Sat 22 Jun 2019 09:00 - 11:00 at 212C - DPAQL
Sat 22 Jun 2019 11:20 - 12:30 at 212C - DPAQL

Thanks to those who attended! Please complete our feedback form so we can stay in touch with you and improve future workshops.

Complete our C++ QL challenge, and come to table 14 in the North Building by Wed 26 June to win a prize.

QL is an object-oriented dialect of Datalog developed by Semmle for implementing high-level, declarative, reusable, yet efficient queries over complex, structured data. It is particularly well-suited for implementing program analyses, from elegant one-liners that spot shallow programming mistakes to elaborate whole-program data flow analyses that identify lurking security vulnerabilities. The power of QL is showcased on, where it is used to continuously analyse more than 135K open-source projects written in C++, C#, Cobol, Java, JavaScript and Python. It is also demonstrated by the considerable number of CVEs found by Semmle security researchers while using QL for variant analysis of security vulnerabilities.


In this tutorial, participants will:

  • obtain a technical overview of the QL language, covering both general principles and its specific application to program analysis and security
  • be given access to a QL IDE
  • interactively develop their own analyses in QL to find known security vulnerabilities in open-source projects.


  1. Introduction to QL (9:00-11:00)

    • Overview of QL
    • Syntactic program representation as a database
    • Finding query injection vulnerabilities using QL
    • Local data flow analysis
  2. Security analysis with QL (11:30-12:30)

    • Global data flow analysis
    • Finding code injection and deserialization vulnerabilities in Apache Struts using QL

Tutorial instructions can be found at:

Tutorial materials will be available through Google Drive. The tutorial can also be carried out using the query console at

Sat 22 Jun

Displayed time zone: Tijuana, Baja California change

09:00 - 11:00
Declarative Program Analysis With QL
PLDI Tutorials
11:20 - 12:30
Declarative Program Analysis With QL
PLDI Tutorials