cuixiaoyiyi

CUI Baoquan Personal Page

Project maintained by cuixiaoyiyi Hosted on GitHub Pages — Theme by mattgraham

崔保全 CUI Baoquan

cuibq@ios.ac.cn
【CUI Baoquan@dblp
【CUI Baoquan@Google Scholar

程序分析与软件测试

Program Analysis and Software Testing

@ SQuARE Group Leader 张健 研究员

zj@ios.ac.cn
【小组ZJ@SQuARE
【中国科学院大学ZJ@UCAS
【计算机科学国家重点实验室ZJ@SKLCS

Ongoing

2026

[C13 ICML2026] Hang Gao, Tao Peng, Baoquan Cui (Corresponding Author), Hong Huang, Fengge Wu, Zhao Junsuo, Jian Zhang
Efficient Code Analysis via Graph-Guided Large Language Models (Accepted OpenReview)

[C12 ISSTA2026] Rui Han, Ziheng Wang, Baoquan Cui, Yuhang Dong, Fuqi Jia, Feifei Ma, Jian Zhang
Solving String Split Constraints via Structural Relaxation (Accepted)

2025

[C11 QRS2025] Liwei Zhang, Baoquan Cui, Xutong Ma, Jian Zhang:
An Empirical Study: mems as a Static Performance Metric
[PDF-Preprint] [Slides] [Bibtex Cited Format]

[C10 ICSE2025] Baoquan Cui, Rong Qu, Zhen Tang, Jian Zhang:
Static Analysis of Remote Procedure Call in Java Programs. ICSE 2025
[PDF] [Slides] [Project of RPCBridge] [Bibtex Cited Format]

2024

[C9 ISSTA2024] Baoquan Cui, Jiwei Yan, Jian Zhang:
DMMPP: Constructing Dummy Main Methods for Android Apps with Path-Sensitive Predicates. ISSTA 2024: 1826-1830
[PDF] [Slides] [Project of DMMPP] [Bibtex Cited Format]

2023

[C8 ASE2023] Baoquan Cui, Miaomiao Wang, Chi Zhang, Jiwei Yan, Jun Yan, Jian Zhang:
Detection of Java Basic Thread Misuses Based on Static Event Analysis. ASE 2023: 1049-1060
[PDF] [Slides] [Project of Leopard] [Bibtex Cited Format]

[C7] Fuqi Jia, Rui Han, Xutong Ma, Baoquan Cui, Minghao Liu, Pei Huang, Feifei Ma, Jian Zhang:
PSMT: Satisfiability Modulo Theories Meets Probability Distribution. ASE 2023: 1756-1760
[PDF] [Slides][Bibtex Cited Format]

2022

[C6 ISSRE2022] Miaomiao Wang, Baoquan Cui (Co-first authors), Jiwei Yan, Jun Yan, Jian Zhang:
String Test Data Generation for Java Programs. ISSRE 2022: 251-262
[PDF] [Slides] [Project of JustinStr] [Bibtex Cited Format]

[C5] Xin Zhang, Rongjie Yan, Jiwei Yan, Baoquan Cui, Jun Yan, Jian Zhang:
ExcePy: A Python Benchmark for Bugs with Python Built-in Types. SANER 2022: 856-866
[PDF] [Poster of ExcePy][Project of ExcePy] [Bibtex Cited Format]

2021

[C4 QRS2021] Qing Liu, Linjie Pan, Baoquan Cui, Jun Yan, Jian Zhang:
Dynamic Detection of AsyncTask Related Defects. QRS 2021: 357-366
[PDF] [Bibtex Cited Format]

[C3] Xin Zhang, Jiwei Yan, Baoquan Cui, Jun Yan, Jian Zhang:
Are the Scala Checks Effective? Evaluating Checks with Real-world Projects. QRS 2021: 978-989
[PDF] [Slides][Bibtex Cited Format]

2020

[C2] Linjie Pan, Baoquan Cui, Hao Liu, Jiwei Yan, Siqi Wang, Jun Yan, Jian Zhang:
Static asynchronous component misuse detection for Android applications. ESEC/SIGSOFT FSE 2020: 952-963
[PDF] [Slides] [Project of AsyncChecker] [Bibtex Cited Format]

2019

[C1] Linjie Pan, Baoquan Cui, Jiwei Yan, Xutong Ma, Jun Yan, Jian Zhang:
Androlic: an extensible flow, context, object, field, and path-sensitive static analysis framework for Android. ISSTA 2019: 394-397
[PDF] [Slides] [Project of Androlic] [Bibtex Cited Format]

工具找到的缺陷列表

Lepoard (Confirmed: 66; Fixed: 22) [Project of Leopard]
Justin (26开源应用缺陷+2083企业应用缺陷) [Project of JustinStr] [Bibtex Cited Format]
PoolGuard (Confirmed: 50; Fixed: 4)

By Leopard (线程缺陷 ASE2023)

NO. App Fork Star # Download on Google Play # Misuse (*Fixed) Confirmed Issue Id
01 VocableTrainer 10 27 - 1 93
02 toposuite 2 12 5,000+ 4 3
03 APK-Explorer-Editor 53 278 100+ 1* 29
04 LRC-Editor 9 43 100,000+ 3 35
05 Nextcloud 1.5K 3.2K 100,000+ 7 10691
06 TRIfA 52 220 - 14 382
07 AppManager 174 2.3K - 1 854
08 Siteswap Generator 3 13 1,000+ 9 55
09 TC Slim 66 1.1K 10,000+ 2 336
10 blabber.im 16 41 - 6* 674
11 OSMDashboard 8 52 500+ 1* 169
12 Ghost Commander - - 1,000,000+ 1* 93
13 Offline Puzzle Solver - 1 - 1* 1
14 FitoTrack 49 161 5,000+ 3 400
15 Conversations 1.3K 4.2K 100,000+ 2* 4366
16 monocles chat 7 10 - 6* 44
17 ccgt 4 11 - 1 7
18 Notes 121 769 10K+ 1* 1574
Total - - - - 66 (Fixed 22) -

By Justin(开源应用)

程序 版本 描述 Star 缺陷数量 缺陷 ID(s)
commons-cli 1.0 命令行参数解析工具 330 1 commit(*55886e)
groovy 2.5.6 敏捷开发语言包 16.5k 1 pull(1643)
libgdx 1.10.0 Java 游戏开发框架 22.8k 1 6709
hutool 5.7.15 Java 工具类库 28.5k 4 1975, 1982, 1980, 1981 (CVE-2025-52111, CVE-2025-52112)
asm 5.1 Java 字节码操作框架 16.5k 1 mergerequests(330)
openjdk 8u292
7u75

12.0.2		 开源 Java 开发工具包 18.5k 17 commit(*12bd18, *a404a9, *ba7d11),
8278186, 8278993, 8279129, 8279128,
8279198, 8279218, 8279336, 8279341,
8279342, 8279422, 8279423, 8279424,
8279362
bishengjdk 1.8 OpenJDK 定制版本 502 1 I4MWI1
共计 - - - 26 -

By Justin(企业应用)

被测软件描述 有效缺陷 被测软件描述 有效缺陷
开源加密工具包 20 格式化及文件操作等工具包 332
验证集日期处理等工具包 71 集合及反射等常用类库 184
智能开发平台基础类库 97 医疗质量管理系统管理模块 200
JSON 及数值计算等基础类库 511 知识库系统 11
Java 开发基础类库 211 java.lang 增强工具包 94
物流供应链管理 352 - -
共计 2,083 个有效缺陷 - -

By PoolGuard(线程池缺陷)

NO. Project Fork Star # Misuse (*Fixed) Confirmed Issue Id
1 Apache Dubbo 26.6k 41.7k 2 (1) 15969, 15886
2 Apache Pulsar 3.7k 15.1k 2 (1) 25153, 25135
3 Apache RocketMQ 12.2k 20.8k 2 (1) 9983, 9985
4 Apache Curator 1.8k 3.5k 2 (0) 1282, 1283
5 Apollo Kotlin 689 3.9k 2 (0) 6821, 6822
6 Apache Iceberg 3.0k 8.4k 1 (1) 15031
7 Google Guava 11.1k 51.4k 1 (0) 8152
8 Apache Shenyu 3.0k 8.7k 1 (0) 6262
9 Apache HugeGraph 576 2.9k 1 (0) 2939
10 Apache IoTDB 1.1k 6.3k 1 (0) 17016
11 Redis Lettuce 1.1k 5.7k 1 (0) 3604
12 AWS Amplify Android 549 1.1k 1 (0) 3685
13 ShedLock 564 4.1k 1 (0) 3145
14 Jenkins Office365 86 96 1 (0) 422
15 React Native WebRTC 1.3k 4.9k 1 (0) 1783
16 HttpToolkit Android 93 587 1 (0) 38
17 Apache ShardingSphere 7.2k 19.5k 1 (0) 37714
18 ElasticJob 3.3k 8.2k 1 (0) 2493
19 Apache InLong 800 2.1k 1 (0) 12064
20 Alibaba Canal 7.3k 27.5k 1 (0) 5563
21 KIE Drools 2.5k 5.1k 1 (0) 6554
22 SSH on Web 32 140 1 (0) 3
23 Web3j 1.7k 5.1k 1 (0) 2244
24 OpenFeign 3.6k 8.5k 1 (0) 3178
25 Spring Security 6.3k 9.2k 1 (0) 18389
26 Spring Cloud OpenFeign 1.5k 3.1k 1 (0) 1308
27 AWS SDK Java 3.6k 5.8k 1 (0) 3196
28 Netflix Hystrix 4.7k 24.1k 1 (0) 2116
29 Reactor Core 1.5k 5.1k 1 (0) 4176
30 HikariCP 3.1k 18.5k 1 (0) 2378
31 JetCache 1.2k 5.3k 1 (0) 1000
32 AWS Glue Client 150 180 1 (0) 86
33 Olap4j 80 220 1 (0) 73
34 AndroidPerfMon 1.1k 6.2k 1 (0) 154
35 Semantic Metrics 60 150 1 (0) 144
36 TLS Channel 60 240 1 (0) 329
37 JBoss Threads 150 200 1 (0) 284
38 Google Truth 400 2.8k 1 (0) 1624
39 PP4J 10 40 1 (0) 16
40 Concurrency Limits 250 1.5k 1 (0) 231
41 Spring Statemachine 1.2k 1.8k 1 (0) 1208
42 Spring Integration 2.5k 2.5k 1 (0) 10696
43 Spring Integration Ext 300 200 1 (0) 264
44 NativeStackBlur 100 500 1 (0) 11
45 gRPC Java 10.5k 40k 1 (0) 12601
Total - - - 50 (5) -

By TLDoctor(ThreadLocal缺陷)

NO. Project Fork Star # Misuse (*Fixed) Confirmed Issue Id
1 quickfix-j/quickfixj 661 1.1k 1 (1) #1137
2 redis/redis-om-spring 104 648 1 (1) #718
3 ben-manes/caffeine 1.7k 17.6k 1 (1) #1944
4 apache/karaf 663 708 1 (0) #2278
5 micrometer-metrics/micrometer 1.1k 4.8k 1 (0) #7184
6 neo4j/neo4j-ogm 166 356 1 (1) #1395
7 Azure/azure-sdk-for-java 2.2k 2.6k 1 (1) #48018
8 togglz/togglz 261 1k 1 (1) #1344
9 vsilaev/tascalate-javaflow 7 89 1 (1) #15
10 spotify-web-api-java/spotify-web-api-java 289 1.1k 1 (1) #450
11 LWJGL/lwjgl3 688 5.3k 2 (0) #1109, #169
12 DataDog/java-dogstatsd-client 107 185 1 (0) #292
13 seasarorg/dbflute 6 22 1 (1) #8
14 apache/poi 821 2.2k 1 (1) #1015
15 influxdata/influxdb-java 473 1.2k 1 (1) #1019
16 mybatis/redis-cache 212 407 1 (1) #351
17 apache/bookkeeper 962 2k 1 (0) #4714
18 crotwell/seisFile 20 35 1 (1) #41
19 apache/iceberg 3.1k 8.7k 1 (1) #15284
20 cadence-workflow/cadence-java-client 121 148 1 (0) #1047
21 reportportal/client-java 29 25 1 (0) #314
22 duzechao/OKHttpUtils 82 286 1 (0) #10
23 cglib/cglib 886 4.9k 1 (0) #232
24 beanshell/beanshell 184 930 1 (0) #785
25 Netflix/Hystrix 4.7k 24.5k 1 (0) #2117
26 Blankj/AndroidUtilCode 10.7k 33.7k 1 (0) #1848
27 square/reader-sdk-flutter-plugin 31 89 1 (0) #122
28 jitsi/jitsi-utils 38 19 1 (0) #155
29 h2database/h2database 1.3k 4.6k 2 (0) #4326, #4333
30 apache/shiro 2.3k 4.4k 1 (0) #2560
31 dcm4che/dcm4che 691 1.4k 1 (0) #1560
32 karatelabs/karate 2k 8.8k 1 (0) #2745
33 scanban/traceragent 0 1 1 (0) #1
34 eclipse-ee4j/glassfish 170 435 1 (0) #25932
35 apache/ignite 1.9k 5.1k 1 (0) #12771
36 glowroot/glowroot 333 1.3k 1 (0) #1162
37 elastic/ecs-logging-java 78 149 1 (0) #381
38 apache/parquet-java 1.5k 3k 1 (1) #3398
39 carnellj/spmia-chapter5 99 33 1 (0) #4
40 hazelcast/hazelcast-code-samples 604 559 1 (0) #763
41 patrickfav/armadillo 53 308 1 (0) #58
42 baomidou/mybatis-plus 4.4k 17.3k 1 (0) #7031
43 google/guice 1.7k 12.7k 1 (0) #1929
44 google/allocation-instrumenter 88 489 1 (0) #60
45 kabutz/javaspecialists 33 147 1 (0) #60
46 Nike-Inc/wingtips 65 332 1 (0) #141
47 kofemann/vfs4j 3 13 1 (0) #8
48 graphql-java/java-dataloader 97 524 1 (0) #266
49 alibaba/fastjson2 554 4.3k 1 (0) #3995
50 alibaba/DataX 5.7k 17.1k 1 (0) #2346
51 jobrunr/jobrunr 311 2.9k 1 (0) #1495
52 sumanentc/multitenant 82 122 1 (0) #13
53 shevek/parallelgzip 7 59 1 (0) #13
54 lmdbjava/lmdbjava 126 870 1 (0) #284
55 UniTime/unitime 193 331 1 (0) #220
Total - - - 57 (15) -