{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T01:16:04Z","timestamp":1777338964753,"version":"3.51.4"},"reference-count":73,"publisher":"Association for Computing Machinery (ACM)","issue":"ISSTA","funder":[{"DOI":"10.13039\/501100012166","name":"National Key R&D Program of China","doi-asserted-by":"crossref","award":["2023YFB3105904"],"award-info":[{"award-number":["2023YFB3105904"]}],"id":[{"id":"10.13039\/501100012166","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/100022963","name":"Key R&D Program of Zhejiang Province","doi-asserted-by":"crossref","award":["2025C01084"],"award-info":[{"award-number":["2025C01084"]}],"id":[{"id":"10.13039\/100022963","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Proc. ACM Softw. Eng."],"published-print":{"date-parts":[[2025,6,22]]},"abstract":"<jats:p>WebAssembly, recognized as a low-level and portable language, has been widely embraced in areas as diverse as browsers and blockchains, emerging as a revolutionary force for Internet evolution. Unfortunately, defects and flaws in WebAssembly runtimes bring about unexpected results when running WebAssembly applications. A family of solutions has been proposed to detect vulnerabilities in WebAssembly runtimes, with fuzzing surging as the most promising and persuasive approach. Despite its potential, fuzzing faces significant challenges due to the grammatical complexity of WebAssembly runtimes, which lacks an in-depth understanding of the unique Module-based code structure, and thus generates test inputs that struggle to tap into the deep logic within a WebAssembly runtime, limiting its effectiveness in unveiling vulnerabilities.<\/jats:p>\n          <jats:p>To bridge this gap, we introduce FreeWavm, a novel framework for fuzzing WebAssembly runtimes by aggressively mutating the structure of WebAssembly code. Technically, we transform the WebAssembly bytecode into a parse tree format that captures complex characteristics of code structure. To generate meaningful test inputs for WebAssembly runtime fuzzing, we design a structure-aware mutation module that engages in a customized node prioritization strategy to screen out interesting nodes in the parse tree, and then applies specific structure mutations. To ensure the validity of the mutated test inputs, FreeWavm is equipped with an automated repair mechanism to patch the mutated parse tree. Furthermore, we take advantage of parse tree snapshots to facilitate input evolution and the overall fuzzing process. Extensive experiments are conducted to evaluate FreeWavm on multiple WebAssembly runtimes. Empirical results show that FreeWavm effectively triggers structure-specific crashes in WebAssembly runtimes, outperforming other counterparts. FreeWavm has identified 69 previously unknown bugs, 24 of which are assigned CVEs thus far.<\/jats:p>","DOI":"10.1145\/3728877","type":"journal-article","created":{"date-parts":[[2025,6,22]],"date-time":"2025-06-22T10:52:56Z","timestamp":1750589576000},"page":"159-181","source":"Crossref","is-referenced-by-count":1,"title":["FreeWavm: Enhanced WebAssembly Runtime Fuzzing Guided by Parse Tree Mutation and Snapshot"],"prefix":"10.1145","volume":"2","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4934-5811","authenticated-orcid":false,"given":"Peng","family":"Qian","sequence":"first","affiliation":[{"name":"Zhejiang University, Hang Zhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-2082-863X","authenticated-orcid":false,"given":"Xinlei","family":"Ying","sequence":"additional","affiliation":[{"name":"Ant Group, Hang Zhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-3100-0534","authenticated-orcid":false,"given":"Jiashui","family":"Wang","sequence":"additional","affiliation":[{"name":"Zhejiang University, Hang Zhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-5032-8475","authenticated-orcid":false,"given":"Long","family":"Liu","sequence":"additional","affiliation":[{"name":"Ant Group, Hang Zhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5647-506X","authenticated-orcid":false,"given":"Lun","family":"Zhang","sequence":"additional","affiliation":[{"name":"GoPlus Security, Hang Zhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3524-3443","authenticated-orcid":false,"given":"Jianhai","family":"Chen","sequence":"additional","affiliation":[{"name":"Zhejiang University, Hang Zhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5147-7253","authenticated-orcid":false,"given":"Qinming","family":"He","sequence":"additional","affiliation":[{"name":"Zhejiang University, Hang Zhou, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2025,6,22]]},"reference":[{"key":"e_1_2_1_1_1","unstructured":"[n. d.]. AFL Fuzzing Code Coverage. Website. https:\/\/github.com\/mrash\/afl-cov"},{"key":"e_1_2_1_2_1","unstructured":"[n. d.]. binaryen: Optimizer and compiler\/toolchain library for WebAssembly. Website. https:\/\/github.com\/WebAssembly\/Binaryen"},{"key":"e_1_2_1_3_1","unstructured":"[n. d.]. Ethereum WebAssembly. Website. https:\/\/ewasm.readthedocs.io\/en\/mkdocs\/"},{"key":"e_1_2_1_4_1","unstructured":"[n. d.]. Hera: Ewasm virtual machine conforming to the EVMC API. Website. https:\/\/github.com\/ewasm\/hera"},{"key":"e_1_2_1_5_1","unstructured":"[n. d.]. Polkadot: The blockspace ecosystem for boundless innovation. Website. https:\/\/polkadot.network\/"},{"key":"e_1_2_1_6_1","volume-title":"\u201cWhitepaper","author":"Technical","unstructured":"[n. d.]. Technical \u201cWhitepaper\u201d for AFL.. Website. http:\/\/lcamtuf.coredump.cx\/afl\/technical_details.txt"},{"key":"e_1_2_1_7_1","unstructured":"[n. d.]. VMIR: Virtual Machine for Intermediate Representation. Website. https:\/\/github.com\/andoma\/vmir"},{"key":"e_1_2_1_8_1","unstructured":"[n. d.]. wabt: The WebAssembly Binary Toolkit. Website. https:\/\/github.com\/WebAssembly\/wabt"},{"key":"e_1_2_1_9_1","unstructured":"[n. d.]. Wasm3: A fast WebAssembly interpreter and the most universal WASM runtime. Website. https:\/\/github.com\/wasm3\/wasm3"},{"key":"e_1_2_1_10_1","unstructured":"[n. d.]. WasmEdge is a lightweight high-performance and extensible WebAssembly runtime for cloud native edge and decentralized applications.. Website. https:\/\/github.com\/WasmEdge\/WasmEdge"},{"key":"e_1_2_1_11_1","unstructured":"[n. d.]. WAVM: WebAssembly Virtual Machine. Website. https:\/\/github.com\/WAVM\/WAVM"},{"key":"e_1_2_1_12_1","unstructured":"[n. d.]. WebAssembly Micro Runtime (WAMR). Website. https:\/\/github.com\/bytecodealliance\/wasm-micro-runtime"},{"key":"e_1_2_1_13_1","unstructured":"2021. LCOV Code Coverage. Website. https:\/\/wiki.documentfoundation.org\/Development\/Lcov"},{"key":"e_1_2_1_14_1","unstructured":"2021. WebAssembly Is Abused by eCriminals to Hide Malware. Website. https:\/\/www.crowdstrike.com\/en-us\/blog\/ecriminals-increasingly-use-webassembly-to-hide-malware"},{"key":"e_1_2_1_15_1","unstructured":"2022. A Journey Into Fuzzing WebAssembly Virtual Machines. Website. https:\/\/fuzzinglabs.com\/journey-fuzzing-webassembly-wasm-vm"},{"key":"e_1_2_1_16_1","unstructured":"2022. WebAssembly Instructions. Website. https:\/\/webassembly.github.io\/spec\/core\/syntax\/instructions.html"},{"key":"e_1_2_1_17_1","unstructured":"2023. Gcov. Website. https:\/\/en.wikipedia.org\/wiki\/Gcov"},{"key":"e_1_2_1_18_1","unstructured":"2024. Webassembly : Security Vulnerabilities CVEs. Website. https:\/\/www.cvedetails.com\/vulnerability-list\/vendor_id-20412\/Webassembly.html"},{"key":"e_1_2_1_19_1","unstructured":"2024. WebAssembly Core Specification. Website. https:\/\/www.w3.org\/TR\/wasm-core-2"},{"key":"e_1_2_1_20_1","volume-title":"Wasm-mutate: Fuzzing WebAssembly compilers with e-graphs. In E-Graph Research, Applications, Practices, and Human-factors Symposium.","author":"Arteaga Javier Cabrera","year":"2022","unstructured":"Javier Cabrera Arteaga, Nicholas Fitzgerald, Martin Monperrus, and Benoit Baudry. 2022. Wasm-mutate: Fuzzing WebAssembly compilers with e-graphs. In E-Graph Research, Applications, Practices, and Human-factors Symposium."},{"key":"e_1_2_1_21_1","volume-title":"2023 IEEE Symposium on Security and Privacy (SP). 1204\u20131219","author":"Busch Marcel","year":"2023","unstructured":"Marcel Busch, Aravind Machiry, Chad Spensky, Giovanni Vigna, Christopher Kruegel, and Mathias Payer. 2023. Teezz: Fuzzing trusted applications on cots android devices. In 2023 IEEE Symposium on Security and Privacy (SP). 1204\u20131219."},{"key":"e_1_2_1_22_1","volume-title":"Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis. 1262\u20131273","author":"Cao Shangtong","year":"2024","unstructured":"Shangtong Cao, Ningyu He, Xinyu She, Yixuan Zhang, Mu Zhang, and Haoyu Wang. 2024. WASMaker: Differential Testing of WebAssembly Runtimes via Semantic-Aware Binary Generation. In Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis. 1262\u20131273."},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00002"},{"key":"e_1_2_1_24_1","first-page":"4382","article-title":"Analysis of tree-structured architectures for code generation","volume":"2021","author":"Dahal Samip","year":"2021","unstructured":"Samip Dahal, Adyasha Maharana, and Mohit Bansal. 2021. Analysis of tree-structured architectures for code generation. In Findings of the Association for Computational Linguistics: ACL-IJCNLP 2021. 4382\u20134391.","journal-title":"Findings of the Association for Computational Linguistics: ACL-IJCNLP"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598067"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3423211.3425680"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3543873.3587583"},{"key":"e_1_2_1_28_1","unstructured":"Gilang Hamidy. 2020. Differential fuzzing the webassembly."},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.3390\/electronics13081498"},{"key":"e_1_2_1_30_1","volume-title":"Reversing and Offensive-oriented Trends Symposium. 23\u201330","author":"Keno","unstructured":"Keno Ha\u00df ler and Dominik Maier. 2021. Wafl: Binary-only webassembly fuzzing with fast snapshots. In Reversing and Offensive-oriented Trends Symposium. 23\u201330."},{"key":"e_1_2_1_31_1","unstructured":"M Heuse. 2020. American fuzzy lop plus plus (afl++). URL: https:\/\/github. com\/AFLplusplus\/AFLplusplus."},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3442381.3450138"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/MCOMSTD.0001.2000068"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.18293\/SEKE2022-165"},{"key":"e_1_2_1_35_1","volume-title":"2023 IEEE Symposium on Security and Privacy (SP). 2940\u20132955","author":"Johnson Evan","year":"2023","unstructured":"Evan Johnson, Evan Laufer, Zijie Zhao, Dan Gohman, Shravan Narayan, Stefan Savage, Deian Stefan, and Fraser Brown. 2023. WaVe: a verifiably secure WebAssembly sandboxing runtime. In 2023 IEEE Symposium on Security and Privacy (SP). 2940\u20132955."},{"key":"e_1_2_1_36_1","volume-title":"Yeongjin Jang, Insik Shin, and Byoungyoung Lee.","author":"Kim Kyungtae","year":"2020","unstructured":"Kyungtae Kim, Dae R Jeong, Chung Hwan Kim, Yeongjin Jang, Insik Shin, and Byoungyoung Lee. 2020. HFL: Hybrid Fuzzing on the Linux Kernel.. In NDSS."},{"key":"e_1_2_1_37_1","volume-title":"International Conference on Web Engineering. 353\u2013360","author":"Koren Istv\u00e1n","year":"2021","unstructured":"Istv\u00e1n Koren. 2021. A standalone webassembly development environment for the internet of things. In International Conference on Web Engineering. 353\u2013360."},{"key":"e_1_2_1_38_1","volume-title":"2023 IEEE\/ACM 45th International Conference on Software Engineering (ICSE). 384\u2013396","author":"Lee Myungho","year":"2023","unstructured":"Myungho Lee, Sooyoung Cha, and Hakjoo Oh. 2023. Learning seed-adaptive mutation strategies for greybox fuzzing. In 2023 IEEE\/ACM 45th International Conference on Software Engineering (ICSE). 384\u2013396."},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3519939.3523449"},{"key":"e_1_2_1_40_1","volume-title":"Roulette-wheel selection via stochastic acceptance. Physica A: Statistical Mechanics and its Applications, 391, 6","author":"Lipowski Adam","year":"2012","unstructured":"Adam Lipowski and Dorota Lipowska. 2012. Roulette-wheel selection via stochastic acceptance. Physica A: Statistical Mechanics and its Applications, 391, 6 (2012), 2193\u20132196."},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2023.3237370"},{"key":"e_1_2_1_42_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Lyu Chenyang","year":"2019","unstructured":"Chenyang Lyu, Shouling Ji, Chao Zhang, Yuwei Li, Wei-Han Lee, Yu Song, and Raheem Beyah. 2019. $MOPT$: Optimized mutation scheduling for fuzzers. In 28th USENIX Security Symposium (USENIX Security 19). 1949\u20131966."},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/3623375"},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484787"},{"key":"e_1_2_1_45_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Narayan Shravan","year":"2021","unstructured":"Shravan Narayan, Craig Disselkoen, Daniel Moghimi, Sunjay Cauligi, Evan Johnson, Zhao Gang, Anjo Vahldiek-Oberwagner, Ravi Sahita, Hovav Shacham, and Dean Tullsen. 2021. Swivel: Hardening $WebAssembly$ against spectre. In 30th USENIX Security Symposium (USENIX Security 21). 1433\u20131450."},{"key":"e_1_2_1_46_1","volume-title":"Wasmizer: Curating WebAssembly-driven Projects on GitHub. In 2023 IEEE\/ACM 20th International Conference on Mining Software Repositories (MSR). 130\u2013141","author":"Nicholson Alexander","year":"2023","unstructured":"Alexander Nicholson, Quentin Sti\u00e9venart, Arash Mazidi, and Mohammad Ghafari. 2023. Wasmizer: Curating WebAssembly-driven Projects on GitHub. In 2023 IEEE\/ACM 20th International Conference on Mining Software Repositories (MSR). 130\u2013141."},{"key":"e_1_2_1_47_1","volume-title":"2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE). 1337\u20131341","author":"Pham Van-Thuan","year":"2021","unstructured":"Van-Thuan Pham, Manh-Dung Nguyen, Quang-Trung Ta, Toby Murray, and Benjamin IP Rubinstein. 2021. Towards systematic and dynamic task allocation for collaborative parallel fuzzing. In 2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE). 1337\u20131341."},{"key":"e_1_2_1_48_1","doi-asserted-by":"crossref","unstructured":"Peng Qian Hanjie Wu Zeren Du Turan Vural Dazhong Rong Zheng Cao Lun Zhang Yanbin Wang Jianhai Chen and Qinming He. 2023. MuFuzz: Sequence-Aware Mutation and Seed Mask Guidance for Blockchain Smart Contract Fuzzing. arXiv preprint arXiv:2312.04512.","DOI":"10.1109\/ICDE60146.2024.00158"},{"key":"e_1_2_1_49_1","volume-title":"2024 IEEE 40th International Conference on Data Engineering (ICDE). 1972\u20131985","author":"Qian Peng","year":"2024","unstructured":"Peng Qian, Hanjie Wu, Zeren Du, Turan Vural, Dazhong Rong, Zheng Cao, Lun Zhang, Yanbin Wang, Jianhai Chen, and Qinming He. 2024. Mufuzz: Sequence-aware mutation and seed mask guidance for blockchain smart contract fuzzing. In 2024 IEEE 40th International Conference on Data Engineering (ICDE). 1972\u20131985."},{"key":"e_1_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/3580598"},{"key":"e_1_2_1_51_1","volume-title":"Proceedings of the 35th IEEE\/ACM International Conference on Automated Software Engineering. 1321\u20131325","author":"Romano Alan","year":"2020","unstructured":"Alan Romano and Weihang Wang. 2020. Wasim: Understanding webassembly applications through classification. In Proceedings of the 35th IEEE\/ACM International Conference on Automated Software Engineering. 1321\u20131325."},{"key":"e_1_2_1_52_1","volume-title":"Abbas Kazerouni, Ian Osband, and Zheng Wen.","author":"Russo Daniel J","year":"2018","unstructured":"Daniel J Russo, Benjamin Van Roy, Abbas Kazerouni, Ian Osband, and Zheng Wen. 2018. A tutorial on thompson sampling. Foundations and Trends\u00ae in Machine Learning, 11, 1 (2018), 1\u201396."},{"key":"e_1_2_1_53_1","volume-title":"Web Application-Based WebAssembly Container Platform for Extreme Edge Computing. In GLOBECOM 2023-2023 IEEE Global Communications Conference. 3609\u20133614","author":"Sekigawa Shu","year":"2023","unstructured":"Shu Sekigawa, Chikara Sasaki, and Atsushi Tagami. 2023. Web Application-Based WebAssembly Container Platform for Extreme Edge Computing. In GLOBECOM 2023-2023 IEEE Global Communications Conference. 3609\u20133614."},{"key":"e_1_2_1_54_1","unstructured":"Konstantin Serebryany Derek Bruening Alexander Potapenko and Dmitriy Vyukov. 2012. $AddressSanitizer$: A fast address sanity checker. In 2012 USENIX annual technical conference (USENIX ATC 12). 309\u2013318."},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460319.3464814"},{"key":"e_1_2_1_56_1","volume-title":"2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS). 132\u2013139","author":"Sti\u00e9venart Quentin","year":"2021","unstructured":"Quentin Sti\u00e9venart, Coen De Roover, and Mohammad Ghafari. 2021. The security risk of lacking compiler protection in WebAssembly. In 2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS). 132\u2013139."},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510224"},{"key":"e_1_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598107"},{"key":"e_1_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2024.3368208"},{"key":"e_1_2_1_60_1","volume-title":"2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE). 1301\u20131305","author":"Wang Weihang","year":"2021","unstructured":"Weihang Wang. 2021. Empowering web applications with webassembly: Are we there yet? In 2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE). 1301\u20131305."},{"key":"e_1_2_1_61_1","volume-title":"2023 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). 355\u2013366","author":"Wang Yue","year":"2023","unstructured":"Yue Wang, Zhide Zhou, Zhilei Ren, Dong Liu, and He Jiang. 2023. A comprehensive study of webassembly runtime bugs. In 2023 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). 355\u2013366."},{"key":"e_1_2_1_62_1","doi-asserted-by":"crossref","unstructured":"Muhammad Waseem Teerath Das Aakash Ahmad Peng Liang and Tommi Mikkonen. 2023. Understanding the Issues and Causes in WebAssembly Application Development: A Mining-based Study. arXiv preprint arXiv:2311.00646.","DOI":"10.1145\/3661167.3661227"},{"key":"e_1_2_1_63_1","volume-title":"Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 1037\u20131049","author":"Wu Mingyuan","year":"2023","unstructured":"Mingyuan Wu, Kunqiu Chen, Qi Luo, Jiahong Xiang, Ji Qi, Junjie Chen, Heming Cui, and Yuqun Zhang. 2023. Enhancing Coverage-Guided Fuzzing via Phantom Program. In Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 1037\u20131049."},{"key":"e_1_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00017"},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3639121"},{"key":"e_1_2_1_66_1","volume-title":"Graphuzz: Data-driven Seed Scheduling for Coverage-guided Greybox Fuzzing. ACM Transactions on Software Engineering and Methodology.","author":"Xu Hang","year":"2024","unstructured":"Hang Xu, Liheng Chen, Shuitao Gan, Chao Zhang, Zheming Li, Jiangan Ji, Baojian Chen, and Fan Hu. 2024. Graphuzz: Data-driven Seed Scheduling for Coverage-guided Greybox Fuzzing. ACM Transactions on Software Engineering and Methodology."},{"key":"e_1_2_1_67_1","unstructured":"Xiuhong Zhang. 2020. WebAssembly Principles and Core Technologies."},{"key":"e_1_2_1_68_1","doi-asserted-by":"crossref","unstructured":"Yixuan Zhang Mugeng Liu Haoyu Wang Yun Ma Gang Huang and Xuanzhe Liu. 2024. Research on WebAssembly Runtimes: A Survey. arXiv preprint arXiv:2404.12621.","DOI":"10.1145\/3714465"},{"key":"e_1_2_1_69_1","volume-title":"Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis. 1035\u20131047","author":"Zhao Wenxuan","year":"2024","unstructured":"Wenxuan Zhao, Ruiying Zeng, and Yangfan Zhou. 2024. Wapplique: Testing WebAssembly Runtime via Execution Context-Aware Bytecode Mutation. In Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis. 1035\u20131047."},{"key":"e_1_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/3622819"},{"key":"e_1_2_1_71_1","volume-title":"WADIFF: A Differential Testing Framework for WebAssembly Runtimes. In 2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE). 939\u2013950","author":"Zhou Shiyao","year":"2023","unstructured":"Shiyao Zhou, Muhui Jiang, Weimin Chen, Hao Zhou, Haoyu Wang, and Xiapu Luo. 2023. WADIFF: A Differential Testing Framework for WebAssembly Runtimes. In 2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE). 939\u2013950."},{"key":"e_1_2_1_72_1","article-title":"UltraFuzz: Towards resource-saving in distributed fuzzing","author":"Zhou Xu","year":"2022","unstructured":"Xu Zhou, Pengfei Wang, Chenyifan Liu, Tai Yue, Yingying Liu, Congxi Song, Kai Lu, Qidi Yin, and Xu Han. 2022. UltraFuzz: Towards resource-saving in distributed fuzzing. IEEE Transactions on Software Engineering.","journal-title":"IEEE Transactions on Software Engineering."},{"key":"e_1_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.1145\/3691620.3695478"}],"container-title":["Proceedings of the ACM on Software Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3728877","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,16]],"date-time":"2025-07-16T16:54:14Z","timestamp":1752684854000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3728877"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,22]]},"references-count":73,"journal-issue":{"issue":"ISSTA","published-print":{"date-parts":[[2025,6,22]]}},"alternative-id":["10.1145\/3728877"],"URL":"https:\/\/doi.org\/10.1145\/3728877","relation":{},"ISSN":["2994-970X"],"issn-type":[{"value":"2994-970X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,6,22]]}}}