Our website uses cookies to enhance your browsing experience.
Accept
to the top
>
>
Useful Improvements in the PVS-Studio 6…

Useful Improvements in the PVS-Studio 6.17 Release

Aug 30 2017
Author:

Today we released a new version of PVS-Studio 6.17 static analyzer. In this version there are improvements, which, in my opinion, deserve a small note. I suggest to get acquainted with them, and then download the latest version of the distribution package.

0526_PVS-Studio_6_17/image1.png

We continue to develop our analyzer in relation to Linux. In other words, the Linux version is overtaking Windows version of analyzer on its abilities. The next step was the implementation of a plugin for SonarQube quality control system and adding a mode of mass warnings suppression for Linux. More detailed information can be received from the documentation sections "Integration of PVS-Studio analysis results into SonarQube" and "How to run PVS-Studio on Linux".

In the command line module PVS-Studio_Cmd.exe a new incremental analysis mode "AppendScan" was added. The usage of this mode will let "accumulate" information about the files that need to be analyzed. Thus, more options of performing the analysis become available that will let you configure the analyzer in terms of the needs of the project. More details are given in the article "PVS-Studio's incremental analysis mode".

Several new diagnostics were added, but nothing remarkable:

  • C++. V821. The variable can be constructed in a lower level scope.
  • C++. V1001. The variable is assigned but is not used until the end of the function.
  • C#. V3135. The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead.
  • C#. V3136. Constant expression in switch statement.
  • C#. V3137. The variable is assigned but is not used until the end of the function.

A much more interesting feature is that a mechanism of virtual values was significantly redesigned in the kernel of C++ analyzer. For example, now the analyzer performs a double loop passage, which allows it to define the range of possible values of variables, changing in a loop, more accurately. So don't be surprised if the analyzer starts issuing many warnings for that code which used to seem correct for the analyzer. We definitely recommend to upgrade the analyzer version because this way you will be able to find new bugs.

Another interesting improvement is the ability to make C++ analyzer think that malloc function cannot return NULL. Some programmers don't want to deal with the situation when the malloc returns a null pointer. That is why, pointers are used without prior check and, as a consequence, PVS-Studio analyzer issues plenty of warnings. Developers consider them as false positives and they asked for the ability to modify the behavior of the analyzer. An example of such an approach is described in the article "Characteristics of PVS-Studio Analyzer by the Example of EFL Core Libraries". To configure the behavior of the analyzer special comments are used that are described in the section "Additional diagnostics configuration".

Also a plugin has been added in the distribution package which allows displaying analysis results in a Jenkins continuous integration system (so far available on Windows). This will allow you a better monitoring of the amount of potentially dangerous places in the project. A using the plugin for Jenkins is described in more detail in the article "Integrating PVS-Studio into the Continuous Integration Process" in the section "PVS-Studio plugin for Jenkins".

Other improvements:

  • The ability is also added to save reports of analyzer work from Visual Studio plugin and Standalone in txt\csv\html formats without a need to manually call PlogConverter.
  • License and file settings are now saved in UTF-8 encoding. For compatibility the analyzer supports files in UTF-16 format that we used previously.
  • A list of recently opened logs is added in a Visual Studio plugin menu.
  • Support of Visual Studio 2017 15.3 update.

Download and try the new version of the analyzer! Also, I'd like to take this opportunity to remind that we wrote a series of articles dedicated to a verification of a Tizen operating system code and hope they were interesting. If you missed the information about their publications, I suggest go over the links and get acquainted with these articles:

Popular related articles


Comments (0)

Next comments next comments
close comment form
close form

Fill out the form in 2 simple steps below:

Your contact information:

Step 1
Congratulations! This is your promo code!

Desired license type:

Step 2
Team license
Enterprise license
** By clicking this button you agree to our Privacy Policy statement
close form
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
* By clicking this button you agree to our Privacy Policy statement

close form
Free PVS‑Studio license for Microsoft MVP specialists
* By clicking this button you agree to our Privacy Policy statement

close form
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

close form
I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

close form
check circle
Message submitted.

Your message has been sent. We will email you at


If you do not see the email in your inbox, please check if it is filtered to one of the following folders:

  • Promotion
  • Updates
  • Spam