cuixiaoyiyi

CUI Baoquan Personal Page

---

Project maintained by cuixiaoyiyi Hosted on GitHub Pages — Theme by mattgraham

崔保全 CUI Baoquan

cuibq@ios.ac.cn
【CUI Baoquan@dblp】
【CUI Baoquan@Google Scholar】

程序分析与软件测试

Program Analysis and Software Testing

@ SQuARE Group Leader 张健 研究员

zj@ios.ac.cn
【小组ZJ@SQuARE】
【中国科学院大学ZJ@UCAS】
【计算机科学国家重点实验室ZJ@SKLCS】

Ongoing

Hang Gao, Tao Peng, Baoquan Cui, Hong Huang, Fengge Wu, Zhao Junsuo, Jian Zhang
Efficient Code Analysis via Graph-Guided Large Language Models

Hang Gao, Kunyu Li, jun Wang, Baoquan Cui, Hong Huang, Fengge Wu, Jian Zhang, Huaping Liu Revisiting Causal Graph Neural Networks: An Atomic Theoretical Framework for Valid Inference

Baoquan Cui, Hang Gao, Jian Zhang
Understanding and Static Misuse Detection of Java ThreadLocal

Baoquan Cui, Hang Gao, Jian Zhang
From Thread to Pool: A Unified Formal Model and Static Detection of Thread Pool Misuses in Java Programs

Baoquan Cui, Hang Gao, Jian Zhang
Specification-Aware Test Data Generation for Java Programs via Annotations

Hang Gao, Baoquan Cui, Hong Huang, Fengge Wu, Jian Zhang, Huaping Liu
Breaking the Structural Symmetry: Semantic-Aware Graph Learning for Malicious Package Detection

Rui Han, Baoquan Cui, Feifei Ma, Jian Zhang
Solving String Split Constraints via Structural Relaxation

Rui Han, Baoquan Cui, Feifei Ma, Jian Zhang
Yog: Interface-Driven Test Generation for SMT Solvers via UF-Realization Refinement

Hang Gao, Baoquan Cui, Hong Huang, Fengge Wu, Jian Zhang, Huaping Liu
Think in Graphs: Infrastructure and Benchmark for Large Language Model Reasoning Frameworks

Rong Qu, Baoquan Cui, Jian Zhang
SCOPE++: A Scope-aware Mutation Testing Framework for C++ Compilers

2025

[C11 QRS2025] Liwei Zhang, Baoquan Cui, Xutong Ma, Jian Zhang:
An Empirical Study: mems as a Static Performance Metric
[PDF-Preprint] [Slides] [Bibtex Cited Format]

[C10 ICSE2025] Baoquan Cui, Rong Qu, Zhen Tang, Jian Zhang:
Static Analysis of Remote Procedure Call in Java Programs. ICSE 2025
[PDF] [Slides] [Project of RPCBridge] [Bibtex Cited Format]

2024

[C9 ISSTA2024] Baoquan Cui, Jiwei Yan, Jian Zhang:
DMMPP: Constructing Dummy Main Methods for Android Apps with Path-Sensitive Predicates. ISSTA 2024: 1826-1830
[PDF] [Slides] [Project of DMMPP] [Bibtex Cited Format]

2023

[C8 ASE2023] Baoquan Cui, Miaomiao Wang, Chi Zhang, Jiwei Yan, Jun Yan, Jian Zhang:
Detection of Java Basic Thread Misuses Based on Static Event Analysis. ASE 2023: 1049-1060
[PDF] [Slides] [Project of Leopard] [Bibtex Cited Format]

[C7] Fuqi Jia, Rui Han, Xutong Ma, Baoquan Cui, Minghao Liu, Pei Huang, Feifei Ma, Jian Zhang:
PSMT: Satisfiability Modulo Theories Meets Probability Distribution. ASE 2023: 1756-1760
[PDF] [Slides][Bibtex Cited Format]

2022

[C6 ISSRE2022] Miaomiao Wang, Baoquan Cui (Contributed Equally), Jiwei Yan, Jun Yan, Jian Zhang:
String Test Data Generation for Java Programs. ISSRE 2022: 251-262
[PDF] [Slides] [Project of JustinStr] [Bibtex Cited Format]

[C5] Xin Zhang, Rongjie Yan, Jiwei Yan, Baoquan Cui, Jun Yan, Jian Zhang:
ExcePy: A Python Benchmark for Bugs with Python Built-in Types. SANER 2022: 856-866
[PDF] [Poster of ExcePy][Project of ExcePy] [Bibtex Cited Format]

2021

[C4 QRS2021] Qing Liu, Linjie Pan, Baoquan Cui, Jun Yan, Jian Zhang:
Dynamic Detection of AsyncTask Related Defects. QRS 2021: 357-366
[PDF] [Bibtex Cited Format]

[C3] Xin Zhang, Jiwei Yan, Baoquan Cui, Jun Yan, Jian Zhang:
Are the Scala Checks Effective? Evaluating Checks with Real-world Projects. QRS 2021: 978-989
[PDF] [Slides][Bibtex Cited Format]

2020

[C2] Linjie Pan, Baoquan Cui, Hao Liu, Jiwei Yan, Siqi Wang, Jun Yan, Jian Zhang:
Static asynchronous component misuse detection for Android applications. ESEC/SIGSOFT FSE 2020: 952-963
[PDF] [Slides] [Project of AsyncChecker] [Bibtex Cited Format]

2019

[C1] Linjie Pan, Baoquan Cui, Jiwei Yan, Xutong Ma, Jun Yan, Jian Zhang:
Androlic: an extensible flow, context, object, field, and path-sensitive static analysis framework for Android. ISSTA 2019: 394-397
[PDF] [Slides] [Project of Androlic] [Bibtex Cited Format]

工具找到的缺陷列表

Lepoard (Confirmed: 66; Fixed: 22) [Project of Leopard]
Justin (26开源应用缺陷+2083企业应用缺陷) [Project of JustinStr] [Bibtex Cited Format]
PoolGuard (Confirmed: 50; Fixed: 4)

By Lepoard (线程缺陷 ASE2023)

|NO.|App|Fork|Star|#Download on GooglePaly |#Misuse (Fixed)|Confirmed Issue Id|
|-|-|-|-|-|-|-| |01|VocableTrainer|10|27|-|1|93| |02|toposuite|2|12|5,000+|4|3| |03|APK-Explorer-Editorcite | 53 | 278 |100+ |1|29 | |04|LRC-Editorcite | 9 | 43 |100,000+| 3 |35 | |05|Nextcloudcite | 1.5K | 3.2K |100,000+| 7 |10691 | |06|TRIfAcite | 52 | 220 | -| 14 |382 | |07|AppManagercite | 174 | 2.3K | -| 1 |854 | |08|Siteswap Generatorcite | 3 | 13 | 1,000+ | 9 |55 | |09|TC Slimcite | 66 | 1.1K | 10,000+ | 2 |336 | |10|blabber.imcite | 16 | 41 | - | 6* |674 | |11|OSMDashboardcite | 8 | 52 | 500+ | 1* |169 | |12|Ghost Commander | - | - | 1,000,000+ | 1* |93 | |13|Offline Puzzle Solver | - | 1 | - | 1* |1 | |14|FitoTrack | 49 | 161 | 5,000+ | 3 | 400 | |15|Conversations | 1.3K | 4.2K | 100,000+ | 2* | 4366| |16|monocles chat | 7 | 10 | - | 6* | 44 | |17|ccgt| 4 | 11 | - | 1 | 7 | |18|Notes| 121 | 769 | 10K+ | 1* | 1574 | |-|Total |-|-|-|66(Fixed 22)|-

By Justin （开源应用）

| 程序 | 版本 | 描述 | Star | 缺陷数量 | 缺陷ID(s) | |——|——|——|——|———-|———–| | commons-cli | 1.0 | 命令行参数解析工具 | 330 | 1 | commit(55886e) | | groovy | 2.5.6 | 敏捷开发语言包 | 16.5k | 1 | pull(1643) | | libgdx | 1.10.0 | Java 游戏开发框架 | 22.8k | 1 | 6709 | | hutool | 5.7.15 | Java 工具类库 | 28.5k | 4 | 1975,1982,1980,1981 (CVE-2025-52111, 52112) | | asm | 5.1 | Java字节码操作框架 | 16.5k | 1 | mergerequests(330) | | openjdk | 8u292
7u75

12.0.2 | 开源 Java 开发工具包 | 18.5k | 17 | commit(12bd18, *a404a9, *ba7d11),
8278186,8278993,8279129,8279128,
8279198,8279218,8279336, 8279341,
8279342, 8279422,8279423,8279424,
8279362 | | bishengjdk | 1.8 | OpenJDK 定制版本 | 502 | 1 | I4MWI1 | | 共计 | | | | 26 | |

By Justin （企业应用）

| 被测软件描述 | 有效缺陷 | 被测软件描述 | 有效缺陷 | |————–|———-|————–|———-| | 开源加密工具包 | 20 | 格式化及文件操作等工具包 | 332 | | 验证集日期处理等工具包 | 71 | 集合及反射等常用类库 | 184 | | 智能开发平台基础类库 | 97 | 医疗质量管理系统管理模块 | 200 | | JSON及数值计算等基础类库 | 511 | 知识库系统 | 11 | | Java 开发基础类库 | 211 | java.lang 增强工具包 | 94 | | 物流供应链管理 | 352 | - | -| | 共计 | 2,083 个有效缺陷 | | |

By PoolGuard （线程池缺陷）

|NO.|Project|Fork|Star|#Misuse (*Fixed)|Confirmed Issue Id| |:—|:—|:—|:—|:—|:—| |1|Apache Dubbo|26.6k|41.7k|2 (1)|15969, 15886| |2|Apache Pulsar|3.7k|15.1k|2 (1)|25153, 25135| |3|Apache RocketMQ|12.2k|20.8k|2 (1)|9983, 9985| |4|Apache Curator|1.8k|3.5k|2 (0)|1282, 1283| |5|Apollo Kotlin|689|3.9k|2 (0)|6821, 6822| |6|Apache Iceberg|3.0k|8.4k|1 (1)|15031| |7|Google Guava|11.1k|51.4k|1 (0)|8152| |8|Apache Shenyu|3.0k|8.7k|1 (0)|6262| |9|Apache HugeGraph|576|2.9k|1 (0)|2939| |10|Apache IoTDB|1.1k|6.3k|1 (0)|17016| |11|Redis Lettuce|1.1k|5.7k|1 (0)|3604| |12|AWS Amplify Android|549|1.1k|1 (0)|3685| |13|ShedLock|564|4.1k|1 (0)|3145| |14|Jenkins Office365|86|96|1 (0)|422| |15|React Native WebRTC|1.3k|4.9k|1 (0)|1783| |16|HttpToolkit Android|93|587|1 (0)|38| |17|Apache ShardingSphere|7.2k|19.5k|1 (0)|37714| |18|ElasticJob|3.3k|8.2k|1 (0)|2493| |19|Apache InLong|800|2.1k|1 (0)|12064| |20|Alibaba Canal|7.3k|27.5k|1 (0)|5563| |21|KIE Drools|2.5k|5.1k|1 (0)|6554| |22|SSH on Web|32|140|1 (0)|3| |23|Web3j|1.7k|5.1k|1 (0)|2244| |24|OpenFeign|3.6k|8.5k|1 (0)|3178| |25|Spring Security|6.3k|9.2k|1 (0)|18389| |26|Spring Cloud OpenFeign|1.5k|3.1k|1 (0)|1308| |27|AWS SDK Java|3.6k|5.8k|1 (0)|3196| |28|Netflix Hystrix|4.7k|24.1k|1 (0)|2116| |29|Reactor Core|1.5k|5.1k|1 (0)|4176| |30|HikariCP|3.1k|18.5k|1 (0)|2378| |31|JetCache|1.2k|5.3k|1 (0)|1000| |32|AWS Glue Client|150|180|1 (0)|86| |33|Olap4j|80|220|1 (0)|73| |34|AndroidPerfMon|1.1k|6.2k|1 (0)|154| |35|Semantic Metrics|60|150|1 (0)|144| |36|TLS Channel|60|240|1 (0)|329| |37|JBoss Threads|150|200|1 (0)|284| |38|Google Truth|400|2.8k|1 (0)|1624| |39|PP4J|10|40|1 (0)|16| |40|Concurrency Limits|250|1.5k|1 (0)|231| |41|Spring Statemachine|1.2k|1.8k|1 (0)|1208| |42|Spring Integration|2.5k|2.5k|1 (0)|10696| |43|Spring Integration Ext|300|200|1 (0)|264| |44|NativeStackBlur|100|500|1 (0)|11| |45|gRPC Java|10.5k|40k|1 (0)|12601| |Total||||50 (5)||