Skip to content

Commit 4470151

Browse files
committed
add CITATION.cff
1 parent 298a0f8 commit 4470151

1 file changed

Lines changed: 82 additions & 0 deletions

File tree

CITATION.cff

Lines changed: 82 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,82 @@
1+
# This CITATION.cff file was generated with cffinit.
2+
# Visit https://bit.ly/cffinit to generate yours today!
3+
4+
cff-version: 1.2.0
5+
title: QLStat
6+
message: >-
7+
Analyze Real World Project Batch with Declarative Static
8+
Analysis based on CodeQL
9+
type: software
10+
authors:
11+
- given-names: Qingwei
12+
family-names: Li
13+
email: lqw332664203@ustc.edu.cn
14+
affiliation: University of Science and Technology of China
15+
orcid: 'https://orcid.org/0009-0002-3888-2435'
16+
- given-names: Boyao
17+
family-names: Ding
18+
email: via@mail.ustc.edu.cn
19+
affiliation: University of Science and Technology of China
20+
orcid: 'https://orcid.org/0009-0009-4208-7961'
21+
- orcid: 'https://orcid.org/0000-0001-6638-6442'
22+
affiliation: University of Science and Technology of China
23+
email: yuzhang@ustc.edu.cn
24+
given-names: Yu
25+
family-names: Zhang
26+
- orcid: 'https://orcid.org/0009-0005-7061-1178'
27+
given-names: Jinbao
28+
family-names: Chen
29+
email: zkd18cjb@mail.ustc.edu.cn
30+
affiliation: University of Science and Technology of China
31+
identifiers:
32+
- type: doi
33+
value: 10.13328/j.cnki.jos.007464
34+
repository-code: 'https://github.com/s4plus/QLStat'
35+
abstract: >-
36+
The Go programming language (Golang), as an emerging
37+
programming language, achieves efficient automatic memory
38+
management through compile-time escape analysis and
39+
runtime garbage collection. It also provides built-in data
40+
types such as interface, slice, and map, which
41+
significantly enhance development efficiency and program
42+
performance. However, these features also introduce memory
43+
performance and safety challenges that differ from those
44+
in traditional languages like C/C++. This study uses
45+
static code analysis to empirically study memory
46+
performance and safety problems in Go programs. The
47+
framework PatStat, designed based on CodeQL, is employed
48+
to analyze open-source repositories on GitHub. This
49+
framework uses the declarative language QL to examine code
50+
patterns related to memory performance in open-source
51+
repositories, facilitating both manual summarization and
52+
automatic detection of memory safety problems. The
53+
research covers memory access characteristics and patterns
54+
of memory safety problems. An analysis of 996 Go
55+
open-source projects, updated within the past year,
56+
reveals that field accesses and dereference operations
57+
account for significant portions of memory access in Go
58+
programs, at 25.44% and 17.63%, respectively. This
59+
indicates the importance of field sensitivity and
60+
points-to analysis in Go program analysis and
61+
optimization. Moreover, implicit memory allocation
62+
resulting from Go’s unique interface type conversions is
63+
another key area for optimization. Through manual analysis
64+
of 130 Issues involving memory leaks, invalid memory
65+
addresses or null pointer dereferences, and dangling
66+
pointers, the study identifies 10 Issue patterns, noting
67+
that dangling pointer problems are rare in Go. These
68+
Issues typically require around 30 days for resolution but
69+
often demand only a few dozen lines of code changes. The
70+
findings offer insights for optimizing Go programs and
71+
mitigating memory safety concerns. Furthermore, a linter
72+
is developed to detect the Issue pattern, which involves
73+
the assignment of a slice expression that may lead to
74+
memory leaks. This tool identifies 6 Issues in real-world
75+
projects, one of which receives positive feedback.
76+
keywords:
77+
- Go
78+
- memory performance
79+
- static code analysis
80+
- memory safety
81+
- empirical study
82+
license: Apache-2.0

0 commit comments

Comments
 (0)