@andreaszeller.bsky.social
Software researcher at https://cispa.de, working on #Fandango, #S3, #FuzzingBook, #DebuggingBook. Testing, debugging, analyzing, and protecting software for a better world. Find me at https://andreas-zeller.info/
In a call "retrieve(account: string)", nobody checks the contents of "account". What if we could specify its type not just as a string, but as a formal language - say, a regex "[0-9]+"? In our new paper, we do exactly this - for better type checking and even test generation: doi.acm.org?doi=3799978
My successor as a professor will be some AI video tutor with the appearance of Brad Pitt, available 24/7, unlimited patience, personalized towards each student, the ability to teach any subject ever discussed in a textbook, and a cost of < 1$/hour. Good thing I can still do research! (Now wait...)
IEEE Computer Society Harlan D. Mills Award and Talk by @andreaszeller.bsky.social
Should Computer Scientists Experiment Less? On the past, present, and future of software engineering research
More information at conf.researchr.org/details/icse...
"Should Computer Scientists Experiment Less?" This is the title of my upcoming Harlan D. Mills Award Talk at ICSE 2026 on the past, present, and future of Software Engineering research. Looking forward to lots of productive discussions!
conf.researchr.org/details/icse...
Impact award! I am happy to report that my ICSE 2006 paper "Mining metrics to predict component failures," with Nachi Nagappan and Thomas Ball, has been selected to receive a retrospective ICSE SEIP Most Influential Paper Award. Read it here: dl.acm.org/doi/10.1145/...
With more and more AI-generated code, comprehensive system testing becomes more important than ever. Our new paper "Language-Based Protocol Testing" (with Alexander Liggesmeyer and Pepe Zamudio), shows how to specify and test all details of how programs interact: arxiv.org/abs/2509.20308
On my way to Savannah, Georgia to an IFIP WG 4.3 meeting, where I’ll present our work on Parameterized Compiler Testing (a joint work with my fantastic co-workers Addison Crump and Alexi Turcotte)
#Fandango 1.1 is now available! With this release, #Fandango becomes a full-fledged _protocol fuzzer_, happily exploring states and messages of protocols such as FTP or DNS. Thanks to José. Valentin, Alexander, and Marius for their hard work!
Find Fandango at fandango-fuzzer.github.io
About time: A multi-celebration for becoming a member of Academia Europaea, my SIGSOFT Influential Educator Award, my 60th birthday, becoming an IEEE Fellow, _and_ getting the 2026 IEEE Harlan D. Mills Award. With cake and fizzy drinks!
Starting this year, I will only review for conferences that get rid of a "bidding" phase, as allowing reviewers to bid on papers they want to review opens too many opportunities for manipulation and collusion. For details, see andreas-zeller.info/2025/12/07/R... #nobidding
I am happy to report that I have been named the recipient of the
2026 Harlan D. Mills award
"For sustained contributions to software debugging, program analysis, mining software repositories, and automated test generation." This is a big award – thanks to all!
www.computer.org/volunteering...
How do execution features relate to failures? In this new ACM TOSEM paper, Marius Smytzek, Martin Eberlein, Lars Grunske, and I analyze which execution features beyond code coverage correlate best with failures and lead to accurate explanations of failure causes: dl.acm.org/doi/10.1145/...
Four hours later, I _think_ I have fixed things again - reinstalled Python and all its packages, rebuilt Spotlight and Mail indexes, cleared macOS caches, subscribed to Creator Studio, and now back to these lost mails… Today I hate you, Apple.
* Mail has lost all my emails sent since Monday
* Mail search is broken too
* Search in reminders cannot find anything
* New Keynote is full of ads!?
* Invoke Python-3.13, get 3.14 instead - venvs are messed up
* LaTeX "minted" crashes (likely b/c Python)
So glad I'm an expert in debugging /sarcasm
Fuzzing software becomes much more effective if you can generate _valid_ inputs. We have now built the first approach to _statically_ extract complete and precise input grammars from parser code, producing syntactically valid and diverse inputs by construction. Enjoy! dl.acm.org/doi/10.1145/...
After a visit to Max Planck Institute for Security and Privacy (MPI-SP) in Bochum, seeing my awesome colleagues @thorstenholz.bsky.social, @mboehme.bsky.social, Mathias Payer, and many more, now on my way to Paris to celebrate ten years of @softwareheritage.org with the great Roberto Di Cosmo
Correction: It's 2,000+ *en*-dashes ("--"), but actually 5,800 *em*-dashes ("---")
![$ cd ~/Papers/
$ grep -e '[ ~]-- ' */*.tex | wc -l
2258
$](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:omqxc7qr2td7zwnciedzclwq/bafkreid2naids7dhwveglj5aaxe5btrgccmojlkd64562q4thd6owl5ivu)
A researcher used more than 2,000 em-dashes in his papers, revealing AI-based manipulation in 400+ papers since 1985. Professor Zeller claims he "typed" these dashes into the paper by using "two hyphens" and a "typesetting" system.
Fun fact: This is my tenth test of time award :-) We will give a keynote at the FSE 2026 conference. @acm.org @sigsoft.bsky.social
Happy New Year! I am thrilled to report that Jacek Śliwerski, Tom Zimmermann, and I won the ACM SIGSOFT 2026 Impact Award 🏆 for "When do changes induce fixes?" (MSR 2005). The paper introduced the popular SZZ algorithm for linking change histories and bug databases: dl.acm.org/doi/10.1145/...
Problem: Reviewers did not read the paper.
Solution: Write a detailed rebuttal and point to all the places in the paper that answer their questions.
New problem: Reviewers did not read the rebuttal.
The talk is now online:
* Video: www.youtube.com/watch?v=tBO_...
* Slides: andreas-zeller.info/assets/Shoul...
Enjoy! -- Andreas
In an IPN vision talk last Monday, I sketched how future AI "super-coders" would learn from their own experiments with software to far surpass current LLM-based AI coders.
The talk is now online. Enjoy!
* Recording: www.youtube.com/watch?v=tBO_...
* Slides: andreas-zeller.info/assets/Shoul...
Today at 16:00 CET, I'll give a vision talk "Should AI Coders Experiment More?", paving the way to AI “super coders” that may become way more competent than the most experienced programmers - and also way more competent than any LLM-based coders. Details here: ict-research.nl/2025/11/ipn-...
Time to get serious again. New blog post "Reviewer-Author Collusion Rings and How to Fight Them": andreas-zeller.info/2025/12/07/R...
Oops - Of course, Helmut Kohl was chancellor until *1998*, not 1988. Apologies!
Bonus material for The LaTeX Korrektor! Some of you asked: "What are these photos and posters in the background?" Here they come, enlarged and with some details. Enjoy! #LaTeX #LaTeXKorrektor
In case you missed it, watch all six episodes of the LaTeX Korrektor here: www.youtube.com/watch?v=EhsM...
Series finale! The LaTeX Korrektor 6/6 - Ten Commandments www.youtube.com/shorts/HAodi... #LaTeX #LaTeXKorrektor
Read the LaTeX advice by Diomidis Spinellis (@coolsweng.bsky.social): github.com/dspinellis/l...
All six episodes of the LaTeX Korrektor: www.youtube.com/watch?v=EhsM...
Why, oh why does your bibliography have all titles in lowercase? WHY? The LaTeX Korrektor 5/6 - Citations: www.youtube.com/shorts/0nk72... #LaTeX #LaTeXKorrektor
Missed previous episodes? This playlist has them all: www.youtube.com/watch?v=EhsM...
Ah, so it was you who rejected my paper!? 🤔