WebAssembly is becoming increasingly popular for various use cases due to its high portability, strict and easily enforceable isolation, and its comparably low run-time overhead. For determinism and security, WebAssembly guarantees that accesses to unallocated memory inside the 32-bit address space produce a trap. Typically, runtimes implement this by reserving all addressable WebAssembly memory in the host virtual memory and relying on page faults for out-of-bounds accesses. To accommodate programs with higher memory requirements, several execution runtimes also implement a 64-bit address space. However, bounds checking solely relying on virtual memory protection cannot be easily extended for 64 bits. Thus, popular runtimes resort to traditional bounds checks in software, which are required frequently and, therefore, incur a substantial run-time overhead. In this paper, we explore different ways to lower the bounds checking overhead for 64-bit WebAssembly using virtual memory techniques provided by modern hardware. In particular, we implement and analyze approaches using a combination of software checks and virtual memory, using two-level guard pages, and using unprivileged memory protection mechanisms like x86-64 memory keys. Our results show that we can reduce the bounds checking overhead from more than 100% when using software bounds checks to only 12.7% using two-level guard pages.
