Towards Bounded Infeasible Code Detection
Abstract
A first step towards more reliable software is to execute each statement and each control-flow path in a method once. In this paper, we present a formal method to automatically compute test cases for this purpose based on the idea of a bounded infeasible code detection. The method first unwinds all loops in a program finitely often and then encodes all feasible executions of the loop-free programs in a logical formula. Helper variables are introduced such that a theorem prover can reconstruct the control-flow path of a feasible execution from a satisfying valuation of this formula. Based on this formula, we present one algorithm that computes a feasible path cover and one algorithm that computes a feasible statement cover. We show that the algorithms are complete for loop-free programs and that they can be implemented efficiently. We further provide a sound algorithm to compute procedure summaries which makes the method scalable to larger programs.
Cite
@article{arxiv.1205.6527,
title = {Towards Bounded Infeasible Code Detection},
author = {Jürgen Christ and Jochen Hoenicke and Martin Schäf},
journal= {arXiv preprint arXiv:1205.6527},
year = {2012}
}
Comments
24 pages