C++ static code analysis
-
Bug
-
Code Smell
Advanced static analysis with hundreds of valuable rules
Unique rules find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C++ code using
Symbolic execution
Path-sensitive analysis
Cross-function, cross-file analysis
We gather the information required for analysis by unobtrusively monitoring your build. Our Build Wrapper gathers all the configuration required for correct analysis of your C++ projects without impacting your build, so analysis is compatible with make, xcodebuild, MSBuild, and any other tool that performs a full build
Analyzing a large project can be cumbersome. We give you the tools to speed it up.
Incremental analysis lets you cache the results of analysis so subsequent analyses can check only what changed in the new build.
Most machines are multi-core, and analysis can be too. Configure how many threads your analysis uses to make the most of your infrastructure.
A sample of available Maintainability rules
Reliability rules
Security rules
Demos: How it fits into your dev workflow
How it fits into your toolchain
Pricing, summary and questions
SonarQube analysis integrates seamlessly into your environment.
Your build
We support the common operating systems and most popular compilers
Windows, Linux, macOS
Clang, GCC, MSVC, ARM, QNX compilers
Intel compilers for Linux, macOS
Compilers based wholly on GCC including Linaro GCC
Wind River Diab and GCC
IAR compilers for 8051, ARM, AVR32, AVR, Renesas RL78, Renesas RX, Renesas V850, Renesas H8, and Texas Instruments MSP430
Texas Instruments compilers on Windows and macOS for ARM, C2000, C6000, C7000, MSP430, PRU
Your standards
We provide hundreds of rules that target the following standards:
Classical and modern C++: C++98, C++03, C++ 11, C++14, C++17
C++ Core Guidelines
MISRA C++ 2008