Specialized 3-Valued Logic Shape Analysis Using Structure-Based Refinement and Loose Embedding

  • Gilad Arnold
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4134)


We consider a shape analysis framework based on 3-valued logic, and explore ways for improving its performance and scalability by means of reducing algorithmic overhead and restraining abstract state set inflation. First we propose a new approach to implementing a fast 3-valued logic analyzer, which replaces a general-purpose abstract heap refinement mechanism—accounting for most of the time spent by the reference implementation—with tailored structure-based refinement. We apply our framework to analyze a set of small Java programs manipulating singly- and doubly-linked lists, obtaining results that are comparable to those of the reference implementation, with a process 40-85 times faster and 2-11 times less memory consuming. We then propose a new definition for partial ordering of abstract heap descriptors (embedding), that trims abstract states representing “special cases” in the presence of a state representing a “general case”. This extension deflates sets of abstract states by a combinatorial factor, resulting in 45-55% less structures for the same set of benchmarks. Despite its induced algorithmic overhead per operation, this modification further cuts the analysis time by 17-50%. We argue that improving on these two axes together yields a promise for greater applicability of specialized shape analysis to real-life programs.


Reference Implementation Unary Predicate Strict Partial Order Summary Node Concrete Node 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Arnold, G.: Lightweight specialized 3-valued logic shape analyzer. Technical Report UCB/EECS-2006-59, EECS Department, University of California, Berkeley (May 2006), available at:
  2. 2.
    Arnold, G., Manevich, R., Sagiv, M., Shaham, R.: Intersecting heap abstractions with applications to compile-time memory management. Technical Report TR-2005-04-135520, Tel-Aviv University (April 2005), available at:
  3. 3.
    Arnold, G., Manevich, R., Sagiv, M., Shaham, R.: Combining shape analyses by intersecting abstractions. In: Emerson, E.A., Namjoshi, K.S. (eds.) VMCAI 2006. LNCS, vol. 3855, pp. 33–48. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Cousot, P., Cousot, R.: Systematic design of program analysis frameworks. In: Symposium on Principals of Programming Languages (POPL), pp. 269–282. ACM Press, New York (1979)Google Scholar
  5. 5.
    Lahiri, S.K., Qadeer, S.: Verifying properties of well-founded linked lists. In: Symposium on Principals of Programming Languages (POPL), pp. 115–126 (2006)Google Scholar
  6. 6.
    Lee, O., Yang, H., Yi, K.: Automatic verification of pointer programs using grammar-based shape analysis. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 124–140. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Lev-Ami, T.: TVLA: A framework for kleene logic based static analysis. Master’s thesis, Tel-Aviv University (May 2000)Google Scholar
  8. 8.
    Lev-Ami, T., Reps, T.W., Sagiv, M., Wilhelm, R.: Putting static analysis to work for verification: A case study. In: International Symposium on Software Testing and Analysis (ISSTA), pp. 26–38 (2000)Google Scholar
  9. 9.
    Lev-Ami, T., Sagiv, M.: TVLA: A system for implementing static analyses. In: Palsberg, J. (ed.) SAS 2000. LNCS, vol. 1824, pp. 280–302. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  10. 10.
    Manevich, R., Sagiv, M., Ramalingam, G., Field, J.: Partially disjunctive heap abstraction. In: Giacobazzi, R. (ed.) SAS 2004. LNCS, vol. 3148, pp. 265–279. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  11. 11.
    Manevich, R., Yahav, E., Ramalingam, G., Sagiv, M.: Predicate abstraction and canonical abstraction for singly-linked lists. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 181–198. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Sagiv, M., Reps, T.W., Wilhelm, R.: Parametric shape analysis via 3-valued logic. Transactions on Programming Languages and Systems (TOPLAS) 24(3), 217–298 (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Gilad Arnold
    • 1
  1. 1.University of CaliforniaBerkeley

Personalised recommendations