CodeSonar is a sophisticated source code analysis tool that performs a whole-program, interprocedural analysis on C/C++ code and identifies complex programming bugs that can result in system crashes, memory corruption, leaks, data races, and security vulnerabilities. CodeSonar pinpoints critical problems at compile time that can take weeks to identify with traditional testing.


  • Static Analysis Tool using Inter-Procedural Analysis.
  • Verify millions of code lines.
  • Detects potential bugs with minimum analysis time.
  • Provides accurate pointer variable information which is one of the most important factors in C and C language.
  • Detects SW defects without the target device.(Only Source Code)
  • Able to trace root cause of bug easily, and also reports the result in HTML format so that the result sharing can be easily among team members.
  • Support for Secure Coding to Reduce Cybersecurity Vulnerabilities.
The ability of detecting defects
  • Buffer Overrun
  • Buffer Underrun
  • Division by Zero
  • Null-Pointer Dereference
  • Free Non-Heap Variable
  • Uninitialized Variable
  • DeadLock
  • Null Test after Dereference
  • Format String Problem
  • Excessive Stack Depth
  • Potential Unbounded Loop
  • Type Overrun
  • Type Underrun
  • Memory Leak
  • Use after Free
  • Double Free
  • POW10 Rule

Supported Environment

  • Languages: C, C, Java
  • Platforms: Windows, Linux, Solaris
  • Compilers
    • GCC and G
    • MS Visual Studio
    • ARM cc
    • Wind River compilers
    • Green Hills compilers
    • Other cross compilers

Contact information