.NET code review made easier with tools

Following are the code review tools:

  1. Code Analysis
  2. Concurrency Analyzer (multithreaded app performance)
  3. Performance Analysis
  4. Code Metrics
  5. Code Redundancy
  6. FxCop (Review Tool)
  7. Logical checks [Pending]
  8. Code Digger (analyzes possible execution paths through your .NET code.)
  9. SSW Code Auditor (ensures code quality)

Code Analysis

In Visual Studio 2012, Microsoft provided features to analyze the code. This can be done in following steps:

1. Open the solution in which the projects that you want to analyze are present.

2. You can analyze full solution or any of the project in that solution.

3. Go to Analyze -> Configure code analysis for solution. It will open a window where you can change Code Analysis Settings.


4. You can choose from the Rule Set as Basic Correctness rules, design rules or Microsoft all rules etc as required.



5. You can change: Configuration and platform also as required. Once configuration is completed then you can analyze the code.

6. Go to Analyze -> Click Run Code Analysis for Solution or Press Alt+F11

7. Once the analysis is completed, a “Code Analysis” window will appear beside solution explorer listing all the errors. When you click on that            error, it will show you the location of that error.

8. From this window you can analyze again full solution or a particular project in that solution by choosing from the above dropdown.

9. Also it provides a settings icon from where you can change the settings again.



Concurrency Analyzer (multithreaded app performance)

Visual Studio provides in-built “Concurrency Visualizer” to examine the multithreaded app performance.



  1. Go to Analyze -> Concurrency Visualizer -> Start with Current Project (Shift+Alt+F5)
  2. It may ask you to use install symbols. Once you click Yes, then it will automatically generate a report.

Performance Analysis

Visual Studio provides in-built feature to analyze the performance of the code. Steps to do performance analysis are as follows:

1. Configure Performance Analysis by Selecting the profiling method as follows:

    1. Go to Analyze -> Launch performance Wizard
    2. Select the method of Profiling as “CPU Sampling”
    3. Next -> Select project and finish


2. Go to Analyze -> Start Analysis (Alt+F2)

3. It will first do the profiling and then start the performance analysis and gives the reports and a Error List.


4. The Report can be exported.



Code Metrics (Measuring Complexity)

The increased complexity of modern software applications also increases the difficulty of making the code reliable and maintainable. In recent years, many software measures, known as code metrics, have been developed that can help developers understand where their code needs rework or increased testing.

Developers can use Visual Studio Application Lifecycle Management to generate code metrics data that measure the complexity and maintainability of their managed code. Code metrics data can be generated for an entire solution or a single project.

Steps to do:

  1. Go to Analyze -> Calculate Code Metrics for Solution
  2. It analyzes and gives the output



Code Redundancy

This feature is available in only “Ultimate and Premium” editions of Visual Studio 2012

Steps to do:

  1. Go to Analyze -> Analyze Solution for Code Clones.
  2. Methods that are less than 10 statements long are not scanned by this command.
  3. You can clone a set of statements by selecting that code -> Right Click there -> Choose Find matching clones in solution.

FxCop (Framework Police)

It is a code analysis tool that checks managed code assemblies for Microsoft’s .NET Framework design guidelines and custom guidelines. Using this tool, we can make sure about the coding standards like naming conventions, classes designing, performance etc.

Initial step is to install FxCop setup in your machine. It is a free tool which can be easily available on internet or you can use this link http://www.microsoft.com/en-in/download/details.aspx?id=6544

After installing FxCop, you can use it in two different ways:

  1. Launching FxCop Application directly from All Programs list.
  2. Launching FxCop as an External Tool in Visual Studio.

1.    Launching FxCop Application directly from All Programs list.

Go to Start Menu -> All Programs -> “Microsoft FxCop” option and then click on Microsoft FxCop. It will launch an empty window as shown below having three panes (sub-windows).



Now Go to the Project Menu and click on “Add Targets…” Select the project EXE or DLL whose managed code you want to check. Then begin analysis by clicking Analyze button, the screen will look like as below:



The Message Pane will shows the list of all the active messages. These messages are the errors and warning that FxCop has found with the last analysis performed. You can select any one of the message in Message Pane, it will show the message details like error level, certainty and the resolution to resolve it.

You can also save the analysis report from File Menu -> Save Report As. The report will be stored as an XML document which will store all the message on assembly level, type level and member level.

2.    Launching FxCop as an External Tool in Visual Studio.

Open the project in Visual Studio, then go to Tools -> External Tools -> click Add. Enter the following details in the respective textbox for the newly created External Tool.

  • Title: FxCop
  • Command: C:\Program Files (x86)\Microsoft Fxcop 10.0\FxCopCmd.exe
  • Arguments: /c /searchgac /f:$(TargetPath) /d:$(BinDir)
  • Initial directory: C:\Program Files (x86)\Microsoft FxCop 10.0

Note: Make sure to mention the correct directory path where FxCop program is being installed and “Use Output Window” checkbox is checked.

After adding the above details, the dialog box will appear as below:



You can also add your custom rules DLLs which you want to apply on the project and place them in the same path where FxCop rules are present like c:\Program Files (x86)\Microsoft FxCop 1.36\Rules

Now you need to run the tool. Go to Tools -> FxCop. The Visual Studio Output window will show the FxCop analysis result.

So this tool can help developers in following the best coding practice by analyzing the code.

Code Digger

Link : http://research.microsoft.com/en-us/projects/codedigger/gettingstarted.aspx

Code Digger analyzes possible execution paths through your .NET code. The result is a table where each row shows a unique behavior of your code. The table helps you understand the behavior of the code, and it may also uncover hidden bugs.

Through the new context menu item “Generate Inputs / Outputs Table” in the Visual Studio editor, you can invoke Code Digger to analyze your code. Code Digger computes and displays input-output pairs. Code Digger systematically hunts for bugs, exceptions, and assertion failures.

Out of the box, Code Digger only works on public .NET code that resides in Portable Class Libraries. But if you want to use it over any .NET code, then follow the following steps:

  1. Go to Tools -> Extensions & Updates -> Online section -> Search “Code Digger” and download and install it.
  2. Restart Visual Studio
  3. Go To Tools -> Options -> Pex -> General -> Under Code Digger


4. Go to any function right click and analyze as follows:



SSW Code Auditor

SSW Code Auditor is a code analysis tool that allows developers to take control of your code, ensuring large, complex source code can be simplified, cleaned and maintained.

SSW Code Auditor utilizes the power of Regular Expressions to audit your code. This powerful feature permits the user to write their own set of rules and have different rules for different projects.

Link: http://visualstudiogallery.msdn.microsoft.com/2859b7a1-9b11-4cbe-abde-f1718aa395ab?SRC=VSIDE



  1. Go to Tools -> Extensions & Updates -> Online section -> Search “SSW Code Auditor” and download and install it.
  2. Restart Visual Studio
  3. SSW Code Auditor will be now available on the Visual Studio menu
  4. Rest steps can be read from here



About the Author

Aarti Ahuja

Aarti Ahuja

Related Posts