Calysto: scalable and precise extended static checking. Automatically detecting bugs in programs has been a long-held goal in software engineering. Many techniques exist, trading-off varying levels of automation, thoroughness of coverage of program behavior, precision of analysis, and scalability to large code bases. This paper presents the Calysto static checker, which achieves an unprecedented combination of precision and scalability in a completely automatic extended static checker. Calysto is interprocedurally path-sensitive, fully context-sensitive, and bit-accurate in modeling data operations --- comparable coverage and precision to very expensive formal analyses --- yet scales comparably to the leading, less precise, static-analysis-based tool for similar properties. Using Calysto, we have discovered dozens of bugs, completely automatically, in hundreds of thousands of lines of production, open-source applications, with a very low rate of false error reports. This paper presents the design decisions, algorithms, and optimizations behind Calysto’s performance.
Keywords for this software
References in zbMATH (referenced in 7 articles )
Showing results 1 to 7 of 7.
- Garzella, Jack J.; Baranowski, Marek; He, Shaobo; Rakamarić, Zvonimir: Leveraging compiler intermediate representation for multi- and cross-language verification (2020)
- Bueno, Denis; Sakallah, Karem A.: EUFORIA: complete software model checking with uninterpreted functions (2019)
- Katebi, Hadi; Sakallah, Karem A.; Marques-Silva, João P.: Empirical study of the anatomy of modern SAT solvers (2011)
- Babić, Domagoj; Hu, Alan J.: Approximating the safely reusable set of learned facts (2009) ioport
- Chatterjee, Shaunak; Lahiri, Shuvendu K.; Qadeer, Shaz; Rakamarić, Zvonimir: A low-level memory model and an accompanying reachability predicate (2009) ioport
- Kuliamin, V. V.: Integration of verification methods for program systems (2009)
- Kroening, Daniel; Sharygina, Natasha; Tonetta, Stefano; Tsitovich, Aliaksei; Wintersteiger, Christoph M.: Loop summarization using abstract transformers (2008)