PVS-Studio 7.38: new C++ analyzer core

By Andrey Karpov | Aug 15, 2025 01:42 AM | Tags: sast pvs-studio parser misra

PVS-Studio 7.38 has been released. This version brings the new core for the C and C++ analyzer, the user annotation mechanism in the Java analyzer, enhanced taint analysis, and that's not all! See more details in this note.

PVS-Studio 7.38: new C++ analyzer core, user annotations in Java, enhanced taint analysis, and more

by Aleksandra Uvarova

From the article:

The C and C++ analyzer got a new core with completely redesigned components like a parser, a semantic analyzer, and a type system. The new core provides more accurate handling of template constructs and better parsing of the standard library and code based on modern C++ standards. During the extended testing period (EAP), the new core demonstrated stable performance across a wide range of real-world projects.

PVS-Studio 7.35: MISRA C 2023 support, Qt Creator 15 plugin, and more

By Andrey Karpov | Feb 26, 2025 01:51 PM | Tags: sast qt creator qt pvs-studio misra

PVS-Studio 7.35 has been released. Support for the MISRA C standard, the plugin for Qt Creator 15.x, modified file analysis in Visual Studio, and that's not all.

PVS-Studio 7.35: MISRA C 2023 support, Qt Creator 15 plugin, and more

by Vladislav Bogdanov

From the article:

We've begun work to expand the PVS-Studio's coverage of the MISRA C standard. With the release of 7.35, the first eight diagnostic rules have already been implemented, and more are on the way. The full list of implemented rules is provided below. We plan to cover at least 85% of MISRA C and support the latest version of MISRA C 2023.

PVS-Studio 7.34: support for Apple Silicon ARM64, CodeChecker

By Andrey Karpov | Dec 19, 2024 12:23 AM | Tags: sast pvs-studio codechecker arm64

PVS-Studio 7.34 has been released. Discover the latest features, including support for Apple Silicon processors with ARM64 architecture, .NET 9 project compatibility, the introduction of the taint analysis mechanism in the Java analyzer, and more.

PVS-Studio 7.34: support for Apple Silicon ARM64, CodeChecker

by Aleksandra Uvarova

From the article:

New diagnostic rules. C, C++:

• V1116. Creating an exception object without an explanatory message may result in insufficient logging.
• V1117. The declared function type is cv-qualified. The behavior when using this type is undefined.
• V2022. Implicit type conversion from integer type to enum type.
• V5014. OWASP. Cryptographic function is deprecated. Its use can lead to security issues. Consider switching to an equivalent newer function.

PVS-Studio 7.28: support for ARM, analysis of Unreal Engine projects without Unity Build, and more

By Andrey Karpov | Dec 18, 2023 02:18 AM | Tags: unrealengine unreal engine sast sarif pvs-studio arm

Now you can run the analyzer on the ARM architecture, analyze .NET 8 projects, and check Unreal Engine projects without Unity Build — and there is more to come.

PVS-Studio 7.28: support for ARM, .NET 8, analysis of Unreal Engine projects without Unity Build, and more

by Gleb Aslamov

From the article:

When analyzing Unreal Engine projects with PVS-Studio, we often encounter issues with high memory usage and analysis slowdown. They usually arise when individual translation units are combined into a single file (the Unity Build system). Although the merging of translation units may have a positive impact on the compilation time, the large file size may increase the resource requirements for analysis.

PVS-Studio 7.25: support for latest versions of Qt Creator, Rider, and more

By Andrey Karpov | Jun 15, 2023 04:39 AM | Tags: static code analysis sast qt creator pvs-studio misra devsecops code review

PVS-Studio 7.25 has been released. In this version, we implemented the support of Qt Creator 10 and Rider 2022.2.3 (and higher), updated the libraries used by the analyzer, enhanced the documentation — and that's not all!

PVS-Studio 7.25: support for latest versions of Qt Creator, Rider, and more

by Nikita Lipilin

From the article:

When checking C++ projects that use MSBuild, PVS-Studio did not use the full power of Intel's 12th generation processors (for example, i7-12700, i9-12900). Apparently, the analysis processes were running only on energy-saving cores, while the rest remained idle. In the new version of PVS-Studio, the error has been fixed. Now the analyzer fully loads the processors and works much faster.

PVS-Studio in 2022

By Andrey Karpov | Jan 19, 2023 09:33 AM | Tags: visualstudio unrealengine5 unrealengine ue5 sast qtcreator pvs-studio gitlabcodequality embedded clion

It's January 2023, which means it's time to look back at our achievements in 2022. In this article, we'll tell you what we accomplished and show you what features appeared in PVS-Studio in 2022. Let's go.

PVS-Studio in 2022

by Polina Alekseeva

From the article:

Speaking of cross-platform. As of now, the analyzer runs on Windows, Linux, and macOS on the x86_64 architecture. It is currently impossible to run the analyzer natively on the same operating systems under ARM (except for C and C++ analyzer on ARM-based macOS: you can run it via Rosetta). We're wondering if there are many people among our readers who want to natively use the analyzer on ARM. How critical is the build and analysis of projects on the ARM architecture for you?

PVS-Studio 7.20: Unreal Engine, SAST, SCA

By Andrey Karpov | Aug 18, 2022 01:40 AM | Tags: unreal engine 5 unreal engine ue5 scoped_lock sast pvsstudio

The bug related to Unreal Engine's inability to find PVS-Studio by the default path is finally fixed. Starting from Unreal Engine 5.0.3. you you can analyze projects without any workarounds. We've also enhanced the analysis of UE projects: you'll see more true warnings and fewer false ones.

PVS-Studio 7.20: Unreal Engine, SAST, SCA

by Sergey Vasiliev

From the article:

New diagnostics for C, C++:

• V1086. Call of the 'Foo' function will lead to buffer underflow.
• V1087. Upper bound of case range is less than its lower bound. This case may be unreachable.
• V1088. No objects are passed to the 'std::scoped_lock' constructor. No locking will be performed. This can cause concurrency issues.
• V1089. Waiting on condition variable without predicate. A thread can wait indefinitely or experience a spurious wake up.

CWE Top 25 2022. Review of changes

By Andrey Karpov | Jul 20, 2022 10:43 AM | Tags: sast devsecops cwetop25 cwe25 cwe

The CWE Top 25 list reflects the most serious software security weaknesses. I invite you to read the updated top list to become aware of the changes happened over the past year.

CWE Top 25 2022. Review of changes

by Mikhail Gelvih

From the article:

Below is a table of correspondence between the CWE Top 25 2022 list and the PVS-Studio diagnostic rules, divided by programming languages. You can always check the most up-to-date table with CWE Top 25 coverage on our website.

PVS-Studio 7.19: C++ analyzer now works better with QNX compilers and Unreal Engine 5

By Andrey Karpov | Jun 24, 2022 02:06 AM | Tags: unreal engine 5 ue5 sast qnx pvs-studio

Recently, we have released a new PVS-Studio version — 7.19. In this note, we'll tell you about new features in the analyzer, the enhanced documentation, as well as what to read and... what to play.

PVS-Studio 7.19: what's new?

by Sergey Vasiliev

From the article:

Now, you can use PVS-Studio to analyze projects on Unreal Engine 5. For the most part, projects on UE 5 are analyzed in the same way as projects on UE 4. The difference is described in the documentation.

PVS-Studio 7.16, expanding the horizons: MISRA C, Visual Studio 2022, .NET 6

By Andrey Karpov | Dec 10, 2021 02:39 AM | Tags: vs2022 visual studio 2022 sast pvs-studio misra c misra

This is the latest release of PVS-Studio in 2021. With it, the PVS-Studio team accomplishes several important goals. Now, PVS-Studio supports Visual Studio 2022 (.NET 6, C# 10.0). We implemented all diagnostics categorized as Mandatory in MISRA C.

PVS-Studio 7.16, expanding the horizons: MISRA C, Visual Studio 2022, .NET 6

by Andrey Karpov

From the article:

PVS-Studio supports 80% of the MISRA C standard for safety and security. The tool fully covers the warnings categorized as Mandatory and most of the warnings from the Required category.