ESBMC is a context-bounded model checker for embedded C/C++ software based on Satisfiability Modulo Theories (SMT) solver. It allows the verification engineer (i) to verify single- and multi-threaded software (with shared variables and locks); (ii) to reason about arithmetic under- and overflow, pointer safety, memory leaks, array bounds, atomicity and order violations, deadlock and data race; (iii) to verify programs that make use of bit-level, pointers, structs, unions and fixed-point arithmetic. ESBMC does not require the user to annotate the programs with pre/post-conditions, but allows the user to state additional properties using assert-statements, that are then checked as well. It also provides three approaches (lazy, schedule recording, and underapproximation and widening) to model check multi-threaded software. ESBMC can be invoked through the command-line interface or configured through the Eclipse plug-in. ESBMC converts the verification conditions using different background theories and passes them directly to an SMT solver. In addition, ESBMC can output verification conditions using the SMT logics QF_AUFBV and QF_AUFLIRA. ESBMC is built on top of the CProver framework. ESBMC uses the SMT solvers Z3 (default) and Boolector, which are also included in the distribution. The restrictions of the Z3, Boolector and CProver licenses apply.

Keywords for this software

Anything in here will be replaced on browsers that support the canvas element