DSD-Crasher: A hybrid analysis tool for bug finding

Christoph Csallner, Yannis Smaragdakis, Tao Xie

Research output: Contribution to journalArticlepeer-review


DSD-Crasher is a bug finding tool that follows a three-step approach to program analysis: D. Capture the program's intended execution behavior with dynamic invariant detection. The derived invariants exclude many unwanted values from the program's input domain. S. Statically analyze the program within the restricted input domain to explore many paths. D. Automatically generate test cases that focus on reproducing the predictions of the static analysis. Thereby confirmed results are feasible. This three-step approach yields benefits compared to past two-step combinations in the literature. In our evaluation with third-party applications, we demonstrate higher precision over tools that lack a dynamic step and higher efficiency over tools that lack a static step.

Original languageEnglish (US)
Article number8
JournalACM Transactions on Software Engineering and Methodology
Issue number2
StatePublished - Apr 1 2008
Externally publishedYes


  • Automatic testing
  • Bug finding
  • Dynamic analysis
  • Dynamic invariant detection
  • Extended static checking
  • False positives
  • Static analysis
  • Test case generation
  • Usability

ASJC Scopus subject areas

  • Software

Fingerprint Dive into the research topics of 'DSD-Crasher: A hybrid analysis tool for bug finding'. Together they form a unique fingerprint.

Cite this