ESBMC v7.3: Model Checking C++ Programs using Clang AST

TL;DR

ESBMC v7.3 introduces a clang-based C++ front-end that improves verification capabilities for modern C++ programs by reducing errors and enhancing performance over previous versions.

Contribution

The paper presents a new clang-based front-end for ESBMC, replacing the older CPROVER-based system to better handle evolving C++ features.

Findings

Reduces parse and conversion errors significantly.

Enables verification of a broader range of C++ programs.

Outperforms previous ESBMC versions in accuracy and robustness.

Abstract

This paper introduces ESBMC v7.3, the latest Efficient SMT-Based Context-Bounded Model Checker version, which now incorporates a new clang-based C++ front-end. While the previous CPROVER-based front-end served well for handling C++03 programs, it encountered challenges keeping up with the evolving C++ language. As new language and library features were added in each C++ version, the limitations of the old front-end became apparent, leading to difficult-to-maintain code. Consequently, modern C++ programs were challenging to verify. To overcome this obstacle, we redeveloped the front-end, opting for a more robust approach using clang. The new front-end efficiently traverses the Abstract Syntax Tree (AST) in-memory using clang APIs and transforms each AST node into ESBMC's Intermediate Representation. Through extensive experimentation, our results demonstrate that ESBMC v7.3 with the new front-end significantly reduces parse and conversion errors, enabling successful verification of a wide range of C++ programs, thereby outperforming previous ESBMC versions.