Debugging data flows in reactive programs

June 29, 2018 ~ Adrian Colyer ~ 9 Comments

Debugging data flows in reactive programs Banken et al., ICSE'18 To round off our look at papers from ICSE, here’s a really interesting look at the challenges of debugging reactive applications (with a certain Erik Meijer credited among the authors). ... in recent years the use of Reactive Programming (RP) has exploded. Languages such as ... Continue Reading

How not to structure your database-backed web applications: a study of performance bugs in the wild

June 28, 2018 ~ Adrian Colyer ~ 27 Comments

How not to structure your database-backed web applications: a study of performance bugs in the wild Yang et al., ICSE'18 This is a fascinating study of the problems people get into when using ORMs to handle persistence concerns in their web applications. The authors study real-world applications and distil a catalogue of common performance anti-patterns. ... Continue Reading

Secure coding practices in Java: challenges and vulnerabilities

June 27, 2018 ~ Adrian Colyer ~ 9 Comments

Secure coding practices in Java: challenges and vulnerabilities Meng et al., ICSE'18 TL;DR : don’t trust everything you read on Stack Overflow. Meng et al. conduct a study of Stack Overflow posts relating to secure coding practices in Java to find out the hot topics, what people struggle with, and whether or not the accepted ... Continue Reading

Deep code search

June 26, 2018 ~ Adrian Colyer ~ 15 Comments

Deep code search Gu et al., ICSE'18 The problem with searching for code is that the query, e.g. "read an object from xml," doesn’t look very much like the source code snippets that are the intended results, e.g.: * That’s why we have Stack Overflow! Stack Overflow can help with ‘how to’ style queries, but ... Continue Reading

To distribute or not to distribute? Why licensing bugs matter

June 25, 2018 ~ Adrian Colyer ~ 2 Comments

To distribute or not to distribute? Why licensing bugs matter Vendome et al., ICSE'18 Software licensing can quickly get quite complicated, with over 100 known open source licenses out there, and distributions often including components with a mix of licenses. Unsurprisingly, developers find it hard to determine appropriate licenses for their work, and to interpret ... Continue Reading

Automated localization for unreproducible builds

June 22, 2018 ~ Adrian Colyer ~ 1 Comment

Automated localization for unreproducible builds Ren et al., ICSE'18 Reproducible builds are an important component of integrity in the software supply chain. Attacks against package repositories and build environments may compromise binaries and produce packages with backdoors (see this report for a recent prominent example of compromised packages on DockerHub). If the same source files ... Continue Reading

Generalized data structure synthesis

June 21, 2018 ~ Adrian Colyer ~ 15 Comments

Generalized data structure synthesis Loncaric et al., ICSE'18 Many systems have a few key data structures at their heart. Finding correct and efficient implementations for these data structures is not always easy. Today’s paper introduces Cozy (https://cozy.uwplse.org), which can handle this task for you given a high-level specification of the state, queries, and update operations ... Continue Reading

ConflictJS: finding and understanding conflicts between JavaScript libraries

June 20, 2018 ~ Adrian Colyer ~ 1 Comment

ConflictJS: finding and understanding conflicts between JavaScript libraries Patra et al., ICSE'18 The JavaScript ecosystem is fertile ground for dependency hell. With so many libraries being made available and the potential for global namespace clashes, it’s easy for libraries to break each other. Sometimes in an obvious to spot way (that’s a good day!), and ... Continue Reading

Debugging with intelligence via probabilistic inference

June 19, 2018 ~ Adrian Colyer ~ 14 Comments

Debugging with intelligence via probabilistic inference Xu et al., ICSE'18 Xu et al. have built a automated debugger that can take a single failing test execution, and with minimal interaction from a human, pinpoint the root cause of the failure. What I find really exciting about it, is that instead of brute force there’s a ... Continue Reading

DeepTest: automated testing of deep-neural-network-driven autonomous cars

June 18, 2018 ~ Adrian Colyer ~ 4 Comments

DeepTest: automated testing of deep-neural-network-driven autonomous cars Tian et al., ICSE'18 How do you test a DNN? We’ve seen plenty of examples of adversarial attacks in previous editions of The Morning Paper, but you couldn’t really say that generating adversarial images is enough to give you confidence in the overall behaviour of a model under ... Continue Reading

the morning paper

a random walk through Computer Science research, by Adrian Colyer
Made delightfully fast by strattic

Month: June 2018