To get a trial key
fill out the form below
Team license
Enterprise license
** By clicking this button you agree to our Privacy Policy statement

Request our prices
New License
License Renewal
--Select currency--
USD
EUR
RUB
* By clicking this button you agree to our Privacy Policy statement

Free PVS-Studio license for Microsoft MVP specialists
** By clicking this button you agree to our Privacy Policy statement

To get the licence for your open-source project, please fill out this form
** By clicking this button you agree to our Privacy Policy statement

I am interested to try it on the platforms:
** By clicking this button you agree to our Privacy Policy statement

Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
PVS-Studio 7.21: GitLab Code Quality, U…

PVS-Studio 7.21: GitLab Code Quality, Unreal Engine

Oct 19 2022

PVS-Studio 7.21 has been released. This short note describes the analyzer's main enhancements and lists our recent articles and quizzes.

1000_Release_7_21/image1.png

You can download PVS-Studio 7.21 here. If you don't have a license key, you can get a trial key here.

So, what's new?

GitLab Code Quality reports

1000_Release_7_21/image2.png

The PVS-Studio analyzer's results now can be converted into reports compatible with GitLab Code Quality. This will help monitor the quality of the project within the GitLab ecosystem.

The documentation on using PVS-Studio in GitLab CI/CD describes how to get a report of this type.

Closer integration with Unreal Engine

We keep enhancing support of Unreal Engine projects. And we have 3 news to share with you:

  • We taught the analyzer to understand more types specific to Unreal Engine projects. Fewer false positives, more accurate warnings.
  • We described how to check Unreal Engine projects with PVS-Studio on Linux.
  • Moreover, we made a pull request that allows to use more of the analyzer's settings in UE projects' analysis. For example, you can specify a timeout for file analysis. The changes have already been committed to the engine's code. The new features will be available in the next version of Unreal Engine.

Improving cross-platform scenarios

The PVS-Studio plugin for Visual Studio now supports JSON suppress files. This format was previously supported only in utilities on Linux and macOS. This simplifies the use of suppress files in cross-platform scenarios. It is also now easier to integrate PVS-Studio in the development process of cross-platform projects that contain legacy code.

New warning suppression features

Now you can automatically filter analyzer warnings whose messages contain the specified text. The feature allows you to suppress specific diagnostics' warnings that match a template — without disabling the diagnostics completely. You can create a filter of this kind in .pvsconfig files (C++, C#) or directly in code (C++ only).

Let's take a look at the following example. The V3022 diagnostic of PVS-Studio for C# is triggered if the expression in code is always true or false.

Here's the code fragment:

static void ProcessStr(String str)
{
  if (str == "temp")
  {
    if (str.Length != 0) // V3022 (expression is always true)
      ....
    
    if (str.Length == 0) // V3022 (expression is always false)
      ....
  }
}

Let's say we are not going to disable the V3022 diagnostic completely, but we only want to see warnings for conditions that are always false. So, we just need to create the following filter in the .pvsconfig file:

//-V::3022::{always true}

PVS-Studio will filter out V3022 warnings that contain the "always true" text. If you use this filter for the code fragment above, the first warning will be gone, while the second one will remain.

Diagnostic configuration files (.pvsconfig) documentation

Diagnostic configuration files allow to configure the analyzer to fit your needs, for example:

  • change the diagnostic level;
  • exclude warnings that match a certain pattern from the analysis results;
  • change the warning message, etc.

The new documentation section describes all features of .pvsconfig files and how to use these files in different environments.

New diagnostics

C, C++

  • V1090. The 'std::uncaught_exception' function is deprecated since C++17 and is removed in C++20. Consider replacing this function with 'std::uncaught_exceptions'.
  • V1091. The pointer is cast to an integer type of a larger size. Casting pointer to a type of a larger size is an implementation-defined behavior.
  • V1092. Recursive function call during the static/thread_local variable initialization might occur. This may lead to undefined behavior.

C#

  • V3178. Calling method or accessing property of potentially disposed object may result in exception.
  • V3179. Calling element access method for potentially empty collection may result in exception.
  • V3180. The 'HasFlag' method always returns 'true' because the value '0' is passed as its argument.
  • V3181. The result of '&' operator is '0' because one of the operands is '0'.
  • V3182. The result of '&' operator is always '0'.

Quizzes

We made a quiz on "Who you are in C#". You can try it here.

1000_Release_7_21/image3.png

By the way, leave a comment if you managed to get a different result than "You are a garbage collector". Because I don't know if it's me being so unlucky or if we're all being trolled by our C# team... :)

If you missed other activities, here they are:

  • quiz "Who you are in C++";
  • challenge "Can you spot an error in C# code?";
  • challenge "Can you spot an error in C++ code?".

Articles

For those who code in C++:

  • Top 10 C++ conference talks 2019—2022 (link);
  • Is there life without RTTI or How we wrote our own dynamic_cast (link);
  • Reworking C and C++ front-end — or how we deal with 16-year legacy code in PVS-Studio (link);
  • A talk with Jason Turner: the history of CppCast, and why it was shut down (link).

For those who code in C#:

  • Sorting in C#: OrderBy.OrderBy or OrderBy.ThenBy? What's more effective and why? (link);
  • List in C#: implementation and features (link);
  • The risks of using vulnerable dependencies in your project, and how SCA helps manage them (link);
  • Do you plan to take on .NET MAUI? Get ready for an adventure with NullReferenceException (link).

Checking projects for bugs:

  • Stride game engine (C#): link;
  • ML.NET — the machine learning framework (C#): link;
  • MSBuild build platform (C#): link;
  • Orchard Core — the framework and CMS (C#): link;
  • Rhino JavaScript engine (Java): link.

Latest articles:

Poll:

Comments (0)

Next comments
Unicorn with delicious cookie
Our website uses cookies to enhance your browsing experience.
Accept