatic: WebAssembly-Based Cancer Genome Viewer. Cancer Informatics, Vol. 17 (2018).Google Scholar
- Cormac Flanagan and Stephen N. Freund. 2010. The RoadRunner Dynamic Analysis Framework for Concurrent Programs. In Proceedings of the 9th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE '10). ACM, New York, NY, USA, 1--8. Google ScholarDigital Library
- William Fu, Raymond Lin, and Daniel Inge. 2018. TaintAssembly: Taint-Based Information Flow Control Tracking for WebAssembly. ArXiv e-prints (Feb. 2018). arxiv: cs.CR/1802.01050Google Scholar
- Liang Gong, Michael Pradel, and Koushik Sen. 2015a. JITProf: Pinpointing JIT-unfriendly JavaScript Code. In Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering (ESEC/FSE 2015). ACM, New York, NY, USA, 357--368. Google ScholarDigital Library
- Liang Gong, Michael Pradel, Manu Sridharan, and Koushik Sen. 2015b. DLint: Dynamically Checking Bad Coding Practices in JavaScript. In Proceedings of the 2015 International Symposium on Software Testing and Analysis (ISSTA 2015). ACM, New York, NY, USA, 94--105. Google ScholarDigital Library
- Fabian Göttl, Philipp Gagel, and Jens Grubert. 2018. Efficient Pose Tracking from Natural Features in Standard Web Browsers. In Proceedings of the 23rd International ACM Conference on 3D Web Technology (Web3D '18). ACM, New York, NY, USA, Article 17, bibinfonumpages4 pages. Google ScholarDigital Library
- WebAssembly Community Group. 2018. WebAssembly Specification. https://webassembly.github.io/spec/core/_download/WebAssembly.pdf Retrieved August 6, 2018 fromGoogle Scholar
- Andreas Haas, Andreas Rossberg, Derek L. Schuff, Ben L. Titzer, Michael Holman, Dan Gohman, Luke Wagner, Alon Zakai, and JF Bastien. 2017. Bringing the Web Up to Speed with WebAssembly. In Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2017). ACM, New York, NY, USA, 185--200. Google ScholarDigital Library
- David Herman, Luke Wagner, and Alon Zakai. 2014. asm.js: Working Draft -- 18 August 2014. http://asmjs.org/spec/latest/ Retrieved August 6, 2018 fromGoogle Scholar
- David Herrera, Hangfen Chen, Erick Lavoie, and Laurie Hendren. 2018. WebAssembly and JavaScript Challenge: Numerical program performance using modern browser technologies and devices. Technical Report. Technical report SABLE-TR-2018--2. Montréal, Québec, Canada: Sable Research Group, School of Computer Science, McGill University.Google Scholar
- S. Klabnik and C. Nichols. 2018. The Rust Programming Language .No Starch Press. 2018019844 https://books.google.de/books?id=lrgrDwAAQBAJ Google ScholarDigital Library
- Tim Lindholm, Frank Yellin, Gilad Bracha, and Alex Buckley. 2013. The Java Virtual Machine Specification -- Java SE 7 Edition. https://docs.oracle.com/javase/specs/jvms/se7/html/ Retrieved August 6, 2018 from Google ScholarDigital Library
- Shan Lu, Joseph Tucek, Feng Qin, and Yuanyuan Zhou. 2006. AVIO: Detecting Atomicity Violations via Access Interleaving Invariants. In Proceedings of the 12th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS XII). ACM, New York, NY, USA, 37--48. Google ScholarDigital Library
- Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, Geoff Lowney, Steven Wallace, Vijay Janapa Reddi, and Kim Hazelwood. 2005. Pin: Building Customized Program Analysis Tools with Dynamic Instrumentation. In Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI '05). ACM, New York, NY, USA, 190--200. Google ScholarDigital Library
- Lukávs Marek, Alex Villazón, Yudi Zheng, Danilo Ansaloni, Walter Binder, and Zhengwei Qi. 2012. DiSL: A Domain-specific Language for Bytecode Instrumentation. In Proceedings of the 11th Annual International Conference on Aspect-oriented Software Development (AOSD '12). ACM, New York, NY, USA, 239--250. Google ScholarDigital Library
- Richard Musiol. 2018. WebAssembly architecture for Go. Google Docs. https://docs.google.com/document/d/131vjr4DH6JFnb-blm_uRdaC0_Nv3OUwjEY5qVCxCup4 Retrieved August 6, 2018 fromGoogle Scholar
- Nicholas Nethercote and Julian Seward. 2007. Valgrind: A Framework for Heavyweight Dynamic Binary Instrumentation. In Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI '07). ACM, New York, NY, USA, 89--100. Google ScholarDigital Library
- James Newsome and Dawn Xiaodong Song. 2005. Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software. In Proceedings of the Network and Distributed System Security Symposium, NDSS 2005, San Diego, California, USA.Google Scholar
- Soyeon Park, Shan Lu, and Yuanyuan Zhou. 2009. CTrigger: Exposing Atomicity Violation Bugs from Their Hiding Places. In Proceedings of the 14th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS XIV). ACM, New York, NY, USA, 25--36. Google ScholarDigital Library
- Boris Petrov, Martin Vechev, Manu Sridharan, and Julian Dolby. 2012. Race Detection for Web Applications. In Proceedings of the 33rd ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI '12). ACM, New York, NY, USA, 251--262. Google ScholarDigital Library
- Michael Pradel, Parker Schuh, and Koushik Sen. 2015. TypeDevil: Dynamic Type Inconsistency Analysis for JavaScript. In Proceedings of the 37th International Conference on Software Engineering - Volume 1 (ICSE '15). IEEE Press, Piscataway, NJ, USA, 314--324. http://dl.acm.org/citation.cfm?id=2818754.2818795 Google ScholarDigital Library
- Micha Reiser and Luc Blaser. 2017. Accelerate JavaScript Applications by Cross-compiling to WebAssembly. In Proceedings of the 9th ACM SIGPLAN International Workshop on Virtual Machines and Intermediate Languages (VMIL 2017). ACM, New York, NY, USA, 10--17. Google ScholarDigital Library
- Koushik Sen, Swaroop Kalasapur, Tasneem Brutch, and Simon Gibbs. 2013. Jalangi: A Selective Record-replay and Dynamic Analysis Framework for JavaScript. In Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering (ESEC/FSE 2013). ACM, New York, NY, USA, 488--498. Google ScholarDigital Library
- Julian Seward and Nicholas Nethercote. 2005. Using Valgrind to Detect Undefined Value Errors with Bit-precision. In Proceedings of the Annual Conference on USENIX Annual Technical Conference (ATEC '05). USENIX Association, Berkeley, CA, USA, 2--2. http://dl.acm.org/citation.cfm?id=1247360.1247362 Google ScholarDigital Library
- Aron Szanto, Timothy Tamm, and Artidoro Pagnoni. 2018. Taint Tracking for WebAssembly. arXiv preprint arXiv:1807.08349 (2018).Google Scholar
- EclEmma team. 2018. JaCoCo Java Code Coverage Library. https://www.jacoco.org/jacoco/ Retrieved August 6, 2018 fromGoogle Scholar
- The Clang Team. 2018. UndefinedBehaviorSanitizer -- Clang 8 documentation. https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html Retrieved August 6, 2018 fromGoogle Scholar
- David Vandevoorde and Nicolai M. Josuttis. 2002. C+ Templates .Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA. Google ScholarDigital Library
- Luke Wagner. 2017. WebAssembly consensus and end of Browser Preview. https://lists.w3.org/Archives/Public/public-webassembly/2017Feb/0002.html Retrieved August 6, 2018 fromGoogle Scholar
- Wenhao Wang, Benjamin Ferrell, Xiaoyang Xu, Kevin W. Hamlen, and Shuang Hao. 2018. SEISMIC: SEcure In-lined Script Monitors for Interrupting Cryptojacks. In Proceedings of the 23rd European Symposium on Research in Computer Security (ESORICS) .Google ScholarCross Ref
- Conrad Watt. 2018. Mechanising and Verifying the WebAssembly Specification. In Proceedings of the 7th ACM SIGPLAN International Conference on Certified Programs and Proofs (CPP 2018). ACM, New York, NY, USA, 53--65. Google ScholarDigital Library
- DWARF Debugging Information Format Workgroup. 2015. DWARF Debugging Information Format -- Version 3. http://dwarfstd.org/doc/Dwarf3.pdf Retrieved August 6, 2018 fromGoogle Scholar
- Bennet Yee, David Sehr, Gregory Dardyk, J. Bradley Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, and Nicholas Fullagar. 2009. Native Client: A Sandbox for Portable, Untrusted x86 Native Code. In Proceedings of the 2009 30th IEEE Symposium on Security and Privacy (SP '09). IEEE Computer Society, Washington, DC, USA, 79--93. Google ScholarDigital Library
- Xiao Yu, Shi Han, Dongmei Zhang, and Tao Xie. 2014. Comprehending Performance from Real-world Execution Traces: A Device-driver Case. In Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '14). ACM, New York, NY, USA, 193--206. Google ScholarDigital Library
- Alon Zakai. 2011. Emscripten: An LLVM-to-Java Script Compiler. In Proceedings of the ACM International Conference Companion on Object Oriented Programming Systems Languages and Applications Companion (OOPSLA '11). ACM, New York, NY, USA, 301--312. Google ScholarDigital Library
- Qin Zhao, Derek Bruening, and Saman Amarasinghe. 2010. Umbra: Efficient and Scalable Memory Shadowing. In Proceedings of the 8th Annual IEEE/ACM International Symposium on Code Generation and Optimization (CGO '10). ACM, New York, NY, USA, 22--31. Google ScholarDigital Library
Index Terms
- Wasabi: A Framework for Dynamically Analyzing WebAssembly
Comments