DSD-Crasher: a hybrid analysis tool for bug finding

10 years 9 months ago
DSD-Crasher: a hybrid analysis tool for bug finding
DSD-Crasher is a bug finding tool that follows a three-step approach to program analysis: D. Capture the program’s intended execution behavior with dynamic invariant detection. The derived invariants exclude many unwanted values from the program’s input domain. S. Statically analyze the program within the restricted input domain to explore many paths. D. Automatically generate test cases that focus on verifying the results of the static analysis. Thereby confirmed results are never false positives, as opposed to the high false positive rate inherent in conservative static analysis. This three-step approach yields benefits compared to past two-step combinations in the literature. In our evaluation with third-party applications, we demonstrate higher precision over tools that lack a dynamic step and higher efficiency over tools that lack a static step. Categories and Subject Descriptors D.2.4 [Software Engineering]: Software/Program Verification—formal methods, reliability; D....
Christoph Csallner, Yannis Smaragdakis
Added 14 Jun 2010
Updated 14 Jun 2010
Type Conference
Year 2006
Authors Christoph Csallner, Yannis Smaragdakis
Comments (0)