recentpopularlog in

jabley : optimisation   33

Everything You Always Wanted to Know About Compiled and Vectorized Queries But Were Afraid to Ask
ract—Online programming discussion platforms such as
Stack Overflow serve as a rich source of information for software
developers. Available information include vibrant discussions
and oftentimes ready-to-use code snippets. Previous research
identified Stack Overflow as one of the most important information sources developers rely on. Anecdotes report that
software developers copy and paste code snippets from those
information sources for convenience reasons. Such behavior
results in a constant flow of community-provided code snippets
into production software. To date, the impact of this behaviour
on code security is unknown.
We answer this highly important question by quantifying
the proliferation of security-related code snippets from Stack
Overflow in Android applications available on Google Play.
Access to the rich source of information available on Stack
Overflow including ready-to-use code snippets provides huge
benefits for software developers. However, when it comes to
code security there are some caveats to bear in mind: Due
to the complex nature of code security, it is very difficult to
provide ready-to-use and secure solutions for every problem.
Hence, integrating a security-related code snippet from Stack
Overflow into production software requires caution and expertise.
Unsurprisingly, we observed insecure code snippets being copied
into Android applications millions of users install from Google
Play every day.
To quantitatively evaluate the extent of this observation, we
scanned Stack Overflow for code snippets and evaluated their
security score using a stochastic gradient descent classifier. In
order to identify code reuse in Android applications, we applied
state-of-the-art static analysis. Our results are alarming: 15.4%
of the 1.3 million Android applications we analyzed, contained
security-related code snippets from Stack Overflow. Out of these
97.9% contain at least one insecure code snippet.
paper  filetype:pdf  comp-sci  research  database  data-structures  compilers  optimisation 
13 days ago by jabley
Overcoming the challenges to feedback-directed optimization (Keynote Talk)
Feedback-directed optimization (FDO) is a general term used to describe any technique that alters a program's execution based on tendencies observed in its present or past runs. This paper reviews the current state of affairs in FDO and discusses the challenges inhibiting further acceptance of these techniques. It also argues that current trends in hardware and software technology have resulted in an execution environment where immutable executables and traditional static optimizations are no longer sufficient. It explains how we can improve the effectiveness of our optimizers by increasing our understanding of program behavior, and it provides examples of temporal behavior that we can (or could in the future) exploit during optimization.
paper  comp-sci  compilers  optimisation  performance 
may 2019 by jabley
[no title]
The fastest plans in MPP databases are usually those with
the least amount of data movement across nodes, as data
is not processed while in transit. The network switches
that connect MPP nodes are hard-wired to perform packetforwarding logic only. However, in a recent paradigm shift,
network devices are becoming “programmable.” The quotes
here are cautionary. Switches are not becoming general purpose computers (just yet). But now the set of tasks they can
perform can be encoded in software.
In this paper we explore this programmability to accelerate OLAP queries. We determined that we can offload
onto the switch some very common and expensive query
patterns. Thus, for the first time, moving data through
networking equipment can contribute to query execution.
Our preliminary results show that we can improve response
times on even the best agreed upon plans by more than 2x
using 25 Gbps networks. We also see the promise of linear
performance improvement with faster speeds. The use of
programmable switches can open new possibilities of architecting rack- and datacenter-sized database systems, with
implications across the stack.
filetype:pdf  paper  comp-sci  database  networking  hardware  optimisation  datacenter  design 
january 2019 by jabley

Copy this bookmark:

to read