Here we'll talk about the most important topics and aspects related to the PVS‑Studio static analyzer. You'll find out not just how PVS‑Studio can help you - but also what mechanisms and approaches it uses.
Or you can view the presentation about the product features.
PVS‑Studio detects various errors – typos, dead code, and potential vulnerabilities (Static Application Security Testing, SAST).
The analyzer matches warnings to the Common Weakness Enumeration, SEI CERT Coding Standards, and supports the MISRA standard.
Click the links below to see PVS‑Studio warning classifications for various standards:
Windows
Visual Studio, C, C++, C++/CLI, C++/CX (WinRT)
MinGW C, C++
Texas Instruments Code Composer Studio, C6000-CGT, C, C++
Windows/Linux/macOS
GNU Arm Embedded Toolchain, Arm Embedded
GCC compiler, C, C++
GNU toolchain for RISC-V, C, C++
CLion, Qt Creator, Eclipse, GCC, Clang, C, C++
IntelliJ IDEA, Android Studio, Java
Visual Studio, JetBrains Rider, C#, .NET Framework, .NET
Windows/Linux
IAR Embedded Workbench, C/C++ Compiler for ARM C, C++
QNX Momentics, QCC C, C++
Keil µVision, DS-MDK, ARM Compiler 5/6 C, C++
Texas Instruments Code Composer Studio, ARM Code
Generation Tools C, C++
MPLAB XC8 C
A special filter chooses those warnings that most likely indicate an error.
This way you will only work with warnings issued on the newly written code.
Over the years, we have built a team of proven code analysis experts. Clients get support directly from our analyzer developers.
You can use our analyzer offline. This includes the installation, activation, launch, source code analysis, and all other use case scenarios. This is a perfect solution for companies that employ isolated development environments and develop software for finance or government sectors.
To take a quick peek at the analyzer, use the compilation monitoring system. It is designed for Windows and Linux and does not require you to integrate PVS‑Studio into a project.
We have developed more than 900 diagnostic rules and add new ones every month.
Many apps are created for several platforms to meet the current market's demand. Our cross-platform analyzer provides such clients with full code coverage.
The analyzer reports are available in Html, Xml, Csv, Txt, Json, CompileError, TaskList, TeamCity formats. The report generator itself is posted on GitHub for custom modifications.
You can choose one of the three easy approaches: run the analyzer from the command line, integrate it into a build script or CI.
To enhance interaction with the analyzer, we provide plugins for Visual Studio, IntelliJ IDEA, Rider, SonarQube, Jenkins, and other similar products.
Some clients are uncertain about introducing an analyzer into their development process because of the large code base. PVS‑Studio accommodates these clients by introducing Legacy code checking mode. You can install PVS‑Studio, hide warnings for old (Legacy) code until later, and use the analyzer to check new code.
Static analysis implies you’ll get false warnings. In addition to contacting our support, users have many ways to deal with false positives. This makes the work with the analyzer very convenient.