CodeSonar^® Static Analysis Tool Overview

Designed for zero tolerance defect environments.

Overview

GrammaTech makes the deepest static analysis for organizations that have zero-tolerance for defects and vulnerabilities. Our flagship product, CodeSonar^®, identifies programming bugs that can result in system crashes, memory corruption, and other serious problems.

Run the Deepest Analysis. CodeSonar is the result of years of continuous academic research and development. It finds more serious defects than any other source code analyzer.
Increase Confidence, Reduce Risk. CodeSonar is designed to find a broad set of defect instances, including new and unusual defects.
Try it For Free. Get a fully-functional evaluation copy and try code CodeSonar on your own code.

Extremely powerful, CodeSonar works out of the box, requiring no changes to your existing build system or code. It performs whole-program source code analysis on codebases over 10 million lines of code. And, it includes workflow automation features, like an API for custom integrations and support for extensions that add custom checks, allowing your team to tap its power quickly and completely. This 4-minute video (with audio) shows CodeSonar in action.

Strong Technology for Critical Applications

GrammaTech, a spin-off of Cornell University, was founded by computer science professors. We have thirteen PhD-level experts in static analysis and a superb engineering team, all focused on creating the most in-depth static analysis algorithms. Our customers develop applications for critical industries such as aerospace and medical. CodeSonar is also used by regulatory agencies. Since 2005, leading organizations have relied on CodeSonar to streamline development and reduce risk.

Sample Checks Performed

CodeSonar finds over 100 different types of problems, including:

Data Race Conditions Returns of Pointers To Local

Deadlocks Returns of Pointers To Freed

Process Starvation Frees of Null Pointers

Buffer Overruns (example) Unreachable Code

Leaks (example) Try-locks that Cannot Succeed

Null Pointer Dereferences (example) Misuse of Memory Allocation

Divides By Zero Misuse of Memory Copying

Uses After Free Misuse of Libraries

Frees of Non-Heap Variable Security Vulnerabilities

Uninitialized Variables User-Defined Bug Classes

Free Trial

Get a fully-functional evaluation copy and try CodeSonar on your own code.

Data Race Conditions	Returns of Pointers To Local
Deadlocks	Returns of Pointers To Freed
Process Starvation	Frees of Null Pointers
Buffer Overruns (example)	Unreachable Code
Leaks (example)	Try-locks that Cannot Succeed
Null Pointer Dereferences (example)	Misuse of Memory Allocation
Divides By Zero	Misuse of Memory Copying
Uses After Free	Misuse of Libraries
Frees of Non-Heap Variable	Security Vulnerabilities
Uninitialized Variables	User-Defined Bug Classes

CodeSonar® Static Analysis Tool Overview