WHAT IT DOES
CodeSonar for source code is designed to detect defects such as data races, deadlocks, buffer overruns, leaks, null-pointer de-references, uses of un-initialised variables, and other security vulnerabilities, at compile time, that are famously tough to find. Because it’s used as part of your development cycle, without you having to modify your code, you can dig out and fix these bugs while you work, reducing test cycles and remedial development time.
You can quickly and easily deploy CodeSonar as part of your build process, creating an abstract model of your code which is then analysed to find potential defects. Because CodeSonar has a flexible and open architecture, you can easily import and export data and add your own custom metrics and checks.
HOW IT HELPS YOU
One of the main reasons we love CodeSonar is because you can perform a whole-program analysis of millions of lines of C, C++, Objective-C and Java source code which gives you:
- Ultra-quick daily inspection – using incremental analysis to review daily changes to the code
- Analysis of the entire program – going beyond mere pattern matching or approximations, but instead performs an analysis that examines the computation of the entire program
- Sophisticated analysis – this approach naturally uncovers defects with new or unusual patterns.
We are very pleased with our choice to work with Valbrio and CodeSonar,” said Cyril Rochard. “CodeSonar has allowed us to significantly reduce bug-related problems and improve the overall quality of our devices. Our customers are very happy with the improvements and other areas of our own business are keen to start using it as well.