![GrammaTech Static Code Analysis](media/banner/Banner_CodeSonar_2023.png)
How Static Analysis Works
By using the existing build environment CodeSonar does a build of your code and creates an abstract model of your entire program. In the next step CodeSonar´s symbolic execution engine explores program paths, reasoning about program variables and how they relate. During this process infeasible program paths are pruned from the exploration by theorem-proving technology.To find defects and violations of policies, checkers perform an analysis on the code. They operate by querying or traversing the model, looking for particular properties or patterns that indicate defects. Sophisticated symbolic execution techniques explore paths through a control-flow graph. The data structure representing paths that might be traversed by a program during its execution. A warning is generated, if the path exploration notices an anomaly.
To model and explore the astronomical number of combinations of circumstances, CodeSonar employs a variety of strategies to ensure scalability. For example, procedures
summaries are refined and compacted during the analysis, and paths are explored in an order that minimizes paging.
Scalable and sophisticated Analysis
CodeSonar performs a whole-program analysis on 10M+ lines of code, which run in parallel to take advantages of multi-core environments. More over the incremental analysis makes the tool fast to analyze daily changes to a codebase.The unified dataflow and symbolic execution analysis of CodeSonar examines the computation of entire program, and doesn´t rely solely on pattern matching or similar
approximations. The more general analysis finds defects with new or unusual patterns, too.