swMATH ID: 31588
Software Authors: Babić, D., Hu, A.J.
Description: Calysto: scalable and precise extended static checking. Automatically detecting bugs in programs has been a long-held goal in software engineering. Many techniques exist, trading-off varying levels of automation, thoroughness of coverage of program behavior, precision of analysis, and scalability to large code bases. This paper presents the Calysto static checker, which achieves an unprecedented combination of precision and scalability in a completely automatic extended static checker. Calysto is interprocedurally path-sensitive, fully context-sensitive, and bit-accurate in modeling data operations — comparable coverage and precision to very expensive formal analyses — yet scales comparably to the leading, less precise, static-analysis-based tool for similar properties. Using Calysto, we have discovered dozens of bugs, completely automatically, in hundreds of thousands of lines of production, open-source applications, with a very low rate of false error reports. This paper presents the design decisions, algorithms, and optimizations behind Calysto’s performance.
Homepage: https://dl.acm.org/doi/10.1145/1368088.1368118
Related Software: z3; ESC/Java; BoogiePL; SLAM; BLAST; MiniSat; SIMPLIFY; Boogie; CIVL; Cascade; Crust; Pyston; Rust2Viper; GraVy; Kotlin; Swift; Rust; SMACK; SeaHorn; Viper
Cited in: 5 Publications

Citations by Year