Towards Bounded Infeasible Code Detection

Abstract: A first step towards more reliable software is to execute each statement and each control-flow path in a method once. In this paper, we present a formal method to automatically compute test cases for this purpose based on the idea of a bounded infeasible code detection. The method first unwinds all loops in a program finitely often and then encodes all feasible executions of the loop-free programs in a logical formula. Helper variables are introduced such that a theorem prover can reconstruct the control-flow path of a feasible execution from a satisfying valuation of this formula. Based on this formula, we present one algorithm that computes a feasible path cover and one algorithm that computes a feasible statement cover. We show that the algorithms are complete for loop-free programs and that they can be implemented efficiently. We further provide a sound algorithm to compute procedure summaries which makes the method scalable to larger programs.