CodeSonar™ performs a deep static analysis on C/C++ code and identifies a variety of serious bugs. These include null-pointer dereferences, divides-by-zero, and buffer overruns. CodeSonar does a whole-program interprocedural analysis, taking into account effects arising from the interaction of different functions in different files. It is able to detect hard-to-find bugs that can take weeks to identify with traditional testing.
Like a compiler, CodeSonar does a build of your code, but instead of creating object code it creates an abstract representation of the program. After the individual files are built, a synthesis phase combines the results into a whole-program model. The model is symbolically executed and the analysis keeps track of variables and how they are related. Warnings are generated when anomalies are encountered. CodeSonar does not need test cases.
CodeSonar creates a report in easy-to-navigate HTML format. The path to the flaw, along with the conditions that must hold, are shown to help the user understand the seriousness of the flaw and its implications. Program-understanding features are provided to help the user navigate complex and unfamiliar code. HTML descriptions make it easy to share results with colleagues.
All static-analysis tools generate some false positives, but CodeSonar has a very low false-positive rate. In addition, false positives can be suppressed so they do not show up in subsequent analysis runs. It is also possible to configure CodeSonar so it only displays new results. This differential analysis pinpoints recently-introduced bugs.
The set of checks can be extended easily by the end user. Just write some C code using the simple API, and CodeSonar will automatically include it in the analysis. The API supports the definition of a wide range of custom checks.
CodeSonar works with existing build systems.