{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T13:24:01Z","timestamp":1773840241677,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":68,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T00:00:00Z","timestamp":1726012800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,9,11]]},"DOI":"10.1145\/3650212.3680366","type":"proceedings-article","created":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T11:44:25Z","timestamp":1726055065000},"page":"1364-1376","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Bugs in Pods: Understanding Bugs in Container Runtime Systems"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2888-4499","authenticated-orcid":false,"given":"Jiongchi","family":"Yu","sequence":"first","affiliation":[{"name":"Singapore Management University, Singapore, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1288-6502","authenticated-orcid":false,"given":"Xiaofei","family":"Xie","sequence":"additional","affiliation":[{"name":"Singapore Management University, Singapore, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5603-1322","authenticated-orcid":false,"given":"Cen","family":"Zhang","sequence":"additional","affiliation":[{"name":"Nanyang Technological University, Singapore, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9477-4100","authenticated-orcid":false,"given":"Sen","family":"Chen","sequence":"additional","affiliation":[{"name":"Tianjin University, Tianjin, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4382-0757","authenticated-orcid":false,"given":"Yuekang","family":"Li","sequence":"additional","affiliation":[{"name":"University of New South Wales, New South Wales, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2899-6121","authenticated-orcid":false,"given":"Wenbo","family":"Shen","sequence":"additional","affiliation":[{"name":"Zhejiang University, Hangzhou, China"}]}],"member":"320","published-online":{"date-parts":[[2024,9,11]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"PACED: Provenance-based Automated Container Escape Detection. In 2022 IEEE International Conference on Cloud Engineering (IC2E). 261\u2013272","author":"Abbas Mashal","year":"2022","unstructured":"Mashal Abbas, Shahpar Khan, Abdul Monum, Fareed Zaffar, Rashid Tahir, David Eyers, Hassaan Irshad, Ashish Gehani, Vinod Yegneswaran, and Thomas Pasquier. 2022. PACED: Provenance-based Automated Container Escape Detection. In 2022 IEEE International Conference on Cloud Engineering (IC2E). 261\u2013272."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/3094405.3094411"},{"key":"e_1_3_2_1_3_1","unstructured":"Oliver Chang Jonathan Metzman Max Moroz Martin Barbella and Abhishek Arya. 2016. OSS-Fuzz: Continuous Fuzzing for Open Source Software. URL: https:\/\/github.com\/google\/ossfuzz."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/502034.502042"},{"key":"e_1_3_2_1_5_1","unstructured":"CNCF. 2023. 2023 CNCF Cloud Native Survey. https:\/\/www.cncf.io\/reports\/cncf-annual-survey-2023\/"},{"key":"e_1_3_2_1_6_1","unstructured":"CNCF. 2023. CNCF Fuzzing. https:\/\/github.com\/cncf\/cncf-fuzzing"},{"key":"e_1_3_2_1_7_1","unstructured":"Containerd. 2023. Containerd. https:\/\/github.com\/containerd\/containerd\""},{"key":"e_1_3_2_1_8_1","unstructured":"Containerd. 2023. incofunc. https:\/\/github.com\/containerd\/containerd\/commit\/42a386c8164bef16d59590c61ab00806f854d8fd"},{"key":"e_1_3_2_1_9_1","unstructured":"Containerd. 2023. misapi. https:\/\/github.com\/containerd\/containerd\/security\/advisories\/GHSA-mvff-h3cj-wj9c"},{"key":"e_1_3_2_1_10_1","unstructured":"Containerd. 2023. plugincrash. https:\/\/github.com\/containerd\/containerd\/commit\/9f9ebbd99103bb60b0b0b45be8d9520b8c047b44"},{"key":"e_1_3_2_1_11_1","unstructured":"Containerd. 2023. preexit. https:\/\/github.com\/containerd\/containerd\/commit\/31a710c492ecb225ecbc4d43fddc2c36ec962f16"},{"key":"e_1_3_2_1_12_1","unstructured":"Containerd. 2023. storage. https:\/\/github.com\/containerd\/containerd\/commit\/0c63c42f8183d13c2c106c01f5bb3560d39b3295"},{"key":"e_1_3_2_1_13_1","unstructured":"Containerd. 2023. thirdconfig. https:\/\/github.com\/containerd\/containerd\/commit\/8d868dadb746aabfd3583d834510109afe9b1919"},{"key":"e_1_3_2_1_14_1","unstructured":"The MITRE Corporation. 2023. The CVE List. https:\/\/cve.mitre.org\/"},{"key":"e_1_3_2_1_15_1","unstructured":"cri o. 2023. cri-o. https:\/\/cri-o.io\/"},{"key":"e_1_3_2_1_16_1","unstructured":"National Vulnerability Database. 2019. CVE-2019-19921. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-19921"},{"key":"e_1_3_2_1_17_1","unstructured":"National Vulnerability Database. 2019. CVE-2019-5736. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-5736"},{"key":"e_1_3_2_1_18_1","unstructured":"National Vulnerability Database. 2021. CVE-2021-30465. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-30465"},{"key":"e_1_3_2_1_19_1","unstructured":"National Vulnerability Database. 2021. CVE-2021-43816. https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2021-43816"},{"key":"e_1_3_2_1_20_1","unstructured":"National Vulnerability Database. 2023. CVE-2023-27561. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-27561"},{"key":"e_1_3_2_1_21_1","unstructured":"National Vulnerability Database. 2024. CVE-2024-21626. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-21626"},{"key":"e_1_3_2_1_22_1","unstructured":"Docker. 2024. Docker Inc.. https:\/\/www.docker.com\/"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"crossref","unstructured":"Lennart Espe Anshul Jindal Vladimir Podolskiy and Michael Gerndt. 2020. Performance Evaluation of Container Runtimes. In CLOSER. 273\u2013281.","DOI":"10.5220\/0009340402730281"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3236024.3236030"},{"key":"e_1_3_2_1_25_1","unstructured":"Google. 2023. Google Cloud Documentation. https:\/\/cloud.google.com\/run\/docs\/container-contract"},{"key":"e_1_3_2_1_26_1","unstructured":"Google. 2023. Syzkaller. https:\/\/github.com\/google\/syzkaller"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3377811.3380406"},{"key":"e_1_3_2_1_28_1","unstructured":"Bugs in Pods. 2024. Understanding Bugs in Container Runtime Systems. https:\/\/sites.google.com\/view\/understand-bugs-in-crs"},{"key":"e_1_3_2_1_29_1","unstructured":"k8sgpt ai. 2023. k8sgpt. https:\/\/github.com\/k8sgpt-ai\/k8sgpt"},{"key":"e_1_3_2_1_30_1","unstructured":"Kubernetes. 2022. Kubernetes. https:\/\/kubernetes.io\/"},{"key":"e_1_3_2_1_31_1","unstructured":"Kubernetes. 2023. Container Runtime Interface. https:\/\/kubernetes.io\/docs\/concepts\/architecture\/cri\/#api"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"crossref","unstructured":"J Richard Landis and Gary G Koch. 1977. The measurement of observer agreement for categorical data. biometrics 159\u2013174.","DOI":"10.2307\/2529310"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3620674"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3623154"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274720"},{"key":"e_1_3_2_1_36_1","unstructured":"Linux. 2023. Systemd-run. https:\/\/www.linux.org\/docs\/man1\/systemd-run.html"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2018.12.035"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN53405.2022.00048"},{"key":"e_1_3_2_1_39_1","unstructured":"Microsoft. 2023. Windows Host Compute Service Shim. https:\/\/github.com\/microsoft\/hcsshim"},{"key":"e_1_3_2_1_40_1","unstructured":"Dongliang Mu Yuhang Wu Yueqi Chen Zhenpeng Lin Chensheng Yu Xinyu Xing and Gang Wang. 2022. An In-depth Analysis of Duplicated Linux Kernel Bug Reports.. In NDSS."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2022.111563"},{"key":"e_1_3_2_1_42_1","unstructured":"Fred Nordell. 2022. A Systematic evaluation of CVEs and mitigation strategies for a Kubernetes stack. Master\u2019s Thesis."},{"key":"e_1_3_2_1_43_1","unstructured":"Opencontainers. 2023. 3rdpartyconfigrunc. https:\/\/github.com\/opencontainers\/runc\/commit\/6d2067a4bf1ae0a9ae1c570a0d1f2004e80eb229"},{"key":"e_1_3_2_1_44_1","unstructured":"Opencontainers. 2023. apiincomp. https:\/\/github.com\/opencontainers\/runc\/commit\/29a56b5206a3fc7b2f5fe4b43c09c8ba09b25495"},{"key":"e_1_3_2_1_45_1","unstructured":"Opencontainers. 2023. crash. https:\/\/github.com\/opencontainers\/runc\/commit\/462e719cae227a990ed793241062a8d2d6145332"},{"key":"e_1_3_2_1_46_1","unstructured":"Opencontainers. 2023. memory. https:\/\/github.com\/opencontainers\/runc\/commit\/77cae9addc0c7c9ef52513b4e46b2e6485e4e469"},{"key":"e_1_3_2_1_47_1","unstructured":"Opencontainers. 2023. Open Container Initiative Runtime Specification. https:\/\/github.com\/opencontainers\/runtime-spec"},{"key":"e_1_3_2_1_48_1","unstructured":"Opencontainers. 2023. Runc. https:\/\/github.com\/opencontainers\/runc\""},{"key":"e_1_3_2_1_49_1","unstructured":"Opencontainers. 2023. time. https:\/\/github.com\/opencontainers\/runc\/commit\/18e286261ec6e94bb9ccaee2bbc91fc63bf08f89"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"crossref","unstructured":"Fangyun Qin Zheng Zheng Xiaodan Li Yu Qiao and Kishor S Trivedi. 2017. An empirical investigation of fault triggers in android operating system. In 2017 IEEE 22Nd pacific rim international symposium on dependable computing (PRDC). 135\u2013144.","DOI":"10.1109\/PRDC.2017.27"},{"key":"e_1_3_2_1_51_1","volume-title":"Towards Understanding the Faults of JavaScript-Based Deep Learning Systems. In 37th IEEE\/ACM International Conference on Automated Software Engineering. 1\u201313","author":"Quan Lili","year":"2022","unstructured":"Lili Quan, Qianyu Guo, Xiaofei Xie, Sen Chen, Xiaohong Li, and Yang Liu. 2022. Towards Understanding the Faults of JavaScript-Based Deep Learning Systems. In 37th IEEE\/ACM International Conference on Automated Software Engineering. 1\u201313."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/32.799955"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/3540250.3549129"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00188"},{"key":"e_1_3_2_1_55_1","volume-title":"14th USENIX Symposium on Operating Systems Design and Implementation (OSDI 20)","author":"Sun Xudong","year":"2020","unstructured":"Xudong Sun, Runxiang Cheng, Jianyan Chen, Elaine Ang, Owolabi Legunsen, and Tianyin Xu. 2020. Testing configuration changes in context to prevent production failures. In 14th USENIX Symposium on Operating Systems Design and Implementation (OSDI 20). 735\u2013751."},{"key":"e_1_3_2_1_56_1","unstructured":"Kevin Wang and Yiqi Sun. 2022. CVE-2022-0492. https:\/\/access.redhat.com\/security\/cve\/cve-2022-0492"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10586-021-03517-8"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2019.2916204"},{"key":"e_1_3_2_1_59_1","volume-title":"32nd USENIX Security Symposium (USENIX Security 23)","author":"Xiao Jietao","year":"2023","unstructured":"Jietao Xiao, Nanzi Yang, Wenbo Shen, Jinku Li, Xin Guo, Zhiqiang Dong, Fei Xie, and Jianfeng Ma. 2023. Attacks are Forwarded: Breaking the Isolation of $MicroVM-based$ Containers Through Operation Forwarding. In 32nd USENIX Security Symposium (USENIX Security 23). 7517\u20137534."},{"key":"e_1_3_2_1_60_1","volume-title":"12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16)","author":"Xu Tianyin","year":"2016","unstructured":"Tianyin Xu, Xinxin Jin, Peng Huang, Yuanyuan Zhou, Shan Lu, Long Jin, and Shankar Pasupathy. 2016. Early detection of configuration errors to reduce failure damage. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16). 619\u2013634."},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3623121"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484744"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1109\/TPSISA52974.2021.00016"},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/3564625.3564634"},{"key":"e_1_3_2_1_65_1","volume-title":"11th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud 19)","author":"Young Ethan G","year":"2019","unstructured":"Ethan G Young, Pengfei Zhu, Tyler Caraza-Harter, Andrea C Arpaci-Dusseau, and Remzi H Arpaci-Dusseau. 2019. The true cost of containing: A $gVisor$ case study. In 11th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud 19)."},{"key":"e_1_3_2_1_66_1","volume-title":"11th USENIX Symposium on Operating Systems Design and Implementation (OSDI 14)","author":"Yuan Ding","year":"2014","unstructured":"Ding Yuan, Yu Luo, Xin Zhuang, Guilherme Renna Rodrigues, Xu Zhao, Yongle Zhang, Pranay U Jain, and Michael Stumm. 2014. Simple Testing Can Prevent Most Critical Failures: An Analysis of Production Failures in Distributed $Data-Intensive$ Systems. In 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI 14). 249\u2013265."},{"key":"e_1_3_2_1_67_1","unstructured":"Jason Zander. 2014. Update on Azure Storage Service Interruption. https:\/\/azure.microsoft.com\/zh-cn\/blog\/update-on-azure-storage-service-interruption\/"},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"crossref","unstructured":"Cen Zhang Yaowen Zheng Mingqiang Bai Yeting Li Wei Ma Xiaofei Xie Yuekang Li Limin Sun and Yang Liu. 2024. How Effective Are They? Exploring Large Language Model Based Fuzz Driver Generation. arXiv arxiv:2307.12469.","DOI":"10.1145\/3650212.3680355"}],"event":{"name":"ISSTA '24: 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis","location":"Vienna Austria","acronym":"ISSTA '24","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering","AITO"]},"container-title":["Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3650212.3680366","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3650212.3680366","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:50:08Z","timestamp":1750287008000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3650212.3680366"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,11]]},"references-count":68,"alternative-id":["10.1145\/3650212.3680366","10.1145\/3650212"],"URL":"https:\/\/doi.org\/10.1145\/3650212.3680366","relation":{},"subject":[],"published":{"date-parts":[[2024,9,11]]},"assertion":[{"value":"2024-09-11","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}