Abstract
In this paper, we analyse Java source code of embedded database applications by means of static code analysis. If the underlying database schema of such an application is subject to refactoring or database tuning, then the Sql statements in the embedding Java program need to be adapted correspondingly. This should be done mostly automatically, since changing software manually is error-prone and time consuming.
For determining the Sql statements that access the database, we can either look at the database logfile, an audit file, or at the Java source code itself. Here, we show how to derive the strings of dynamic Sql statements directly from the Java source code. We do this without using a debugger or a virtual machine technique; instead, we trace the values of variables that contribute to a query string backwards to predict the values of contributing program variables as precisely as possible.
We use Prolog’s declarative features and its backtracking mechanism for code analysis, refactoring, and tuning.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Benton, W.C., Fischer, C.N.: Interactive, Scalable, Declarative Program Analysis: From Prototype to Implementation. In: Proc. Intl. Conference on Principles and Practice of Declarative Programming, PPDP 2007, pp. 13–24 (2007)
Boehm, A.M., Seipel, D., Sickmann, A., Wetzka, M.: Squash: A Tool for Analyzing, Tuning and Refactoring Relational Database Applications. In: Seipel, D., Hanus, M., Wolf, A. (eds.) INAP 2007. LNCS, vol. 5437, pp. 82–98. Springer, Heidelberg (2009)
Chamberlin, D.: XQuery: a Query Language for XML. In: Proc. ACM International Conference on Management of Data, SIGMOD 2003, p. 682. ACM Press, New York (2003)
Chess, B., McGraw, G.: Static Analysis for Security. IEEE Security & Privacy 2(6), 76–79 (2004)
Clocksin, W.F., Mellish, C.S.: Programming in prolog, 5th edn. Springer, Heidelberg (2003)
Corbett, J.C., Dwyer, M.B., Hatcliff, J., Laubach, S., Pasareanu, C.S., Zheng, R.H.: Bandera: Extracting Finite State Models From Java Source Code. In: Proc. Intl. Conference on Software Engineering, ICSE 2000, pp. 439–448 (2000)
Ducasse, S., Lanza, M., Bertuli, R.: High–Level Polymetric Views of Condensed Run–Time Information. In: Proc. 8th European Conference on Software Maintenance and Reengineering, CSMR 2004, pp. 309–318 (2004)
Hopfner, M., Seipel, D., Wolff von Gudenberg, J., Fischer, G.: Reasoning About Source Code in XML-Representation. In: Workshop on Software-Reengineering, WSR 2003 (2003)
van Emden, E., Moonen, L.: Java Quality Assurance by Detecting Code Smells. In: Proc. 9th Working Conference on Reverse Engineering, WCRE 2002, pp. 97–108. IEEE Computer Society, Los Alamitos (2002)
Evans, D., Larochelle, D.: Improving Security Using Extensible Lightweight Static Analysis. IEEE Software 19(1), 42–51 (2002)
Fischer, D., Lusiardi, J.: jaml: XML Representation of Java Source Code. Technical Report, University of Würzburg, Department of Computer Science (2008)
Holzmann, G.J., Smith, M.H.: Extracting Verification Models by Extracting Verification Models. In: Proc. Joint International Conference on Formal Description Techniques, FORTE 1999, and Protocol Specification, Testing, and Verification, PSTV 1999, pp. 481–497. Kluwer, Dordrecht (1999)
JBoss: Red Hat: Hybernate, https://www.hibernate.org/
Intl. Organization for Standardization: ISO/IEC 9075–14:2003 Information Technology – Database Languages – SQL – Part 14: xml Related Specifications, SQL/XML (2003)
Marinescu, R.: Detection Strategies: Metrics–Based Rules for Detecting Design Flaws. In: Proc. 20th IEEE Intl. Conference on Software Maintenance, ICSM 2004, pp. 350–359 (2004)
Ramakrishnan, R., Gehrke, J.: Database Management Systems, 3rd edn. McGraw-Hill, New York (2003)
Ren, X., Shah, F., Tip, F., Ryder, B.G., Chesley, O.: Chianti: A Tool for Change Impact Analysis of Java Programs. ACM SIGPLAN Notices 39(10), 432–448 (2004)
Seipel, D.: Processing XML Documents in prolog. In: Proc. 17th Workshop on Logic Programmierung, WLP 2002 (2002)
Seipel, D., Hopfner, M., Heumesser, B.: Analyzing and Visualizing prolog Programs based on xml Representations. In: Proc. Intl. Workshop on Logic Programming Environments, WLPE 2003 (2003)
Seipel, D., Baumeister, J., Hopfner, M.: Declarative Querying and Visualizing Knowledge Bases in XML. In: Seipel, D., Hanus, M., Geske, U., Bartenstein, O. (eds.) INAP/WLP 2004. LNCS (LNAI), vol. 3392, pp. 16–31. Springer, Heidelberg (2005)
Systä, T., Yu, P., Müller, H.: Analyzing Java Software by Combining Metrics and Program Visualization. In: Proc. 4th European Conference on Software Maintenance and Reengineering, CSMR 2000, pp. 199–208. IEEE Computer Society, Los Alamitos (2000)
Wahler, V., Seipel, D., Wolff von Gudenberg, J., Fischer, G.: Clone Detection in Source Code by Frequent Itemset Techniques. In: Proc. 4th IEEE Intl. Workshop on Source Code Analysis and Manipulation, SCAM 2004, pp. 128–135. IEEE Computer Society, Los Alamitos (2004)
Wielemaker, J.: An Overview of the swi–prolog Programming Environment. In: Proc. 13th International Workshop on Logic Programming Environments, WLPE 2003, pp. 1–16 (2003)
Wielemaker, J.: swi–prolog. Version (2007), http://www.swi-prolog.org/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Seipel, D., Boehm, A.M., Fröhlich, M. (2011). JSquash: Source Code Analysis of Embedded Database Applications for Determining Sql Statements. In: Abreu, S., Seipel, D. (eds) Applications of Declarative Programming and Knowledge Management. INAP 2009. Lecture Notes in Computer Science(), vol 6547. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-20589-7_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-20589-7_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-20588-0
Online ISBN: 978-3-642-20589-7
eBook Packages: Computer ScienceComputer Science (R0)