- PVS-Studio 6.27 (December 3, 2018)
- PVS-Studio 6.26 (October 18, 2018)
- PVS-Studio 6.25 (August 20, 2018)
- PVS-Studio 6.24 (June 14, 2018)
- PVS-Studio 6.23 (March 28, 2018)
- PVS-Studio 6.22 (February 28, 2018)
- PVS-Studio 6.21 (January 15, 2018)
- PVS-Studio 6.20 (December 1, 2017)
- PVS-Studio 6.19 (November 14, 2017)
- PVS-Studio 6.18 (September 26, 2017)
- PVS-Studio 6.17 (August 30, 2017)
- PVS-Studio 6.16 (June 28, 2017)
- PVS-Studio 6.15 (April 27, 2017)
- PVS-Studio 6.14 (March 17, 2017)
- PVS-Studio 6.13 (January 27, 2017)
- PVS-Studio 6.12 (December 22, 2016)
- PVS-Studio 6.11 (November 29, 2016)
- PVS-Studio 6.10 (October 25, 2016)
- PVS-Studio 6.09 (October 6, 2016)
- PVS-Studio 6.08 (August 22, 2016)
- PVS-Studio 6.07 (August 8, 2016)
- PVS-Studio 6.06 (July 7, 2016)
- PVS-Studio 6.05 (June 9, 2016)
- PVS-Studio 6.04 (May 16, 2016)
- PVS-Studio 6.03 (April 5, 2016)
- PVS-Studio 6.02 (March 9, 2016)
- PVS-Studio 6.01 (February 3, 2016)
- PVS-Studio 6.00 (December 22, 2015)
- PVS-Studio 5.31 (November 3, 2015)
- PVS-Studio 5.30 (October 29, 2015)
- PVS-Studio 5.29 (September 22, 2015)
- PVS-Studio 5.28 (August 10, 2015)
- PVS-Studio 5.27 (July 28, 2015)
- PVS-Studio 5.26 (June 30, 2015)
- PVS-Studio 5.25 (May 12, 2015)
- PVS-Studio 5.24 (April 10, 2015)
- PVS-Studio 5.23 (March 17, 2015)
- PVS-Studio 5.22 (February 17, 2015)
- PVS-Studio 5.21 (December 11, 2014)
- PVS-Studio 5.20 (November 12, 2014)
- PVS-Studio 5.19 (September 18, 2014)
- PVS-Studio 5.18 (July 30, 2014)
- PVS-Studio 5.17 (May 20, 2014)
- PVS-Studio 5.16 (April 29, 2014)
- PVS-Studio 5.15 (April 14, 2014)
- PVS-Studio 5.14 (March 12, 2014)
- PVS-Studio 5.13 (February 5, 2014)
- PVS-Studio 5.12 (December 23, 2013)
- PVS-Studio 5.11 (November 6, 2013)
- PVS-Studio 5.10 (October 7, 2013)
- PVS-Studio 5.06 (August 13, 2013)
- PVS-Studio 5.05 (May 28, 2013)
- PVS-Studio 5.04 (May 14, 2013)
- PVS-Studio 5.03 (April 16, 2013)
- PVS-Studio 5.02 (March 6, 2013)
- PVS-Studio 5.01 (February 13, 2013)
- PVS-Studio 5.00 (January 31, 2013)
- PVS-Studio 4.77 (December 11, 2012)
- PVS-Studio 4.76 (November 23, 2012)
- PVS-Studio 4.75 (November 12, 2012)
- PVS-Studio 4.74 (October 16, 2012)
- PVS-Studio 4.73 (September 17, 2012)
- PVS-Studio 4.72 (August 30, 2012)
- PVS-Studio 4.71 (July 20, 2012)
- PVS-Studio 4.70 (July 3, 2012)
- PVS-Studio 4.62 (May 30, 2012)
- PVS-Studio 4.61 (May 22, 2012)
- PVS-Studio 4.60 (April 18, 2012)
- PVS-Studio 4.56 (March 14, 2012)
- PVS-Studio 4.55 (February 28, 2012)
- PVS-Studio 4.54 (February 1, 2012)
- PVS-Studio 4.53 (January 19, 2012)
- PVS-Studio 4.52 (December 28, 2011)
- PVS-Studio 4.51 (December 22, 2011)
- PVS-Studio 4.50 (December 15, 2011)
- PVS-Studio 4.39 (November 25, 2011)
- PVS-Studio 4.38 (October 12, 2011)
- PVS-Studio 4.37 (September 20, 2011)
- PVS-Studio 4.36 (August 31, 2011)
- PVS-Studio 4.35 (August 12, 2011)
- PVS-Studio 4.34 (July 29, 2011)
- PVS-Studio 4.33 (July 21, 2011)
- PVS-Studio 4.32 (July 15, 2011)
- PVS-Studio 4.31 (July 6, 2011)
- PVS-Studio 4.30 (June 23, 2011)
- PVS-Studio 4.21 (May 20, 2011)
- PVS-Studio 4.20 (April 29, 2011)
- PVS-Studio 4.17 (April 15, 2011)
- PVS-Studio 4.16 (April 1, 2011)
- PVS-Studio 4.15 (March 17, 2011)
- PVS-Studio 4.14 (March 2, 2011)
- PVS-Studio 4.13 (February 11, 2011)
- PVS-Studio 4.12 (February 7, 2011)
- PVS-Studio 4.11 (January 28, 2011)
- PVS-Studio 4.10 (January 17, 2011)
- PVS-Studio 4.00 (December 24, 2010)
- PVS-Studio 4.00 BETA (November 24, 2010)
- PVS-Studio 3.64 (27 September 2010)
- PVS-Studio 3.63 (10 September 2010)
- PVS-Studio 3.62 (16 August 2010)
- PVS-Studio 3.61 (22 July 2010)
- PVS-Studio 3.60 (10 June 2010)
- PVS-Studio 3.53 (7 May 2010)
- PVS-Studio 3.52 (27 April 2010)
- PVS-Studio 3.51 (16 April 2010)
- PVS-Studio 3.50 (26 March 2010)
- PVS-Studio 3.44 (21 January 2010)
- PVS-Studio 3.43 (28 December 2009)
- PVS-Studio 3.42 (9 December 2009)
- PVS-Studio 3.41 (30 November 2009)
- PVS-Studio 3.40 (23 November 2009)
- PVS-Studio 3.30 (25 September 2009)
- PVS-Studio 3.20 (7 September 2009)
- PVS-Studio 3.10 (10 August 2009)
- PVS-Studio 3.00 (27 July 2009)
- VivaMP 1.10 (20 April 2009)
- VivaMP 1.00 (10 March 2009)
- VivaMP 1.00 beta (27 November 2008)
- Viva64 2.30 (20 April 2009)
- Viva64 2.22 (10 Mach 2009)
- Viva64 2.21 (27 November 2008)
- Viva64 2.20 (15 October 2008)
- Viva64 2.10 (05 September 2008)
- Viva64 2.0 (09 July 2008)
- Viva64 1.80 (03 February 2008)
- Viva64 1.70 (20 December 2007)
- Viva64 1.60 (28 August 2007)
- Viva64 1.50 (15 May 2007)
- Viva64 1.40 (1 May 2007)
- Viva64 1.30 (17 March 2007)
- Viva64 1.20 (26 January 2007)
- Viva64 1.10 (16 January 2007)
- Viva64 1.00 (31 December 2006)
Please read actual release history here.
PVS-Studio 6.27 (December 3, 2018)
- Analyzer log conversion tools (plog converter) source code is now available at our GitHub portal: https://github.com/viva64
- PVS-Studio now supports MISRA C and MISRA C++ software development guidelines. The number of supported MISRA rules will gradually increase in the future analyzer releases.
- V2501. MISRA. Octal constants should not be used.
- V2502. MISRA. The 'goto' statement should not be used.
- V2503. MISRA. Implicitly specified enumeration constants should be unique – consider specifying non-unique constants explicitly.
- V2504. MISRA. Size of an array is not specified.
- V2505. MISRA. The 'goto' statement shouldn't jump to a label declared earlier.
- V2506. MISRA. A function should have a single point of exit at the end.
- V2507. MISRA. The body of a loop\conditional statement should be enclosed in braces.
- V2508. MISRA. The function with the 'atof/atoi/atoll/atoll' name should not be used.
- V2509. MISRA. The function with the 'abort/exit/getenv/system' name should not be used.
- V2510. MISRA. The function with the 'qsort/bsearch' name should not be used.
- V2511. MISRA. Memory allocation and deallocation functions should not be used.
- V2512. MISRA. The macro with the 'setjmp' name and the function with the 'longjmp' name should not be used.
- V2513. MISRA. Unbounded functions performing string operations should not be used.
- V2514. MISRA. Unions should not be used.
- V2515. MISRA. Declaration should contain no more than two levels of pointer nesting.
- V2516. MISRA. The 'if' ... 'else if' construct shall be terminated with an 'else' statement.
- V2517. MISRA. Literal suffixes should not contain lowercase characters.
- V2518. MISRA. The 'default' label should be either the first or the last label of a 'switch' statement.
- V2519. MISRA. The 'default' label is missing in 'switch' statement.
- V2520. MISRA. Every switch-clause should be terminated by an unconditional 'break' or 'throw' statement.
- V2521. MISRA. Only the first member of enumerator list should be explicitly initialized, unless all members are explicitly initialized.
- V2522. MISRA. The 'switch' statement should have 'default' as the last label.
- V2523. MISRA. All integer constants of unsigned type should have 'u' or 'U' suffix.
- V2524. MISRA. A switch-label should only appear at the top level of the compound statement forming the body of a 'switch' statement.
- V2525. MISRA. Every 'switch' statement should contain non-empty switch-clauses.
PVS-Studio 6.26 (October 18, 2018)
- Support for analyzing projects for GNU Arm Embedded Toolchain, Arm Embedded GCC compiler was added.
- It is now possible to use pvsconfig files with CLMonitor/Standalone under Windows.
- Letter case is now preserved for analyzed source files in the analyzer's log when analyzing Visual C++ projects (cl.exe, Visual Studio/MSBuild vcxproj projects).
- New incremental analysis mode was added to pvs-studio-analyzer/Cmake module. PVS-Studio CMake module can now be used for Visual C++ (cl.exe) projects under Windows.
- Incremental analysis support was implemented for .NET Core/.NET Standard Visual Studio projects.
- Now it is possible to analyze projects of WAF build automation tool.
- V1021. The variable is assigned the same value on several loop iterations.
- V1022. An exception was thrown by pointer. Consider throwing it by value instead.
- V1023. A pointer without owner is added to the container by the 'emplace_back' method. A memory leak will occur in case of an exception.
- V1024. The stream is checked for EOF before reading from it, but is not checked after reading. Potential use of invalid data.
- V1025. Rather than creating 'std::unique_lock' to lock on the mutex, a new variable with default value is created.
- V1026. The variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow.
- V1027. Pointer to an object of the class is cast to unrelated class.
- V1028. Possible overflow. Consider casting operands, not the result.
- V1029. Numeric Truncation Error. Return value of function is written to N-bit variable.
- V1030. The variable is used after it was moved.
- V1031. Function is not declared. The passing of data to or from this function may be affected.
- V1032. Pointer is cast to a more strictly aligned pointer type.
- V1033. Variable is declared as auto in C. Its default type is int.
- V1034. Do not use real-type variables as loop counters.
- V1035. Only values that are returned from fgetpos() can be used as arguments to fsetpos().
- V2014. Don't use terminating functions in library code.
PVS-Studio 6.25 (August 20, 2018)
- A common suppress file for all projects can now be added to a Visual Studio solution.
- Roslyn and MSBuild libraries used for analyzing Visual Studio projects were updated to support latest C++/C# project types and C# language features.
- Support for multi-target C# projects was improved.
- PVS-Studio CMake module now supports generator expressions and can track implicit dependencies of analyzed files.
- Our website now provides information on using PVS-Studio as a part of security development lifecycle (SDL), as a SAST (Static Application Security Testing) tool. This page contains mappings of analyzer diagnostics rules to the CWE (Common Weakness Enumeration) format and SEI CERT secure coding standard, and the status of our ongoing effort to support MISRA standards.
PVS-Studio 6.24 (June 14, 2018)
- Support for Texas Instruments Code Composer Studio, ARM compiler was added under Windows\Linux.
- Compiler monitoring under Windows now supports saving monitoring data to a dump file and starting the analysis from this dump file. This allows to re-run the analysis without the necessity to re-build the analyzed project each time.
- A new mode for checking individual files was added to the command line analyzer for Visual Studio projects under Windows.
- V1013. Suspicious subexpression in a sequence of similar comparisons.
- V1014. Structures with members of real type are compared byte-wise.
- V1015. Suspicious simultaneous use of bitwise and logical operators.
- V1016. The value is out of range of enum values. This causes unspecified or undefined behavior.
- V1017. Variable of the 'string_view' type references a temporary object which will be removed after evaluation of an expression.
- V1018. Usage of a suspicious mutex wrapper. It is probably unused, uninitialized, or already locked.
- V1019. Compound assignment expression is used inside condition.
- V1020. Function exited without performing epilogue actions. It is possible that there is an error.
PVS-Studio 6.23 (March 28, 2018)
- PVS-Studio is now available on macOS! Now you can analyze C and C++ source code with PVS-Studio not only under Windows/Linux, but also under macOS. The analyzer is available as a pkg installer, tgz archive and through Homebrew package manager. The documentation on using PVS-Studio under macOS is available here.
- V011. Presence of #line directives may cause some diagnostic messages to have incorrect file name and line number.
- V1011. Function execution could be deferred. Consider specifying execution policy explicitly.
- V1012. The expression is always false. Overflow check is incorrect.
PVS-Studio 6.22 (February 28, 2018)
- Analyzing projects for Keil MDK ARM Compiler 5 and ARM Compiler 6 is now supported.
- Analyzing projects for IAR C/C++ Compiler for ARM is now supported.
- V1008. Consider inspecting the 'for' operator. No more than one iteration of the loop will be performed.
- V1009. Check the array initialization. Only the first element is initialized explicitly.
- V1010. Unchecked tainted data is used in expression.
PVS-Studio 6.21 (January 15, 2018)
- Support for CWE (Common Weakness Enumeration) was added to C/C++/C# analyzers.
- HTML log with source code navigation can now be saved from Visual Studio plugins and the Standalone tool.
- WDK (Windows Driver Kit) projects for Visual Studio 2017 are now supported.
- PVS-Studio plugin for SonarQube was updated for the latest LTS version 6.7.
- V1007. The value from the uninitialized optional is used. Probably it is a mistake.
PVS-Studio 6.20 (December 1, 2017)
- You can save analysis results as HTML with full source code navigation.
- You can make the analysis less "noisy" by disabling generation of Low Certainty (Level 3) messages. Just set the NoNoise option.
PVS-Studio 6.19 (November 14, 2017)
- It is now possible to suppress messages from XML log file (.plog) with Windows command line analyzer.
- The performance and stability of message suppression and incremental analysis were improved in Visual Studio plugins for very large (thousands of projects) solutions.
- V1004. The pointer was used unsafely after it was verified against nullptr.
- V1005. The resource was acquired using 'X' function but was released using incompatible 'Y' function.
- V1006. Several shared_ptr objects are initialized by the same pointer. A double memory deallocation will occur.
PVS-Studio 6.18 (September 26, 2017)
- Linux version now has a default location for a license file.
- Linux version now provides a new way to enter credentials.
- Linux version now can generate an HTML analysis report.
- The support of ASP.Net Core projects analysis is added in Windows version.
- Scaling of UI elements on different DPIs was improved in Windows version
- Performance of PVS-Studio output window in Windows version was improved when working with large analyzer reports, sorting the reports by columns, working with a large number of simultaneously selected messages.
- "Send to External Tool" feature was removed from Visual Studio extension.
- Trial mode extension dialogs were substantially redesigned in Visual Studio extension.
- V1002. A class, containing pointers, constructor and destructor, is copied by the automatically generated operator= or copy constructor.
- V1003. The macro is a dangerous, or the expression is suspicious.
PVS-Studio 6.17 (August 30, 2017)
- 15.3 Update supported for Visual Studio 2017.
- Analyzer report can now be saved from Visual Studio plugin and Standalone in txt\csv\html formats without the need to invoke PlogConverter manually.
- The license and setting files are now saved in UTF-8 encoding.
- A list of recently opened logs is added to the menu of Visual Studio plugins.
- Incremental analysis in PVS-Studio_Cmd.exe - the "AppendScan" option was added. Details can be found in the description of PVS-Studio_Cmd utility here.
- A new plugin to display the analysis results in the Jenkins continuous integration system (on Windows)
- A new version of plugin for SonarQube quality control platform for Linux.
- Support for unparsed output from C++ analyzer was added to PlogConverter tool.
- V821. The variable can be constructed in a lower level scope.
- V1001. The variable is assigned but is not used until the end of the function.
- V3135. The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead.
- V3136. Constant expression in switch statement.
- V3137. The variable is assigned but is not used until the end of the function.
PVS-Studio 6.16 (June 28, 2017)
- Clang-based toolsets support for Visual Studio 2015/2017.
- Solution directory can now be used as Source Tree Root in Visual Studio.
- V788. Review captured variable in lambda expression.
- V789. Iterators for the container, used in the range-based for loop, become invalid upon a function call.
- V790. It is odd that the assignment operator takes an object by a non-constant reference and returns this object.
- V791. The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead.
- V792. The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead.
- V793. It is odd that the result of the statement is a part of the condition. Perhaps, this statement should have been compared with something else.
- V794. The copy operator should be protected from the case of this == &src.
- V795. Note that the size of the 'time_t' type is not 64 bits. After the year 2038, the program will work incorrectly.
- V796. A 'break' statement is probably missing in a 'switch' statement.
- V797. The function is used as if it returned a bool type. The return value of the function should probably be compared with std::string::npos.
- V798. The size of the dynamic array can be less than the number of elements in the initializer.
- V799. The variable is not used after memory has been allocated for it. Consider checking the use of this variable.
- V818. It is more efficient to use an initialization list rather than an assignment operator.
- V819. Decreased performance. Memory is allocated and released multiple times inside the loop body.
- V820. The variable is not used after copying. Copying can be replaced with move/swap for optimization.
PVS-Studio 6.15 (April 27, 2017)
- Visual Studio 2017 support improved.
- Fixed issue related to specific .pch files.
- V782. It is pointless to compute the distance between the elements of different arrays.
- V783. Dereferencing of invalid iterator 'X' might take place.
- V784. The size of the bit mask is less than the size of the first operand. This will cause the loss of the higher bits.
- V785. Constant expression in switch statement.
- V786. Assigning the value C to the X variable looks suspicious. The value range of the variable: [A, B].
- V787. A wrong variable is probably used as an index in the for statement.
PVS-Studio 6.14 (March 17, 2017)
- Visual Studio 2017 support added.
- Support of Roslyn 2.0 / C# 7.0 in C# PVS-Studio Analyzer.
- Line highlighting added when viewing the analyzer messages in Visual Studio plugins and Standalone version.
- The issue of checking C++ projects fixed. It could appear during the start of the analysis on the system without an installed Visual Studio 2015 /MSBuild 14.
- V780. The object of non-passive (non-PDS) type cannot be used with the function.
- V781. The value of the variable is checked after it was used. Perhaps there is a mistake in program logic. Check lines: N1, N2.
- V3131. The expression is checked for compatibility with type 'A' but is cast to type 'B'.
- V3132. A terminal null is present inside a string. '\0xNN' character sequence was encountered. Probably meant: '\xNN'.
- V3133. Postfix increment/decrement is meaningless because this variable is overwritten.
- V3134. Shift by N bits is greater than the size of type.
PVS-Studio 6.13 (January 27, 2017)
- Incremental analysis mode is added to the cmd version of the analyzer (PVS-Studio_Cmd.exe). More details can be found in the documentation.
- V779. Unreachable code detected. It is possible that an error is present.
- V3128. The field (property) is used before it is initialized in constructor.
- V3129. The value of the captured variable will be overwritten on the next iteration of the loop in each instance of anonymous function that captures it.
- V3130. Priority of the '&&' operator is higher than that of the '||' operator. Possible missing parentheses.
PVS-Studio 6.12 (December 22, 2016)
- V773. The function was exited without releasing the pointer. A memory leak is possible.
- V774. The pointer was used after the memory was released.
- V775. It is odd that the BSTR data type is compared using a relational operator.
- V776. Potentially infinite loop. The variable in the loop exit condition does not change its value between iterations.
- V777. Dangerous widening type conversion from an array of derived-class objects to a base-class pointer.
- V778. Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'.
- V3123. Perhaps the '??' operator works differently from what was expected. Its priority is lower than that of other operators in its left part.
- V3124. Appending an element and checking for key uniqueness is performed on two different variables.
- V3125. The object was used after it was verified against null. Check lines: N1, N2.
- V3126. Type implementing IEquatable<T> interface does not override 'GetHashCode' method.
PVS-Studio 6.11 (November 29, 2016)
- V771. The '?:' operator uses constants from different enums.
- V772. Calling the 'delete' operator for a void pointer will cause undefined behavior.
- V817. It is more efficient to search for 'X' character rather than a string.
- V3119. Calling a virtual (overridden) event may lead to unpredictable behavior. Consider implementing event accessors explicitly or use 'sealed' keyword.
- V3120. Potentially infinite loop. The variable in the loop exit condition does not change its value between iterations.
- V3121. An enumeration was declared with 'Flags' attribute, but no initializers were set to override default values.
- V3122. Uppercase (lowercase) string is compared with a different lowercase (uppercase) string.
- Support for analyzing Visual C++ projects (.vcxproj) with Intel C++ toolsets was implemented in Visual Studio plugin.
PVS-Studio 6.10 (October 25, 2016)
- We are releasing PVS-Studio for Linux! Now it is possible to check C and C+ source code with PVS-Studio not only under Windows, but under Linux as well. The analyzer is available as packages for the mainstream package management systems, and is easily integratable with most common build systems. The detailed documentation on using PVS-Studio Linux version is available here.
- PVS-Studio for Windows is updated with a new user interface! The update affects Vidual Studio plugin and Standalone PVS-Studio tool.
- PVS-Studio now includes the new BlameNotifier tool. It allows to easily organize e-mail notifications with PVS-Studio analyzer messages of developers responsible for the source code that triggers these messages. Supported VCSs are Git, Svn and Mercurial. A detailed guide on managing the analysis results is available here.
- The support for analyzing MSBuild projects, which are using the Intel C++ compiler, was implemented in the PVS-Studio command line version. The support for Visual Studio is coming in the near future.
- V769. The pointer in the expression equals nullptr. The resulting value is meaningless and should not be used.
- V770. Possible usage of a left shift operator instead of a comparison operator.
PVS-Studio 6.09 (October 6, 2016)
- If all the diagnostic groups of the analyzer (C++ or C#) are disabled, the analysis of projects of the corresponding language won't start.
- We have added proxy support with the authorization during the update check and the trial extension.
- The ability to completely disable C/C++ or C# analyzer in .pvsconfig files (//-V::C++ and //-V::C#) is now supported.
- In the SonarQube plugin implemented functionality for calculating the LOC metric and determining the reliability remediation effort.
- V768. The '!' operator is applied to an enumerator.
- V3113. Consider inspecting the loop expression. It is possible that different variables are used inside initializer and iterator.
- V3114. IDisposable object is not disposed before method returns.
- V3115. It is not recommended to throw exceptions from 'Equals(object obj)' method.
- V3116. Consider inspecting the 'for' operator. It's possible that the loop will be executed incorrectly or won't be executed at all.
- V3117. Constructor parameter is not used.
- V3118. A component of TimeSpan is used, which does not represent full time interval. Possibly 'Total*' value was intended instead.
PVS-Studio 6.08 (August 22, 2016)
- Visual Studio plugin no longer supports analysis from command line with '/command' switch. Please use PVS-Studio_Cmd.exe command line tool instead. The detailed description of the tool is available here.
- V3108. It is not recommended to return null or throw exceptions from 'ToSting()' method.
- V3109. The same sub-expression is present on both sides of the operator. The expression is incorrect or it can be simplified.
- V3110. Possible infinite recursion.
- V3111. Checking value for null will always return false when generic type is instantiated with a value type.
- V3112. An abnormality within similar comparisons. It is possible that a typo is present inside the expression.
PVS-Studio 6.07 (August 8, 2016)
- We are heading towards Linux support! Please read How to run PVS-Studio on Linux.
- PVS-Studio no longer supports 32-bit operating systems. PVS-Studio analyzer (both C++ and C# modules) requires quite a large amount of RAM for its operation, especially when using multiple processor cores during the analysis. The maximum amount of RAM available on a 32-bit system allows correctly running the analyzer on a single core only (i.e. one process at a time). Moreover, in case of a very large project being analyzed, even this amount of RAM could be insufficient. Because of this, and also because a very small fraction of our users still utilizes 32-bit OS, we've decided to cease support for the 32-bit version of the analyzer. This will allows us to concentrate all of our resources on further development of 64-bit version of the analyzer.
- Support for SonarQube continuous quality control system was implemented in the analyzer's command line version. In addition, our installer now contains a dedicated SonarQube plugin, which can be used for integration of analysis results with SonarQube server. The detailed description of this plugin and new analyzer modes is available here.
- V763. Parameter is always rewritten in function body before being used.
- V764. Possible incorrect order of arguments passed to function.
- V765. A compound assignment expression 'X += X + N' is suspicious. Consider inspecting it for a possible error.
- V766. An item with the same key has already been added.
- V767. Suspicious access to element by a constant index inside a loop.
- V3106. Possibly index is out of bound.
- V3107. Identical expressions to the left and to the right of compound assignment.
PVS-Studio 6.06 (July 7, 2016)
- V758. Reference invalidated, because of the destruction of the temporary object 'unique_ptr', returned by function.
- V759. Violated order of exception handlers. Exception caught by handler for base class.
- V760. Two identical text blocks detected. The second block starts with NN string.
- V761. NN identical blocks were found.
- V762. Consider inspecting virtual function arguments. See NN argument of function 'Foo' in derived class and base class.
- V3105. The 'a' variable was used after it was assigned through null-conditional operator. NullReferenceException is possible.
PVS-Studio 6.05 (June 9, 2016)
- New PVS-Studio command line tool was added; it supports the check of vcxproj and csproj projects (C++ and C#). Now there is no need to use devenv.exe for nightly checks. More details about this tool can be found here.
- The support of MSBuild plugin was stopped. Instead of it we suggest using a new PVS-Studio command line tool.
- V755. Copying from unsafe data source. Buffer overflow is possible.
- V756. The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter.
- V757. It is possible that an incorrect variable is compared with null after type conversion using 'dynamic_cast'.
- V3094. Possible exception when deserializing type. The Ctor(SerializationInfo, StreamingContext) constructor is missing.
- V3095. The object was used before it was verified against null. Check lines: N1, N2.
- V3096. Possible exception when serializing type. [Serializable] attribute is missing.
- V3097. Possible exception: type marked by [Serializable] contains non-serializable members not marked by [NonSerialized].
- V3098. The 'continue' operator will terminate 'do { ... } while (false)' loop because the condition is always false.
- V3099. Not all the members of type are serialized inside 'GetObjectData' method.
- V3100. Unhandled NullReferenceException is possible. Unhandled exceptions in destructor lead to termination of runtime.
- V3101. Potential resurrection of 'this' object instance from destructor. Without re-registering for finalization, destructor will not be called a second time on resurrected object.
- V3102. Suspicious access to element by a constant index inside a loop.
- V3103. A private Ctor(SerializationInfo, StreamingContext) constructor in unsealed type will not be accessible when deserializing derived types.
- V3104. 'GetObjectData' implementation in unsealed type is not virtual, incorrect serialization of derived type is possible.
PVS-Studio 6.04 (May 16, 2016)
- V753. The '&=' operation always sets a value of 'Foo' variable to zero.
- V754. The expression of 'foo(foo(x))' pattern is excessive or contains an error.
- V3082. The 'Thread' object is created but is not started. It is possible that a call to 'Start' method is missing.
- V3083. Unsafe invocation of event, NullReferenceException is possible. Consider assigning event to a local variable before invoking it.
- V3084. Anonymous function is used to unsubscribe from event. No handlers will be unsubscribed, as a separate delegate instance is created for each anonymous function declaration.
- V3085. The name of 'X' field/property in a nested type is ambiguous. The outer type contains static field/property with identical name.
- V3086. Variables are initialized through the call to the same function. It's probably an error or un-optimized code.
- V3087. Type of variable enumerated in 'foreach' is not guaranteed to be castable to the type of collection's elements.
- V3088. The expression was enclosed by parentheses twice: ((expression)). One pair of parentheses is unnecessary or misprint is present.
- V3089. Initializer of a field marked by [ThreadStatic] attribute will be called once on the first accessing thread. The field will have default value on different threads.
- V3090. Unsafe locking on an object.
- V3091. Empirical analysis. It is possible that a typo is present inside the string literal. The 'foo' word is suspicious.
- V3092. Range intersections are possible within conditional expressions.
- V3093. The operator evaluates both operands. Perhaps a short-circuit operator should be used instead.
PVS-Studio 6.03 (April 5, 2016)
- V751. Parameter is not used inside method's body.
- V752. Creating an object with placement new requires a buffer of large size.
- V3072. The 'A' class containing IDisposable members does not itself implement IDisposable.
- V3073. Not all IDisposable members are properly disposed. Call 'Dispose' when disposing 'A' class.
- V3074. The 'A' class contains 'Dispose' method. Consider making it implement 'IDisposable' interface.
- V3075. The operation is executed 2 or more times in succession.
- V3076. Comparison with 'double.NaN' is meaningless. Use 'double.IsNaN()' method instead.
- V3077. Property setter / event accessor does not utilize its 'value' parameter.
- V3078. Original sorting order will be lost after repetitive call to 'OrderBy' method. Use 'ThenBy' method to preserve the original sorting.
- V3079. 'ThreadStatic' attribute is applied to a non-static 'A' field and will be ignored.
- V3080. Possible null dereference.
- V3081. The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter.
- V051. Some of the references in project are missing or incorrect. The analysis results could be incomplete. Consider making the project fully compilable and building it before analysis.
PVS-Studio 6.02 (March 9, 2016)
- V3057. Function receives an odd argument.
- V3058. An item with the same key has already been added.
- V3059. Consider adding '[Flags]' attribute to the enum.
- V3060. A value of variable is not modified. Consider inspecting the expression. It is possible that other value should be present instead of '0'.
- V3061. Parameter 'A' is always rewritten in method body before being used.
- V3062. An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' method.
- V3063. A part of conditional expression is always true/false.
- V3064. Division or mod division by zero.
- V3065. Parameter is not utilized inside method's body.
- V3066. Possible incorrect order of arguments passed to 'Foo' method.
- V3067. It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics.
- V3068. Calling overrideable class member from constructor is dangerous.
- V3069. It's possible that the line was commented out improperly, thus altering the program's operation logics.
- V3070. Uninitialized variables are used when initializing the 'A' variable.
- V3071. The object is returned from inside 'using' block. 'Dispose' will be invoked before exiting method.
PVS-Studio 6.01 (February 3, 2016)
- V736. The behavior is undefined for arithmetic or comparisons with pointers that do not point to members of the same array.
- V737. It is possible that ',' comma is missing at the end of the string.
- V738. Temporary anonymous object is used.
- V739. EOF should not be compared with a value of the 'char' type. Consider using the 'int' type.
- V740. Because NULL is defined as 0, the exception is of the 'int' type. Keyword 'nullptr' could be used for 'pointer' type exception.
- V741. The following pattern is used: throw (a, b);. It is possible that type name was omitted: throw MyException(a, b);..
- V742. Function receives an address of a 'char' type variable instead of pointer to a buffer.
- V743. The memory areas must not overlap. Use 'memmove' function.
- V744. Temporary object is immediately destroyed after being created. Consider naming the object.
- V745. A 'wchar_t *' type string is incorrectly converted to 'BSTR' type string.
- V746. Object slicing. An exception should be caught by reference rather than by value.
- V747. An odd expression inside parenthesis. It is possible that a function name is missing.
- V748. Memory for 'getline' function should be allocated only by 'malloc' or 'realloc' functions. Consider inspecting the first parameter of 'getline' function.
- V749. Destructor of the object will be invoked a second time after leaving the object's scope.
- V750. BSTR string becomes invalid. Notice that BSTR strings store their length before start of the text.
- V816. It is more efficient to catch exception by reference rather than by value.
- V3042. Possible NullReferenceException. The '?.' and '.' operators are used for accessing members of the same object.
- V3043. The code's operational logic does not correspond with its formatting.
- V3044. WPF: writing and reading are performed on a different Dependency Properties.
- V3045. WPF: the names of the property registered for DependencyProperty, and of the property used to access it, do not correspond with each other.
- V3046. WPF: the type registered for DependencyProperty does not correspond with the type of the property used to access it.
- V3047. WPF: A class containing registered property does not correspond with a type that is passed as the ownerType.type.
- V3048. WPF: several Dependency Properties are registered with a same name within the owner type.
- V3049. WPF: readonly field of 'DependencyProperty' type is not initialized.
- V3050. Possibly an incorrect HTML. The </XX> closing tag was encountered, while the </YY> tag was expected.
- V3051. An excessive type cast or check. The object is already of the same type.
- V3052. The original exception object was swallowed. Stack of original exception could be lost.
- V3053. An excessive expression. Examine the substrings "abc" and "abcd".
- V3054. Potentially unsafe double-checked locking. Use volatile variable(s) or synchronization primitives to avoid this.
- V3055. Suspicious assignment inside the condition expression of 'if/while/for' operator.
- V3056. Consider reviewing the correctness of 'X' item's usage.
PVS-Studio 6.00 (December 22, 2015)
- Static code analysis for C# added! More than 40 diagnostics in first release.
- We are cancelling support for Visual Studio 2005 and Visual Studio 2008.
- V734. Searching for the longer substring is meaningless after searching for the shorter substring.
- V735. Possibly an incorrect HTML. The "</XX" closing tag was encountered, while the "</YY" tag was expected.
- V3001. There are identical sub-expressions to the left and to the right of the 'foo' operator.
- V3002. The switch statement does not cover all values of the enum.
- V3003. The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.
- V3004. The 'then' statement is equivalent to the 'else' statement.
- V3005. The 'x' variable is assigned to itself.
- V3006. The object was created but it is not being used. The 'throw' keyword could be missing.
- V3007. Odd semicolon ';' after 'if/for/while' operator.
- V3008. The 'x' variable is assigned values twice successively. Perhaps this is a mistake.
- V3009. It's odd that this method always returns one and the same value of NN.
- V3010. The return value of function 'Foo' is required to be utilized.
- V3011. Two opposite conditions were encountered. The second condition is always false.
- V3012. The '?:' operator, regardless of its conditional expression, always returns one and the same value.
- V3013. It is odd that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function.
- V3014. It is likely that a wrong variable is being incremented inside the 'for' operator. Consider reviewing 'X'.
- V3015. It is likely that a wrong variable is being compared inside the 'for' operator. Consider reviewing 'X'.
- V3016. The variable 'X' is being used for this loop and for the outer loop.
- V3017. A pattern was detected: A || (A && ...). The expression is excessive or contains a logical error.
- V3018. Consider inspecting the application's logic. It's possible that 'else' keyword is missing.
- V3019. It is possible that an incorrect variable is compared with null after type conversion using 'as' keyword.
- V3020. An unconditional 'break/continue/return/goto' within a loop.
- V3021. There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless.
- V3022. Expression is always true/false.
- V3023. Consider inspecting this expression. The expression is excessive or contains a misprint.
- V3024. An odd precise comparison. Consider using a comparison with defined precision: Math.Abs(A - B) < Epsilon or Math.Abs(A - B) > Epsilon.
- V3025. Incorrect format. Consider checking the N format items of the 'Foo' function.
- V3026. The constant NN is being utilized. The resulting value could be inaccurate. Consider using the KK constant.
- V3027. The variable was utilized in the logical expression before it was verified against null in the same logical expression.
- V3028. Consider inspecting the 'for' operator. Initial and final values of the iterator are the same.
- V3029. The conditional expressions of the 'if' operators situated alongside each other are identical.
- V3030. Recurring check. This condition was already verified in previous line.
- V3031. An excessive check can be simplified. The operator '||' operator is surrounded by opposite expressions 'x' and '!x'.
- V3032. Waiting on this expression is unreliable, as compiler may optimize some of the variables. Use volatile variable(s) or synchronization primitives to avoid this.
- V3033. It is possible that this 'else' branch must apply to the previous 'if' statement.
- V3034. Consider inspecting the expression. Probably the '!=' should be used here.
- V3035. Consider inspecting the expression. Probably the '+=' should be used here.
- V3036. Consider inspecting the expression. Probably the '-=' should be used here.
- V3037. An odd sequence of assignments of this kind: A = B; B = A;.
- V3038. The 'first' argument of 'Foo' function is equal to the 'second' argument
- V3039. Consider inspecting the 'Foo' function call. Defining an absolute path to the file or directory is considered a poor style.
- V3040. The expression contains a suspicious mix of integer and real types.
- V3041. The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid the loss of a fractional part.
PVS-Studio 5.31 (November 3, 2015)
- False positive quantity is reduced in some diagnostics.
PVS-Studio 5.30 (October 29, 2015)
- Double click navigation support on multiple-line messages was added.
- An access error during the Visual C++ preprocessor start for a check of files, using #import directive was removed.
- An error of compiler monitoring preprocessing more than 10 minutes, corrected.
- Incorrect installer's work, operating on systems that have 2015 Visual Studio only, was corrected.
- New diagnostic - V728. An excessive check can be simplified. The '||' operator is surrounded by opposite expressions 'x' and '!x'.
- New diagnostic - V729. Function body contains the 'X' label that is not used by any 'goto' statements.
- New diagnostic - V730. Not all members of a class are initialized inside the constructor.
- New diagnostic - V731. The variable of char type is compared with pointer to string.
- New diagnostic - V732. Unary minus operator does not modify a bool type value.
- New diagnostic - V733. It is possible that macro expansion resulted in incorrect evaluation order.
PVS-Studio 5.29 (September 22, 2015)
- Visual Studio 2015 supported.
- Windows 10 supported.
- New diagnostic - V727. Return value of 'wcslen' function is not multiplied by 'sizeof(wchar_t)'.
PVS-Studio 5.28 (August 10, 2015)
- New interface of the settings pages Detectable Errors, Don't Check Files, and Keyword Message Filering.
- A new utility PlogConverter was added to convert XML plog files into formats txt, html, and CSV. Check the documentation for details.
PVS-Studio 5.27 (July 28, 2015)
- New diagnostic - V207. A 32-bit variable is utilized as a reference to a pointer. A write outside the bounds of this variable may occur.
- New diagnostic - V726. An attempt to free memory containing the 'int A[10]' array by using the 'free(A)' function.
- New feature - Analyzer Work Statistics (Diagrams). PVS-Studio analyzer can gather its' operational statistics - the number of detected messages (including suppressed ones) across different severity levels and rule sets. Gathered statistics can be filtered and represented as a diagram in a Microsoft Excel file, showing the change dynamics for messages in the project under analysis.
- Analysis of preprocessed files removed from Standalone.
PVS-Studio 5.26 (June 30, 2015)
- New diagnostic - V723. Function returns a pointer to the internal string buffer of a local object, which will be destroyed.
- New diagnostic - V724. Converting integers or pointers to BOOL can lead to a loss of high-order bits. Non-zero value can become 'FALSE'.
- New diagnostic - V725. A dangerous cast of 'this' to 'void*' type in the 'Base' class, as it is followed by a subsequent cast to 'Class' type.
- Message suppression support was implemented for CLMonitoring/Standalone.
- 2nd and 3rd levels of analyzer warnings are accessible in Trial Mode.
PVS-Studio 5.25 (May 12, 2015)
- New diagnostic - V722. An abnormality within similar comparisons. It is possible that a typo is present inside the expression.
- Improved the responsiveness of Quick Filters and Analyzer\Levels buttons in Output Window.
- 'False Alarms' output window filter was moved into settings.
- Fix for 'An item with the same key has already been added' error when using message suppression
PVS-Studio 5.24 (April 10, 2015)
- New diagnostic - V721. The VARIANT_BOOL type is utilized incorrectly. The true value (VARIANT_TRUE) is defined as -1.
- New trial mode. Please refer here.
- A new message suppression mechanism now can be utilized together with command line mode for project files (vcproj/vcxproj) to organize a distribution of analysis logs with newly discovered warnings (in plain text and html formats) by email. More details on command line mode and utilizing analyzer within continuous integration systems.
PVS-Studio 5.23 (March 17, 2015)
- 64-bit analysis is greatly improved. Now if you want to fix major 64-bit issues just fix all 64 Level 1 messages.
- You can use PVS-Studio-Updater.exe for automatic update of PVS-Studio on build-server. See details here.
- New diagnostic - V719. The switch statement does not cover all values of the enum.
- New diagnostic - V720. It is advised to utilize the 'SuspendThread' function only when developing a debugger (see documentation for details).
- New diagnostic - V221. Suspicious sequence of types castings: pointer -> memsize -> 32-bit integer.
- New diagnostic - V2013. Consider inspecting the correctness of handling the N argument in the 'Foo' function.
PVS-Studio 5.22 (February 17, 2015)
- New diagnostic - V718. The 'Foo' function should not be called from 'DllMain' function.
- Fix for CLMonitoring operation on C++/CLI projects.
- Memory leak fix for CLMonitoring of long-running processes.
- Include\symbol reference search for Standalone.
- Message suppression memory usage optimization.
- Message suppression correctly handles multi-project analyzer messages (as, for example, messages generated on common h files on different IDE projects).
- Several crucial improvements in (Message suppression).
PVS-Studio 5.21 (December 11, 2014)
- We are cancelling support for the Embarcadero RAD Studio IDE.
- We are cancelling support for OpenMP diagnostics (VivaMP rule set)
- New diagnostic - V711. It is dangerous to create a local variable within a loop with a same name as a variable controlling this loop.
- New diagnostic - V712. Be advised that compiler may delete this cycle or make it infinity. Use volatile variable(s) or synchronization primitives to avoid this.
- New diagnostic - V713. The pointer was utilized in the logical expression before it was verified against nullptr in the same logical expression.
- New diagnostic - V714. Variable is not passed into foreach loop by a reference, but its value is changed inside of the loop.
- New diagnostic - V715. The 'while' operator has empty body. Suspicious pattern detected.
- New diagnostic - V716. Suspicious type conversion: HRESULT -> BOOL (BOOL -> HRESULT).
- New diagnostic - V717. It is strange to cast object of base class V to derived class U.
PVS-Studio 5.20 (November 12, 2014)
- New diagnostic - V706. Suspicious division: sizeof(X) / Value. Size of every element in X array does not equal to divisor.
- New diagnostic - V707. Giving short names to global variables is considered to be bad practice.
- New diagnostic - V708. Dangerous construction is used: 'm[x] = m.size()', where 'm' is of 'T' class. This may lead to undefined behavior.
- New diagnostic - V709. Suspicious comparison found: 'a == b == c'. Remember that 'a == b == c' is not equal to 'a == b && b == c.
- New diagnostic - V710. Suspicious declaration found. There is no point to declare constant reference to a number.
- New diagnostic - V2012. Possibility of decreased performance. It is advised to pass arguments to std::unary_function/std::binary_function template as references.
- New feature - Mass suppression of analyzer messages. Sometimes, during deployment of static analysis, especially at large-scale projects, the developer has no desire (or even has no means of) to correct hundreds or even thousands of analyzer's messages which were generated on the existing source code base. In this situation, the need arises to "suppress" all of the analyzer's messages generated on the current state of the code, and, from that point, to be able to see only the messages related to the newly written or modified code. As such code was not yet thoroughly debugged and tested, it can potentially contain a large number of errors.
PVS-Studio 5.19 (September 18, 2014)
- New diagnostic - V698. strcmp()-like functions can return not only the values -1, 0 and 1, but any values.
- New diagnostic - V699. Consider inspecting the 'foo = bar = baz ? .... : ....' expression. It is possible that 'foo = bar == baz ? .... : ....' should be used here instead.
- New diagnostic - V700. Consider inspecting the 'T foo = foo = x;' expression. It is odd that variable is initialized through itself.
- New diagnostic - V701. realloc() possible leak: when realloc() fails in allocating memory, original pointer is lost. Consider assigning realloc() to a temporary pointer.
- New diagnostic - V702. Classes should always be derived from std::exception (and alike) as 'public'.
- New diagnostic - V703. It is odd that the 'foo' field in derived class overwrites field in base class.
- New diagnostic - V704. 'this == 0' comparison should be avoided - this comparison is always false on newer compilers.
- New diagnostic - V705. It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics.
PVS-Studio 5.18 (July 30, 2014)
- ClMonitoring - automatic detection of compiler's platform.
- ClMonitoring - performance increase resulting from the reduction of an impact of antiviral software during preprocessing of analyzed files.
- ClMonitoring - incorrect handling of 64-bit processes resulting from a system update for .NET Framework 4 was fixed.
- New diagnostic - V695. Range intersections are possible within conditional expressions.
- New diagnostic - V696. The 'continue' operator will terminate 'do { ... } while (FALSE)' loop because the condition is always false.
- New diagnostic - V697. A number of elements in the allocated array is equal to size of a pointer in bytes.
- New diagnostic - V206. Explicit conversion from 'void *' to 'int *'.
- New diagnostic - V2011. Consider inspecting signed and unsigned function arguments. See NN argument of function 'Foo' in derived class and base class.
PVS-Studio 5.17 (May 20, 2014)
- New diagnostic - V690. The class implements a copy constructor/operator=, but lacks the the operator=/copy constructor.
- New diagnostic - V691. Empirical analysis. It is possible that a typo is present inside the string literal. The 'foo' word is suspicious.
- New diagnostic - V692. An inappropriate attempt to append a null character to a string. To determine the length of a string by 'strlen' function correctly, a string ending with a null terminator should be used in the first place.
- New diagnostic - V693. Consider inspecting conditional expression of the loop. It is possible that 'i < X.size()' should be used instead of 'X.size()'.
- New diagnostic - V694. The condition (ptr - const_value) is only false if the value of a pointer equals a magic constant.
- New diagnostic - V815. Decreased performance. Consider replacing the expression 'AA' with 'BB'.
- New diagnostic - V2010. Handling of two different exception types is identical.
PVS-Studio 5.16 (April 29, 2014)
- Support of C++/CLI projects was greatly improved.
- TFSRipper plugin was removed.
- Fix for crash in Standalone when installing in non-default location on a 64-bit system.
- Fixed issue with hiding of diagnostic messages in some case.
PVS-Studio 5.15 (April 14, 2014)
- New diagnostic - V689. The destructor of the 'Foo' class is not declared as a virtual. It is possible that a smart pointer will not destroy an object correctly.
- Several crucial improvements in compiler monitoring in PVS-Studio.
PVS-Studio 5.14 (March 12, 2014)
- New option "DIsable 64-bit Analysis" in Specific Analyzer Settings option page can improve analysis speed and decrease .plog file size.
- New feature: compiler monitoring in PVS-Studio.
- Fixed problem with incremental analysis notification with auto hide PVS-Studio Output Window.
- New diagnostic - V687. Size of an array calculated by the sizeof() operator was added to a pointer. It is possible that the number of elements should be calculated by sizeof(A)/sizeof(A[0]).
- New diagnostic - V688. The 'foo' local variable possesses the same name as one of the class members, which can result in a confusion.
PVS-Studio 5.13 (February 5, 2014)
- Support for Embarcadero RAD Studio XE5 was implemented.
- New diagnostic - V684. A value of variable is not modified. Consider inspecting the expression. It is possible that '1' should be present instead of '0'.
- New diagnostic - V685. Consider inspecting the return statement. The expression contains a comma.
- New diagnostic - V686. A pattern was detected: A || (A && ...). The expression is excessive or contains a logical error.
PVS-Studio 5.12 (December 23, 2013)
- Fix for the issue with SolutionDir property when direct integration of the analyzer into MSBuild system is utilized.
- The analysis can now be launched from within the context menu of Solution Explorer tool window.
- The 'ID' column will now be hidden by default in the PVS-Studio Output toolwindow. It is possible to enable it again by using the Show Columns -> ID context menu command.
- New diagnostic - V682. Suspicious literal is present: '/r'. It is possible that a backslash should be used here instead: '\r'.
- New diagnostic - V683. Consider inspecting the loop expression. It is possible that the 'i' variable should be incremented instead of the 'n' variable.
PVS-Studio 5.11 (November 6, 2013)
- Support for the release version of Microsoft Visual Studio 2013 was implemented.
- New diagnostic - V680. The 'delete A, B' expression only destroys the 'A' object. Then the ',' operator returns a resulting value from the right side of the expression.
- New diagnostic - V681. The language standard does not define an order in which the 'Foo' functions will be called during evaluation of arguments.
PVS-Studio 5.10 (October 7, 2013)
- Fixed the issue with the analyzer when Visual Studio is called with the parameter /useenv: devenv.exe /useenv.
- VS2012 has finally got support for Clang so that it can be used as the preprocessor. It means that PVS-Studio users will see a significant performance boost in VS2012.
- Several crucial improvements were made to the analyzer's performance when parsing code in VS2012.
- The PVS-Studio distribution package now ships with a new application Standalone.
- You can now export analysis results into a .CSV-file to handle them in Excel.
- Support of precompiled headers in Visual Studio and MSBuild was greatly improved.
- New diagnostic - V676. It is incorrect to compare the variable of BOOL type with TRUE.
- New diagnostic - V677. Custom declaration of a standard type. The declaration from system header files should be used instead.
- New diagnostic - V678. An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' function.
- New diagnostic - V679. The 'X' variable was not initialized. This variable is passed by a reference to the 'Foo' function in which its value will be utilized.
PVS-Studio 5.06 (August 13, 2013)
- Fix for incorrect number of verified files when using 'Check Open File(s)' command in Visual Studio 2010.
- New diagnostic - V673. More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits.
- New diagnostic - V674. The expression contains a suspicious mix of integer and real types.
- New diagnostic - V675. Writing into the read-only memory.
- New diagnostic - V814. Decreased performance. The 'strlen' function was called multiple times inside the body of a loop.
PVS-Studio 5.05 (May 28, 2013)
- Support for proxy server with authorization was implemented for trial extension window.
- An issue with using certain special characters in diagnostic message filters was resolved.
- A portion of 'Common Analyzer Settings' page options and all of the options from 'Customer Specific Settings' page were merged together into the new page: Specific Analyzer Settings.
- A new SaveModifiedLog option was implemented. It allows you to define the behavior of 'Save As' dialog for a new\modified analysis report log (always ask, save automatically, do not save).
- Customer diagnostics (V20xx) were assigned to a separate diagnostics group (CS - Customer Specific).
- A new menu command was added: "Check Open File(s)". It allows starting the analysis on all of the C/C++ source files that are currently open in IDE text editor.
PVS-Studio 5.04 (May 14, 2013)
- Support has been implemented for C++Builder XE4. Now PVS-Studio supports the following versions of C++Builder: XE4, XE3 Update 1, XE2, XE, 2010, 2009.
- New diagnostic - V669. The argument is a non-constant reference. The analyzer is unable to determine the position at which this argument is being modified. It is possible that the function contains an error.
- New diagnostic - V670. An uninitialized class member is used to initialize another member. Remember that members are initialized in the order of their declarations inside a class.
- New diagnostic - V671. It is possible that the 'swap' function interchanges a variable with itself.
- New diagnostic - V672. There is probably no need in creating a new variable here. One of the function's arguments possesses the same name and this argument is a reference.
- New diagnostic - V128. A variable of the memsize type is read from a stream. Consider verifying the compatibility of 32 and 64 bit versions of the application in the context of a stored data.
- New diagnostic - V813. Decreased performance. The argument should probably be rendered as a constant pointer/reference.
- New diagnostic - V2009. Consider passing the 'Foo' argument as a constant pointer/reference.
PVS-Studio 5.03 (April 16, 2013)
- Enhanced analysis/interface performance when checking large projects and generating a large number of diagnostic messages (the total number of unfiltered messages).
- Fixed the issue with incorrect integration of the PVS-Studio plugin into the C++Builder 2009/2010/XE environments after installation.
- Fixed the bug with the trial-mode.
- The analyzer can now be set to generate relative paths to source files in its log files.
- The analyzer now supports direct integration into the MSBuild build system.
- Integrated Help Language option added to Customer's Settings page. The setting allows you to select a language to be used for integrated help on the diagnostic messages (a click to the message error code in PVS-Studio output window) and online documentation (the PVS-Studio -> Help -> Open PVS-Studio Documentation (html, online) menu command), which are also available at our site. This setting will not change the language of IDE plugin's interface and messages produced by the analyzer.
- Fix for Command line analysis mode in Visual Studio 2012 in the case of project background loading.
- New diagnostic - V665. Possibly, the usage of '#pragma warning(default: X)' is incorrect in this context. The '#pragma warning(push/pop)' should be used instead.
- New diagnostic - V666. Consider inspecting NN argument of the function 'Foo'. It is possible that the value does not correspond with the length of a string which was passed with the YY argument.
- New diagnostic - V667. The 'throw' operator does not possess any arguments and is not situated within the 'catch' block.
- New diagnostic - V668. There is no sense in testing the pointer against null, as the memory was allocated using the 'new' operator. The exception will be generated in the case of memory allocation error.
- New diagnostic -V812. Decreased performance. Ineffective use of the 'count' function. It can possibly be replaced by the call to the 'find' function.
PVS-Studio 5.02 (March 6, 2013)
- Incorrect navigation in C++Builder modules that contain several header/source files was fixed.
- The option for inserting user-specified comments while performing false alarm mark-ups (for example, to provide the automatic documentation generation systems with appropriate descriptions) was implemented.
- An issue of incorrectly starting up a C++ preprocessor for some of the files utilizing precompiled headers was fixed.
- New diagnostic - V663. Infinite loop is possible. The 'cin.eof()' condition is insufficient to break from the loop. Consider adding the 'cin.fail()' function call to the conditional expression.
- New diagnostic - V664. The pointer is being dereferenced on the initialization list before it is verified against null inside the body of the constructor function.
- New diagnostic - V811. Decreased performance. Excessive type casting: string -> char * -> string.
PVS-Studio 5.01 (February 13, 2013)
- Support has been implemented for several previous versions of C++Builder. Now PVS-Studio supports the following versions of C++Builder: XE3 Update 1, XE2, XE, 2010, 2009.
- A bug in C++Builder version with incremental analysis starting-up incorrectly in several situations was fixed.
- Occasional incorrect placement of false alarm markings for C++Builder version was fixed.
- Incorrect display of localized filenames containing regional-specific characters in C++Builder version was fixed.
- An issue with opening source files during diagnostic message navigation in C++Builder version was resolved.
- The issue was fixed of system includes paths being resolved incompletely when starting the preprocessor for the analyzer in C++ Builder versions.
- New diagnostic - V661. A suspicious expression 'A[B < C]'. Probably meant 'A[B] < C'.
- New diagnostic - V662. Consider inspecting the loop expression. Different containers are utilized for setting up initial and final values of the iterator.
PVS-Studio 5.00 (January 31, 2013)
- Support for the integration to Embarcadero RAD Studio, or Embarcadero C++ Builder to be more precise, was added! As of this moment, PVS-Studio diagnostics capabilities are available to the users of C++ Builder. While in the past PVS-Studio could be conveniently utilized only from within Visual Studio environment, but now C++ developers who choses Embarcadero products will be able to fully utilize PVS-Studio static analyzer as well. Presently, the supported versions are XE2 and XE3, including the XE3 Update 1 with 64-bit C++ compiler.
- Microsoft Design Language (formerly known as Metro Language) C++/CX Windows 8 Store (WinRT) projects on x86/ARM platforms and Windows Phone 8 projects support was implemented.
- A fix for the users of Clang-preprocessor in Visual Studio version was implemented. Previously it was impossible to use Clang as a preprocessor while analyzing projects utilizing the Boost library because of the preprocessing errors. Now these issues were resolved. This significantly decreased the time it takes to analyze Boost projects with the help of Clang preprocessor.
- The obsolete Viva64 options page was removed.
- V004 message text was modified to provide a more correct description.
- New diagnostic - V810. Decreased performance. The 'A' function was called several times with identical arguments. The result should possibly be saved to a temporary variable, which then could be used while calling the 'B' function.
- New diagnostic - V2008. Cyclomatic complexity: NN. Consider refactoring the 'Foo' function.
- New diagnostic - V657. It's odd that this function always returns one and the same value of NN.
- New diagnostic - V658. A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the comparison operation can potentially behave unexpectedly.
- New diagnostic - V659. Declarations of functions with 'Foo' name differ in the 'const' keyword only, but the bodies of these functions have different composition. This is suspicious and can possibly be an error.
- New diagnostic - V660. The program contains an unused label and a function call: 'CC:AA()'. It's possible that the following was intended: 'CC::AA()'.
PVS-Studio 4.77 (December 11, 2012)
- Acquisition of compilation parameters for VS2012 and VS2010 was improved through expansion of support for MSBuild-based projects.
- New diagnostic - V654. The condition of loop is always true/false.
- New diagnostic - V655. The strings was concatenated but are not utilized. Consider inspecting the expression.
- New diagnostic - V656. Variables are initialized through the call to the same function. It's probably an error or un-optimized code.
- New diagnostic - V809. Verifying that a pointer value is not NULL is not required. The 'if (ptr != NULL)' check can be removed.
PVS-Studio 4.76 (November 23, 2012)
PVS-Studio 4.75 (November 12, 2012)
- An issue with checking Qt-based projects which manifested itself under certain conditions was solved (details in blog).
- New diagnostic - V646. Consider inspecting the application's logic. It's possible that 'else' keyword is missing.
- New diagnostic - V647. The value of 'A' type is assigned to the pointer of 'B' type.
- New diagnostic - V648. Priority of the '&&' operation is higher than that of the '||' operation.
- New diagnostic - V649. There are two 'if' statements with identical conditional expressions. The first 'if' statement contains function return. This means that the second 'if' statement is senseless.
- New diagnostic - V650. Type casting operation is utilized 2 times in succession. Next, the '+' operation is executed. Probably meant: (T1)((T2)a + b).
- New diagnostic - V651. An odd operation of the 'sizeof(X)/sizeof(T)' kind is performed, where 'X' is of the 'class' type.
- New diagnostic - V652. The operation is executed 3 or more times in succession.
- New diagnostic - V653. A suspicious string consisting of two parts is used for array initialization. It is possible that a comma is missing.
- New diagnostic - V808. An array/object was declared but was not utilized.
- New diagnostic - V2007. This expression can be simplified. One of the operands in the operation equals NN. Probably it is a mistake.
PVS-Studio 4.74 (October 16, 2012)
- New option "Incremental Results Display Depth was added. This setting defines the mode of message display level in PVS-Studio Output window for the results of incremental analysis. Setting the display level depth here (correspondingly, Level 1 only; Levels 1 and 2; Levels 1, 2 and 3) will enable automatic activation of these display levels on each incremental analysis procedure. The "Preserve_Current_Levels" on the other hand will preserve the existing display setting.
- New option "External Tool Path" was added. This field allows defining an absolute path to any external tool, which could then be executed with the "Send this message to external tool" context menu command of the PVS-Studio Output window. The mentioned menu command is available only for a single simultaneously selected message from the results table, allowing the passing of the command line parameters specified in the ExternalToolCommandLine field to the utility from here. The detailed description of this mode together with usage examples is available here.
PVS-Studio 4.73 (September 17, 2012)
- Issues with incorrect processing of some Visual Studio 2012 C++11 constructs were fixed.
- A complete support for Visual Studio 2012 themes was implemented.
- The search field for the 'Project' column was added to the PVS-Studio Output Window quick filters.
- The included Clang external preprocessor was updated.
- Support for the TenAsys INtime platform was implemented.
PVS-Studio 4.72 (August 30, 2012)
- Support for the release version of Microsoft Visual Studio 2012 was implemented.
- A new version of SourceGrid component will be utilized, solving several issues with PVS-Studio Output Window operation.
- Support for diagnostics of issues inside STL library using STLport was implemented.
- New diagnostic - V637. Two opposite conditions were encountered. The second condition is always false.
- New diagnostic - V638. A terminal null is present inside a string. The '\0xNN' characters were encountered. Probably meant: '\xNN'.
- New diagnostic - V639. Consider inspecting the expression for function call. It is possible that one of the closing ')' brackets was positioned incorrectly.
- New diagnostic - V640. Consider inspecting the application's logic. It is possible that several statements should be braced.
- New diagnostic - V641. The size of the allocated memory buffer is not a multiple of the element size.
- New diagnostic - V642. Saving the function result inside the 'byte' type variable is inappropriate. The significant bits could be lost breaking the program's logic.
- New diagnostic - V643. Unusual pointer arithmetic. The value of the 'char' type is being added to the string pointer.
- New diagnostic - V644. A suspicious function declaration. It is possible that the T type object was meant to be created.
- New diagnostic - V645. The function call could lead to the buffer overflow. The bounds should not contain the size of the buffer, but a number of characters it can hold.
PVS-Studio 4.71 (July 20, 2012)
- New diagnostic - V629. Consider inspecting the expression. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type.
- New diagnostic - V630. The 'malloc' function is used to allocate memory for an array of objects which are classes containing constructors/destructors.
- New diagnostic - V631. Consider inspecting the 'Foo' function call. Defining an absolute path to the file or directory is considered a poor style.
- New diagnostic - V632. Consider inspecting the NN argument of the 'Foo' function. It is odd that the argument is of the 'T' type.
- New diagnostic - V633. Consider inspecting the expression. Probably the '!=' should be used here.
- New diagnostic - V634. The priority of the '+' operation is higher than that of the '<<' operation. It's possible that parentheses should be used in the expression.
- New diagnostic - V635. Consider inspecting the expression. The length should probably be multiplied by the sizeof(wchar_t).
PVS-Studio 4.70 (July 3, 2012)
- Visual Studio 2012 RC support was implemented. At present the analyzer does not provide a complete support for every new syntax construct introduced with Visual Studio 2012 RC. Also, there is an additional issue concerning the speed of the analysis, as we utilize Clang preprocessor to improve the analyzer's performance. Currently, Clang is unable to preprocess some of the new Visual C++ 2012 header files, and that means that the notably slower cl.exe preprocessor from Visual C++ will have to be utilized most of the time instead. In the default mode the correct preprocessor will be set by PVS-Studio automatically so it will not require any interaction from the user. Despite the aforementioned issues, PVS-Studio can now be fully utilized from Visual Studio 2012 RC IDE.
- New diagnostic - V615. An odd explicit conversion from 'float *' type to 'double *' type.
- New diagnostic - V616. The 'Foo' named constant with the value of 0 is used in the bitwise operation.
- New diagnostic - V617. Consider inspecting the condition. An argument of the '|' bitwise operation always contains a non-zero value.
- New diagnostic - V618. It's dangerous to call the 'Foo' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str);.
- New diagnostic - V619. An array is being utilized as a pointer to single object.
- New diagnostic - V620. It's unusual that the expression of sizeof(T)*N kind is being summed with the pointer to T type.
- New diagnostic - V621. Consider inspecting the 'for' operator. It's possible that the loop will be executed incorrectly or won't be executed at all.
- New diagnostic - V622. Consider inspecting the 'switch' statement. It's possible that the first 'case' operator in missing.
- New diagnostic - V623. Consider inspecting the '?:' operator. A temporary object is being created and subsequently destroyed.
- New diagnostic - V624. The constant NN is being utilized. The resulting value could be inaccurate. Consider using the M_NN constant from <math.h>.
- New diagnostic - V625. Consider inspecting the 'for' operator. Initial and final values of the iterator are the same.
- New diagnostic - V626. Consider checking for misprints. It's possible that ',' should be replaced by ';'.
- New diagnostic - V627. Consider inspecting the expression. The argument of sizeof() is the macro which expands to a number.
- New diagnostic - V628. It's possible that the line was commented out improperly, thus altering the program's operation logics.
- New diagnostic - V2006. Implicit type conversion from enum type to integer type.
PVS-Studio 4.62 (May 30, 2012)
- The support for the MinGW gcc preprocessor was implemented, enabling the verification of such projects as the ones which allow their compilation through MinGW compilers. Also, integration of the analyzer into build systems of such projects is similar to utilization of the analyzer with other projects lacking MSVC .sln files as it is described in detail in the corresponding documentation. As a reminder, the project which does include .sln file could be verified through command line in a regular way as well, not requiring the direct integration of the analyzer into the its' build system.
PVS-Studio 4.61 (May 22, 2012)
- Navigation for messages containing references to multiple lines was improved. Some of diagnostic messages (V595 for example) are related to several lines of source code at once. Previously, the 'Line' column of PVS-Studio Output Window contained only a single line number while other lines were only mentioned in the text of such message itself. This was inconvenient for the navigation. As of this version the fields of the 'Line' column could contain several line numbers allowing navigation for each individual line.
- A new build of Clang is included which contains several minor bug fixes. PVS-Studio uses Clang as an alternative preprocessor. Please note that PVS-Studio does not utilize Clang static analysis diagnostics.
- New diagnostic - V612. An unconditional 'break/continue/return/goto' within a loop.
- New diagnostic - V613. Strange pointer arithmetic with 'malloc/new'.
- New diagnostic - V614. Uninitialized variable 'Foo' used.
PVS-Studio 4.60 (April 18, 2012)
- A new "Optimization" (OP) group allows the diagnostics of potential optimizations. It is a static analysis rule set for identification of C/C++/C++11 source code sections which could be optimized. It should be noted that the analyzer solves the task of optimization for the narrow area of micro-optimizations. A full list of diagnostic cases is available in the documentation (codes V801-V807).
- A total number of false positive messages for the 64-bit analyzer (Viva64) was decreased substantially.
- Messages will not be produced for autogenerated files (MIDL).
- Logics behind prompting save dialog for analysis report were improved.
- Issue with Visual Studio Chinese localized version was fixed (the zh locale).
- New diagnostic V610. Undefined behavior. Check the shift operator.
- New diagnostic V611. The memory allocation and deallocation methods are incompatible.
PVS-Studio 4.56 (March 14, 2012)
- TraceMode option was added to Common Analyzer Settings. This setting could be used to specify the tracing mode (logging of a program's execution path).
- An issue concerning the verification of Itanium-based projects was fixed.
- An issue concerning the calling of the 64-bit version of clang.exe instead of the 32-bit one from within the 32-bit Windows while checking the project with selected x64 architecture was fixed.
- A number of cores to be used for incremental analysis were changed. As of now the regular analysis (Check Solution/project/file) will utilize the exact number of cores specified in the settings. The incremental analysis will use a different value: if the number of cores from the settings is greater than (number of system cores - 1) and there is more than one core in the system then the (number of system cores - 1) will be utilized for it; otherwise the value from the settings will be used. Simply put the incremental analysis will utilize one core less compared to the regular one for the purpose of easing the load on the system.
- New diagnostic V608. Recurring sequence of explicit type casts.
- New diagnostic V609. Divide or mod by zero.
PVS-Studio 4.55 (February 28, 2012)
- New trial extension window.
- A crash which occurs after reloading current project while code analysis is running was fixed.
- The installer (in case it is the first-time installation) now provides the option to enable PVS-Studio incremental analysis. In case PVS-Studio was installed on system before this option will not be displayed. Incremental analysis could be enabled or disabled through the "Incremental Analysis after Build" PVS-Studio menu command.
- As of now the default number of threads for analysis is equal to the number of processors minus one. This could be modified through the 'ThreadCount' option in PVS-Studio settings.
- New article in documentation: "PVS-Studio's incremental analysis mode".
- Additional functionality for the command line version mode — it is now possible to process several files at once, similar to the compiler batch mode (cl.exe file1.cpp file2.cpp). A more detailed description on command line mode is available in the documentation.
- A support for Microsoft Visual Studio ARMV4 project types was removed.
- New diagnostic V604. It is odd that the number of iterations in the loop equals to the size of the pointer.
- New diagnostic V605. Consider verifying the expression. An unsigned value is compared to the number - NN.
- New diagnostic V606. Ownerless token 'Foo'.
- New diagnostic V607. Ownerless expression 'Foo'.
PVS-Studio 4.54 (February 1, 2012)
- New trial mode was implemented. As of now only a total number of clicks on messages will be limited. More details can be found in our blog or documentation.
- New menu command "Disable Incremental Analysis until IDE restart" was added. Sometimes disabling the incremental analysis can be convenient, for instance when editing some core h-files, as it forces a large number of files to be recompiled. But it should not be disabled permanently, only temporary, as one can easily forget to turn it on again later. This command is also available in the system tray during incremental analysis.
- New diagnostic V602. Consider inspecting this expression. '<' possibly should be replaced with '<<'.
- New diagnostic V603. The object was created but it is not being used. If you wish to call constructor, 'this->Foo::Foo(....)' should be used.
- New diagnostic V807. Decreased performance. Consider creating a pointer/reference to avoid using the same expression repeatedly.
- New article in documentation: "PVS-Studio menu commands".
PVS-Studio 4.53 (January 19, 2012)
- New command for team work: "Add TODO comment for Task List". PVS-Studio allows you to automatically generate the special TODO comment containing all the information required to analyze the code fragment marked by it, and to insert it into the source code. Such comment will immediately appear inside the Visual Studio Task List window.
- New diagnostic V599. The virtual destructor is not present, although the 'Foo' class contains virtual functions.
- New diagnostic V600. Consider inspecting the condition. The 'Foo' pointer is always not equal to NULL.
- New diagnostic V601. An odd implicit type casting.
PVS-Studio 4.52 (December 28, 2011)
- Changes were introduced to the .sln-file independent analyzer command line mode. It is now possible to start the analysis in several processes simultaneously, the output file (‑‑output-file) will not be lost. The entire command line of arguments including the filename should be passed into the cl-params argument: ‑‑cl-params $(CFLAGS) $**.
- The "Analysis aborted by timeout" error was fixed, it could have been encountered while checking .sln file through PVS-Studio.exe command line mode.
- New diagnostic V597. The compiler could delete the 'memset' function call, which is used to flush 'Foo' buffer. The RtlSecureZeroMemory() function should be used to erase the private data.
- New diagnostic V598. The 'memset/memcpy' function is used to nullify/copy the fields of 'Foo' class. Virtual method table will be damaged by this.
PVS-Studio 4.51 (December 22, 2011)
- The issue concerning the #import directive when using Clang preprocessor was fixed. #import is supported by Clang differently from Microsoft Visual C++, therefore it is impossible to use Clang with such files. This directive is now automatically detected, and Visual C++ preprocessor is used for these files.
- 'Don't Check Files' settings used for file and directory exclusions were significantly revised. As of now the folders to be excluded (either by their full and relative paths or my a mask) could be specified independently, as well as the files to be excluded (by their name, extension or a mask as well).
- Some libraries were added to the default exclusion paths. This can be modified on the 'Don't Check Files' page.
PVS-Studio 4.50 (December 15, 2011)
- An external preprocessor is being utilized to preprocess files with PVS-Studio. It is only Microsoft Visual C++ preprocessor that had been employed for this task in the past. But in 4.50 version of PVS-Studio the support for the Clang preprocessor had been added, as its performance is significantly higher and it lacks some of the Microsoft's preprocessor shortcomings (although it also possesses issues of its own). Still, the utilization of Clang preprocessor provides an increase of operational performance by 1.5-1.7 times in most cases. However there is an aspect that should be considered. The preprocessor to be used can be specified from within the PVS-Studio Options -> Common Analyzer Settings -> Preprocessor field. The available options are: VisualCPP, Clang and VisualCPPAfterClang. The first two of these are self evident. The third one indicates that Clang will be used at first, and if preprocessing errors are encountered, the same file will be preprocessed by the Visual C++ preprocessor instead. This option is a default one (VisualCPPAfterClang).
- By default the analyzer will not produce diagnostic messages for libpng and zlib libraries (it is still possible to re-enable them).
- New diagnostic V596. The object was created but it is not being used. The 'throw' keyword could be missing.
PVS-Studio 4.39 (November 25, 2011)
- New diagnostics were implemented (V594, V595).
- By default the analyzer will not produce diagnostic messages for Boost library (it is still possible to re-enable them).
- Progress dialog will not be shown anymore during incremental analysis, an animated tray icon, which itself will allow pausing or aborting the analysis, will be used instead.
- New "Don't Check Files and hide all messages from ..." command was added to the output window context menu. This command allows you to filter the messages and afterwards prevent the verification of files from the specified directories. The list of filtered directories can be reviewed in "Don't Check Files" options page.
- The detection of Intel C++ Compiler integration have been revamped - PVS-Studio will not run on projects using this compiler, it is required to replace the compiler with Visual C++ one.
- "Quick Filters" functionality was implemented. It allows filtering all the messages which do not meet the specified filtering settings.
PVS-Studio 4.38 (October 12, 2011)
- Speed increase (up to 25% for quad core computers).
- "Navigate to ID" command added to the context menu of PVS-Studio window.
- New "Find in PVS-Studio Output" tool window allows searching of keywords in analysis results.
- New diagnostic rules added (V2005).
- Options button on PVS-Studio Output Window was renamed to Suppression and now contain only three tab pages.
PVS-Studio 4.37 (September 20, 2011)
- New diagnostic rules added (V008, V2003, V2004).
- Now you can export PVS-Studio analysis report to text file.
- We use extended build number in some case.
PVS-Studio 4.36 (August 31, 2011)
- New diagnostic rules added (V588, V589, V590, V591, V592, V593).
- Changes in PVS-Studio menu.
PVS-Studio 4.35 (August 12, 2011)
- New diagnostic rules added (V583, V584, V806, V585, V586, V587).
PVS-Studio 4.34 (July 29, 2011)
- Now 64-bit analysis disabled by default.
- Now Incremental Analysis enabled by default.
- Changes of behavior in trial mode.
- PVS_STUDIO predefined macro was added.
- Fixed problem with Incremental Analysis on localized versions of Visual Studio.
- Balloon notification and tray icon (after analysis finished) was added.
- New diagnostic rules added (V582).
- Changed image to display on the left side of the wizard in the Setup program.
PVS-Studio 4.33 (July 21, 2011)
- Incremental Analysis feature now available for all versions of Microsoft Visual Studio (2005/2008/2010).
- Speed increase (up to 20% for quad core computers).
- New diagnostic rules added (V127, V579, V580, V581).
PVS-Studio 4.32 (July 15, 2011)
- Changes in PVS-Studio's licensing policy.
- Dynamic balancing of CPU usage.
- Stop Analysis button work faster.
PVS-Studio 4.31 (July 6, 2011)
- Fixed problem related to interaction with other extensions (including Visual Assist).
- New diagnostic rules added (V577, V578, V805).
PVS-Studio 4.30 (June 23, 2011)
- The full-fledged support for analyzer's operation through command line was implemented. It is possible to verify independent files or sets of files launching the analyzer from Makefile. Also the analyzer's messages can be viewed not only on screen (for each file), but they also can be saved into single file, which later can be opened in Visual Studio and the regular processing of the analysis' results can be performed, complete with setting up error codes, message filters, code navigation, sorting etc. Details.
- New important mode of operation: Incremental Analysis. As of this moment PVS-Studio can automatically launch the analysis of modified files which are required to be rebuilt using 'Build' command in Visual Studio. All of developers in a team can now detect issues in newly written code without the inconvenience of manually launching the source code analysis - it happens automatically. Incremental Analysis operates similar to Visual Studio IntelliSence. The feature is available only in Visual Studio 2010. Details.
- "Check Selected Item(s)" command was added.
- Changes in starting "Check Solution" via command line. Details.
- New diagnostic rules added (V576).
PVS-Studio 4.21 (May 20, 2011)
- New diagnostic rules added (V220, V573, V574, V575).
- TFS 2005/2008/2010 integration was added.
PVS-Studio 4.20 (April 29, 2011)
- New diagnostic rules added (V571, V572).
- Experimental support for ARMV4/ARMV4I platforms for Visual Studio 2005/2008 (Windows Mobile 5/6, PocketPC 2003, Smartphone 2003).
- New "Show License Expired Message" option.
PVS-Studio 4.17 (April 15, 2011)
- New diagnostic rules added (V007, V570, V804)
- Incorrect display of analysis time in some locales has been fixed.
- New "Analysis Timeout" option. This setting allows you to set the time limit, by reaching which the analysis of individual files will be aborted with V006 error, or to completely disable analysis termination by timeout.
- New "Save File After False Alarm Mark" option. It allows to save or not to save a file each time after marking it as False Alarm.
- New "Use Solution Folder As Initial" option. It defines the folder which is opened while saving the analysis results file.
PVS-Studio 4.16 (April 1, 2011)
- It is possible now to define a list of files to be analyzed while launching the tool from command line. This can be used, for example, to check only the files which were updated by a revision control system. Details.
- "Check only Files Modified In" option has been added into tool's settings. This option allows you to define the time interval in which the presence of modifications in analyzed files will be controlled using "Date Modified" file attribute. In other words, this approach would allow for verification of "all files modified today". Details.
PVS-Studio 4.15 (March 17, 2011)
- There are much fewer false alarms in 64-bit analysis.
- Changes in the interface of safe-type definition.
- The error of processing stdafx.h in some special cases is fixed.
- Handling of the report file was improved.
- The progress dialogue was improved: you can see the elapsed time and the remaining time.
PVS-Studio 4.14 (March 2, 2011)
- There are much fewer false alarms in 64-bit analysis.
- New diagnostic rules were added (V566, V567, V568, V569, V803).
- A new column "Asterisk" was added in the PVS-Studio message window - you may use it to mark interesting diagnoses with the asterisk to discuss them with your colleagues later. The marks are saved in the log file.
- Now you may access PVS-Studio options not only from the menu (in the usual settings dialogue) but in the PVS-Studio window as well. This makes the process of setting the tool quicker and more convenient.
- Now you may save and restore PVS-Studio settings. It enables you to transfer the settings between different computers and workplaces. We also added the "Default settings" command.
- The state of PVS-Studio window's buttons (enabled/disabled) is saved when you launch Microsoft Visual Studio for the next time.
PVS-Studio 4.13 (February 11, 2011)
- New diagnostic rules are added V563, V564, and V565).
- The "Check for updates" command is added into the PVS-Studio menu.
- The "Hide all VXXX errors" command is added into context menu in PVS-Studio window. If you wish to enable the display of VXXX error messages again you can do it through PVS-Studio->Options->Detectable errors page.
- Suppressing false positives located within macro statements (#define) is added.
PVS-Studio 4.12 (February 7, 2011)
- New diagnostic rules are added (V006, V204, V205, V559, V560, V561, and V562).
- Changes in V201 and V202 diagnostic rules.
PVS-Studio 4.11 (January 28, 2011)
- V401 rule changed to V802.
- Fixed bug with copying messages to clipboard.
PVS-Studio 4.10 (January 17, 2011)
- New diagnostic rules are added (V558).
PVS-Studio 4.00 (December 24, 2010)
- New diagnostic rules are added (V546-V557).
- The issue of processing property sheets in Visual Studio 2010 is fixed.
- The error of traversing projects' tree is fixed.
- The "Project" field is added into the PVS-Studio window - it shows the project the current diagnostic message refers to.
- The issue of installing PVS-Studio for Visual Studio 2010 is fixed - now PVS-Studio is installed not only for the current user but for all the users.
- The crash is fixed occurring when trying to save an empty report file.
- The issue of absent safe_types.txt file is fixed.
- The error is fixed which occurred when trying to check files included into the project but actually absent from the hard disk (for instance, autogenerated files).
- Indication of processing the project's tree is added.
- The file with PVS-Studio's analysis results (.plog extension) is now loaded by double-click.
- The licensing policy is changed.
PVS-Studio 4.00 BETA (November 24, 2010)
- A new set of general-purpose static analysis rules (V501-V545, V801).
- New diagnostic rules are added (V124-V126).
- Changes in the licensing policy.
- A new window for diagnostic messages generated by the analyzer.
- Speed increase.
PVS-Studio 3.64 (27 September 2010)
- Major documentation update, new sections was added.
PVS-Studio 3.63 (10 September 2010)
- Fixed bug which occurred sometimes during analysis of files located on non-system partitions.
- Fixed bug in calculation of macros' values for certain individual files (and not the whole project).
- "What Is It?" feature was removed.
- Issues examples for 64-bit code (PortSample) and parallel code (ParallelSample) are merged into single OmniSample example, which is described particularly in documentation.
- Fixed crash related to presence of unloaded project in Visual Studio solution.
PVS-Studio 3.62 (16 August 2010)
- New rule V123: Allocation of memory by the pattern "(X*)malloc(sizeof(Y))"
- The analysis of the code from command line (without Visual Studio project) is improved.
- Diagnostic messages from tli/tlh files do not produced by default.
PVS-Studio 3.61 (22 July 2010)
- Fixed crash in VS2010 with EnableAllWarnings key enabled in project settings.
- Fixed bug related to analysis projects that does excluded from build in Configuration Manager.
- The analysis of the code is considerably improved.
PVS-Studio 3.60 (10 June 2010)
- New rule V122: Memsize type is used in the struct/class.
- New rule V303: The function is deprecated in the Win64 system. It is safer to use the NewFOO function.
- New rule V2001: Consider using the extended version of the FOO function here.
- New rule V2002: Consider using the 'Ptr' version of the FOO function here.
PVS-Studio 3.53 (7 May 2010)
- "What Is It?" feature is added. Now you can ask PVS-Studio developers about diagnistic messages produced by our analyzer.
- The analysis of the code related to usage of unnamed structures is considerably improved.
- Fixed bug in structure size evaluation in certain cases.
PVS-Studio 3.52 (27 April 2010)
- New online help has been added. The previous help system integrated into MSDN. It was not very convenient for some reasons (both for us and users). Now PVS-Studio will open the help system on our site. We refused to integrate it into MSDN anymore. As before, the pdf-version
- of the documentation is also available.
- We stopped supporting Windows 2000.
- The settings page "Exclude From Analysis" was deleted - there is now the page "Don't Check Files" instead.
- Work in Visual Studio 2010 was improved.
- We eliminated the issue of integration into VS2010 when reinstalling.
- We fixed work of the function "Mark As False Alarm" with read-only files.
PVS-Studio 3.51 (16 April 2010)
- PVS-Studio supports Visual Studio 2010 RTM.
- New rule: V003: Unrecognized error found...
- New rule: V121: Implicit conversion of the type of 'new' operator's argument to size_t type.
- You may specify filemasks on the tab "Don't Check Files" to exclude some files from analysis.
- "Exclude From Analysis" option page improved.
- MoreThan2Gb option removed from "Viva64" option page (this option is deprecated).
- If you want check code from command line then you must indicate analyzer type (Viva64 or VivaMP).
- Priority of analyzer's process is reduced. Now you can work on computer more suitable while analysis is running.
PVS-Studio 3.50 (26 March 2010)
- PVS-Studio supports Visual Studio 2010 RC. Although Visual Studio has not been released officially yet, we have already added the support for this environment into the analyzer. Now PVS-Studio integrates into Visual Studio 2010 and can analyze projects in this environment. Help system in Visual Studio 2010 has been changed, so the Help section of PVS-Studio does not integrate into the documentation yet as it is done in Visual Studio 2005/2008. But you still may use online-Help. Support of Visual Studio 2010 RC is not complete.
- A new PDF-version of Help system is available. Now we ship a 50-page PDF-document in the PVS-Studio distribution kit. It is a full copy of our Help system (that integrates into MSDN in Visual Studio 2005/2008 and is available online).
- PVS-Studio now has a new mechanism that automatically checks for new versions of the tool on our site. Checking for the updates is managed through the new option CheckForNewVersions in the settings tab called "Common Analyzer Settings". If the option CheckForNewVersions is set to True, a special text file is downloaded from pvs-studio.com site when you launch code testing (the commands Check Current File, Check Current Project, Check Solution in PVS-Studio menu). This file contains the number of the latest PVS-Studio version available on the site. If the version on the site is newer than the version installed on the user computer, the user will be asked for a permission to update the tool. If the user agrees, a special separate application PVS-Studio-Updater will be launched that will automatically download and install the new PVS-Studio distribution kit. If the option CheckForNewVersions is set to False, it will not check for the updates.
- We have implemented the support for the standard C++0x at the level it was done in Visual Studio 2010. Now it supports lambda expressions, auto, decltype, static_assert, nullptr, etc. In the future, as C++0x support in Visual C++ is developing, the analyzer PVS-Studio will also provide support for the new C++ language capabilities.
- Now you can check solutions with PVS-Studio from the command line instead of Visual Studio environment. Note that we still mean that the checking will be performed from Visual Studio involving the files of projects (.vcproj) and solutions (.sln) but it will be launched from the command line instead of IDE. This way of launching the tool may be useful when you need to regularly check the code with the help of build systems or continuous integration systems.
- New rule V1212: Data race risk. When accessing the array 'foo' in a parallel loop, different indexes are used for writing and reading.
- We added a code signature certificate in the new version of our tool. It is done for you to be sure that the distribution kit is authentic, and get fewer warnings from the operating system when installing the application.
PVS-Studio 3.44 (21 January 2010)
- Partial support of code testing for Itanium processors. Now the code that builds in Visual Studio Team System for Itanium processors may be also tested with the analyzer. Analysis can be performed on x86 and x64 systems but analysis on Itanium is not implemented yet.
- We reduced the number of the analyzer's false alarms when analyzing an array access. Now, in some cases, the analyzer "understands" the ranges of values in the for loop and does not generate unnecessary warnings on accessing arrays with these indexes. For example: for (int i = 0; i < 8; i++) arr[i] = foo(); // no warning from the analyzer.
- The number of the analyzer's false alarms is reduced - we introduced a list of data types that do not form large arrays. For example, HWND, CButton. Users may compose their own type lists.
- The installer error is corrected that occurs when installing the program into a folder different than the folder by default.
PVS-Studio 3.43 (28 December 2009)
- Option ShowAllErrorsInString removed (now it always has the value true).
- New rule V120: Member operator[] of object 'foo' declared with 32-bit type argument, but called with memsize type argument.
- New rule V302: Member operator[] of 'foo' class has a 32-bit type argument. Use memsize-type here.
- Operator[] analysis enhanced.
- Error of long removal of the program in case of recurrent installation "over the program again" corrected.
- Fixed problem related to analysis files with "^" character in filename.
PVS-Studio 3.42 (9 December 2009)
- Errors diagnostics with magic numbers enhanced. Now in a message about a problem, more information is given out; this allows to use filters in a more flexible way.
- Error during work with precompiled header files of special type corrected.
- Option DoTemplateInstantiate is now turned on by default.
- Error with preprocessor hang-up at large number of preprocessor messages corrected.
- Analysis of operator[] enhanced.
PVS-Studio 3.41 (30 November 2009)
- Error of same name files analysis during work on a multicore machine corrected.
- Error of incorrect diagnostics of some types of cast-expressions corrected.
- Parsing of overloaded functions in the analyzer improved considerably.
- Diagnostics of incorrect use of time_t type added.
- Processing of special parameters in the settings of Visual C++ project files added.
PVS-Studio 3.40 (23 November 2009)
- A new feature "Mark as False Alarm" has been added. Due to it, it is now possible to mark those lines in the source code in which false alarm of the code analyzer happens. After such marking, the analyzer will not output any diagnostic messages for such code any more. This allows to use the analyzer constantly and more conveniently in the process of software development for new code verification.
- Project Property Sheets support added, a procedure of easy-to-use Visual Studio projects setup.
- During the verification of parallel programs, the analyzer can walk the code twice, this will allow to collect more information and carry out more precise diagnostics of some errors.
PVS-Studio 3.30 (25 September 2009)
- In PVS-Studio, the possibility of testing 32-bit projects for estimating the complexity and cost of code migration to 64-bit systems has been added.
- A new rule for 64-bit code analysis has been added, V118: malloc() function accepts a dangerous expression in the capacity of an argument.
- A new rule for 64-bit code analysis has been added, V119: More than one sizeof() operators are used in one expression.
- A new rule for parallel code analysis has been added, V1211: The use of 'flush' directive has no sense for private '%1%' variable, and can reduce performance.
- Combined operation with Intel C++ Compiler has been improved (crash at the attempt of code verification with installed Intel C++ Compiler has been corrected.)
- Localized versions of Visual Studio support has been enhanced.
PVS-Studio 3.20 (7 September 2009)
- The error of incorrect output of some messages in Visual Studio localized versions has been corrected.
- Log-file loading improved.
- Critical errors processing improved - now it is easy to inform us on possible tools problems.
- Installer operation improved.
- Project files walking error corrected.
PVS-Studio 3.10 (10 August 2009)
- Templates instantiating support has been added. Now the search of potential errors is carried out not simply by template body (as it was earlier), but also template parameters substitution is made for more thorough diagnostics.
- The code analyzer can work in the mode of Linux environment simulation. We have added the support of various data models. That is why, now it is possible to verify cross platform programs on a Windows system the way it would be carried out on a Linux system.
- The error connected with incorrect functioning of the analyzer of parallel errors in 32-bit environment has been corrected.
- The work of the analyzer with templates has been considerably improved.
PVS-Studio 3.00 (27 July 2009)
- Software products Viva64 and VivaMP are united into one program complex PVS-Studio.
- The new version is a significantly upgraded software product.
- Operation of the unit of integration into Visual Studio is much more stable.
- Operation rate in multi-processor systems is increased: analysis is performed in several threads, and the number of the analyzer's operating threads can be set with the help of "Thread Count" option. By default the number of threads corresponds to the number of cores in the processor but it can be reduced.
- A possibility to operate the analyzer from the command line is added. A new option "Remove Intermediate Files" is added into the settings of the program which allows you not to remove command files created during the code analyzer's operation. These command files can be launched separately without launching Visual Studio to perform analysis. Besides, when creating new command files you can perform by analogy analysis of the whole project without using Visual Studio.
- It became more simple, convenient and quick to operate diagnosis of separate errors. Now you can enable and disable the function of showing separate errors in the analysis' results. What is the most important is that changing of the message list is performed automatically without the necessity of relaunching analysis. Having performed analysis you can scroll through the list of errors or simply disable showing of those errors which are not relevant to you project.
- Operating with error filters has been improved greatly. Filters for hiding some messages are now defined simply as a list of strings. Like in case of diagnosing separate errors, using filters doesn't demand relaunching analysis.
- Change of licensing policy. Although PVS-Studio is a single product, we provide licensing both for separate analysis units such as Viva64 and VivaMP and for all the units together. Besides, there are licenses for one user or for a team of developers. All these changes are reflected in registration keys.
- Support of localized versions of Visual Studio has been improved greatly.
- Help system for a new version of PVS-Studio integrating into MSDN has been modified and improved greatly. Description of new sections allows you to master operation with the software product better.
- Graphic design of the software product has been improved. New icons and graphics in the installer make the analyzer's appearance more beautiful.
VivaMP 1.10 (20 April 2009)
- The analysis of the code containing calls of the class static functions has been improved.
- New diagnostic rules for the analysis of errors connected with the exceptions V1301, V1302, V1303 have been implemented.
- The error of the incorrect display of the analysis progress indicator on machines with non-standard DPI has been corrected.
- Some other enhancements have been implemented.
VivaMP 1.00 (10 March 2009)
VivaMP 1.00 beta (27 November 2008)
- First public beta version release on the Internet.
Viva64 2.30 (20 April 2009)
- New diagnostic rule V401 has been implemented.
- Constants processing has been improved, in a number of cases, this reduces the quantity of false diagnostic warnings.
- The error of the incorrect display of the analysis progress indicator on machines with non-standard DPI has been corrected.
- A number of errors have been corrected.
Viva64 2.22 (10 Mach 2009)
- Collaboration of Viva64 and VivaMP is improved.
- Analyzer performance is improved up to 10%.
Viva64 2.21 (27 November 2008)
- Collaboration of Viva64 and VivaMP is added.
Viva64 2.20 (15 October 2008)
- Diagnosis of potentially unsafe constructions is improved. As the result the number of the code analyzer's "false alarms" is reduced approximately by 20%. Now the developer will spend less time to analyze the code diagnosed as potentially unsafe.
- Help system is amended. It has been extended and new examples have been added. As diagnosis of potentially unsafe constructions is improved in this version Help system has been also supplemented with explanations concerning the constructions which are now considered safe.
- The speed of a project's structure analysis is raised. Now the same work is performed 10 times quicker. As the result the total time of the whole project's analysis is reduced.
- C++ template analysis is improved. It's not a secret that far not all the code analyzers understand templates. We're constantly working to improve diagnosis of potentially unsafe constructions in templates. Such an improvement is made in this version.
- Format of some code analyzer's messages is amended to make it possible to set filters more accurately. Thus now, for example, the analyzer doesn't only inform about an incorrect index type while accessing an array but also shows the name of the array itself. If the developer is sure that such an array cannot cause problems in 64-bit mode at all he can filter all the messages concerning this array's name.
Viva64 2.10 (05 September 2008)
- Visual C++ 2008 Service Pack 1 support is added.
Viva64 2.0 (09 July 2008)
- Visual C++ 2008 Feature Pack (and TR1) support is added.
- Pedantic mode is added which allows you to find constructions potentially dangerous but rarely causing errors.
- Diagnosis of template functions is improved
Viva64 1.80 (03 February 2008)
- Visual Studio 2008 is fully supported now.
- Source code analysis speed is increased.
- Installer is improved. Now you can install Viva64 without administrator privileges for personal usage.
Viva64 1.70 (20 December 2007)
- The support of a new diagnostic message (V117) is added. Memsize type used in union.
- Fixed critical bug related to detection of more than one errors in source line.
- Fixed bug in type evaluation in some complex syntax.
- User Interface is improved. Now you can see a common analysis progress indicator.
- Visual Studio 2008 support is added (BETA).
Viva64 1.60 (28 August 2007)
- The support of a new diagnostic message (V112) is added. Dangerous magic number used.
- The support of a new diagnostic message (V115) is added. Memsize type used for throw.
- The support of a new diagnostic message (V116) is added. Memsize type used for catch.
- The restriction of a trial version is changed. In each analyzed file the location of only some errors is shown.
Viva64 1.50 (15 May 2007)
- C source analysis is fully supported. Now C source code may be analyzed correctly.
Viva64 1.40 (1 May 2007)
- Message suppression feature added. You can adjust filters on the message suppression page of the Viva64 settings to ignore some of the warning messages. For example, you can adjust filters to skip messages with particular error codes and messages including names of specific variables and functions.
- Ability to save/load analysis results added.
- Analysis results representation improved. The results are now displayed in the Visual Studio standard Error List window, just like the compiler messages.
Viva64 1.30 (17 March 2007)
- Representation of the process of the code analysis is improved. Unnecessary windows switching are removed, a general progress bar is created.
- Toolbar with Viva64 commands is added.
- The user now can point the analyzer if its program is using more than 2GB of RAM. On using less than 2GB some warning messages are disabled.
- The support of a new diagnostic message (V113) is added. Implicit type conversion from memsize to double type or vice versa.
- The support of a new diagnostic message (V114) is added. Dangerous explicit type pointer conversion.
- The support of a new diagnostic message (V203) is added. Explicit type conversion from memsize to double type or vice versa.
Viva64 1.20 (26 January 2007)
- Filtration of repeating error messages is added. It is useful when there are errors in header files. Earlier if *.h file with an error included into different *.cpp files the warning message about the error in the *.h file was shown several times. Now there is only one message about in the *.h file shown.
- Now Viva64 informs about the number of errors found after the code analysis. You can always see:
- - how much code is left to be checked;
- - how many errors are corrected already;
- - which modules contain the largest number of errors.
- Support of some hot keys is added. Now you can interrupt the analyzer's work with the help of Ctrl+Break. In case you want to check the current file just press Ctrl+Shift+F7.
- There are some errors of the analyzer's work corrected.
Viva64 1.10 (16 January 2007)
- With the help of the Viva64 analyzer itself we've prepared the 64-bit version of Viva64 at once! But you should not care about the choose of the right version during the installation. The installer will find out itself which version should be installed for your operation system.
- The support of a new rule is added. Now the parameters of the functions with the variable number of arguments are checked (V111-error code).
- There is no unnecessary diagnosis of the address to the array item with the help of enum values.
- There is no unnecessary diagnosis of the constructions of type int a = sizeof(int).
- The Help System is improved.
Viva64 1.00 (31 December 2006)
- First public release on the Internet.