devops

PVS-Studio 6.21 release: support for CWE (Common Weakness Enumeration) was added

PVS-Studio is a tool for bug detection in the source code of programs, written in C, C++, and C#. It works in Windows and Linux environment.

PVS-Studio 6.21 Release

by PVS-Studio Team

What's new:

  • Support for CWE (Common Weakness Enumeration) was added to C/C++/C# analyzers.
  • HTML log with source code navigation can now be saved from Visual Studio plug-ins and the Standalone tool.
  • WDK (Windows Driver Kit) projects for Visual Studio 2017 are now supported.
  • PVS-Studio plug-in for SonarQube was updated for the latest LTS version 6.7.
  • V1007. The value from the uninitialized optional is used. Probably it is a mistake.

Speeding up the Build of C and C++ Projects

Many programmers know firsthand that C and C++ program builds very long. Someone solves this problem by sword-fighting at build time, someone is going to the kitchen to "grab some coffee". This article is for those who are tired of this, and who decided it is time to do something about it.

Speeding up the Build of C and C++ Projects

by Phillip Khandeliants

From the article:

If your operating system uses ELF format object files (Unix-like systems), you can replace the GNU ld linker with GNU gold. GNU gold comes with binutils starting from the version 2.19, and is activated by the flag -fuse-ld=gold. In CMake it can be activated, for example, by the following code.

 

PVS-Studio Reports Now in Html

FullHtml is a full-fledged report format for viewing analysis results.

PVS-Studio Reports Now in Html

by Svyatoslav Razmyslov

From the article:

It allows you to search for and sort messages by type, file, level, code, and warning text. What makes it special is that it allows you to navigate faulty fragments in the source files pointed out by the analyzer. The reported source files themselves are copied to Html and become part of the report. To see how FullHtml really looks like, I converted in this format one of the latest reports, which I've used when writing the article about the MuseScore project: MuseScoreHtml.7z.

Useful Improvements in the PVS-Studio 6.17 Release

In this version there are improvements, which, in my opinion, deserve a small note.

Useful Improvements in the PVS-Studio 6.17 Release

by Andrey Karpov

From the article:

A much more interesting feature is that a mechanism of virtual values was significantly redesigned in the kernel of C++ analyzer. For example, now the analyzer performs a double loop passage, which allows it to define the range of possible values of variables, changing in a loop, more accurately. So don't be surprised if the analyzer starts issuing many warnings for that code which used to seem correct for the analyzer.

PVS-Studio 6.16 released

PVS-Studio is a static code analyzer that detects errors and potential vulnerabilities in the source code of programs written in C/C++/C#. Version 6.16 has obtained 11 new general analysis diagnostics.

PVS-Studio 6.16 released

by Andrey Karpov

About the release:

In a sense, this is a milestone for us. The thing is that we cannot add more numbers of general analysis warnings, otherwise they will concur with the numbers of micro-optimization diagnostics. It seemed to us that the list of 300 diagnostics was endless, but now it is over and we got to the point of 800, where we have micro-optimization diagnostics. In the next release we plan to resume numbering the general-analysis warnings with V1000. Download and enjoy the new version of PVS-Studio now by clicking here.

P.S. How to use PVS-Studio for Free.

How to use PVS-Studio for free

We want to help the software world improve the quality of their code, and get to know static analysis tools better. We are giving the opportunity to use PVS-Studio static code analyzer for free, for educational purposes, so that individual developers and enthusiastic teams could also fully use it.

How to use PVS-Studio for free

by Andrey Karpov

From the article:

Some developers may say that they don't want to see two additional lines of code at the beginning of the file with the comments not related to the project itself. It is their right, and they may simply not use the tool. Or they can purchase a commercial license, and use it without any restrictions. We see these comments as a gratuity for the provided license, and also as an additional way to promote our product. I think it's a good, fair exchange.