JSquash: Source Code Analysis of Embedded Database Applications for Determining Sql Statements

  • Dietmar Seipel
  • Andreas M. Boehm
  • Markus Fröhlich
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6547)


In this paper, we analyse Java source code of embedded database applications by means of static code analysis. If the underlying database schema of such an application is subject to refactoring or database tuning, then the Sql statements in the embedding Java program need to be adapted correspondingly. This should be done mostly automatically, since changing software manually is error-prone and time consuming.

For determining the Sql statements that access the database, we can either look at the database logfile, an audit file, or at the Java source code itself. Here, we show how to derive the strings of dynamic Sql statements directly from the Java source code. We do this without using a debugger or a virtual machine technique; instead, we trace the values of variables that contribute to a query string backwards to predict the values of contributing program variables as precisely as possible.

We use Prolog’s declarative features and its backtracking mechanism for code analysis, refactoring, and tuning.


Source Code Virtual Machine Code Analysis Database Schema Database Application 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Benton, W.C., Fischer, C.N.: Interactive, Scalable, Declarative Program Analysis: From Prototype to Implementation. In: Proc. Intl. Conference on Principles and Practice of Declarative Programming, PPDP 2007, pp. 13–24 (2007)Google Scholar
  2. 2.
    Boehm, A.M., Seipel, D., Sickmann, A., Wetzka, M.: Squash: A Tool for Analyzing, Tuning and Refactoring Relational Database Applications. In: Seipel, D., Hanus, M., Wolf, A. (eds.) INAP 2007. LNCS, vol. 5437, pp. 82–98. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    Chamberlin, D.: XQuery: a Query Language for XML. In: Proc. ACM International Conference on Management of Data, SIGMOD 2003, p. 682. ACM Press, New York (2003)CrossRefGoogle Scholar
  4. 4.
    Chess, B., McGraw, G.: Static Analysis for Security. IEEE Security & Privacy 2(6), 76–79 (2004)CrossRefGoogle Scholar
  5. 5.
    Clocksin, W.F., Mellish, C.S.: Programming in prolog, 5th edn. Springer, Heidelberg (2003)CrossRefzbMATHGoogle Scholar
  6. 6.
    Corbett, J.C., Dwyer, M.B., Hatcliff, J., Laubach, S., Pasareanu, C.S., Zheng, R.H.: Bandera: Extracting Finite State Models From Java Source Code. In: Proc. Intl. Conference on Software Engineering, ICSE 2000, pp. 439–448 (2000)Google Scholar
  7. 7.
    Ducasse, S., Lanza, M., Bertuli, R.: High–Level Polymetric Views of Condensed Run–Time Information. In: Proc. 8th European Conference on Software Maintenance and Reengineering, CSMR 2004, pp. 309–318 (2004)Google Scholar
  8. 8.
    Hopfner, M., Seipel, D., Wolff von Gudenberg, J., Fischer, G.: Reasoning About Source Code in XML-Representation. In: Workshop on Software-Reengineering, WSR 2003 (2003)Google Scholar
  9. 9.
    van Emden, E., Moonen, L.: Java Quality Assurance by Detecting Code Smells. In: Proc. 9th Working Conference on Reverse Engineering, WCRE 2002, pp. 97–108. IEEE Computer Society, Los Alamitos (2002)CrossRefGoogle Scholar
  10. 10.
    Evans, D., Larochelle, D.: Improving Security Using Extensible Lightweight Static Analysis. IEEE Software 19(1), 42–51 (2002)CrossRefGoogle Scholar
  11. 11.
    Fischer, D., Lusiardi, J.: jaml: XML Representation of Java Source Code. Technical Report, University of Würzburg, Department of Computer Science (2008)Google Scholar
  12. 12.
    Holzmann, G.J., Smith, M.H.: Extracting Verification Models by Extracting Verification Models. In: Proc. Joint International Conference on Formal Description Techniques, FORTE 1999, and Protocol Specification, Testing, and Verification, PSTV 1999, pp. 481–497. Kluwer, Dordrecht (1999)Google Scholar
  13. 13.
    JBoss: Red Hat: Hybernate,
  14. 14.
    Intl. Organization for Standardization: ISO/IEC 9075–14:2003 Information Technology – Database Languages – SQL – Part 14: xml Related Specifications, SQL/XML (2003)Google Scholar
  15. 15.
    Marinescu, R.: Detection Strategies: Metrics–Based Rules for Detecting Design Flaws. In: Proc. 20th IEEE Intl. Conference on Software Maintenance, ICSM 2004, pp. 350–359 (2004)Google Scholar
  16. 16.
    Ramakrishnan, R., Gehrke, J.: Database Management Systems, 3rd edn. McGraw-Hill, New York (2003)zbMATHGoogle Scholar
  17. 17.
    Ren, X., Shah, F., Tip, F., Ryder, B.G., Chesley, O.: Chianti: A Tool for Change Impact Analysis of Java Programs. ACM SIGPLAN Notices 39(10), 432–448 (2004)CrossRefGoogle Scholar
  18. 18.
    Seipel, D.: Processing XML Documents in prolog. In: Proc. 17th Workshop on Logic Programmierung, WLP 2002 (2002)Google Scholar
  19. 19.
    Seipel, D., Hopfner, M., Heumesser, B.: Analyzing and Visualizing prolog Programs based on xml Representations. In: Proc. Intl. Workshop on Logic Programming Environments, WLPE 2003 (2003)Google Scholar
  20. 20.
    Seipel, D., Baumeister, J., Hopfner, M.: Declarative Querying and Visualizing Knowledge Bases in XML. In: Seipel, D., Hanus, M., Geske, U., Bartenstein, O. (eds.) INAP/WLP 2004. LNCS (LNAI), vol. 3392, pp. 16–31. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  21. 21.
    Systä, T., Yu, P., Müller, H.: Analyzing Java Software by Combining Metrics and Program Visualization. In: Proc. 4th European Conference on Software Maintenance and Reengineering, CSMR 2000, pp. 199–208. IEEE Computer Society, Los Alamitos (2000)Google Scholar
  22. 22.
    Wahler, V., Seipel, D., Wolff von Gudenberg, J., Fischer, G.: Clone Detection in Source Code by Frequent Itemset Techniques. In: Proc. 4th IEEE Intl. Workshop on Source Code Analysis and Manipulation, SCAM 2004, pp. 128–135. IEEE Computer Society, Los Alamitos (2004)Google Scholar
  23. 23.
    Wielemaker, J.: An Overview of the swi–prolog Programming Environment. In: Proc. 13th International Workshop on Logic Programming Environments, WLPE 2003, pp. 1–16 (2003)Google Scholar
  24. 24.
    Wielemaker, J.: swi–prolog. Version (2007),

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Dietmar Seipel
    • 1
  • Andreas M. Boehm
    • 1
  • Markus Fröhlich
    • 1
  1. 1.Department of Computer ScienceUniversity of WürzburgWürzburgGermany

Personalised recommendations