pvs-studio

PVS-Studio 7.26: running analysis in VS Code and Qt Creator, integration with DefectDojo, and more

PVS-Studio 7.26 has been released. Now you can run the analysis in plugins for VS Code and Qt Creator; upload the analysis results to DefectDojo, and more. In this note, we'll take a closer look at these and other enhancements.

PVS-Studio 7.26: running analysis in VS Code and Qt Creator, integration with DefectDojo, and more

by Sergey Vasiliev

From the article:

Now the PVS-Studio plugins for Visual Studio Code and Qt Creator support the analysis of C and C++ projects. Moreover, the plugins support mass suppression of analyzer warnings (with the help of suppress files). This mechanism enables you to hide warnings for legacy code and work only with new warnings. In this way, the integration of the analyzer into the project will be much easier.

PVS-Studio 7.25: support for latest versions of Qt Creator, Rider, and more

PVS-Studio 7.25 has been released. In this version, we implemented the support of Qt Creator 10 and Rider 2022.2.3 (and higher), updated the libraries used by the analyzer, enhanced the documentation — and that's not all!

PVS-Studio 7.25: support for latest versions of Qt Creator, Rider, and more

by Nikita Lipilin

From the article:

When checking C++ projects that use MSBuild, PVS-Studio did not use the full power of Intel's 12th generation processors (for example, i7-12700, i9-12900). Apparently, the analysis processes were running only on energy-saving cores, while the rest remained idle. In the new version of PVS-Studio, the error has been fixed. Now the analyzer fully loads the processors and works much faster.

PVS-Studio in 2022

It's January 2023, which means it's time to look back at our achievements in 2022. In this article, we'll tell you what we accomplished and show you what features appeared in PVS-Studio in 2022. Let's go.

PVS-Studio in 2022

by Polina Alekseeva

From the article:

Speaking of cross-platform. As of now, the analyzer runs on Windows, Linux, and macOS on the x86_64 architecture. It is currently impossible to run the analyzer natively on the same operating systems under ARM (except for C and C++ analyzer on ARM-based macOS: you can run it via Rosetta). We're wondering if there are many people among our readers who want to natively use the analyzer on ARM. How critical is the build and analysis of projects on the ARM architecture for you?

Top 10 bugs found in C++ projects in 2022

New Year is coming! It means, according to tradition, it's time to recall 10 of the most interesting warnings that PVS-Studio found during 2022.

Top 10 bugs found in C++ projects in 2022

by Vladislav Stolyarov

From the article:

Here the analyzer detected that a function, marked as noexcept, calls a function that throws an exception. If an exception arises from the nothrow function's body, the nothrow function calls std::terminate, and the program crashes. It could make sense to wrap the setName function in the function-try-block and process the exceptional situation there — or one could use something else instead of generating the exception.

PVS-Studio 7.22: Visual Studio Code, Qt Creator, .NET 7

PVS-Studio 7.22 has been released. It includes plugins for Visual Studio Code and Qt Creator, support of .NET 7 projects analysis, enhanced Best Warnings filter and new diagnostic rules.

PVS-Studio 7.22: Visual Studio Code, Qt Creator, .NET 7

by Sergey Vasiliev

From the article:

New plugins provide even more options for cross-platform work. Now you can use them to work with logs: view warnings, filter them, sort them in a grid, etc. You can't run the analysis yet — we plan to add this feature in future releases.

PVS-Studio and RPCS3: the best warnings in one click

Best Warnings — the analyzer's mode that displays 10 most interesting warnings in the output window. We invite you to take a look at the updated Best Warnings mode on the example of the RPCS3 project check.

PVS-Studio and RPCS3: the best warnings in one click

by Alexander Kurenev

From the article:

Best Warnings is a special mechanism for the first acquaintance with the PVS-Studio static analyzer. The full analyzer's log can contain thousands of warnings. Therefore, if you want to evaluate the work of the analyzer and not waste time and effort on viewing a large report that was issued by a not yet configured analyzer, use the Best Warnings mechanism. Open the analyzer's log in the PVS-Studio plugin for Visual Studio and enable Best Warnings.

Examples of errors that PVS-Studio found in LLVM 15.0

Compilers are evolving: they issue more and more warnings. Do developers still need to use static code analyzers like PVS-Studio? Yes, because analyzers are evolving too. In this article you'll see how PVS-Studio can find bugs even in a compiler.

Examples of errors that PVS-Studio found in LLVM 15.0

by Andrey Karpov

From the article:

It's a cool bug, although it's not scary. There is no semicolon after the return statement. As a result, the code does not work as it looks.

void FunctionLoweringInfo::ComputePHILiveOutRegInfo(const PHINode *PN) {
  ....
  Register DestReg = It->second;
  if (DestReg == 0)
    return
  assert(Register::isVirtualRegister(DestReg) &&
         "Expected a virtual reg");
  LiveOutRegInfo.grow(DestReg);
  ....
}

PVS-Studio 7.21: GitLab Code Quality, Unreal Engine

PVS-Studio 7.21 has been released. This short note describes the analyzer's main enhancements and lists our recent articles and quizzes.

PVS-Studio 7.21: GitLab Code Quality, Unreal Engine

by Sergey Vasiliev

From the article:

New C++ diagnostics:

  • V1090. The 'std::uncaught_exception' function is deprecated since C++17 and is removed in C++20. Consider replacing this function with 'std::uncaught_exceptions'.
  • V1091. The pointer is cast to an integer type of a larger size. Casting pointer to a type of a larger size is an implementation-defined behavior.
  • V1092. Recursive function call during the static/thread_local variable initialization might occur. This may lead to undefined behavior.

PVS-Studio challenge: can you spot an error in C++ code?

PVS-Studio team made an entertaining quiz for you. Try to quickly find a bug in a code fragment. If you spot an error - click on it.

Challenge: can you spot an error in C++ code?

by Andrey Karpov

From the article:

You'll see ten code fragments. If you manage to find an error in under 1 minute, you score one point. The 1-minute limit is made on purpose. Otherwise you'll definitely find all errors — code fragments are short. Anyway, treat this quiz as a game, and not as a real test of your programming skills smile

PVS-Studio 7.19: C++ analyzer now works better with QNX compilers and Unreal Engine 5

Recently, we have released a new PVS-Studio version — 7.19. In this note, we'll tell you about new features in the analyzer, the enhanced documentation, as well as what to read and... what to play.

PVS-Studio 7.19: what's new?

by Sergey Vasiliev

From the article:

Now, you can use PVS-Studio to analyze projects on Unreal Engine 5. For the most part, projects on UE 5 are analyzed in the same way as projects on UE 4. The difference is described in the documentation.