Our website uses cookies to enhance your browsing experience.
Accept
to the top
close form

Fill out the form in 2 simple steps below:

Your contact information:

Step 1
Congratulations! This is your promo code!

Desired license type:

Step 2
Team license
Enterprise license
** By clicking this button you agree to our Privacy Policy statement
close form
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
* By clicking this button you agree to our Privacy Policy statement

close form
Free PVS‑Studio license for Microsoft MVP specialists
* By clicking this button you agree to our Privacy Policy statement

close form
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

close form
I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

close form
check circle
Message submitted.

Your message has been sent. We will email you at


If you do not see the email in your inbox, please check if it is filtered to one of the following folders:

  • Promotion
  • Updates
  • Spam

Webinar: C++ semantics - 06.11

>
PVS‑Studio analyzer

PVS‑Studio is a static analyzer on guard of code quality, security (SAST), and code safety

1. Download
2. Request trial
3. Request pricing
1. Download
Download the PVS‑Studio analyzer distribution
--Choose platform--
Linux
macOS
Windows
--Choose language--
C, C++
C#
Java
--Distribution format--
rpm
deb
tgz
rpm
deb
tar.gz
pkg
tgz
tar.gz
exe
exe
exe
Quick launch
Download
2. Request trial
Request our trial key to test the analyzer's abilities
--Select a license type--
Team license
Enterprise license
** By clicking this button you agree to our Privacy Policy statement

3. Request pricing
Request our prices
--Select currency--
USD
EUR
* By clicking this button you agree to our Privacy Policy statement

What is PVS‑Studio?

product video en

If you are asking: "What is PVS‑Studio?" - this video answers your question.

Here we'll talk about the most important topics and aspects related to the PVS‑Studio static analyzer. You'll find out not just how PVS‑Studio can help you - but also what mechanisms and approaches it uses.

Or you can view the presentation about the product features.

When it is time to use the PVS‑Studio analyzer
For a developer
You make occasional mistakes during development
Debugging when searching for errors is time consuming
Errors get into the version control system
Once an error is found by QA specialists, it’s difficult to debug that code
For a security professional
Difficulties with external code audit
Potential customers require the use of such tools
Clients require to use security and safety standards in development
How PVS‑Studio finds potential vulnerabilities
cwe diagram small

PVS‑Studio detects various errors – typos, dead code, and potential vulnerabilities (Static Application Security Testing, SAST).

The analyzer matches warnings to the Common Weakness Enumeration, SEI CERT Coding Standards, and supports the MISRA standard.

Click the links below to see PVS‑Studio warning classifications for various standards:

You can integrate PVS‑Studio into
Embedded
Keil
Keil µVision, DS-MDK
IAR Embedded Workbench
IAR Embedded Workbench
QNX
QNX Momentics
TI ARM Code Generation
TI ARM Code Generation
Virtualization
WSL
WSL
Supported languages and compilers

Windows

Visual Studio, C, C++, C++/CLI, C++/CX (WinRT)

MinGW C, C++

Texas Instruments Code Composer Studio, C6000-CGT, C, C++

Windows/Linux/macOS

GNU Arm Embedded Toolchain, Arm Embedded
GCC compiler, C, C++

GNU toolchain for RISC-V, C, C++

CLion, Qt Creator, Eclipse, GCC, Clang, C, C++

IntelliJ IDEA, Android Studio, Java

Visual Studio, JetBrains Rider, C#, .NET Framework, .NET

Windows/Linux

IAR Embedded Workbench, C/C++ Compiler for ARM C, C++

QNX Momentics, QCC C, C++

Keil µVision, DS-MDK, ARM Compiler 5/6 C, C++

Texas Instruments Code Composer Studio, ARM Code
Generation Tools C, C++

MPLAB XC8 C

Getting started with PVS‑Studio is easy

Trying for the first time?
Check the most interesting warnings

A special filter chooses those warnings that most likely indicate an error.

Integrating PVS-Studio into the project?
Hide the warnings on the legacy code

This way you will only work with warnings issued on the newly written code.

PVS‑Studio license types
Team License
Enterprise License
Command line
Check!
Check!
Visual Studio
Check!
Check!
IntelliJ IDEA
Check!
Check!
Rider
Check!
Check!
CLion
Check!
Check!
Jenkins
Check!
Check!
TeamCity
Check!
Check!
Quality
Check!
Check!
Safety
Check!
Check!
Security
Check!
Check!
SonarQube
No check
Check!
Analysis of commits
No check
Check!
Incredibuild
No check
Check!
Unreal Engine
No check
Check!
Notifications
Check!
Check!
Request a trial key
Request pricing
Request a trial key
Request pricing
Request a trial key
Request pricing
Problem types that PVS‑Studio detects
Quality
Typos
Null pointer/reference dereference
Array index out of bounds
Incorrect shift operations
and others.
Safety
Customers choose PVS‑Studio for...
Expert technical support

Over the years, we have built a team of proven code analysis experts. Clients get support directly from our analyzer developers.

Offline use availability

You can use our analyzer offline. This includes the installation, activation, launch, source code analysis, and all other use case scenarios. This is a perfect solution for companies that employ isolated development environments and develop software for finance or government sectors.

Ease of use

To take a quick peek at the analyzer, use the compilation monitoring system. It is designed for Windows and Linux and does not require you to integrate PVS‑Studio into a project.

Diagnostic abilities

We have developed more than 900 diagnostic rules and add new ones every month.

Cross-platform integration

Many apps are created for several platforms to meet the current market's demand. Our cross-platform analyzer provides such clients with full code coverage.

Easy-to-use analyzer reports

The analyzer reports are available in Html, Xml, Csv, Txt, Json, CompileError, TaskList, TeamCity formats. The report generator itself is posted on GitHub for custom modifications.

Convenient CLI

You can choose one of the three easy approaches: run the analyzer from the command line, integrate it into a build script or CI.

Plugins

To enhance interaction with the analyzer, we provide plugins for Visual Studio, IntelliJ IDEA, Rider, SonarQube, Jenkins, and other similar products.

Mode for checking Legacy code

Some clients are uncertain about introducing an analyzer into their development process because of the large code base. PVS‑Studio accommodates these clients by introducing Legacy code checking mode. You can install PVS‑Studio, hide warnings for old (Legacy) code until later, and use the analyzer to check new code.

Dealing with false alarms

Static analysis implies you’ll get false warnings. In addition to contacting our support, users have many ways to deal with false positives. This makes the work with the analyzer very convenient.

The number of diagnostics
in PVS‑Studio increases each year
Number of diagnostics
Number of diagnostics
Release dates (indicated by dots on the graph)
How does PVS‑Studio do all this?
based on compilation parameters
Preprocessing of C and C++ source files (based on compilation parameters) allows to expand preprocessor directives, i.e. to include header files and to substitute macros. The analyzer uses this feature to build the most complete semantic model of the analyzed code.
The pattern-based analysis
The pattern-based analysis that is based on an abstract syntax tree searches for fragments in the source code that are similar to the known code patterns with an error.
Method annotations
Method annotations provide more information about the used methods than one can obtain by analyzing only their signatures.
Data-flow analysis
Data-flow analysis is used to evaluate limitations that are imposed on variable values when processing various language constructs. For example, data-flow analysis helps evaluate values that a variable can take inside if/else blocks.
Type inference
Type inference that is based on a program semantic model provides the analyzer with full information about all variables and statements in the code.
Symbolic execution
Symbolic execution evaluates variables' values that can lead to errors, performs checks of values' range.
Tainted data analysis
Tainted data analysis detects cases when an application uses unverified user data. Trusting such data excessively may cause vulnerabilities (for example, SQLI, XSS, path traversal).
Intermodular analysis
Intermodular analysis enables the diagnostics to account for functions declared in other translation units.
Software composition analysis
Software composition analysis (SCA) looks for the application dependencies on components that contain vulnerabilities.