Time | Speaker | Affiliation | Title | Abstract |
---|---|---|---|---|
9:30-9:45 | Ben L. Titzer | Carnegie Mellon University | Research Day Introductions | |
9:45-10:15 | Zachary Yedidia | Stanford University | Software Fault Isolation and WebAssembly: Tradeoffs and Synergies | This talk will present new work in Software Fault Isolation (SFI), the technique used by NaCl, for creating secure software sandboxes that have less than half the overhead of sandboxes produced by LLVM-based WebAssembly-to-native compilers, while still allowing tens of thousands of processes in a single address space. While WebAssembly typically provides both portability and isolation together, by separating the two WebAssembly can be used purely as a portable IR, with a separate SFI approach providing the isolation. This removes the need for a trusted compiler, allowing the use of highly optimizing compilers without compromising on security. SFI introduces little overhead, even when used on top of WebAssembly, and allows for safe precompiled sandboxes that are quick to verify and more resilient to speculation exploits. This talk will discuss the design and implementation of our new SFI system, its tradeoffs compared to WebAssembly's language-based approach, and how the two can be used together. |
10:15-10:45 | Mats Brorsson & Sangeeta Kakati | University of Luxembourg | Understanding Wasm Performance for Cloud Applications Across Architectures and Runtimes | The future cloud infrastructure is heterogeneous and diverse. It will span geographically from data centers to small devices at the edge with a multitude of architectures. We need to map distributed applications to this heterogeneous infrastructure without putting the burden on the developers. WebAssembly is a promising technology to cope with code portability, memory isolation without OS support, and to allow for a larger range of developer languages. In this talk we will investigate the performance and resource characteristics of WebAssembly programs using four different WebAssembly runtimes (WasmTime, WAMR, WasmEdge and Wasmer) and on three different architectures (x86_64, ARM64 and RISCV64). In particular we will point out startup times, execution times (absolute and relative to native), and memory consumption profiles. |
10:45-11:00 | Break | --- | --- | --- |
11:00-11:30 | Andreas Rossberg | Independent | Iso-Recursive Types for Wasm GC | The GC extension to Wasm requires the introduction of more fine-grained types and recursive type definitions. That raises non-trivial questions about their semantics. Because Wasm is a compilation target for a wide variety of languages, including ones with structural types, a structural semantics for type definitions is needed to preserve modular compilation of such languages in general. Equi-recursive semantics, while most permissive, has unacceptable algorithmic cost, due to its co-inductive nature. However, standard forms of iso-recursive types, although nicely inductive and with quasi-linear algorithms, in fact require encodings of quadratic size to express mutual recursion. Known workarounds for expressing n-ary iso-recursion directly fail in the presence of subtyping. We present a semantics for an extended form of iso-recursive subtyping that does not have this problem, and which is the basis for the type system in Wasm. |
11:30-12:00 | Sukyoung Ryu | KAIST | Generating Executable Specification from Formal Semantics of WebAssembly | Based on our experience with automatically extracting a mechanized specification of JavaScript from its language specificaiton in prose, we present an automated methodology for extracting a prose description from the definition of the Wasm semantics in a domain-specific language. In particular, we introduce the Algorithmic Language (AL), a language designed to resemble the Wasm prose specification, and present a method for translating declarative-style semantics into algorithmic-style equivalent semantics. The extracted prose descriptions were extensively tested with the official Wasm test suite using the AL interpreter, achieving a 100% pass rate. |
12:00-12:15 | Break | --- | --- | --- |
12:15-12:45 | Elizabeth Gilbert | Carnegie Mellon University | Language-Agnostic Resilience Engineering with WASM | Engineering a resilient distributed system is difficult due to the complexities of partial failure. One promising approach to improve resilience is fault injection testing, but all tools to-date are either manually configured or are tied to a specific programming language. Wasm, as a bytecode that runs on a virtual machine, provides a portable, universal platform for distributed systems that has the potential for great developer tooling since it is a compilation target for many programming languages and supports important debugging functionality. We are building a tool that automatically injects faults into distributed systems during local testing by compiling the distributed system components to Wasm and instrumenting the bytecode. In this talk, I will provide some background motivation for this project, demonstrate our approach to instrumenting an application, and describe the various opportunities for research in this domain. We explore different approaches to instrumenting applications, such as bytecode rewriting and direct instrumentation support provided by the Wizard research engine, and show how we approach this problem in the context of Dfinity's Internet Computer. |
12:45-1:15 | Arjun Ramesh and Tianshu Huang | Carnegie Mellon University | Leveraging Wasm instrumentation | Looking beyond its archetypal role in virtualization, WebAssembly provides a viable target for cross-platform instrumentation, which can provide unique insights into program behavior. In this talk, we show how WebAssembly instrumentation can enable novel performance analysis and runtime debugging in a flexible manner which targets not just offline testing, but also minimally-intrusive profiling in deployment. |
1:15-2:30 | Lunch Break | --- | --- | --- |
2:30-3:00 | Merlijn Sebrechts | Ghent University - imec | Bringing orchestration to the edge with the WebAssembly Component Model | WebAssembly has great potential to make it easier to manage services on edge and IoT devices. In this presentation, I show preliminary results of two efforts working towards this. We scale down the Kubernetes control plane by running k8s operators as event-based functions inside a wasm runtime. Secondly, we're working on making it easier for Wasm applications to connect to specialized hardware. This is done by creating pluggable Hardware Abstraction Layers using the WebAssembly Component Model. |
3:00-3:30 | Leo Andres, Pierre Chambart | OCamlPro, Universite Paris-Saclay | Owi: a symbolic interpreter for Wasm | We present Owi, an interpreter than can do concrete or symbolic execution of Wasm code. It allows to e.g. detect which input value of a C program lead to an assertion failure. |
3:30-4:00 | Daniel Hillerstroem | The University of Edinburgh | Supporting Stack Switching in Wasm | This talk is the continuation of the talk that I gave at last year's Wasm Research Day. There I presented a design for stack switching in Wasm based on effect handlers in which we represent suspended stacks as one-shot composable continuations. At the time, we did not have a working implementation of the design -- but we do now! We have implemented the design in Wasmtime, a production-grade Wasm engine. The initial implementation is rather naive in certain ways, but it enables us run programs that interface the system (e.g. performing i/o). I will discuss how we plan to evolve the implementation into a optimised high performance implementation. |
4:00-4:15 | Break | --- | --- | --- |
4:15-4:45 | Shravan Ravi Narayan | UT Austin | Optimizing SFI Performance, Scalability, and Spectre Resistance on Modern CPUs | WebAssembly (Wasm) and similar Software-based Fault Isolation (SFI) systems enable secure sandboxing by using software bounds checks or virtual memory tricks (guard pages) to enforce isolation. Unfortunately this is still a slow process with performance and scaling overheads and is not resistant to Spectre. Leveraging modern CPUs, we offer multiple optimizations to this. With Segue, we observe that x86-64 segmentation can be used to speedup WebAseembly ranging from 13.8% for SPECint 2006 to 11.2% for font rendering in Firefox. With ColorGuard, we note that MTE/MPK-based page coloring can be used to reclaim the virtual address space wasted by virtual memory tricks such as guard regions, resulting in a 11.91x increase in the number of concurrent Wasm instances a process can support. Finally, we show how a combination of Segue, ColorGuard and minor compiler modifications can harden WebAssembly against Spectre attacks at low costs. |
4:45-5:15 | Discussion | --- | --- | --- |
Copyright (c) 2023, the WebAssembly Research Center at CMU.