US 9,811,322 B1
Scalable provenance generation from points-to information
Stepan Sindelar, Praha (CZ); Padmanabhan Krishnan, Brisbane (AU); Bernhard Scholz, Sydney (AU); Raghavendra Kagalavadi Ramesh, Brisbane (AU); and Yi Lu, Brisbane (AU)
Assigned to Oracle International Corporation, Redwood Shores, CA (US)
Filed by Oracle International Corporation, Redwood Shores, CA (US)
Filed on May 31, 2016, as Appl. No. 15/169,710.
Int. Cl. G06F 9/44 (2006.01); G06F 9/45 (2006.01); G06F 17/30 (2006.01); G06F 3/0484 (2013.01)
CPC G06F 8/433 (2013.01) [G06F 3/0484 (2013.01); G06F 17/30424 (2013.01); G06F 17/30958 (2013.01)] 18 Claims
OG exemplary drawing
1. A method for analyzing a program, comprising:
obtaining the program;
obtaining a query for a points-to analysis for the program;
obtaining the points-to analysis for the program, the points-to analysis comprising a plurality of points-to tuples, each points-to tuple comprising a variable and an allocation site for an object;
obtaining a result of the query, the result comprising a subset of the plurality of points-to tuples;
extracting, from the program, by a data-flow trace engine, a data-flow trace specification comprising a plurality of flow tuples, each flow tuple comprising a source variable defined in a first method and a sink variable defined in a second method, wherein the sink variable is assigned a value of the source variable during execution of the program;
generating, by the data-flow engine and using the data-flow trace specification, a data-flow trace graph;
adding, by the data-flow trace engine, in a recursive manner until a termination condition is triggered, a trace edge to the data-flow trace graph for each points-to tuple of a list of points-to tuples, wherein the list of points-to tuples is initialized to the result of the query, wherein the respective points-to tuple corresponds to a first flow tuple of the plurality of flow tuples, and wherein the respective points-to tuple and the first flow tuple are used to form a first points-to tuple that is added to the list of points-to tuples; and
generating, by the data-flow trace engine, a report about the result of the query based on the data-flow trace graph.