Plan du site
- Errors detected in Open Source projects by the PVS-Studio developers through static analysis
- Examples of errors detected by the V501 diagnostic
- Examples of errors detected by the V502 diagnostic
- Examples of errors detected by the V503 diagnostic
- Examples of errors detected by the V505 diagnostic
- Examples of errors detected by the V507 diagnostic
- Examples of errors detected by the V509 diagnostic
- Examples of errors detected by the V510 diagnostic
- Examples of errors detected by the V511 diagnostic
- Examples of errors detected by the V512 diagnostic
- Examples of errors detected by the V514 diagnostic
- Examples of errors detected by the V516 diagnostic
- Examples of errors detected by the V517 diagnostic
- Examples of errors detected by the V518 diagnostic
- Examples of errors detected by the V519 diagnostic
- Examples of errors detected by the V520 diagnostic
- Examples of errors detected by the V521 diagnostic
- Examples of errors detected by the V522 diagnostic
- Examples of errors detected by the V523 diagnostic
- Examples of errors detected by the V524 diagnostic
- Examples of errors detected by the V525 diagnostic
- Examples of errors detected by the V526 diagnostic
- Examples of errors detected by the V527 diagnostic
- Examples of errors detected by the V528 diagnostic
- Examples of errors detected by the V529 diagnostic
- Examples of errors detected by the V530 diagnostic
- Examples of errors detected by the V531 diagnostic
- Examples of errors detected by the V532 diagnostic
- Examples of errors detected by the V533 diagnostic
- Examples of errors detected by the V535 diagnostic
- Examples of errors detected by the V536 diagnostic
- Examples of errors detected by the V537 diagnostic
- Examples of errors detected by the V538 diagnostic
- Examples of errors detected by the V540 diagnostic
- Examples of errors detected by the V541 diagnostic
- Examples of errors detected by the V542 diagnostic
- Examples of errors detected by the V543 diagnostic
- Examples of errors detected by the V547 diagnostic
- Examples of errors detected by the V549 diagnostic
- Examples of errors detected by the V550 diagnostic
- Examples of errors detected by the V554 diagnostic
- Examples of errors detected by the V556 diagnostic
- Examples of errors detected by the V557 diagnostic
- Examples of errors detected by the V559 diagnostic
- Examples of errors detected by the V560 diagnostic
- Examples of errors detected by the V561 diagnostic
- Examples of errors detected by the V562 diagnostic
- Examples of errors detected by the V563 diagnostic
- Examples of errors detected by the V564 diagnostic
- Examples of errors detected by the V565 diagnostic
- Examples of errors detected by the V567 diagnostic
- Examples of errors detected by the V568 diagnostic
- Examples of errors detected by the V570 diagnostic
- Examples of errors detected by the V571 diagnostic
- Examples of errors detected by the V572 diagnostic
- Examples of errors detected by the V575 diagnostic
- Examples of errors detected by the V576 diagnostic
- Examples of errors detected by the V578 diagnostic
- Examples of errors detected by the V579 diagnostic
- Examples of errors detected by the V581 diagnostic
- Examples of errors detected by the V583 diagnostic
- Examples of errors detected by the V584 diagnostic
- Examples of errors detected by the V586 diagnostic
- Examples of errors detected by the V587 diagnostic
- Examples of errors detected by the V588 diagnostic
- Examples of errors detected by the V590 diagnostic
- Examples of errors detected by the V591 diagnostic
- Examples of errors detected by the V592 diagnostic
- Examples of errors detected by the V593 diagnostic
- Examples of errors detected by the V594 diagnostic
- Examples of errors detected by the V595 diagnostic
- Examples of errors detected by the V597 diagnostic
- Examples of errors detected by the V598 diagnostic
- Examples of errors detected by the V599 diagnostic
- Examples of errors detected by the V600 diagnostic
- Examples of errors detected by the V601 diagnostic
- Examples of errors detected by the V603 diagnostic
- Examples of errors detected by the V604 diagnostic
- Examples of errors detected by the V606 diagnostic
- Examples of errors detected by the V607 diagnostic
- Examples of errors detected by the V610 diagnostic
- Examples of errors detected by the V611 diagnostic
- Examples of errors detected by the V612 diagnostic
- Examples of errors detected by the V614 diagnostic
- Examples of errors detected by the V617 diagnostic
- Examples of errors detected by the V624 diagnostic
- Examples of errors detected by the V627 diagnostic
- Examples of errors detected by the V629 diagnostic
- Examples of errors detected by the V631 diagnostic
- Examples of errors detected by the V636 diagnostic
- Examples of errors detected by the V637 diagnostic
- Examples of errors detected by the V640 diagnostic
- Examples of errors detected by the V642 diagnostic
- Examples of errors detected by the V645 diagnostic
- Examples of errors detected by the V648 diagnostic
- Examples of errors detected by the V649 diagnostic
- Examples of errors detected by the V656 diagnostic
- Examples of errors detected by the V665 diagnostic
- Examples of errors detected by the V668 diagnostic
- Examples of errors detected by the V618 diagnostic
- Examples of errors detected by the V634 diagnostic
- Examples of errors detected by the V635 diagnostic
- Examples of errors detected by the V669 diagnostic
- Examples of errors detected by the V513 diagnostic
- Examples of errors detected by the V573 diagnostic
- Examples of errors detected by the V596 diagnostic
- Examples of errors detected by the V546 diagnostic
- Examples of errors detected by the V555 diagnostic
- Examples of errors detected by the V628 diagnostic
- Examples of errors detected by the V666 diagnostic
- Examples of errors detected by the V558 diagnostic
- Examples of errors detected by the V620 diagnostic
- Examples of errors detected by the V678 diagnostic
- Examples of errors detected by the V545 diagnostic
- Examples of errors detected by the V605 diagnostic
- Examples of errors detected by the V621 diagnostic
- Examples of errors detected by the V646 diagnostic
- Examples of errors detected by the V654 diagnostic
- Examples of errors detected by the V676 diagnostic
- Examples of errors detected by the V674 diagnostic
- Examples of errors detected by the V534 diagnostic
- Examples of errors detected by the V663 diagnostic
- Examples of errors detected by the V625 diagnostic
- Examples of errors detected by the V639 diagnostic
- Examples of errors detected by the V662 diagnostic
- Examples of errors detected by the V684 diagnostic
- Examples of errors detected by the V655 diagnostic
- Examples of errors detected by the V506 diagnostic
- Examples of errors detected by the V670 diagnostic
- Examples of errors detected by the V677 diagnostic
- Examples of errors detected by the V616 diagnostic
- Examples of errors detected by the V609 diagnostic
- Examples of errors detected by the V622 diagnostic
- Examples of errors detected by the V626 diagnostic
- Examples of errors detected by the V630 diagnostic
- Examples of errors detected by the V638 diagnostic
- Examples of errors detected by the V650 diagnostic
- Examples of errors detected by the V653 diagnostic
- Examples of errors detected by the V681 diagnostic
- Examples of errors detected by the V690 diagnostic
- Examples of errors detected by the V692 diagnostic
- Examples of errors detected by the V696 diagnostic
- Examples of errors detected by the V701 diagnostic
- Examples of errors detected by the V705 diagnostic
- Examples of errors detected by the V641 diagnostic
- Examples of errors detected by the V643 diagnostic
- Examples of errors detected by the V694 diagnostic
- Examples of errors detected by the V695 diagnostic
- Examples of errors detected by the V704 diagnostic
- Examples of errors detected by the V712 diagnostic
- Examples of errors detected by the V713 diagnostic
- Examples of errors detected by the V716 diagnostic
- Examples of errors detected by the V718 diagnostic
- Examples of errors detected by the V548 diagnostic
- Examples of errors detected by the V671 diagnostic
- Examples of errors detected by the V672 diagnostic
- Examples of errors detected by the V673 diagnostic
- Examples of errors detected by the V698 diagnostic
- Examples of errors detected by the V700 diagnostic
- Examples of errors detected by the V706 diagnostic
- Examples of errors detected by the V711 diagnostic
- Examples of errors detected by the V721 diagnostic
- Examples of errors detected by the V726 diagnostic
- Examples of errors detected by the V652 diagnostic
- Examples of errors detected by the V719 diagnostic
- Examples of errors detected by the V707 diagnostic
- Examples of errors detected by the V709 diagnostic
- Examples of errors detected by the V732 diagnostic
- Examples of errors detected by the V3001 diagnostic
- Examples of errors detected by the V3002 diagnostic
- Examples of errors detected by the V3003 diagnostic
- Examples of errors detected by the V3004 diagnostic
- Examples of errors detected by the V3005 diagnostic
- Examples of errors detected by the V3008 diagnostic
- Examples of errors detected by the V3009 diagnostic
- Examples of errors detected by the V3010 diagnostic
- Examples of errors detected by the V3014 diagnostic
- Examples of errors detected by the V3019 diagnostic
- Examples of errors detected by the V3022 diagnostic
- Examples of errors detected by the V3023 diagnostic
- Examples of errors detected by the V3025 diagnostic
- Examples of errors detected by the V3030 diagnostic
- Examples of errors detected by the V3031 diagnostic
- Examples of errors detected by the V730 diagnostic
- Examples of errors detected by the V3012 diagnostic
- Examples of errors detected by the V3013 diagnostic
- Examples of errors detected by the V3020 diagnostic
- Examples of errors detected by the V3021 diagnostic
- Examples of errors detected by the V3024 diagnostic
- Examples of errors detected by the V3027 diagnostic
- Examples of errors detected by the V3029 diagnostic
- Examples of errors detected by the V3032 diagnostic
- Examples of errors detected by the V3038 diagnostic
- Examples of errors detected by the V569 diagnostic
- Examples of errors detected by the V688 diagnostic
- Examples of errors detected by the V729 diagnostic
- Examples of errors detected by the V733 diagnostic
- Examples of errors detected by the V739 diagnostic
- Examples of errors detected by the V3028 diagnostic
- Examples of errors detected by the V3041 diagnostic
- Examples of errors detected by the V3043 diagnostic
- Examples of errors detected by the V3045 diagnostic
- Examples of errors detected by the V3046 diagnostic
- Examples of errors detected by the V728 diagnostic
- Examples of errors detected by the V745 diagnostic
- Examples of errors detected by the V746 diagnostic
- Examples of errors detected by the V3035 diagnostic
- Examples of errors detected by the V3061 diagnostic
- Examples of errors detected by the V3065 diagnostic
- Examples of errors detected by the V552 diagnostic
- Examples of errors detected by the V743 diagnostic
- Examples of errors detected by the V3042 diagnostic
- Examples of errors detected by the V3051 diagnostic
- Examples of errors detected by the V3052 diagnostic
- Examples of errors detected by the V3063 diagnostic
- Examples of errors detected by the V504 diagnostic
- Examples of errors detected by the V539 diagnostic
- Examples of errors detected by the V615 diagnostic
- Examples of errors detected by the V686 diagnostic
- Examples of errors detected by the V724 diagnostic
- Examples of errors detected by the V734 diagnostic
- Examples of errors detected by the V737 diagnostic
- Examples of errors detected by the V763 diagnostic
- Examples of errors detected by the V3015 diagnostic
- Examples of errors detected by the V3033 diagnostic
- Examples of errors detected by the V3037 diagnostic
- Examples of errors detected by the V3056 diagnostic
- Examples of errors detected by the V3062 diagnostic
- Examples of errors detected by the V3064 diagnostic
- Examples of errors detected by the V3066 diagnostic
- Examples of errors detected by the V3076 diagnostic
- Examples of errors detected by the V3080 diagnostic
- Examples of errors detected by the V3083 diagnostic
- Examples of errors detected by the V3087 diagnostic
- Examples of errors detected by the V3090 diagnostic
- Examples of errors detected by the V3093 diagnostic
- Examples of errors detected by the V3095 diagnostic
- Examples of errors detected by the V3097 diagnostic
- Examples of errors detected by the V3102 diagnostic
- Examples of errors detected by the V3006 diagnostic
- Examples of errors detected by the V3057 diagnostic
- Examples of errors detected by the V3011 diagnostic
- Examples of errors detected by the V3089 diagnostic
- Examples of errors detected by the V3112 diagnostic
- Examples of errors detected by the V3070 diagnostic
- Examples of errors detected by the V3092 diagnostic
- Examples of errors detected by the V3105 diagnostic
- Examples of errors detected by the V3115 diagnostic
- Examples of errors detected by the V3053 diagnostic
- Examples of errors detected by the V766 diagnostic
- Examples of errors detected by the V3117 diagnostic
- Examples of errors detected by the V3108 diagnostic
- Examples of errors detected by the V3118 diagnostic
- Examples of errors detected by the V3110 diagnostic
- Examples of errors detected by the V764 diagnostic
- Examples of errors detected by the V751 diagnostic
- Examples of errors detected by the V3125 diagnostic
- Examples of errors detected by the V3128 diagnostic
- Examples of errors detected by the V3078 diagnostic
- Examples of errors detected by the V760 diagnostic
- Examples of errors detected by the V773 diagnostic
- Examples of errors detected by the V623 diagnostic
- Examples of errors detected by the V779 diagnostic
- Examples of errors detected by the V3127 diagnostic
- Examples of errors detected by the V3130 diagnostic
- Examples of errors detected by the V768 diagnostic
- Examples of errors detected by the V3081 diagnostic
- Examples of errors detected by the V781 diagnostic
- Examples of errors detected by the V778 diagnostic
- Examples of errors detected by the V3018 diagnostic
- Examples of errors detected by the V769 diagnostic
- Examples of errors detected by the V762 diagnostic
- Examples of errors detected by the V675 diagnostic
- Examples of errors detected by the V786 diagnostic
- Examples of errors detected by the V780 diagnostic
- Examples of errors detected by the V774 diagnostic
- Examples of errors detected by the V647 diagnostic
- Examples of errors detected by the V715 diagnostic
- Examples of errors detected by the V1001 diagnostic
- Examples of errors detected by the V789 diagnostic
- Examples of errors detected by the V765 diagnostic
- Examples of errors detected by the V783 diagnostic
- Examples of errors detected by the V1004 diagnostic
- Examples of errors detected by the V1002 diagnostic
- Examples of errors detected by the V794 diagnostic
- Examples of errors detected by the V708 diagnostic
- Examples of errors detected by the V691 diagnostic
- Examples of errors detected by the V767 diagnostic
- Examples of errors detected by the V796 diagnostic
- Examples of errors detected by the V602 diagnostic
- Examples of errors detected by the V3136 diagnostic
- Examples of errors detected by the V714 diagnostic
- Examples of errors detected by the V799 diagnostic
- Examples of errors detected by the V793 diagnostic
- Examples of errors detected by the V749 diagnostic
- Examples of errors detected by the V693 diagnostic
- Examples of errors detected by the V661 diagnostic
- Examples of errors detected by the V757 diagnostic
- Examples of errors detected by the V784 diagnostic
- Examples of errors detected by the V756 diagnostic
- Examples of errors detected by the V3106 diagnostic
- Examples of errors detected by the V1022 diagnostic
- Examples of errors detected by the V1008 diagnostic
- Examples of errors detected by the V792 diagnostic
- Examples of errors detected by the V1013 diagnostic
- Examples of errors detected by the V6033 diagnostic
- Examples of errors detected by the V6007 diagnostic
- Examples of errors detected by the V6021 diagnostic
- Examples of errors detected by the V6032 diagnostic
- Examples of errors detected by the V6004 diagnostic
- Examples of errors detected by the V6001 diagnostic
- Examples of errors detected by the V6011 diagnostic
- Examples of errors detected by the V6016 diagnostic
- Examples of errors detected by the V6060 diagnostic
- Examples of errors detected by the V702 diagnostic
- Examples of errors detected by the V797 diagnostic
- Examples of errors detected by the V1028 diagnostic
- Examples of errors detected by the V1005 diagnostic
- Examples of errors detected by the V6003 diagnostic
- Examples of errors detected by the V6025 diagnostic
- Examples of errors detected by the V6013 diagnostic
- Examples of errors detected by the V6039 diagnostic
- Examples of errors detected by the V6058 diagnostic
- Examples of errors detected by the V6006 diagnostic
- Examples of errors detected by the V6008 diagnostic
- Examples of errors detected by the V6009 diagnostic
- Examples of errors detected by the V6062 diagnostic
- Examples of errors detected by the V6019 diagnostic
- Examples of errors detected by the V6026 diagnostic
- Examples of errors detected by the V6002 diagnostic
- Examples of errors detected by the V6014 diagnostic
- Examples of errors detected by the V6022 diagnostic
- Examples of errors detected by the V6037 diagnostic
- Examples of errors detected by the V6023 diagnostic
- Examples of errors detected by the V1023 diagnostic
- Examples of errors detected by the V1009 diagnostic
- Examples of errors detected by the V772 diagnostic
- Examples of errors detected by the V3139 diagnostic
- Examples of errors detected by the V3088 diagnostic
- Examples of errors detected by the V3138 diagnostic
- Examples of errors detected by the V6020 diagnostic
- Examples of errors detected by the V6042 diagnostic
- Examples of errors detected by the V6034 diagnostic
- Examples of errors detected by the V6051 diagnostic
- Examples of errors detected by the V6046 diagnostic
- Examples of errors detected by the V6030 diagnostic
- Examples of errors detected by the V1040 diagnostic
- Examples of errors detected by the V3137 diagnostic
- Examples of errors detected by the V6067 diagnostic
- Examples of errors detected by the V1044 diagnostic
- Examples of errors detected by the V1003 diagnostic
- Examples of errors detected by the V1037 diagnostic
- Examples of errors detected by the V3091 diagnostic
- Examples of errors detected by the V3077 diagnostic
- Examples of errors detected by the V3143 diagnostic
- Examples of errors detected by the V3123 diagnostic
- Examples of errors detected by the V3145 diagnostic
- Examples of errors detected by the V1046 diagnostic
- Examples of errors detected by the V574 diagnostic
- Examples of errors detected by the V619 diagnostic
- Examples of errors detected by the V6010 diagnostic
- Examples of errors detected by the V6050 diagnostic
- Examples of errors detected by the V6005 diagnostic
- Examples of errors detected by the V3146 diagnostic
- Examples of errors detected by the V3121 diagnostic
- Examples of errors detected by the V6027 diagnostic
- Examples of errors detected by the V6043 diagnostic
- Examples of errors detected by the V6072 diagnostic
- Examples of errors detected by the V3142 diagnostic
- Examples of errors detected by the V3119 diagnostic
- Examples of errors detected by the V3085 diagnostic
- Examples of errors detected by the V3050 diagnostic
- Examples of errors detected by the V3017 diagnostic
- Examples of errors detected by the V3140 diagnostic
- Examples of errors detected by the V3054 diagnostic
- Examples of errors detected by the V3067 diagnostic
- Examples of errors detected by the V3131 diagnostic
- Examples of errors detected by the V3148 diagnostic
- Examples of errors detected by the V1020 diagnostic
- Examples of errors detected by the V6053 diagnostic
- Examples of errors detected by the V6048 diagnostic
- Examples of errors detected by the V551 diagnostic
- Examples of errors detected by the V703 diagnostic
- Examples of errors detected by the V1048 diagnostic
- Examples of errors detected by the V658 diagnostic
- Examples of errors detected by the V664 diagnostic
- Examples of errors detected by the V735 diagnostic
- Examples of errors detected by the V742 diagnostic
- Examples of errors detected by the V791 diagnostic
- Examples of errors detected by the V1007 diagnostic
- Examples of errors detected by the V1010 diagnostic
- Examples of errors detected by the V1032 diagnostic
- Examples of errors detected by the V1036 diagnostic
- Examples of errors detected by the V1043 diagnostic
- Examples of errors detected by the V1051 diagnostic
- Examples of errors detected by the V1053 diagnostic
- Examples of errors detected by the V1061 diagnostic
- Examples of errors detected by the V1062 diagnostic
- Examples of errors detected by the V1063 diagnostic
- Examples of errors detected by the V1064 diagnostic
- Examples of errors detected by the V1065 diagnostic
- Examples of errors detected by the V1068 diagnostic
- Examples of errors detected by the V1075 diagnostic
- Examples of errors detected by the V1076 diagnostic
- Examples of errors detected by the V1083 diagnostic
- Examples of errors detected by the V1086 diagnostic
- Examples of errors detected by the V1089 diagnostic
- Examples of errors detected by the V1094 diagnostic
- Examples of errors detected by the V1099 diagnostic
- Examples of errors detected by the V1103 diagnostic
- Examples of errors detected by the V1109 diagnostic
- Examples of errors detected by the V1114 diagnostic
- Examples of errors detected by the V1116 diagnostic
- Examples of errors detected by the V3040 diagnostic
- Examples of errors detected by the V3068 diagnostic
- Examples of errors detected by the V3075 diagnostic
- Examples of errors detected by the V3079 diagnostic
- Examples of errors detected by the V3084 diagnostic
- Examples of errors detected by the V3107 diagnostic
- Examples of errors detected by the V3114 diagnostic
- Examples of errors detected by the V3116 diagnostic
- Examples of errors detected by the V3122 diagnostic
- Examples of errors detected by the V3134 diagnostic
- Examples of errors detected by the V3153 diagnostic
- Examples of errors detected by the V3156 diagnostic
- Examples of errors detected by the V3157 diagnostic
- Examples of errors detected by the V3159 diagnostic
- Examples of errors detected by the V3161 diagnostic
- Examples of errors detected by the V3168 diagnostic
- Examples of errors detected by the V3171 diagnostic
- Examples of errors detected by the V3177 diagnostic
- Examples of errors detected by the V3179 diagnostic
- Examples of errors detected by the V3180 diagnostic
- Examples of errors detected by the V3181 diagnostic
- Examples of errors detected by the V3182 diagnostic
- Examples of errors detected by the V3190 diagnostic
- Examples of errors detected by the V3192 diagnostic
- Examples of errors detected by the V3197 diagnostic
- Examples of errors detected by the V3202 diagnostic
- Examples of errors detected by the V3207 diagnostic
- Examples of errors detected by the V3219 diagnostic
- Examples of errors detected by the V3220 diagnostic
- Examples of errors detected by the V5004 diagnostic
- Examples of errors detected by the V5303 diagnostic
- Examples of errors detected by the V5307 diagnostic
- Examples of errors detected by the V5314 diagnostic
- Examples of errors detected by the V5609 diagnostic
- Examples of errors detected by the V5611 diagnostic
- Examples of errors detected by the V5626 diagnostic
- Examples of errors detected by the V6012 diagnostic
- Examples of errors detected by the V6028 diagnostic
- Examples of errors detected by the V6029 diagnostic
- Examples of errors detected by the V6036 diagnostic
- Examples of errors detected by the V6040 diagnostic
- Examples of errors detected by the V6045 diagnostic
- Examples of errors detected by the V6052 diagnostic
- Examples of errors detected by the V6054 diagnostic
- Examples of errors detected by the V6066 diagnostic
- Examples of errors detected by the V6073 diagnostic
- Examples of errors detected by the V6074 diagnostic
- Examples of errors detected by the V6079 diagnostic
- Examples of errors detected by the V6080 diagnostic
- Examples of errors detected by the V6082 diagnostic
- Examples of errors detected by the V6086 diagnostic
- Examples of errors detected by the V6090 diagnostic
- Examples of errors detected by the V6091 diagnostic
- Examples of errors detected by the V6094 diagnostic
- Examples of errors detected by the V6100 diagnostic
- Examples of errors detected by the V6102 diagnostic
- Examples of errors detected by the V6107 diagnostic
- Examples of errors detected by the V6113 diagnostic
- Stumbling block for AI: UTF-8
- How static analysis encourages developers to refactor code: Another look at Source SDK
- Gadget chains in Java: how unsafe deserialization leads to RCE?
- Files file manager: folder full of bugs
- How to get and use free PVS-Studio license. Part 3: working with report and warnings
- How to manage static analysis results
- How to get and use a free PVS-Studio license. Part 2: initial run and configuration
- PVS-Studio team invites you to share examples of errors related to vibe coding
- Box of bugs (emulated)
- No questions? The cost of a missing '?' in your project
- OWASP Top Ten 2021 explained with simple Java examples and SAST insights
- How to get and use free PVS-Studio license. Part 1: Preparing and getting started
- Bugs wear data. Let's check Apache NiFi
- What's new in Java 25
- Use PVS-Studio to analyze open-source projects
- How we integrate best practices in Java
- Combating headcrabs in the Source SDK codebase
- What if your elephant thinks it is bug?
- Digging into open-source Unity VR Games. Part 2: NorthStar
- Digging into open-source Unity VR Games. Part 1: RocketMan
- CMake: hero who tripped over 12 bugs
- PVS-Studio 7.38: new C++ analyzer core, user annotations in Java, enhanced taint analysis, and more
- PVS-Studio user annotations are now in Java
- Fewer bugs—more FPS: how static analysis benefits Unreal Engine projects
- Seamless static analysis integration and overcoming false positives
- Stonks or not stonks. Checking Lean trading engine source code
- GameDev Guardian: static analysis and Unity
- Windows Terminal proves to be terminal?
- Method Handles are faster than reflection (sometimes)
- .SLN is dead. Long live .SLNX!
- Static analysis for pull requests. Another step towards regularity
- Code red: turning negative feedback into positive outcome
- .NET Digest #8
- Little adventure in pursuit of errors. The Battle for Wesnoth!
- Expedition into Avalonia project
- C++ with no classes?
- Anxious analyzer and developer hostage syndrome
- Lock, Java, and two nulls: XMage edition
- History of Java: evolution, legal battles with Microsoft, Mars exploration, Spring, Gradle and Maven, IDEA and Eclipse
- PVS-Studio 7.37: enhanced taint analysis, MISRA version control, SLNX project support, and more
- How NASA got the planet's source code wrong
- Creating Sega Genesis emulator in C++
- Beta testing: updated parser for C and C++ code analysis
- .NET Digest #7
- Why SSDLC needs static analysis: a case study of 190 bugs in TDengine
- History of C#: versions, .NET, Unity, Blazor, and MAUI
- Searching in a search: let's check Elasticsearch
- Curling CPython around PVS-Studio
- PVS-Studio 7.36: expanded MISRA support, plugin for Qt Creator 16, enhanced user annotations for C#, and much more
- Exploring Nau Engine codebase: pt.3
- PowerShell: new features, same old bugs
- Breaking down bugs in TDengine to master refactoring, part 3: price of laziness
- Safe array handling? Never heard of it
- Notepad injection or the story of writing new diagnostic rules
- Graph mess: what does ScottPlot have in store?
- Breaking down bugs in TDengine to master refactoring, part 2: stack-consuming macro
- Dirty code: trusted keeper of errors. Broken windows theory
- PVS-Studio in development of Unity projects: new specialized diagnostic rules
- .NET Digest #6
- Beta testing: updated parser for C and C++ code analysis
- What's new in Java 24
- Copy-paste on big screen. Analyzing errors and oddities in Radarr code
- std::array in C++ is faster than array in C. Sometimes
- Breaking down bugs in TDengine to master refactoring, part 1: sausage code
- New exciting diagnostic rules in PVS-Studio 7.35
- Looking for potential vulnerabilities in code, part 2: practice
- Does ChatGPT know everything? Let's check some facts about PVS-Studio
- Exploring Nau Engine codebase: pt.2
- PVS-Studio 7.35: MISRA C 2023 support, Qt Creator 15 plugin, and more
- History of C and C++. Part two: standardization of C and C++, Qt, Clang, and Unreal Engine
- Issues: PVS-Studio plugin for Visual Studio
- Microsoft makes mistakes too. Let's check MSBuild
- Exploring Nau Engine codebase: pt.1
- Distributed build of Unreal Engine projects with Horde and UBA
- How to crash Minecraft with your mod
- Grandma's recipe for mastering regular static analysis
- PPSSPP or psp? Uncovering bugs from the past
- Bugs and suspicious places in .NET 9 source code
- C++ programmer's guide to undefined behavior
- Java, Taint, and SAST: What is it and why do we need it?
- PVS-Studio in 2024
- How frivolous use of polymorphic allocators can imbitter your life
- C++ programmer's guide to undefined behavior: part 12 of 11
- Ode to one diagnostic rule and to couple more, or Jellyfin check
- .NET Digest #5
- Court is in session: Top 10 most notorious C and C++ errors in 2024
- Top 10 most intriguing Java errors in 2024
- How to update library and get swamped with this task. Roslyn and PVS-Studio 7.34 update
- How we added Apple Silicon support to analyzer (arm64)
- Top 10 errors found in C# projects in 2024
- Why code review automation benefits business
- New diagnostic rules in PVS-Studio 7.34
- How third-party libraries change code analysis rules
- PVS-Studio 7.34: support for Apple Silicon ARM64, .NET 9, taint analysis in Java analyzer, and more
- C++ programmer's guide to undefined behavior: part 11 of 11
- Looking for potential vulnerabilities in code, part 1: theory
- CodeChecker—code quality control using PVS-Studio
- Brain debugging. Interview with Anders Schau Knatten, author of "C++ Brain Teasers: Exercise Your Mind"
- Inside Java Enterprise code: let's check Flowable
- How can one code line crash application? Looking for issues and vulnerabilities in ScreenToGif
- C++ programmer's guide to undefined behavior: part 10 of 11
- From WALL-E to Terminator: bugs, how robots work, and developers' fantasies
- 5 lines of fortune: what program keeps under wraps
- Java serialization: let's dig it up
- History of C and C++. Part one: emergence and standardization of C language. C with Classes becomes C++
- 19 errors in LLVM 19
- Debugging bugs in x64dbg debugger. Step out to GUI
- What's up with Telegram messenger: dozen errors detected
- YYYY? yyyy!
- What's new in .NET 9?
- DPDK: 100 big and small bugs
- C++ programmer's guide to undefined behavior: part 9 of 11
- Redesigning our conference swag: here we go again
- .NET Digest #4
- Finding errors in unit tests
- C++ programmer's guide to undefined behavior: part 8 of 11
- Realm of gaming experiments: potential developer errors in emulator creating
- Most striking error I found with PVS-Studio in 2024
- Catch vulnerability on your own: user annotations for C# code
- C++ programmer's guide to undefined behavior: part 7 of 11
- What's new in C# 13: overview
- What's new in Unity 6? Overview of release updates and source code issues
- Belay the Metamorphosis: analyzing Kafka project
- PVS-Studio 7.33: C# user annotations, SN-DBS support, and more
- The last source code: digging into bugs in projects after indie game studio shuts down
- What's new in PVS-Studio for Unreal Engine?
- PPSSPP or psp? Uncovering bugs from the future
- User annotations for PVS-Studio
- WolvenKit code analysis: things to know before modding Cyberpunk 2077
- std::array in C++ isn't slower than array in C
- C++ programmer's guide to undefined behavior: part 6 of 11
- Clean code: blessing or curse? Act II. Compromise
- Mapping paths through GeoServer source code
- C++ programmer's guide to undefined behavior: part 5 of 11
- Time to refactor legacy with OOP
- .NET Digest #3
- Clean code: blessing or curse? Act I. Confrontation
- C++ programmer's guide to undefined behavior: part 4 of 11
- PVS-Studio 7.32: enhanced analysis, new plugins and more
- How to develop code analyzer in 48 hours
- Flax Engine. Exploring game engine & analyzing its source code
- Get me two! PVS-Studio plugin update for SonarQube
- Even great mathematicians make mistakes
- How to find job for Rescue Rangers: analyzing Godot Engine
- C++ programmer's guide to undefined behavior: part 3 of 11
- .NET Digest #2
- Search query for bugs in Apache Solr
- Debugging bugs in x64dbg debugger. No debugger
- Fixing bugs in your AI: let's analyze bugs in OpenVINO
- How to train your cat to code: bizarre learning approaches
- Cursed fire, or magic of C preprocessor
- Authorization pitfalls: what does Keycloak cloak?
- An insect is sitting in your compiler and doesn't want to leave for 13 years
- .NET Digest #1
- Code whisperers and rubber duck sorcery: do developers have superstitions?
- Compilation of C# conference talks from 2023-2024
- 12 moments of typos and copy-paste, or why AI hallucinates: checking OpenVINO
- C++ programmer's guide to undefined behavior: part 2 of 11
- Bitwise operators in Java: unpacking ambiguities
- I _____ hate arrays in C++!
- PVS-Studio 7.31: new C++ analyzer features, enhanced user annotations, and more
- How template method can ruin your Java code
- Smile while drowning in bugs
- How much UB is in my compiler?
- C++ programmer's guide to undefined behavior: part 1 of 11
- Volatile, DCL, and synchronization pitfalls in Java
- Error on verge of extinction, or why I put if (x = 42) in Red List of C & C++ bugs
- What errors are lurking in LLVM code?
- C++: freeing resources in destructors using helper functions
- Garnet. Does Microsoft's cache -store also store bugs?
- Let's check the qdEngine game engine, part three: 10 more bugs
- Eleven moments of ReactOS: user mode gets better?
- Let's check the qdEngine game engine, part two: simplifying C++ code
- Compilation of gripping C++ conference talks from 2023
- Let's check the qdEngine game engine, part one: top 10 warnings issued by PVS-Studio
- Nephalem's nightmare. Exploring errors in Diablo 3 server emulator code
- 21 bugs in 21st version of Apache NetBeans
- PVS-Studio 7.30: enhanced integration with Unreal Engine, new C++ analyzer features, and more
- Static analyzer nudges you to write clean code
- Bugs that buzzed a lot
- Code of game engine written in Java: what does it hide?
- How not to check array size in C++
- Simple & quick search for bugs in Unity games (for C# developers)
- Setting up static analysis for Unreal Engine project
- Invincible null: digging into nopCommerce source code
- Don't fix anything — cultivate acceptance instead: bugs in games that have become features
- Parable of null pointer for indolent C programmers
- Let's check Blender
- How to shatter toilet lid and get more sleep at company's expense: PVS-Studio's trips to conferences in 2023
- Why it is bad idea to check result of malloc call with assert
- OOP in real-life cases
- PVS-Studio 7.29: Java code check in VS Code, Boost smart pointers, and plugin for Qt Creator on macOS
- PVS-Studio extension for Visual Studio Code: searching for errors in Java code
- Doit-on vérifier le pointeur pour NULL avant d'appeler la fonction free ?
- Qt Creator* in search of Qt Creator bugs
- Off we go! Digging into the game engine of War Thunder and interviewing its devs
- Introducing SAST into the development process
- PVS-Studio in 2023
- Bugs and suspicious places in .NET 8 source code
- Top 10 errors found in C# projects in 2023
- A hard quiz to crack for C++ programmers by Sergei Kushnirenko
- Breaking down the C++ quiz by Sergei Kushnirenko
- New Year's Eve show: Top 10 errors in C and C++ projects in 2023
- PVS-Studio 7.28: support for ARM, .NET 8, analysis of Unreal Engine projects without Unity Build, and more
- Operation K. Looking for bugs in the IntelliJ IDEA code
- How to lure programmers to your conference booth?
- 30 years of DOOM: new code, new bugs
- Few words about Java code hygiene
- Day when Skynet becomes self-aware, and 69 reasons to chill out with colleagues. Part 2.
- Day when Skynet becomes self-aware, and 69 reasons to chill out with colleagues. Part 1.
- Return to Grove Street. Checking the Grand Theft Auto: San Andreas engine in Unity
- What C++, C# or Java article would you like to read on our blog?
- Games! How they write code for SDL (+ interview with the creator)
- What's new in .NET 8?
- Using the PVS-Studio extension for VS Code to effectively handle errors in C# code
- Microsoft PowerToys: the GitHub king among C# projects with C++ errors
- A deep look into YTsaurus. Availability, reliability, open source
- Typos, null pointers, and treacherous TAB: 33 fragments in the GTK library
- Interview with developers of Flipper Zero — a multi-tool for hackers and pentesters
- What's new in C# 12: overview
- PVS-Studio 7.27: check C# code in VS Code, analyze Unreal Engine projects in Rider, and more
- FreeCAD and undefined behavior in C++ code: meditation for developers
- PVS-Studio helps optimize Unity Engine projects
- 5 amusing oddities in the code of Entity Framework Core
- Bug detection in Unreal Engine projects
- Simple, yet easy-to-miss errors in code
- Checking the GCC 13 compiler with the help of PVS-Studio
- Oh my C! How they wrote code back in the Quake days
- PVS-Studio vs CodeLite: a battle for the perfect code
- Common patterns of typos in programming
- PVS-Studio 7.26: running analysis in VS Code and Qt Creator, integration with DefectDojo, and more
- DefectDojo and PVS-Studio: tracking errors and vulnerabilities
- Analysis of suspicious code fragments in MassTransit
- Does C# always have boxing with string concatenation and interpolation?
- Ryujinx: re-checking the Nintendo Switch emulator using PVS-Studio
- Heroes of Code and Magic: VCMI game engine analysis
- Examining suspicious code fragments in AWS SDK for .NET
- Top 3 open-source games written in C#: searching for bugs
- PVS-Studio 7.25: support for latest versions of Qt Creator, Rider, and more
- XSS vulnerability in the ASP.NET application: examining CVE-2023-24322 in mojoPortal CMS
- 60 terrible tips for a C++ developer
- RavenDB and PVS-Studio: win-win collaboration
- BTCPay Server: top 10 bugs in Bitcoin payment processor code
- Top 10 C# conference talks 2019–2022
- NullReferenceException in C#. What is it and how to fix it?
- How static analysis works
- Do developers dream of secure apps?
- 5 reasons why static analysis is important for business
- Can code review be automated?
- PVS-Studio 7.24: Unity, advanced warning suppression and much more
- GPT-3 detected 213 Security Vulnerabilities... Or it did not
- SAST vs DAST
- PVS-Studio's personal account
- Top Reddit communities for Devs and ITs: from beginners to advanced
- Why change an assembly version when making a new assembly release, or how to break Visual Studio with a single command
- Converting string to enum at the cost of 50 GB: let's analyze the CVE-2020-36620 vulnerability
- What static analysis cannot find
- 64-bit errors: LONG, LONG_PTR and blast from the past
- Is ChatGPT good enough at spotting bugs in code?
- PVS-Studio 7.23: Qt Creator 9 plugin, and more
- Captain Blood's adventures: would Arabella sink?
- Should we check libraries before using them? MudBlazor helps us find the answer
- C++ subtleties: so, you've declared a class...
- Overview of the PVS-Studio plugin for Visual Studio Code
- What you need to know about PVS-Studio enhancements
- Under the hood of SAST: how code analysis tools look for security flaws
- Wave Function Collapse for procedural generation in Unity
- C++ — programming language of the year 2022. What about other languages?
- PVS-Studio in 2022
- Falsehoods programmers believe about undefined behavior
- PVS-Studio now analyzes Blazor components
- How to create a .NET library: a complete guide
- Top 10 bugs found in C++ projects in 2022
- Top 10 bugs found in C# projects in 2022
- PVS-Studio and protobuf-net: best warnings are one click away
- Christmas holidays with PVS-Studio
- Help the compiler, and the compiler will help you. Subtleties of working with nullable reference types in C#
- PVS-Studio 7.22: Visual Studio Code, Qt Creator, .NET 7
- .NET 7: suspicious places and errors in the source code
- PVS-Studio and RPCS3: the best warnings in one click
- PVS-Studio: 2 features for a quick start
- Why are you doing my job? Types of people who don't write to support
- How has LINQ performance enhanced in .NET 7?
- Holy C++
- What 's new in .NET 7?
- A software bug captured Apple and other huge companies
- Catastrophic backtracking: how can a regular expression cause a ReDoS vulnerability?
- Lifetime extension of temporary objects in C++: common recommendations and pitfalls
- How we were looking for a bug in PVS-Studio or 278 GB of log files
- 0,1,2, Freddy came for Blender
- Examples of errors that PVS-Studio found in LLVM 15.0
- What's new in C# 11: overview
- How PVS-Studio prevents rash code changes, example N6
- PVS-Studio 7.21: GitLab Code Quality, Unreal Engine
- Top 10 C++ conference talks 2019—2022
- Is there life without RTTI or How we wrote our own dynamic_cast
- Misbeliefs in programming career or how to survive as a newcomer
- Do you plan to take on .NET MAUI? Get ready for an adventure with NullReferenceException
- List in C#: implementation and features
- Stride Game Engine error review
- A talk with Jason Turner: the history of CppCast, and why it was shut down
- Reworking C and C++ front-end — or how we deal with 16-year legacy code in PVS-Studio
- Sorting in C#: OrderBy.OrderBy or OrderBy.ThenBy? What's more effective and why?
- The check of the Rhino JavaScript engine or how the unicorn met the rhino
- Non-standard containers in C++
- ML.NET: can Microsoft's machine learning be trusted?
- The risks of using vulnerable dependencies in your project, and how SCA helps manage them
- Build to order? Checking MSBuild for the second time
- The feedback for our C++ quiz and why it matters
- The concept of smart pointer static_ptr<T> in C++
- The unicorns of PVS-Studio
- The Orchard Core threequel. Rechecking the project with PVS-Studio
- How I searched for viruses in a program
- PVS-Studio 7.20: Unreal Engine, SAST, SCA
- Automated newsletters: by developers, for developers
- "Our legacy of the past" or why we divided the V512
- A tale of how PVS-Studio reimagined the bug
- PVS-Studio's data flow analysis untangles more and more related variables
- I want to use PVS-Studio in my project. The manager is against it. How to convince them?
- How can a static analyzer help Discord.NET developers?
- Why do arrays have to be deleted via delete[] in C++
- Application Security Testing. How not to get confused between SAST, DAST, and IAST
- What is CVE and what vulnerabilities can it tell us about?
- PVS-Studio vs Hacker: who's a better reviewer?
- CWE Top 25 2022. Review of changes
- How warnings simplify your code
- Relocation: QMake -> CMake
- Any bugs in your IDE? Checking AvalonStudio with PVS-Studio
- Intermodular analysis of C and C++ projects in detail. Part 2
- Static code analyzer vs developers. Here we go again.
- Intermodular analysis of C and C++ projects in detail. Part 1
- PVS-Studio to help with schoolwork-like tasks in C and C++
- Checking Orleans with the PVS-Studio analyzer
- Challenge: can you spot an error in C++ code?
- "Why doesn't my code work?" — to anyone learning the art of programming and writing to the Stack Overflow community
- PVS-Studio 7.19: what's new?
- In the world of anthropomorphic animals: PVS-Studio checks Overgrowth
- How to write reflection for C++
- Checking the GPCS4 emulator: will we ever be able to play "Bloodborne" on PC?
- How PVS-Studio for Windows got new monitoring mode
- 50 mauvais conseils de codage pour développeur C++
- "Google" programmers. How one idiot hired a couple more idiots
- Embedded system developers do not know how to program
- Things to keep in mind when working with POSIX signals
- Should PVS-Studio process other tools' reports?
- 15000 bugs in open-source projects
- Are you sure your passwords protected? The Bitwarden project check
- How to spot C and C++ developers by their code
- Why should Unity game developers use static analysis?
- Debug output on microcontrollers: how Concepts and Ranges put my printf to rest
- Code comments as a work of art
- PVS-Studio evolution: data flow analysis for related variables
- Unreal baselining: PVS-Studio's enhancements for Unreal Engine projects
- Why use static analysis? Exploring an error from Akka.NET
- 50 terrible coding tips for a C++ developer: an overview
- Four reasons to check what the malloc function returned
- SAST in Secure SDLC: 3 reasons to integrate it in a DevSecOps pipeline
- How PVS-Studio prevents rash code changes, example N5
- Trojan Source: Invisible Vulnerabilities
- PVS-Studio 7.18: updates and enhancements
- Trojan Source attack for introducing invisible vulnerabilities
- PVS-Studio static analyzer to recheck Unity
- What's with the PVS-Studio's coverage of Toyota ITC Benchmark?
- Checking Barotrauma with the PVS-Studio static analyzer
- Looking for errors in the C# code of the Eto.Forms GUI framework
- Suspicious sortings in Unity, ASP.NET Core, and more
- Checking the Ogre3D framework with the PVS-Studio static analyzer
- Top 10 errors PVS-Studio found in ASP.NET Core projects
- MuditaOS: Will your alarm clock go off? Part II
- Why does my app send network requests when I open an SVG file?
- How PVS-Studio prevents rash code changes, example N4
- A bug report's adventure
- How PVS-Studio prevents rash code changes, example N3
- Visual Studio 2022 — stylish and fresh. How PVS-Studio supported VS2022
- PVS-Studio 7.17: Unreal Engine, ASP.NET Core, Texas Instruments
- Vulnerabilities due to XML files processing: XXE in C# applications in theory and in practice
- An example of undefined behavior caused by absence of return
- What memory release strategy does the PVS-Studio C and C++ core use?
- Playing with null: Checking MonoGame with the PVS-Studio analyzer
- MuditaOS: Will your alarm clock go off? Part I
- PVS-Studio for Visual Studio 2022
- Re-checking PascalABC.NET
- How many marketing specialists do you need to create one video?
- How PVS-Studio prevents rash code changes, example N2
- Design and evolution of constexpr in C++
- PVS-Studio: static code analysis technology
- The most interesting C# / .NET blogs and websites
- The most interesting blogs and websites for C++ developers
- What's new in PVS-Studio in 2021?
- Top 10 bugs found in C# projects in 2021
- Errors and suspicious code fragments in .NET 6 sources
- PVS-Studio checks the code of Flipper Zero dolphin
- Top 10 bugs found in C++ projects in 2021
- 1000 eyes that don't want to check open-source code
- C++20: linker surprised by four lines of code
- PVS-Studio checks Umbraco code for the third time
- PVS-Studio 7.16, expanding the horizons: MISRA C, Visual Studio 2022, .NET 6
- The first static analysis report: the key problems and how to address them
- C++20 Ranges — Complete Guide
- Even small projects have bugs, or how PVS-Studio checked Blend2D
- Checking Chromium after three years. How's it going?
- An article for those who, like me, do not understand the purpose of std::common_type
- Virtual function calls in constructors and destructors (C++)
- A variety of errors in C# code by the example of CMS DotNetNuke: 40 questions about the quality
- Thanks, Mario, but the code needs fixing — checking TheXTech
- How the Carla car simulator helped us level up the static analysis of Unreal Engine 4 projects
- PVS-Studio checks the code quality in the .NET Foundation projects: LINQ to DB
- PVS-Studio to check the RPCS3 emulator
- All hail bug reports: how we reduced the analysis time of the user's project from 80 to 4 hours
- How to choose a static analysis tool
- Undefined behavior, carried through the years
- Protocol Buffers, a brutal protocol from Google, vs. PVS-Studio, a static code analyzer
- PVS-Studio searches for bugs in the DuckStation project
- How a PVS-Studio developer defended a bug in a checked project
- Best Warnings of Static Analyzer
- Generic Math: C# super feature available in .NET 6 Preview 7
- How we sympathize with a question on Stack Overflow but keep silent
- OWASP Top Ten and Software Composition Analysis (SCA)
- What's new in C# 10: overview
- The OWASP diagnostic group in PVS-Studio
- C++ tools evolution: static code analyzers
- PVS-Studio 7.15: MISRA, CWE, OWASP, Unreal Engine
- Detecting errors in the LLVM release 13.0.0
- Text broadcast of CppCast 293: One Lone Coder
- CWE Top 25 2021. What is it, what is it for and how is it useful for static analysis?
- Why we need dynamic code analysis: the example of the PVS-Studio project
- Creating Roslyn API-based static analyzer for C#
- MISRA C: struggle for code quality and security
- PVS-Studio C#: what to do if project preparation takes too long or freezes?
- How Visual Studio 2022 ate up 100 GB of memory and what XML bombs had to do with it
- Why do you need the MISRA Compliance report and how to generate one in PVS-Studio?
- Text broadcast of Cppcast 300: ABI stability
- Technical support: what it's for and how to avoid burnout?
- What's new in C# 9: overview
- Text broadcast of CppCast 285: Clang Power Tools and C++ myths
- Linux kernel turns 30: congratulations from PVS-Studio
- XSS: attack, defense - and C# programming
- Tutorial: how to port a project from Interop Word API to Open XML SDK
- Is PHP compilable?! PVS-Studio searches for errors in PeachPie
- PVS-Studio 7.14: intermodular analysis in C++ and plugin for JetBrains CLion
- PVS-Studio team's kanban board. Part 2: YouTrack
- Optimization of .NET applications: a big result of small edits
- Intermodular analysis of C++ projects in PVS-Studio
- VSCode: how to view reports of static analyzers that support SARIF
- PVS-Studio for JetBrains CLion: ad astra per aspera
- Static analysis protects your code from time bombs
- Integrating PVS-Studio into uVision Keil
- Checking BitTorrent in honor of the 20th anniversary. Time == quality
- A beautiful error in the implementation of the string concatenation function
- Enums in C#: hidden pitfalls
- An unexpected article about our unicorn: who is the PVS-Studio mascot?
- One day in the life of PVS-Studio developer, or how I debugged diagnostic that surpassed three programmers
- Text broadcast of CppCast 298: SonarSource analysis tools
- Nintendo Switch: drop test of the Ryujinx emulator's source code
- Beta-testing of PVS-Studio plugin for JetBrains CLion
- Yo, Ho, Ho, and a bottle of rum - or how we analyzed Storm Engine's bugs
- How WCF shoots itself in the foot with TraceSource
- .NET application optimization: simple edits speeded up PVS-Studio and reduced memory consumption by 70%
- Why you should check values of public methods' parameters
- Unity projects analysis: the solution file has two projects named "UnityEngine.UI"
- PVS-Studio's new website: how we designed It
- The ?. operator in foreach will not protect from NullReferenceException
- OWASP, vulnerabilities, and taint analysis in PVS-Studio for C#. Stir, but don't shake
- PVS-Studio 7.13: SQL injections, Blame Notifier, .NET 5
- PVS-Studio team: switching to Clang improved PVS-Studio C++ analyzer's performance
- Text broadcast of CppCast 278: SerenityOS
- PVS-Studio new features for notifying developers about errors found
- How to speed up building and analyzing of your project with Incredibuild?
- Text broadcast of CppCast 267: Performance matters
- PVS-Studio Learns What strlen is all about
- Roslyn API: why PVS-Studio was analyzing the project so long
- Finally! PVS-Studio supports .NET 5 projects
- Perl script instead of Blame-notifier on Linux OS
- Hidden reefs in string pool, or another reason to think twice before interning instances of string class in C#
- PVS-Studio team's kanban board. Part 1: agile
- macOS Kernel, how good is this apple?
- How PVS-Studio prevents rash code changes
- PVS-Studio analyzer is now in the Russian Software Registry
- One useful comment
- Example of how new diagnostics appear in PVS-Studio
- PVS-Studio analyzer scans Snort, network traffic scanner
- Text broadcast of CppCast 281: Creative coding
- PVS-Studio 7.12 new features for finding safety and security threats
- PVS-Studio checks STP
- Short-lived music or MuseScore code analysis
- What is yield and how does it work in C#?
- Text broadcast of CppCast 277: Virtual teaching and plenary
- PVS-Studio, Blender: series of notes on advantages of regular static analysis of code
- PVS-Studio clashes with hardcoded passwords!
- Free Heroes of Might and Magic II: Open-Source project that you want to be part of
- Why PVS-Studio uses data flow analysis: based on gripping error in Open Asset Import Library
- Power of PVS-Studio
- Date processing attracts bugs or 77 defects in Qt 6
- Should we initialize an out parameter before a method returns?
- Just for fun: PVS-Studio team came up with monitoring quality of some open source projects
- How to get nice error reports using SARIF in GitHub
- PVS-Studio roadmap 2021
- Text broadcast of CppCast 276: Networking TS
- COVID-19 research and uninitialized variable
- A spy undercover: PVS-Studio to check ILSpy source code
- Finding typos in the GTK 4 project by PVS-Studio
- C# Programmer, it's time to test yourself and find error
- Analysis of commits and pull requests in Travis CI, Buddy and AppVeyor using PVS-Studio
- How PVS-Studio checked ELKI in January
- Espressif IoT Development Framework: 71 shots in the foot
- GTK: the first analyzer run in figures
- Top 10 bugs in Java projects in 2020
- Top 10 bugs found in C# projects in 2020
- Did it have to take so long to find a bug?
- Top 10 bugs found in C++ projects in 2020
- PVS-Studio 7.11 release: IAR Arm, diagnostics, FREE-FREE-FREE-FREE
- ONLYOFFICE Community Server: how bugs contribute to the emergence of security problems
- Talking about errors in the QuantConnect Lean code
- Big / Bug Data: analyzing the Apache Flink source code
- Automatic static analysis using PVS-Studio when building RPM packages
- The code analyzer is wrong. Long live the analyzer!
- How static code analysis helps in the GameDev industry
- Analyzing the code quality of Microsoft's Open XML SDK
- Why PVS-Studio doesn't offer automatic fixes
- Unicorns on guard for your safety: Exploring the Bouncy Castle code
- PVS-Studio 7.10 release: OWASP, AUTOSAR, SARIF
- Online almighty
- Check how you remember nullable value types. Let's peek under the hood
- Checking Clang 11 with PVS-Studio
- Checking a header-only C++ library collection (awesome-hpp)
- Amnesia: The Dark Descent or how to forget to fix copy paste
- Checking the code of DeepSpeech, or why you shouldn't write in namespace std
- Part 2: Upsetting Opinions about Static Analyzers
- Organizing content on our blog with tags
- Upsetting opinions about static analyzers
- Nullable Reference will not protect you, and here is the proof
- Checking WildFly, a JavaEE application server
- Why it is important to apply static analysis for open libraries that you add to your project
- Why code reviews are good, but not enough
- Checking QEMU using PVS-Studio
- PVS-Studio finds security defects and provides application security. Report by Forrester Research on SAST, Q3 2020
- PVS-Studio 7.09
- Checking the code of XMage, and why you won't be able to get the special rare cards of the Dragon's Maze collection
- Static code analysis of the PMDK library collection by Intel and errors that are not actual errors
- OOO "Program Verification Systems" is renamed to PVS-Studio LLC
- Unicorns break into RTS: analyzing the OpenRA source code
- Static analysis: from getting started to integration
- Under the hood of PVS-Studio for Java: how we develop diagnostics
- PVS-Studio: analyzing pull requests in Azure DevOps using self-hosted agents
- Analysis of merge requests in GitLab using PVS-Studio for C#
- PVS-Studio and Continuous Integration: TeamCity. Analysis of the Open RollerCoaster Tycoon 2 project
- The code of the Command & Conquer game: bugs from the 90's. Volume two
- PVS-Studio is now in Compiler Explorer!
- PVS-Studio impressed by the code quality of ABBYY NeoML
- PVS-Studio 7.08
- How the PVS-Studio analyzer began to find even more errors in Unity projects
- How to introduce a static code analyzer in a legacy project and not to discourage the team
- The PVS-Studio analyzer: detecting potential compatibility issues with Java SE API
- The code of the Command & Conquer game: bugs from the 90's. Volume one
- How to find errors in a C# project working under Linux and macOS
- A note of caution about using PVS-Studio on godbolt.org (Compiler Explorer)
- NSA, Ghidra, and unicorns
- Single line code or check of Nethermind using PVS-Studio C# for Linux
- A bug caused by the #line directive in the Visual C++ compiler
- How to climb a tree
- PVS-Studio 7.07: features overview
- C++ is faster and safer than Rust: benchmarked by Yandex
- About embedded again: searching for bugs in the Embox project
- Beginning of beta testing of the plugin for Rider and PVS-Studio C# for Linux / macOS
- A second check of Newton Game Dynamics with PVS-Studio
- PVS-Studio 7.07
- Checking the GCC 10 compiler with PVS-Studio
- DeepCode: outside perspective
- How does strange code hide errors? TensorFlow.NET analysis
- Updated PVS-Studio diagnostic count graph
- Starting my collection of bugs found in copy functions
- How deep the rabbit hole goes, or C++ job interviews at PVS-Studio
- Checking the code of Zephyr operating system
- OpenToonz
- How we fixed one bug in CMake
- The little scrollbar that could not
- How can developers help fight coronavirus - continuation
- Beta testing of the PVS-Studio C# analyzer on Linux and macOS
- Detecting the incorrect double-checked locking using the V3054 diagnostic
- PVS-Studio integration in PlatformIO
- Zero, one, two, Freddy's coming for you
- PVS-Studio is now in Chocolatey: checking Chocolatey under Azure DevOps
- RunUO check by the PVS-Studio analyzer
- What is the difference between DevOps and DevSecOps?
- Eternal sunshine of the spotless copy-paste
- VVVVVV??? VVVVVV!!!
- Machine learning in static analysis of program source code
- Checking Emby with PVS-Studio
- Play "osu!", but watch out for bugs
- What is MISRA and how to cook it
- The price of an error on the example of one PVS-Studio issue
- How PVS-Studio spent the second half of 2019 at conferences
- Our small contribution to Avalonia UI's fight for fewer platforms
- Top 10 bugs found in Java projects in 2019
- Top 10 bugs found in C# projects in 2019
- Top 10 bugs found in C++ projects in 2019
- Apache Hadoop code quality: production vs test
- YouTube collaborations: knocking on programmers' door
- PVS-Studio 7.05
- SARIF SDK and its errors
- AWS announced an automated code analysis service
- Azure SDK for .NET: story about a difficult error search
- Why are there few summer conferences?
- Checking the Ark Compiler recently made open-source by Huawei
- PVS-Studio static analyzer as a tool for protection against zero-day vulnerabilities
- Huawei cloud: it's cloudy in PVS-Studio today
- Why you should choose the PVS-Studio static analyzer to integrate into your development process
- PVS-Studio in the clouds: GitLab CI/CD
- Solutions to bug-finding challenges offered by the PVS-Studio team at conferences in 2018-2019
- On request of Embedded developers: detecting errors in Amazon FreeRTOS
- Checking the OpenCvSharp wrapper for OpenCV with PVS-Studio
- Analyzing the code of ROOT, scientific Data Analysis Framework
- Scanning the code of Orchard CMS for bugs. Part 2
- macOS 10.15 no longer supports 32-bit apps. What can you do?
- Azure PowerShell: mostly harmless
- Checking Telerik UI for UWP as a way to get started with PVS-Studio
- PVS-Studio in the clouds: CircleCI
- For professors' note: use PVS-Studio to get students familiar with code analysis tools
- Checking Telegram Open Network with PVS-Studio
- Celestia: bugs' adventures in space
- Dark theme of Thunderbird as a reason to run a code analyzer
- One day from PVS-Studio user support
- PVS-Studio in the clouds: Azure DevOps
- Handling objections: static analysis will take up part of working time
- Configuration of the Warnings Next Generation plugin for integration with PVS-Studio
- The best is the enemy of the good
- PVS-Studio usage when checking Unreal Engine projects on the Windows OS
- PVS-Studio 7.04
- Check of Roslyn Analyzers
- Analysis of the Apache Dubbo RPC Framework by the PVS-Studio Static Code Analyzer
- Is Everything Ok with the First Doom?
- How to set up PVS-Studio in Travis CI using the example of PSP game console emulator
- An Easy Way to Make Money on Bug Bounty
- PVS-Studio: Engine of Progress
- CMake: the Case when the Project's Quality is Unforgivable
- PVS-Studio Visits Apache Hive
- Checking the .NET Core Libraries Source Code by the PVS-Studio Static Analyzer
- Using PVS-Studio Static Analyzer in C and C++ Development for Embedded Systems
- The story of how PVS-Studio found an error in the library used in... PVS-Studio
- WinForms: Errors, Holmes
- Getting Started with the PVS-Studio Static Analyzer for C++ Development under Linux
- Analysis of the Yuzu Source Code Using the PVS-Studio Static Code analyzer
- Why Static Analysis Can Improve a Complex C++ Codebase
- Get to Know the PVS-Studio Static Analyzer for Java
- Conferences. Sub-totals for the first half of 2019
- PVS-Studio Looked into the Red Dead Redemption's Bullet Engine
- Almost Perfect Libraries by Electronic Arts
- Best Copy-Paste Algorithms for C and C++. Haiku OS Cookbook
- How to shoot yourself in the foot in C and C++. Haiku OS Cookbook
- What's the Use of Dynamic Analysis When You Have Static Analysis?
- Getting Started with the PVS-Studio Static Analyzer for Visual C++
- Getting Started with the PVS-Studio Static Analyzer for Visual C#
- On the Difference Between strlcat and strncat
- Errors that static code analysis does not find because it is not used
- PVS-Studio wanted but couldn't find bugs in robots.txt
- Why We Don't Write Articles Comparing PVS-Studio with Other Static Analyzers
- PVS-Studio in the Clouds: Travis CI
- PVS-Studio for Visual Studio
- The dangers of using multi-character constants
- How to quickly check out interesting warnings given by the PVS-Studio analyzer for C and C++ code?
- PVS-Studio Graph of Diagnostic Abilities Development
- Nullable Reference types in C# 8.0 and static analysis
- Support of Visual Studio 2019 in PVS-Studio
- Finding Bugs in LLVM 8 with PVS-Studio
- Cataclysm Dark Days Ahead: Static Analysis and Roguelike Games
- IntelliJ IDEA, ReSharper, SonarLint and SonarQube find the same errors, as PVS-Studio - so why do we need PVS-Studio?
- Analyzing the Code of CUBA Platform with PVS-Studio
- Briefly about PVS-Studio as SAST a solution
- Checking rdesktop and xrdp with PVS-Studio
- Wireshark 3.x: code analysis under macOS and errors review
- Checking the Roslyn Source Code
- PVS-Studio for Java hits the road. Next stop is Elasticsearch
- How the CSS markup fragment broke the C++ compiler
- Top 10 bugs of C++ projects found in 2018
- Following in the Footsteps of Calculators: SpeedCrunch
- Checking FreeRDP with PVS-Studio
- Following in the Footsteps of Calculators: Qalculate!
- Counting Bugs in Windows Calculator
- Ways to Get a Free PVS-Studio License
- Unable to analyze a file with 'import' directive (compiler internal error 'msc1.cpp'). What shall I do?
- False Positives in PVS-Studio: How Deep the Rabbit Hole Goes
- The story of how we changed the PVS-Studio icon
- Wanna Play a Detective? Find the Bug in a Function from Midnight Commander
- Your Java analyzer is half-done: let's wait for a couple of years
- Conference Time! Summing up 2018
- Sixth Chromium Check, Afterword
- PVS-Studio ROI (Return On Investment)
- Searching for errors in the Amazon Web Services SDK source code for .NET
- Social networking services for developers
- PVS-Studio for Java
- PVS-Studio 7.00
- PVS-Studio and Bug Bounties on Free and Open Source Software
- Free PVS-Studio for those who develops open source projects
- Shoot yourself in the foot when handling input data
- Checking LibrePCB with PVS-Studio Inside a Docker Container
- Into Space Again: how the Unicorn Visited Stellarium
- PVS-Studio: Support of MISRA C and MISRA C++ Coding Standards
- The Fastest Reports in the Wild West - and a Handful of Bugs...
- Godot: On Regular Use of Static Analyzers
- Everything You Wanted to Know about PVS-Studio and Dared to Ask
- Technologies used in the PVS-Studio code analyzer for finding bugs and potential vulnerabilities
- NCBI Genome Workbench: Scientific Research under Threat
- What Errors Lurk in Infer.NET Code?
- Wrap on integer overflow is not a good idea
- PVS-Studio Now Supports GNU Arm Embedded Toolchain
- How PVS-Studio Proved to Be More Attentive Than Three and a Half Programmers
- LibreOffice: Accountant's Nightmare
- PVS-Studio 6.26 Released
- A Third Check of Qt 5 with PVS-Studio
- Perl 5: How to Hide Errors in Macros
- Once again the PVS-Studio analyzer has proved to be more attentive than a person
- Good job, authors of the game 0 A.D!
- PVS-Studio Team Is Impartial When Writing Articles
- We Checked the Android Source Code by PVS-Studio, or Nothing is Perfect
- Reviewing Defects in the Source Code of Video Game Vangers: One for the Road
- PVS-Studio as SAST solution
- Pointers are more abstract than you might expect in C
- Shocked System: Interesting Errors in the Source Code of the Legendary System Shock
- Amazon Lumberyard: A Scream of Anguish
- Visual Studio Coded UI Tests: Theory and Our Company's User Experience
- Development of a new static analyzer: PVS-Studio Java
- Attacks via external data and means of dealing with them
- Static Analysis in Video Game Development: Top 10 Software Bugs
- Check of the Krita 4.0 Open Source Graphics Editor
- Checking the Unity C# Source Code
- Features of PVS-Studio setting and running in Docker on the example of Azure Service Fabric code
- PVS-Studio is now available on macOS: 64 weaknesses in the Apple's XNU Kernel
- Top 10 Bugs in the C++ Projects of 2017
- PVS-Studio: the Additional Insurance of the Medical Software
- Why embedded developers should use static code analysis
- One Doesn't Simply Edit Subtitles
- Static Code Analyzer PVS-Studio 6.22 Now Supports ARM Compilers (Keil, IAR)
- Errors in Robots: Expectations VS Reality
- Chromium: Miscellaneous Defects
- Why it is important to check what the malloc function returned
- Chromium: Use of Untrusted Data
- Chromium: Typos
- Chromium: Memory Leaks
- break and fallthrough
- Nice Chromium and clumsy memset
- Chromium: the Sixth Project Check and 250 Bugs
- Checking the Code of Reiser4 with the PVS-Studio Static Analyzer
- February 31
- Speeding up the Build of C and C++ Projects
- A first look at RPG: turns out it's not only Role-Playing Games
- PVS-Studio 2018: CWE, Java, RPG, macOS, Keil, IAR, MISRA
- When a Butler Becomes a Victim
- Discussion on Static Code Analysis
- How developers were checking projects for bugs using PVS-Studio
- Yes, PVS-Studio Can Detect Memory Leaks
- Code Quality Comparison of Firebird, MySQL, and PostgreSQL
- Review of Music Software Code Defects. Part 5. Steinberg SDKs
- Review of Music Software Code Defects. Part 4. Ardour
- PVS-Studio Reports Now in Html
- Andrey Karpov considers that code of the Manticore project is better than code of the Sphinx project
- What Is Wrong with Vulnerabilities in C# Projects?
- Review of Music Software Code Defects. Part 3. Rosegarden
- Philosophy of Static Code Analysis: We Have 100 Developers, the Analyzer Found Few Bugs, Is Analyzer Useless?
- Appreciate Static Code Analysis!
- C++17
- Review of Music Software Code Defects. Part 2. Audacity
- The Philosophy of Static Code Analysis: Three Simple Steps
- Review of Music Software Code Defects. Part 1. MuseScore
- Give my Best Regards to Yandex Developers
- Use PVS-Studio to Increase the Reliability and Security of Financial Software
- How to Step Over Legacy and Start Using Static Code Analysis
- Useful Improvements in the PVS-Studio 6.17 Release
- Use PVS-Studio to Find Errors in Your Colleagues' Code
- Story of One Exception or This is How We Have to Debug Other People's Code
- Characteristics of PVS-Studio Analyzer by the Example of EFL Core Libraries, 10-15% of False Positives
- Tizen: Summing Up
- We Continue Exploring Tizen: C# Components Proved to be of High Quality
- Exploring Microoptimizations Using Tizen Code as an Example
- 27 000 Errors in the Tizen Operating System
- Experiment of Bug Detection in the Code of C# Tizen Components
- Static analysis as part of the development process in Unreal Engine
- Headache from using mathematical software
- Philosophy behind PVS-Studio static code analyzer
- How Can PVS-Studio Help in the Detection of Vulnerabilities?
- PVS-Studio as a plugin for SonarQube
- Cost of an Error: Who Pays for Programming Blunders?
- Checking Notepad++: five years later
- Handing out PVS-Studio Analyzer Licenses to Security Experts
- The Evil within the Comparison Functions
- PVS-Studio Team Willing to Work on Improving Tizen Project (open letter)
- A round of applause to the Tor project
- Comparing PVS-Studio for C# and a built-in Visual Studio analyzer, using the CruiseControl.NET codebase
- 2038: only 21 years away
- Checking the code of Valgrind dynamic analyzer by a static analyzer
- Support of Visual Studio 2017 and Roslyn 2.0 in PVS-Studio: sometimes ready-made solutions are not as easy as they seem
- How to Improve Visual C++ 2017 Libraries Using PVS-Studio
- Videos about static code analysis
- PVS-Studio team: code audit and other services
- If the coding bug is banal, it doesn't mean it's not crucial
- A post about static code analysis for project managers, not recommended for the programmers
- War of the Machines: PVS-Studio vs. TensorFlow
- How to find 56 potential vulnerabilities in FreeBSD code in one evening
- Critical errors in CryEngine V code
- Weaknesses detected by PVS-Studio this week: episode N4
- PVS-Studio team is ready to do regular audit of your code
- Analysis of PascalABC.NET using SonarQube plugins: SonarC# and PVS-Studio
- Weaknesses detected by PVS-Studio this week: episode N3
- Bug of the month: taking the baton from PC-Lint to PVS-Studio
- An interesting bug in Entity Framework
- The way static analyzers fight against false positives, and why they do it
- Weaknesses detected by PVS-Studio this week: episode N2
- PVS-Studio: searching software weaknesses
- The last line effect explained
- Weaknesses detected by PVS-Studio this week: episode N1
- Top 10 bugs in C++ open source projects, checked in 2016
- We now support users of a free PVS-Studio version on Stack Overflow
- Brief analysis of Media Portal 2 bugs
- Top 10 C# projects errors found in 2016
- Bugs from the USSR
- Porting is a Delicate Matter: Checking Far Manager under Linux
- About optimizations
- Checking the World of Warcraft CMaNGOS open source server
- Incremental analysis in PVS-Studio: now on the build server
- PVS-Studio and GitHub community: let the friendship begin
- Propose a project for analysis by PVS-Studio: now on GitHub
- Moving from CruiseControl.NET to Jenkins in the PVS-Studio development team
- Why I Dislike Synthetic Tests
- SonarQube developers visit PVS-Studio office
- Rechecking SharpDevelop: Any New Bugs?
- How to capture a variable in C# and not to shoot yourself in the foot
- Recent interesting content from the PVS-Studio Team
- How PVS-Studio does the bug search: methods and technologies
- PVS-Studio project - 10 years of failures and successes
- The new design of viva64.com. The story behind it, told by the PVS-Studio developers
- Stories about Christmas and New Year Bugs
- The First Bug on Mars
- Re-analysis of Umbraco code
- Linux Kernel, tested by the Linux-version of PVS-Studio
- Integrating PVS-Studio into Anjuta DevStudio (Linux)
- Integrating PVS-Studio into Eclipse CDT (Linux)
- How to use PVS-Studio for Free
- Analysis of bugs in Orchard CMS
- PVS-Studio for Linux Went on a Tour Around Disney
- Bug Inside: A Tiny Chance of a Huge Error on Pentium
- Virtual events in C#: something went wrong
- Control source code quality using the SonarQube platform
- The Development History of PVS-Studio for Linux
- Issues we faced when renewing PVS-Studio user interface
- I've sent a PVS-Studio text log to the project authors! Did I really help?
- PVS-Studio is taking over the Internet
- We continue checking Microsoft projects: analysis of PowerShell
- R-17 VS Patriot: a Rounding Issue
- Finding bugs in the code of LLVM project with the help of PVS-Studio
- How to work with the report of PVS-Studio in Linux
- Linux version of PVS-Studio couldn't help checking CodeLite
- Heading for a Record: Chromium, the 5th Check
- PVS-Studio for Linux
- GitExtensions bugs found and analyzed
- Toyota: 81 514 issues in the code
- Killer Bug. Therac-25: Quick-and-Dirty
- Why using finalizers is a bad idea
- A brief note about MISRA
- Honest PVS-Studio Review by an Ordinary Programmer
- I just had to check ICQ project
- Chatbots, and how will Microsoft help us with this?
- What's Hiding Inside the GNU Boot Loader? Searching for Bugs in Grub
- Searching for bugs in Mono: there are hundreds of them!
- GDB - a tough nut to crack: only a few bugs found by PVS-Studio
- How to avoid bugs using modern C++
- "Again this PVS-Studio team. They are everywhere..."
- Rechecking Apache HTTP Server
- A space error: 370.000.000 $ for an integer overflow
- Bugs found in GCC with the help of PVS-Studio
- Checking the Source Code of MSBuild with PVS-Studio
- Discussing Errors in Unity3D's Open-Source Components
- Checking the Code of LDAP-Server ReOpenLDAP on Our Readers' Request
- We found over 10000 bugs in various open source projects
- Complementing Unit Testing with Static Analysis, with NUnit as an Example
- Waiting for the Linux-version: Checking the Code of Inkscape Graphics Editor
- Update on Analysis Results for CPython and Ruby
- Long-Awaited Check of CryEngine V
- Dusting the globe: analysis of NASA World Wind project
- PVS-Studio confesses its love for Linux
- Python and Ruby implementations compared by the error density
- PVS-Studio team is about to produce a technical breakthrough, but for now let's recheck Blender
- Checking the Source Code of FlashDevelop with PVS-Studio
- Checking the Source Code of Nana Library with PVS-Studio
- Accord.Net: Looking for a Bug that Could Help Machines Conquer Humankind
- How to not shoot yourself in the foot when working with serialization
- PVS-Studio is there to help CERN: analysis of Geant4 project
- Source code of WPF samples by Microsoft was checked
- The Little Unicorn That Could
- Anomalies in X-Ray Engine
- OpenJDK check by PVS-Studio
- Amusing C#
- Checking 7-Zip with PVS-Studio analyzer
- Typos in Miranda IM
- Microsoft opened the source code of Xamarin.Forms. We couldn't miss a chance to check it with PVS-Studio
- Introduction to Roslyn and its use in program development
- Showing abilities of PVS-Studio analyzer by examples of Microsoft open-source projects
- Analyzing Firebird 3.0
- An Overview of Static Analyzers for C/C++ Code
- Explanation about the PVS-Studio demo-version limitations
- Searching for errors by means of virtual values evaluation
- Analysis of PHP7
- Integrating PVS-Studio into the CI Process
- The Ultimate Question of Programming, Refactoring, and Everything
- Logical Expressions in C, C++, C#, and Java. Mistakes Made by Professionals
- Toonz code leaves much to be desired
- Safe Clearing of Private Data
- Analyzing Samba with PVS-Studio on Linux
- Type Conversion in C++ and C# Arithmetic Expressions
- Detecting Overflows of 32-Bit Variables in Long Loops in 64-Bit Programs
- Serious Sam shooter anniversary - finding bugs in the code of the Serious Engine v.1.10
- Analyzing the GTK+ Cross-Platform Widget Toolkit with PVS-Studio
- Checking PVS-Studio plugin with PVS-Studio analyzer
- An unusual bug in Lucene.Net
- A fresh eye on Oracle VM VirtualBox
- Catching Errors in the Xenko Game Engine
- Just a Few Bugs in 514K Lines of Code - Amazon Web Services SDK for C++
- PVS-Studio delved into the FreeBSD kernel
- Unicorn in Space: Analyzing the Source Code of 'Space Engineers'
- Analyzing source code of WPF examples by the Infragistics Company
- Undefined behavior is closer than you think
- C#, PVS-Studio, ReSharper
- "Why is there no artificial intelligence yet?" Or, analysis of CNTK tool kit from Microsoft Research
- Sony C#/.NET component set analysis
- ChakraCore: analysis of JavaScript-engine for Microsoft Edge
- Avoid adding a new library to the project
- A Tribute to Opening Up Dolphin Smalltalk 7's Source Code
- Analyzing IronPython and IronRuby with PVS-Studio
- Looking for Bugs in MonoDevelop
- Christmas Analysis of .NET Core Libraries (CoreFX)
- Best Practices of using PVS-Studio. Now with C# support
- New Year PVS-Studio 6.00 Release: Scanning Roslyn
- Big PVS-Studio Update: Version 6.00 with C# Support
- Analysis of Microsoft Code Contracts
- Is it possible to run 64-bit applications in a 32-bit OS?
- The most dangerous function in the C/C++ world
- Experimental version of PVS-Studio with C# support
- Promoting via content marketing and side projects
- The First C# Project Analyzed
- The Empire Strikes Back
- Celebrating the 30-th anniversary of the first C++ compiler: let's find the bugs in it
- In search of uninitialized class members
- Explanation on Diagnostic V595
- Analyzing Wine: One Year Later
- Hello, Is That FreeSWITCH? Then We're Coming to Check You!
- The first step towards PVS-Studio for C#
- Checking Appleseed source code
- Unicorns...they are everywhere...
- Static Analysis of Mozilla Thunderbird's Code by PVS-Studio
- Analysis of Telegram by PVS-Studio and Vice Versa
- Documenting Bugs in Doxygen
- 80% of PVS-Studio Downloads Done by Aliens or Is the Problem on Our Side?
- PVS-Studio Meets Octave
- How to Port a 9 Million Code Line Project to 64 bits?
- Viewing Bug Statistics, or "Look, They've Got Charts in PVS-Studio!"
- An Ideal Way to Integrate a Static Code Analyzer into a Project
- Using Incredibuild to Assist Analysis of a Large Project by PVS-Studio
- Integrating PVS-Studio with the Incredibuild Distributed Build System
- HPX and PVS-Studio
- How Do Programs Run with All Those Bugs At All?
- Why Don't Software Developers Use Static Analysis Tools to Find Bugs?
- How to Launch the PVS-Studio Analyzer
- C++ Tail Recursion Using 64-bit variables - Part 2
- How We Tried Static Analysis on Our X-Ray Endovascular Surgery Training Simulator Project
- C++ Tail Recursion Using 64-bit variables
- How the PVS-Studio Team Improved Unreal Engine's Code
- C++ in the modern world
- Static Analysis of Wireshark by PVS-Studio
- A Unicorn Seeking Extraterrestrial Life: Analyzing SETI@home's Source Code
- Forum report PHDays 2015
- Analyzing the Source Code of UEFI for Intel Galileo by PVS-Studio
- 64-Bit Code in 2015: New in the Diagnostics of Possible Issues
- Criticizing the Rust Language, and Why C/C++ Will Never Die
- I've Finally Figured Out Unit Economics!
- Analyzing FreeCAD's Source Code and Its "Sick" Dependencies
- Analysis of Godot Engine's Source Code
- We are Closing Down the CppCat Project
- Comparing Analysis Capabilities of PVS-Studio and Visual Studio 2015's Analyzer
- Analysis of Haiku Operating System (BeOS Family) by PVS-Studio. Part 2
- Analysis of Haiku Operating System (BeOS Family), by PVS-Studio, Part 1
- Founder's Advice. Evgeniy Ryzhkov, "Program Verification Systems" CEO and PVS-Studio Developer
- PVS-Studio: New Trial Mode
- Bugs. Bugs Never Change
- Please use e-mail to communicate with us
- Of Evil Accidentally Summoned by a Sorcerer's Disciples
- Analyzing Vim by PVS-Studio in GNU/Linux
- PVS-Studio: 25 Suspicious Code Fragments in CoreCLR
- What is a quick way to integrate static analysis in a big project?
- LibreOffice Project's Check
- PVS-Studio Team's Feedback on the C++ Russia 2015 Conference
- Bugs Found by LibreOffice in PVS-Studio
- Null Pointer Dereferencing Causes Undefined Behavior
- PVS-Studio for Microsoft Visual Studio Community 2013
- PVS-Studio for Visual C++
- Checking MatrixSSL with PVS-Studio and Cppcheck
- PVS-Studio and Hostile Environment
- Twitter for C++ Programmers (updated)
- Reflections on the Null Pointer Dereferencing Issue
- The tyranny of averages
- Readers' FAQ on Articles about PVS-Studio, 2015
- PVS-Studio Probes into Linux' Innards (3.18.1)
- Analysis of the The Powder Toy Simulator
- Note about diagnostics fine-tuning
- Note about hotkeys
- We are Cancelling Support for the Embarcadero RAD Studio IDE
- Why Students Need the CppCat Code Analyzer
- Why We Need the Suppression Mechanism for Analyzer-Generated Messages
- Spring RTS Engine Checkup
- Miranda NG Project to Get the "Wild Pointers" Award (Part 2)
- Miranda NG Project to Get the "Wild Pointers" Award (Part 1)
- PVS-Studio's New Message Suppression Mechanism
- Free CppCat for Students
- A Slipshod Check of the Visual C++ 2013 Library (update 3)
- Virtual Method Table and accident prevention
- Analyzing the Network Security Services Library
- A Bonus to the "Three Interviews About Static Analyzers" Article, or Interview Four
- The Unicorn Getting Interested in KDE
- Three Interviews About Static Code Analyzers
- Checking Oracle VM VirtualBox. Part 2
- Checking Oracle VM VirtualBox. Part 1
- Let's Play a Game
- Overlapping Between PVS-Studio and Cppcheck
- Valgrind: Good but Not Enough
- A Post About Analyzing PHP
- Asterisk: PVS-Studio Takes Up Telephony
- Checking the Cross-Platform Framework Cocos2d-x
- What's the Difference Between Static Analysis and Compiler Warnings?
- Checking GIMP's Source Code with PVS-Studio
- Checking Wine with PVS-Studio and Clang Static Analyzer
- Can We Trust the Libraries We Use?
- Checking PVS-Studio with Clang
- Visual Studio Ceases Support of Add-Ins in Community Previews 14
- Checking Bitcoin
- PVS-Studio Integration with C++Builder to be Canceled Soon
- Brief Comparison of PVS-Studio and CppCat
- How We Test the PVS-Studio and CppCat Code Analyzers
- The StdAfx.h file
- PVS-Studio Team Expanding Their Horizons Through Outsourcing
- Handling False Positives in PVS-Studio and CppCat
- Firefox Easily Analyzed by PVS-Studio Standalone
- 64-bit Errors Are Here at Last
- The Last Line Effect
- PVS-Studio Checks OpenMW: Not All is Fine in the Morrowind Universe
- Comparing Functionalities of PVS-Studio and CppCat Static Code Analyzers
- Tesseract. Recognizing Errors in Recognition Software
- The PVS-Studio Analyzer Checks TortoiseGit
- C++/CLI Now Supported in PVS-Studio
- A Scoop from PVS-Studio: "An Ideal Project with Zero Bugs Found!"
- C++11 and 64-bit Issues
- A Check of the Open-Source Project WinSCP Developed in Embarcadero C++ Builder
- Checking the Qt 5 Framework
- A Boring Article About a Check of the OpenSSL Project
- A Long-Awaited Check of Unreal Engine 4
- Static and Dynamic Code Analysis
- PVS-Studio and 3DO Emulators
- The Shortest Article about a Check of nginx
- Archeology for Entertainment, or Checking Microsoft Word 1.1a with PVS-Studio
- Mathematicians: Trust, but Verify
- PVS-Studio Now Supports Any Build System under Windows and Any Compiler. Easy and Right Out of the Box
- The Unicorn's Travel to the Microcosm
- How we compared code analyzers: CppCat, Cppcheck, PVS-Studio, and Visual Studio
- Comparison of static code analyzers: CppCat, Cppcheck, PVS-Studio and Visual Studio
- Another similar fragment: recordingsystem.cpp 2671A Spin-off: CryEngine 3 SDK Checked with PVS-Studio
- Of Rowers and Programmers, or What's in Common Between Software Development Business and Rowing
- The Price of Fixing One Bug in Our Programs, or Exotic Bugs in PVS-Studio and CppCat
- An Experiment with Checking the glibc Library
- Promotion of Programmers' Products
- A Spin-off: Firebird Checked by PVS-Studio
- Open-Source Projects Checked with PVS-Studio
- LibRaw, Coverity SCAN, PVS-Studio
- CppCat, an Ambitious C++ Code Analyzer from Tula
- PVS-Studio and CppCat: An Interview with Andrey Karpov, the Project CTO and Developer
- CppCat Static Analyzer Review
- Checking the Source SDK Project
- An Alternative to PVS-Studio at $250
- Still Comparing "this" Pointer to Null?
- Trying to Sell PVS-Studio to Google, or New Bugs in Chromium
- Pre New Year Check of PostgreSQL
- Going On with the Check of Geant4
- Copy-Paste and Muons
- The Quality of Embedded Software, or the Mess Has Happened
- PVS-Studio for Visual C++ (outdated article)
- A User's Experience of Working with the Analyzer
- Checking VirtualDub
- You can now use PVS-Studio with Visual Studio absent; just give it the preprocessed files generated by any preprocessor
- "Hey you, PVS-Studio developers, have you ever heard of Clang?", or Comparing PVS-Studio and Clang by Features
- PVS-Studio and Hardware. What is Faster: a Laptop or a Desktop?
- PVS-Studio. Prices Dropping
- The standard PVS-Studio license now available for a team of 9 developers instead of 5 at the same price
- Twitter for C++ Programmers
- WTF?
- We Hit a Mark of 1000 Error Samples Collected from Open Source Apps!
- Picking Mushrooms after Cppcheck
- The Big Calculator Gone Crazy
- Manual on development of Visual Studio 2005-2012 and Atmel Studio plugins in C#
- Plug In an UPS and Get a Program Crash
- Grounded Pointers
- Scientific Work of OOO "Program Verification Systems" Company
- PVS-Studio Has Finally Got to Boost
- So, You Want to Suppress This Warning in Visual C++...
- Checking the Open-Source Multi Theft Auto Game
- News from PVS-Studio Developers' Secret Basement Lab...
- PVS-Studio vs Chromium. 3-rd Check
- Wade Not in Unknown Waters. Part Four
- We received a status of Technology Partner of Embarcadero Technologies!
- Joint webinar with Embarcadero on C++11 in C++Builder XE4!
- The World of Misprints and Copy-Paste
- Rechecking TortoiseSVN with the PVS-Studio Code Analyzer
- Monitoring a program that monitors computer networks
- Errors detected in C++Builder
- Why Windows 8 drivers are buggy
- How to unite several separate projects into one general Visual Studio solution (.sln file)
- The history of developing the PVS-Studio version for Embarcadero RAD Studio
- Static analysis is most efficient when being used regularly. We'll tell you why...
- Using PVS-Studio with huge projects (MSBuild integration)
- PVS-Studio registration key for 5 days
- The difference between static analysis and code review
- PVS-Studio and open-source software
- Difference between %p and %x
- Obsolete descriptions of functions in MSDN taking no account of 64 bits
- How to correctly cast a pointer to int in a 64-bit application?
- Strange errors occurring when compiling the 64-bit version of an application, error C2664
- Working with the type size_t in the functions prinft, scanf and similar functions
- Using _WIN64/WIN64 macros
- Should I fix all the errors found by the static code analyzer?
- Is it possible to use more than 2 Gbytes of memory in a 32-bit program launched in the 64-bit Windows?
- What does the pointer size depend on in C++ on different platforms?
- Why do 64-bit applications work faster than 32-bit ones?
- Is size_t a standard type in C++? And in C?
- Can I use 32-bit pointers in a 64-bit application?
- What advantages do 64-bit processors have over 32-bit?
- Re-checking the ReactOS project - a large report
- Checking OpenCV with PVS-Studio
- We have moved to a new office! See photos below...
- Joint webinar with Embarcadero on migration to 64-bit systems - relevant to C++Builder XE3U1 users!
- Useful items on the viva64.com website
- A small post about the Casablanca project
- 64-bit
- Selling to decision makers
- A few words about interaction between PVS-Studio and Clang
- Do programmers still write in C++?
- How to correctly print a value of the types __int64, size_t, and ptrdiff_t
- C++Builder, 64-bit software build and Viva64 renaissance
- PVS-Studio 5.00: support of Embarcadero C++Builder, Windows Store and Windows Phone 8 applications in Visual Studio
- Static analysis of C++Builder and WinRT projects
- A few words about OpenSSL
- The D language comes to help
- Our plans for the nearest future: PVS-Studio for Embarcadero C++ Builder, upgrade to version 5.00, and price change
- How to complement TDD with static analysis
- What environment do Microsoft developers use, I wonder? Linux?
- PVS-Studio's operation under the Microsoft Security Essentials/Windows Defender antivirus
- SQL-like queries for C++ code: is this the task for static analysis?
- Security, security! But do you test it?
- R&D on PVS-Studio
- The further we go, the more exotic the errors become
- Visual Studio 2012 and macros
- Visual C++ project model
- Creating a plugin for the Visual Studio 2005-2012 development environment
- Integrating into Visual Studio settings
- Visual Studio tool windows
- Visual Studio commands
- Visual Studio Automation Object Model. EnvDTE interfaces
- On one of the code quality metrics
- A database of errors detected by PVS-Studio is available on our website
- A sample collection to aid in studying typical misprints and mistakes in C/C++ programming
- Extension PackageCreating, debugging and deploying extension packages for Microsoft Visual Studio 2005/2008/2010/2012
- Developing extension packages for Visual Studio 2005/2008/2010/2012 using C# with real-life samples
- A common error occurring when compiling a 64-bit application: error C2440, OnTimer
- What comments hide
- Errors detected in the Visual C++ 2012 libraries
- What does this code print?
- The compiler is to blame for everything
- How to contact us
- Some words about template checks
- Feelings confirmed by numbers
- 100% code coverage by static analysis - is it that good?
- Analysis of the Trans-Proteomic Pipeline (TPP) project
- Static analysis should be used regularly
- Can I port code to a 64-bit platform under a 32-bit platform?
- What is the POINTER_32 macro?
- Why do 64-bit operating systems use only 48-bit addresses for addressing?
- Software diseases: memset
- Is it possible to run PVS-Studio in Linux?
- PVS-Studio: Testimonials
- Comparing static analysis in Visual Studio 2012 (Visual C++ 2012) and PVS-Studio
- Testing PVS-Studio in a system with SSD-disk
- Cppcheck and PVS-Studio compared
- Collection of interesting resources on C/C++ programming
- All about PVS-Studio
- Farewell to #define private public
- Analyzing the Blender project with PVS-Studio
- I want to sell a PVS-Studio license to the Intel company
- What do static analysis and search engines have in common? A good "top"!
- Wade not in unknown waters. Part three
- PVS-Studio command line tips
- Studying methods of attracting people to a software product's website
- Checking WinMerge with PVS-Studio for the second time
- How can a 32-bit program detect that it is launched in a 64-bit Windows?
- The secret thing about PVS-Studio
- Verifying projects utilizing Marmalade SDK with PVS-Studio analyzer
- 100 bugs in Open Source C/C++ projects
- An ideal static analyzer, or why ideals are unachievable
- The warnings C4311 and C4312 generated by the compiler when using the /Wp64 switch
- Licensing of PVS-Studio: why don't we have Single User License?
- How can I find out in Win64 how many processor cores there are in the system?
- Analyzing the Dolphin-emu project
- Analyzing the TrinityCore project with PVS-Studio
- FAQ for those who have read our articles
- Reanalyzing the Notepad++ project
- Analyzing the Quake III Arena GPL project
- Wade not in unknown waters. Part two
- How we managed the task of implementing trial mode in the PVS-Studio code analyzer
- Wade not in unknown waters. Part one
- Is there the 64-bit version of Visual Studio?
- How can I know if the DWORD_PTR type is defined using ifdef?
- Warning C4267 in the expression unsigned n = str.find(substr)
- Where is the 64-bit compiler in Visual Studio?
- Why is the value of the ProgramFiles environment variable replaced with that of ProgramFiles(x86)?
- How much memory can an application access in Win32 and Win64?
- Confusion of WPARAM with UINT, and LPARAM with LONG
- Why does Windows put 64-bit units into System32?
- Are the types size_t and uintptr_t equivalent?
- Why does WoW64 use register and file system redirection?
- Is there a way to make the type size_t 32-bit in a 64-bit program?
- Overwriting memory - why?
- Static Code Analysis
- How to make fewer errors at the stage of code writing. Part N4
- Tips on speeding up the PVS-Studio analyzer
- On the good of automated filtering of identical messages
- "Please check this project too..."
- Windows Error Reporting dialog
- About our VivaCore library
- What amazes me while developing the static code analyzer
- PVS-Studio: analyzing Doom 3 code
- Myths about static analysis. The fifth myth - a small test program is enough to evaluate a tool
- Myths about static analysis. The fourth myth - programmers want to add their own rules into a static analyzer
- Myths about static analysis. The third myth - dynamic analysis is better than static analysis
- Myths about static analysis. The second myth - expert developers do not make silly mistakes
- Myths about static analysis. The first myth - a static analyzer is a single-use product
- John Carmack about PVS-Studio
- The largest and most interesting advertisement article (70 pages) about static code analysis
- PVS-Studio advertisement - static analysis of C/C++ code
- Free PVS-Studio licenses for Microsoft MVPs
- PVS-Studio vs Chromium - Continuation
- Our worker Andrey Karpov has been given the MVP award
- PVS-Studio Output Window vs plain text stdout
- Checking Intel IPP Samples for Windows - Continuation
- How to add a new diagnostic rule into PVS-Studio? Days from developers' life...
- PVS-Studio: analyzing ReactOS's code
- Ctrl+S and Visual Studio Output Window
- John Carmack's QuakeCon 2011 Keynote: addressing the static code analyzers
- PVS-Studio vs Clang
- How we have solved an engineering task for several years in PVS-Studio
- Checking Intel Energy Checker SDK (IEC SDK) with PVS-Studio
- Leo Tolstoy and static code analysis
- PVS-Studio's licensing policy: what changed?
- Changes in PVS-Studio's licensing policy
- How to make fewer errors at the stage of code writing. Part N3
- How we test the code analyzer
- Explanations to the article on Copy-Paste
- PVS-Studio has learned to watch over your programming
- Using PVS-Studio analyzer together with Microsoft Visual Studio 2010 incremental assembly
- Static analysis and ROI
- PVS-Studio vs Chromium
- Andrey Karpov has made a report at the Application Developer Days 2011 conference
- Release of PVS-Studio 4.20, the first step towards ARM
- Comparing the VS 2010 and PVS-Studio general static analysis. Sample bugs from five open-source projects
- The new version of a printed and electronic booklet about PVS-Studio
- About our clients' practice of PVS-Studio integration
- Why you should run static code analysis regularly and not from time to time (for instance, at "each release")
- We're coming to Reddit
- Difficulties of comparing code analyzers, or don't forget about usability
- An eternal question of timing
- How to make fewer errors at the stage of code writing. Part N2
- We've got proprietary symbols for our articles
- It's difficult to make it right (of one subtle error)
- What is sizeof(&X) expression equal to, X being defined as "char *X[n];"?
- How to make fewer errors at the stage of code writing. Part N1
- Knee-deep in C++ s... code
- Is it reasonable to use the prefix increment operator ++it instead of postfix operator it++ for iterators?
- How can I find out in a 32-bit application what 64-bit processes are launched?
- What can I use instead of rundll32.exe to run 64-bit DLL?
- Why is it so hard to create a 64-bit version of an application?
- What can I use instead of "int 3" instruction in a 64-bit application?
- How to check if a 64-bit project is being built in Visual Studio using #ifdef
- Intel IPP Samples for Windows - error correction
- Free license for the PVS-Studio static analyzer for developers, bloggers and authors of articles in IT subject editions
- WOW6432Node and API-functions RegOpenKeyEx / RegEnumKeyEx
- Consequences of using the Copy-Paste method in C++ programming and how to deal with it
- We released a new version of PVS-Studio code analyzer - PVS-Studio 4.10
- Release of the final version of PVS-Studio 4.00 and end of public beta-testing
- Cases when a static code analyzer may help you
- Analysis of the Ultimate Toolbox project
- What is the reason for making PVS-Studio 4.00 a commercial solution? :-(
- The new design of viva64.com site
- Static analysis and regular expressions
- Working with PVS-Studio in Visual Studio 2010 from under multiple Windows user accounts
- Issue with '(' and ')'characters in PATH system environmental variable while using PVS-Studio with Visual Studio 2008
- Let the world tremble! We've released PVS-Studio 4.00 with a general-purpose analyzer!
- The new version of the PVS-Studio 4.00 BETA analyzer is ready
- Static analysis: errors in media player and bugless ICQ
- The new version of the viva64.com site
- Investigation "Market overview of tools for multicore software development"
- Difference of code analysis approaches in compilers and specialized tools
- How to compile a 64-bit application with using Visual C++ Express 2005/2008/2010?
- How to compile a C++ application in Visual Studio 2010 so that it could work in Windows 2000?
- Why does not Visual C++ support the inline assembler for Intel 64 and IA-64 anymore?
- Functions of the ntohl/htonl class and 64-bit values
- Static analysis of source code by the example of WinMerge
- A common error occurring when compiling a 64-bit application: error C4235, Assembler
- Of complicacy of programming, or won't C# save us?
- Searching for explicit conversion of a pointer to a 32-bit type
- Issues of 64-bit code in real applications: and what about Linux?
- OOO "Program Verification Systems" workers took part in the ADD-2010 conference
- We released a new version of PVS-Studio code analyzer - PVS-Studio 3.64
- Intel VTune Amplifier XE 2011 beta under the programmer's strict eye
- We released a new version of PVS-Studio code analyzer - PVS-Studio 3.63
- Regular use of static code analysis in team development
- Feeling the new Intel Parallel Studio XE 2011 beta
- d'Artagnan and Internet, or working on the problem of bad links
- Five days for fixing a two-character error, or a myth of almighty technologies aiding software development
- 64-bit programs and floating-point calculations
- We released a new version of PVS-Studio code analyzer - PVS-Studio 3.62
- Big Brother helps you
- We released a new version of PVS-Studio code analyzer - PVS-Studio 3.61
- Comparing capabilities of PVS-Studio and Visual Studio 2010 in detecting defects in 64-bit programs
- A Collection of Examples of 64-bit Errors in Real Programs
- Why is the number of the line where an issue was found sometimes absent in the Error List in PVS-Studio?
- New diagnostic functions implemented in PVS-Studio 3.60
- We released a new version of PVS-Studio code analyzer - PVS-Studio 3.60
- The reasons why 64-bit programs require more stack memory
- Communication between developers and users
- Interview with Issam Lahlali, one of the CppDepend tool creators
- Attracting attention of potential customers with the help of articles
- Receiving feedback from potential users
- Our workers visited the GDC2010 conference
- "What is it?" – a new option of PVS-Studio code analyzer
- Developing code testing and verification tools
- The specific feature of compilers64 bits
- How to disable IntelliSence in Visual Studio 2010?
- We released a new version of PVS-Studio code analyzer - PVS-Studio 3.53
- We released a new version of PVS-Studio code analyzer - PVS-Studio 3.52
- Changes in programmer tools' infrastructure
- We released a new version of PVS-Studio code analyzer - PVS-Studio 3.51
- Static code analysis and the new language standard C++0x
- Parallel notes N5 - continuing to study OpenMP constructs
- A new version of the code analyzer PVS-Studio 3.50 is released
- New design of our site
- We have a knowledge base of issues related to 64-bit and parallel software development at our site
- Parallel notes N4 - continuing to study OpenMP constructs
- Parallel notes N3 - base OpenMP constructs
- In what way can C++0x standard help you eliminate 64-bit errors
- CruiseControl.NET - build automation platform
- Parallel notes N2 - toolkit for OpenMP
- Supercomputer technologies in science, education and industry
- Description of the error of integrating Intel Parallel Studio Service Pack 1 into Visual Studio 2005/2008
- "Improve your... Google?"
- /Wp64 switch and template processing error
- Parallel notes N1 - OpenMP technology
- "Lessons of 64-bit C/C++ software development" are now available on our site
- PVS-Studio 3.45 New Version Released!
- 64-bit technologies - one more trend in the modern software
- PVS-Studio 3.44 New Version Released!
- Visual Studio Team System, /analyze and D9040
- Levels of Paralleling
- Verification and validation
- Issues of 64-bit code in real programs: qsort
- Search of 64-bit errors in array implementation
- Optimization in the world of 64-bit errors
- Peculiarities of virtual functions
- Many cores are good but a fast hard disk is good too
- PVS-Studio 3.43 New Version Released
- Embarcadero C++Builder and 64-bit code
- The role of "Fibonacci numbers" in the history of parallel programming
- One of the Answers to the Question "Who Needs All that Parallelism at All?"
- Program Errors That Do Not Exist
- Why A + B != A - (-B)
- Does the result of static code analysis depend on the compiler being used?
- Issues in real programs - what errors are not there in the world...
- VivaCore FAQ
- PVS-Studio 3.42 New Version Released!
- Tachyon and Parallel Lint
- Cold Tachyon
- 64-bit code issues in real programs: pointer type change
- We have participated in the exhibition as part of the conference "Investments in High Technologies"
- PVS-Studio 3.41 New Version Released!
- PVS-Studio in Intel Business Exchange Software Store
- Our team visits Intel symposium "High-performance Computing"
- PVS-Studio 3.40 Released
- OpenMP Technology
- A nice 64-bit error in C
- Russian Forum on 64-bit development open at Intel site!
- Be careful when working with atomic directive
- Our company proves competence in Intel Partner Program!
- Our company has presented PVS-Studio within the scope of "Platform 2010" conference
- PVS-Studio prints the error "Some diagnostic messages may contain incorrect line number for file ..." (continuation)
- Are 64-bit errors real?
- Interview with Anatoliy Kuznetsov, the author of BitMagic C++ library
- Meeting of Intel Software Network participants
- CEE-SECR 2009
- Visiting Softool Exhibition
- Presentation of information on the site
- OOO "Program Verification Systems" has visited ChipEXPO-2009 exhibition
- Translation of our blog in the English segment of software.intel.com!
- Comparing PVS-Studio with other code analyzers
- 64-bit world is getting closer
- An unsuccessful attempt to compare PVS-Studio (VivaMP) and Intel C/C++ ("Parallel Lint")
- We Visited ISDEF 2009 Conference
- Translation of our blog in the Russian part of software.intel.com!
- We visited INFOSECURITY 2009 Exhibition
- 64-bit Loki
- PVS-Studio 3.30 release took place on September 25, 2009
- Our Russian blog is now translated on blogs.gotdotnet.ru!
- OOO "Program Verification Systems" team has visited the exhibition "Progressive Technologies in Automation"
- How to estimate the process of 64-bit migration of C/C++ applications?
- About size_t and ptrdiff_t
- Issues of 64-bit code in real programs: virtual functions
- Possible issues relating to stdafx.h when using PVS-Studio
- OOO "Program Verification Systems" Company employees will deliver a report at CEE-SECR 2009 conference
- Cannot process the whole file "foo.cpp"
- PVS-Studio 3.20: New Version Released
- Processing of exceptions inside parallel sections
- Magic constants and malloc() function
- PVS-Studio refers to error "Some diagnostic messages may contain incorrect line number for file ..."
- Problems of 64-bit code in real programs: magic constants
- Our site www.viva64.com has changed the hosting provider
- PVS-Studio 3.10 Released
- Testing of Linux-applications with the help of PVS-Studio in Windows
- Safety of 64-bit code
- PVS-Studio and testing Loki
- Atavisms in large systems
- New program PVS-Studio 3.00 released July 27, 2009!
- The function of printing an expression's type
- Software code metrics
- OpenMP 3.0 and iterators
- A course on static analysis
- Software by OOO "Program Verification Systems" in Select Software Catalog
- Our first practical research in the sphere of metrics calculation
- OOO "Program Verification Systems"'s plans on developing its own software products
- Parallel Lint
- Use of rand() in OpenMP parallel sections
- VivaCore, questions on documentation
- The first impression of Intel Parallel Inspector
- A 64-bit horse that can count
- Review of Our Products at Well-Known Reseller "SoftKey" Site
- Our Article in RSDN Magazine
- Change of type alignment and the consequences
- OOO "Program Verification Systems" announces the issue of a new version of the static code analyzer - Viva64 2.30
- OOO "Program Verification Systems" announces the issue of a new version of the static code analyzer - VivaMP 1.10
- Seven Steps of Migrating a Program to a 64-bit System
- VivaMP, system of detecting errors in the code of parallel C++ programs using OpenMP
- Softkey.ru, our Viva64 & VivaMP reseller in Russia, Ukraine, Belarus and Kazakhstan
- Interview with Dmitriy Vyukov - the author of Relacy Race Detector (RRD)
- OOO "Program Verification Systems" at "Parallel Computing technologies 2009" Conference
- Development of a static code analyzer for detecting errors of porting programs on 64-bit systems
- Allsoft.ru, our new reseller for Viva64 and VivaMP in Russia and CIS countries
- Seminar in MSU RCC
- OpenMP and exceptions
- The final version of the code analyzer VivaMP 1.00 intended for OpenMP-program developers is released
- Search of explicit type conversion errors in 64-bit programs
- Online checking of errors relating to using OpenMP technology and x64 architecture
- OOO "Program Verification Systems" company invites the article writers
- Peaceful coexistence of PC-Lint and VivaMP
- Viva64 for optimizing data structures
- Ineffectiveness of last() in the real world
- Parallel programs to multi-processor computers!
- Problems of 64-bit code in real programs: FreeBSD
- OOO "Program Verification Systems" Blog Launch
- Terminology - a new section at www.viva64.com
- Debugging and optimization of multi-thread OpenMP-programs
- Case Study: Porting a set of point cloud and triangle mesh processing C++ libraries to 64-bit platform
- Introduction into 64 bits for the beginners or where's again the 64-bit world?
- Site www.viva64.com becomes a full information resource for program developers
- Konstantin Knizhnik: static analysis, a view from aside
- Beta-version of VivaMP code analyzer designed for error educing in parallel OpenMP programs has been released
- VivaMP - a tool for OpenMP
- OpenMP and static code analysis
- Testing parallel programs
- Our two articles are published in the magazine "Izvestiya TulGU. Tehnicheskie Nauki", issue N3 - 2008
- Viva64 2.20 Release
- Optimization of 64-bit programs
- AMD64 (EM64T) architecture
- Our new reseller is Avangate
- Viva64 2.10 Release
- OOO "Program Verification Systems" and E.G.S. s.r.l. announced completion of development of 64-bit version of LEIOS
- A print version of the article "32 OpenMP traps for C++ developers" was published in "RSDN Magazine #2' 2008"
- Detection of vulnerabilities in programs with the help of code analyzers
- How VivaCore library appeared
- A new version of www.viva64.com site is launched
- A print version of the article "VivaCore code analysis library" was published in "RSDN Magazine" #1' 2008
- "Approaches to verification and testing of 64-applications" was printed in magazine "Informatsionnie tehnologii" 7/2008
- Viva64 2.0 Release
- It is difficult
- Description of VivaVisualCode
- OOO "Program Verification Systems" is now situated in a new office
- In ISP RAS a seminar took place in which our specialists participated
- Comparison of analyzers' diagnostic possibilities at checking 64-bit code
- 32 OpenMP Traps For C++ Developers
- In CC RAS a seminar took place in which our specialists participated
- Building of systems of automatic C/C++ code logging
- VivaCore - Quick Start
- 64 bits, Wp64, Visual Studio 2008, Viva64 and all the rest...
- Advantages of Viva64
- Announcing VivaCore 1.0
- Viva64.com Team has become OOO "Program Verification Systems"
- Adaptation of the technology of the static code analyzer for developing parallel programs
- Development of resource-intensive applications in Visual C++
- Using Static Analysis in Program Development
- Introduction into the problems of developing parallel programs
- The use of the code analysis library OpenC++: modifications, improvements, error corrections
- Brief description of the VivaCore code analysis library
- The essence of the VivaCore code analysis library
- Traps detection during migration of C and C++ code to 64-bit Windows
- Application port to 64-bit platforms or never cackle till your egg is laid
- The forgotten problems of 64-bit programs development
- Viva64: What Is It, and Who Is It for?
- Some examples of the 64-bit code errors
- Static code analysis for verification of the 64-bit applications
- Problems of testing 64-bit applications
- Driver Development for Windows 64-bit
- 20 issues of porting C++ code to the 64-bit platform
- 64-bits for C++ Developers: from /Wp64 to Viva64
- Viva64: working up of 64-bit applications
- Installation of PC-Lint and its using in Visual Studio 2005
- Peculiarities of the Development of 64-bit Applications
- Lesson 1. What 64-bit systems are
- Lesson 2. Support of 32-bit applications in the 64-bit Windows environment
- Lesson 3. Porting code to 64-bit systems. The pros and cons
- Lesson 4. Creating the 64-bit configuration
- Lesson 5. Building a 64-bit application
- Lesson 6. Errors in 64-bit code
- Lesson 7. The issues of detecting 64-bit errors
- Lesson 8. Static analysis for detecting 64-bit errors
- Lesson 9. Pattern 1. Magic numbers
- Lesson 10. Pattern 2. Functions with variable number of arguments
- Lesson 11. Pattern 3. Shift operations
- Lesson 12. Pattern 4. Virtual functions
- Lesson 13. Pattern 5. Address arithmetic
- Lesson 14. Pattern 6. Changing an array's type
- Lesson 15. Pattern 7. Pointer packing
- Lesson 16. Pattern 8. Memsize-types in unions
- Lesson 17. Pattern 9. Mixed arithmetic
- Lesson 18. Pattern 10. Storage of integer values in double
- Lesson 19. Pattern 11. Serialization and data interchange
- Lesson 20. Pattern 12. Exceptions
- Lesson 21. Pattern 13. Data alignment
- Lesson 22. Pattern 14. Overloaded functions
- Lesson 23. Pattern 15. Growth of structures' sizes
- Lesson 24. Phantom errors
- Lesson 25. Working with patterns of 64-bit errors in practice
- Lesson 26. Optimization of 64-bit programs
- Lesson 27. Peculiarities of creating installers for a 64-bit environment
- Lesson 28. Estimating the cost of 64-bit migration of C/C++ applications
- A course on developing 64-bit C/C++ applications
- A course on developing 64-bit C/C++ applications (single file)
- 64-bit (64-bit, x64)
- 64-bit error
- Abandoned Lock
- Abstract syntactical tree
- Address arithmetic
- AMD64
- AST
- Coding standard
- Critical section
- Cyclomatic complexity
- Data alignment
- Data model
- Deadlock
- EM64T
- Explicit type casting
- Syntactic analysis
- IA-64
- ILP32
- ILP32LL (ILP32LL64)
- ILP64
- Implicit type conversion
- Intel 64
- intptr_t
- INT_PTR
- Lexical analysis
- LLP64
- Lost Signal
- LP64 (I32LP64)
- Measuring of software quality
- Memsize-type
- Metaprogramming
- MPI
- Multithreading
- Mutex
- OpenMP
- Parallel programming
- Parse tree
- Preprocessing (in C/C++ language)
- ptrdiff_t
- Race condition
- Semaphore
- size_t
- Starvation
- Static code analysis
- Thread. Parallel thread
- Traversal of the syntactical tree
- uintptr_t
- UINT_PTR
- w64
- Win32
- Win64
- WoW64
- /Wp64
- x64
- x86-64
- x86
- IEC 61508 standard
- DWORD_PTR
- Access Violation
- Operator precedence in C and C++
- Sequence point
- Undefined behavior
- Buffer overflow
- Copy-paste programming
- Variable argument functions
- Dynamic code analysis
- Array index out of bounds
- Infinite loop
- Code review
- Static Code Analysis Tools
- Analysis of source code
- Preprocessed *.i file
- Software quality
- Uninitialized variable
- Use of uninitialized memory
- Compiler warnings
- Source code
- Bugs
- Cppcheck
- Code Optimization
- Division by Zero
- Lines of code
- Stack Overflow
- Terminal Null
- Unreachable Code
- Intel VTune Performance Analyzer
- WinRT
- Software testing
- LONG_PTR
- rsize_t
- Precompiled Headers
- StdAfx.h
- intmax_t / uintmax_t
- Potential vulnerability
- OWASP, OWASP Top 10
- Static code analyzer issues no warnings (false-negative results)
- False positives of the static code analyzer
- Cross-Site Scripting (XSS)
- Nullable Value Types
- Path Traversal
- Common Weakness Enumeration (CWE)
- CERT Coding Standards
- Zero-day Vulnerability
- Taint analysis (taint checking)
- Linkage
- SQL injection
- Move semantics
- The std::forward function
- RVO and NRVO
- Expressions: value categories and reference types
- The std::move function
- Type check in C#: typeof, GetType, is
- Incomplete type
- Iterators
- XEE attack (billion laughs attack)
- XXE attack (XML External Entity)
- OS Command injection
- std::common_type
- Iterator adaptors
- Storage duration
- Server-Side Request Forgery (SSRF)
- DoS attack
- Cross-site request forgery
- Memory leak
- Common Vulnerabilities and Exposures (CVE)
- Static Application Security Testing (SAST)
- Catastrophic backtracking error in regular expressions
- Cyberattack
- Small String Optimization
- Variable-length array
- Implementation of a singly linked list in C
- List
- Implementation of a doubly linked list in C
- Implementation of a doubly linked list in C++
- Implementation of a singly linked list in C++
- NullReferenceException
- Boxing and Unboxing in C#
- SCA (Software Composition Analysis)
- Software Development Lifecycle (SDLC)
- Secure Software Development Lifecycle (SSDLC)
- Statistical code analysis
- Special case of error
- Pattern-based analysis
- Interprocedural context-sensitive analysis
- Intermodular analysis
- Table-style code formatting
- Data flow analysis
- Cross-Origin Resource Sharing (CORS)
- Intermediate Language (IL)
- MISRA Essential Type Model
- ReDoS (Regular expression Denial of Service)
- Alias analysis
- Code analysis with PVS-Studio from the command line (for Visual C++ projects)
- Credits and acknowledgements
- PVS-Studio and continuous integration
- Direct integration of the analyzer into build automation systems (C and C++)
- Getting acquainted with the PVS-Studio static code analyzer on Windows
- PVS-Studio trial mode
- PVS-Studio release history
- Settings: general
- Settings: Common Analyzer Settings
- Settings: Detectable Errors
- Settings: Don't Check Files
- Settings: Keyword Message Filtering
- Settings: Registration
- Suppression of false-positive warnings
- System requirements for PVS-Studio analyzer
- Analyzer Modes
- Predefined PVS_STUDIO macro
- Handling the diagnostic messages list in Visual Studio
- Old PVS-Studio release history (before 7.00)
- Tips on speeding up PVS-Studio
- Incremental analysis mode in PVS-Studio
- Unattended deployment of PVS-Studio
- Using external tools with PVS-Studio. Integration with bug tracking systems
- Relative paths in PVS-Studio log files
- Direct integration of PVS-Studio into MSBuild's build process. MSBuild integration mode in Visual Studio IDE
- PVS-Studio: troubleshooting
- Settings: Specific Analyzer Settings
- Build-system independent analysis (C and C++)
- Baselining analysis results (suppressing warnings for existing code)
- Viewing analysis results with C and C++ Compiler Monitoring UI
- Analyzing Visual Studio / MSBuild / .NET projects from the command line using PVS-Studio
- How to run PVS-Studio on Linux and macOS
- Integrating PVS-Studio Analysis Results into SonarQube
- How to view and convert analyzer's results (SARIF, HTML, and other formats)
- Installing and updating PVS-Studio on Linux
- Additional configuration of C and C++ diagnostic rules
- Speeding up the analysis of C and C++ code through distributed build systems (Incredibuild)
- Installing and updating PVS-Studio on macOS
- Analysis of Unreal Engine projects
- PVS-Studio for embedded development
- How to enter the PVS-Studio license and what is the next move
- Running PVS-Studio in Docker
- Running PVS-Studio in Jenkins
- Running PVS-Studio in TeamCity
- Notifying the developer teams (blame-notifier utility)
- PVS-Studio C# installation on Linux and macOS
- Using PVS-Studio with JetBrains Rider and CLion
- Running PVS-Studio in Azure DevOps
- Running PVS-Studio in CircleCI
- Analysis in commit and branch merge mode (pull/merge requests). Analysis of modified files.
- How to run PVS-Studio in GitLab CI/CD
- Running PVS-Studio in Travis CI
- PVS-Studio Documentation (single page)
- PVS-Studio manual
- How to integrate PVS-Studio in Qt Creator without the PVS-Studio plugin
- How to upload analysis results to Jira
- Technologies used in PVS-Studio
- Get started with PVS-Studio in Visual Studio
- How to display the analyzer's most interesting warnings
- How to use the OWASP diagnostic group in PVS-Studio
- Analysis of C and C++ projects based on JSON Compilation Database
- How to use PVS-Studio in GitHub Actions
- Using PVS-Studio with the CMake module
- How to analyze Unity projects with PVS-Studio
- Cross-platform analysis of C and C++ projects in PVS-Studio
- Filtering and handling the analyzer output through diagnostic configuration files (.pvsconfig)
- Excluding files and directories from analysis
- Using PVS-Studio extension for Visual Studio Code
- How to use the PVS-Studio extension for Qt Creator
- Analysis configuration file (Settings.xml)
- Running PVS-Studio in AppVeyor
- Running PVS-Studio in Buddy
- Integration of PVS-Studio analysis results into DefectDojo
- Direct use of Java analyzer from command line
- Using PVS-Studio with IntelliJ IDEA and Android Studio
- Integrating PVS-Studio Java into the Maven build system
- Integrating PVS-Studio Java into the Gradle build system
- Annotating C and C++ entities in JSON format
- Annotating C# entities in JSON format
- User annotation mechanism in JSON format
- Integration of PVS-Studio analysis results into CodeChecker
- MISRA Coding Standards and Compliance
- Annotating Java entities in JSON format
- V001. A code fragment from 'file' cannot be analyzed.
- V002. Some diagnostic messages may contain incorrect line number.
- V003. Unrecognized error found...
- V101. Implicit assignment type conversion to memsize type.
- V102. Usage of non memsize type for pointer arithmetic.
- V103. Implicit type conversion from memsize type to 32-bit type.
- V104. Implicit type conversion to memsize type in an arithmetic expression.
- V105. N operand of '?:' operation: implicit type conversion to memsize type.
- V106. Implicit type conversion N argument of function 'foo' to memsize type.
- V107. Implicit type conversion N argument of function 'foo' to 32-bit type.
- V108. Incorrect index type: 'foo[not a memsize-type]'. Use memsize type instead.
- V109. Implicit type conversion of return value to memsize type.
- V110. Implicit type conversion of return value from memsize type to 32-bit type.
- V111. Call of function 'foo' with variable number of arguments. N argument has memsize type.
- V112. Dangerous magic number N used.
- V113. Implicit type conversion from memsize to double type or vice versa.
- V114. Dangerous explicit type pointer conversion.
- V115. Memsize type is used for throw.
- V116. Memsize type is used for catch.
- V117. Memsize type is used in the union.
- V118. malloc() function accepts a dangerous expression in the capacity of an argument.
- V119. More than one sizeof() operator is used in one expression.
- V120. Member operator[] of object 'foo' is declared with 32-bit type argument, but is called with memsize type argument.
- V064. Unable to run a rule to analyze a code fragment.
- V065. Unable to start analysis on a module.
- V121. Implicit conversion of the type of 'new' operator's argument to size_t type.
- V122. Memsize type is used in the struct/class.
- V123. Allocation of memory by the pattern "(X*)malloc(sizeof(Y))" where the sizes of X and Y types are not equal.
- V2001. Consider using the extended version of the 'foo' function here.
- V2002. Consider using the 'Ptr' version of the 'foo' function here.
- V201. Explicit conversion from 32-bit integer type to memsize type.
- V202. Explicit conversion from memsize type to 32-bit integer type.
- V203. Explicit type conversion from memsize to double type or vice versa.
- V301. Unexpected function overloading behavior. See N argument of function 'foo' in derived class 'derived' and base class 'base'.
- V302. Member operator[] of 'foo' class has a 32-bit type argument. Use memsize-type here.
- V303. The function is deprecated in the Win64 system. It is safer to use the 'foo' function.
- V004. Diagnostics from the 64-bit rule set are not entirely accurate without the appropriate 64-bit compiler. Consider utilizing 64-bit compiler if possible.
- V124. Function 'Foo' writes/reads 'N' bytes. The alignment rules and type sizes have been changed. Consider reviewing this value.
- V125. It is not advised to declare type 'T' as 32-bit type.
- V126. Be advised that the size of the type 'long' varies between LLP64/LP64 data models.
- V501. Identical sub-expressions to the left and to the right of 'foo' operator.
- V502. The '?:' operator may not work as expected. The '?:' operator has a lower priority than the 'foo' operator.
- V503. Nonsensical comparison: pointer < 0.
- V504. Semicolon ';' is probably missing after the 'return' keyword.
- V505. The 'alloca' function is used inside the loop. This can quickly overflow stack.
- V506. Pointer to local variable 'X' is stored outside the scope of this variable. Such a pointer will become invalid.
- V507. Pointer to local array 'X' is stored outside the scope of this array. Such a pointer will become invalid.
- V508. The 'new type(n)' pattern was detected. Probably meant: 'new type[n]'.
- V509. Exceptions raised inside noexcept functions must be wrapped in a try..catch block.
- V510. The 'Foo' function receives class-type variable as Nth actual argument. This is unexpected behavior.
- V511. The sizeof() operator returns pointer size instead of array size.
- V512. Call of the 'Foo' function will lead to buffer overflow.
- V513. Use _beginthreadex/_endthreadex functions instead of CreateThread/ExitThread functions.
- V514. Potential logical error. Size of a pointer is divided by another value.
- V515. The 'delete' operator is applied to non-pointer.
- V516. Non-null function pointer is compared to null. Consider inspecting the expression.
- V517. Potential logical error. The 'if (A) {...} else if (A) {...}' pattern was detected.
- V518. The 'malloc' function allocates suspicious amount of memory calculated by 'strlen(expr)'. Perhaps the correct expression is strlen(expr) + 1.
- V519. The 'x' variable is assigned values twice successively. Perhaps this is a mistake.
- V520. Comma operator ',' in array index expression.
- V521. Expressions that use comma operator ',' are dangerous. Make sure the expression is correct.
- V522. Possible null pointer dereference.
- V523. The 'then' statement is equivalent to the 'else' statement.
- V524. It is suspicious that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function.
- V525. Code contains collection of similar blocks. Check items X, Y, Z, ... in lines N1, N2, N3, ...
- V526. The 'strcmp' function returns 0 if corresponding strings are equal. Consider inspecting the condition for mistakes.
- V527. The 'zero' value is assigned to pointer. Probably meant: *ptr = zero.
- V528. Pointer is compared with 'zero' value. Probably meant: *ptr != zero.
- V529. Suspicious semicolon ';' after 'if/for/while' operator.
- V530. Return value of 'Foo' function is required to be used.
- V531. The sizeof() operator is multiplied by sizeof(). Consider inspecting the expression.
- V532. Consider inspecting the statement of '*pointer++' pattern. Probably meant: '(*pointer)++'.
- V533. It is possible that a wrong variable is incremented inside the 'for' operator. Consider inspecting 'X'.
- V534. It is possible that a wrong variable is compared inside the 'for' operator. Consider inspecting 'X'.
- V535. The 'X' variable is used for this loop and outer loops.
- V536. Constant value is represented by an octal form.
- V537. Potential incorrect use of item 'X'. Consider inspecting the expression.
- V538. The line contains control character 0x0B (vertical tabulation).
- V539. Iterators are passed as arguments to 'Foo' function. Consider inspecting the expression.
- V540. Member 'x' should point to string terminated by two 0 characters.
- V541. String is printed into itself. Consider inspecting the expression.
- V542. Suspicious type cast: 'Type1' to ' Type2'. Consider inspecting the expression.
- V543. It is suspicious that value 'X' is assigned to the variable 'Y' of HRESULT type.
- V544. It is suspicious that the value 'X' of HRESULT type is compared with 'Y'.
- V545. Conditional expression of 'if' statement is incorrect for the HRESULT type value 'Foo'. The SUCCEEDED or FAILED macro should be used instead.
- V801. Decreased performance. It is better to redefine the N function argument as a reference. Consider replacing 'const T' with 'const .. &T' / 'const .. *T'.
- V546. The 'Foo(Foo)' class member is initialized with itself.
- V547. Expression is always true/false.
- V548. TYPE X[][] is not equivalent to TYPE **X. Consider inspecting type casting.
- V549. The 'first' argument of 'Foo' function is equal to the 'second' argument.
- V005. Cannot determine active configuration for project. Please check projects and solution configurations.
- V550. Suspicious precise comparison. Consider using a comparison with defined precision: fabs(A - B) < Epsilon or fabs(A - B) > Epsilon.
- V551. Unreachable code under a 'case' label.
- V552. A bool type variable is incremented. Perhaps another variable should be incremented instead.
- V553. Length of function body or class declaration is more than 2000 lines. Consider refactoring the code.
- V554. Incorrect use of smart pointer.
- V555. Expression of the 'A - B > 0' kind will work as 'A != B'.
- V556. Values of different enum types are compared.
- V557. Possible array overrun.
- V558. Function returns pointer/reference to temporary local object.
- V802. On 32-bit/64-bit platform, structure size can be reduced from N to K bytes by rearranging the fields according to their sizes in decreasing order.
- V006. File cannot be processed. Analysis aborted by timeout.
- V559. Suspicious assignment inside the conditional expression of 'if/while/for' statement.
- V560. Part of conditional expression is always true/false.
- V561. Consider assigning value to 'foo' variable instead of declaring it anew.
- V562. Bool type value is compared with value of N. Consider inspecting the expression.
- V204. Explicit conversion from 32-bit integer type to pointer type.
- V205. Explicit conversion of pointer type to 32-bit integer type.
- V563. An 'else' branch may apply to the previous 'if' statement.
- V564. The '&' or '|' operator is applied to bool type value. Check for missing parentheses or use the '&&' or '||' operator.
- V565. Empty exception handler. Silent suppression of exceptions can hide errors in source code during testing.
- V566. Integer constant is converted to pointer. Check for an error or bad coding style.
- V567. Modification of variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior.
- V568. It is suspicious that the argument of sizeof() operator is the expression.
- V569. Truncation of constant value.
- V803. Decreased performance. It is more effective to use the prefix form of ++it. Replace iterator++ with ++iterator.
- V007. Deprecated CLR switch was detected. Incorrect diagnostics are possible.
- V570. Variable is assigned to itself.
- V571. Recurring check. This condition was already verified in previous line.
- V572. Object created using 'new' operator is immediately cast to another type. Consider inspecting the expression.
- V804. Decreased performance. The 'Foo' function is called twice in the specified expression to calculate length of the same string.
- V220. Suspicious sequence of types castings: memsize -> 32-bit integer -> memsize.
- V573. Use of uninitialized variable 'Foo'. The variable was used to initialize itself.
- V574. Pointer is used both as an array and as a pointer to single object.
- V575. Function receives suspicious argument.
- V576. Incorrect format. Consider checking the Nth actual argument of the 'Foo' function.
- V577. Label is present inside switch(). Check for typos and consider using the 'default:' operator instead.
- V578. Suspicious bitwise operation was detected. Consider inspecting it.
- V805. Decreased performance. It is inefficient to identify an empty string by using 'strlen(str) > 0' construct. A more efficient way is to check: str[0] != '\0'.
- V127. An overflow of the 32-bit variable is possible inside a long cycle which utilizes a memsize-type loop counter.
- V579. The 'Foo' function receives the pointer and its size as arguments. This may be a potential error. Inspect the Nth argument.
- V580. Suspicious explicit type casting. Consider inspecting the expression.
- V581. Conditional expressions of 'if' statements located next to each other are identical.
- V582. Consider reviewing the source code that uses the container.
- V583. The '?:' operator, regardless of its conditional expression, always returns the same value.
- V584. Same value is present on both sides of the operator. The expression is incorrect or can be simplified.
- V585. Attempt to release memory that stores the 'Foo' local variable.
- V586. The 'Foo' function is called twice to deallocate the same resource.
- V587. Suspicious sequence of assignments: A = B; B = A;.
- V806. Decreased performance. The expression of strlen(MyStr.c_str()) kind can be rewritten as MyStr.length().
- V588. Expression of the 'A =+ B' kind is used. Possibly meant: 'A += B'. Consider inspecting the expression.
- V589. Expression of the 'A =- B' kind is used. Possibly meant: 'A -= B'. Consider inspecting the expression.
- V590. Possible excessive expression or typo. Consider inspecting the expression.
- V591. Non-void function must return value.
- V592. Expression is enclosed by parentheses twice: ((expression)). One pair of parentheses is unnecessary or typo is present.
- V593. Expression 'A = B == C' is calculated as 'A = (B == C)'. Consider inspecting the expression.
- V008. Unable to start the analysis on this file.
- V2003. Explicit conversion from 'float/double' type to signed integer type.
- V2004. Explicit conversion from 'float/double' type to unsigned integer type.
- V2005. C-style explicit type casting is utilized. Consider using: static_cast/const_cast/reinterpret_cast.
- V594. Pointer to array is out of array bounds.
- V595. Pointer was used before its check for nullptr. Check lines: N1, N2.
- V596. Object was created but is not used. Check for missing 'throw' keyword.
- V597. Compiler may delete 'memset' function call that is used to clear 'Foo' buffer. Use the RtlSecureZeroMemory() function to erase private data.
- V598. Memory manipulation function is used to work with a class object containing a virtual table pointer. The result of such an operation may be unexpected.
- V599. The virtual destructor is not present, although the 'Foo' class contains virtual functions.
- V600. The 'Foo' pointer is always not equal to NULL. Consider inspecting the condition.
- V601. Suspicious implicit type casting.
- V602. The '<' operator should probably be replaced with '<<'. Consider inspecting this expression.
- V603. Object was created but not used. If you wish to call constructor, use 'this->Foo::Foo(....)'.
- V807. Decreased performance. Consider creating a pointer/reference to avoid using the same expression repeatedly.
- V604. Number of iterations in loop equals size of a pointer. Consider inspecting the expression.
- V605. Unsigned value is compared to the NN number. Consider inspecting the expression.
- V606. Ownerless token 'Foo'.
- V607. Ownerless expression 'Foo'.
- V608. Recurring sequence of explicit type casts.
- V609. Possible division or mod by zero.
- V610. Undefined behavior. Check the shift operator.
- V611. Memory allocation and deallocation methods are incompatible.
- V612. Unconditional 'break/continue/return/goto' within a loop.
- V613. Suspicious pointer arithmetic with 'malloc/new'.
- V614. Use of 'Foo' uninitialized variable.
- V2006. Implicit type conversion from enum type to integer type.
- V615. Suspicious explicit conversion from 'float *' type to 'double *' type.
- V616. Use of 'Foo' named constant with 0 value in bitwise operation.
- V617. Argument of the '|' bitwise operation always contains non-zero value. Consider inspecting the condition.
- V618. Dangerous call of 'Foo' function. The passed line may contain format specification. Example of safe code: printf("%s", str);
- V619. Array is used as pointer to single object.
- V620. Expression of sizeof(T)*N kind is summed up with pointer to T type. Consider inspecting the expression.
- V621. Loop may execute incorrectly or may not execute at all. Consider inspecting the 'for' operator.
- V622. First 'case' operator may be missing. Consider inspecting the 'switch' statement.
- V623. Temporary object is created and then destroyed. Consider inspecting the '?:' operator.
- V624. Use of constant NN. The resulting value may be inaccurate. Consider using the M_NN constant from <math.h>.
- V625. Initial and final values of the iterator are the same. Consider inspecting the 'for' operator.
- V626. It's possible that ',' should be replaced by ';'. Consider checking for typos.
- V627. Argument of sizeof() is a macro, which expands to a number. Consider inspecting the expression.
- V628. It is possible that a line was commented out improperly, thus altering the program's operation logic.
- V629. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type. Consider inspecting the expression.
- V630. The 'malloc' function is used to allocate memory for an array of objects that are classes containing constructors/destructors.
- V631. Defining absolute path to file or directory is considered a poor coding style. Consider inspecting the 'Foo' function call.
- V632. Argument is of the 'T' type. Consider inspecting the NN argument of the 'Foo' function.
- V633. The '!=' operator should probably be used here. Consider inspecting the expression.
- V634. Priority of '+' operation is higher than priority of '<<' operation. Consider using parentheses in the expression.
- V635. Length should be probably multiplied by sizeof(wchar_t). Consider inspecting the expression.
- V636. Expression was implicitly cast from integer type to real type. Consider using an explicit type cast to avoid overflow or loss of a fractional part.
- V637. Use of two opposite conditions. The second condition is always false.
- V638. Terminal null is present inside a string. Use of '\0xNN' characters. Probably meant: '\xNN'.
- V639. One of closing ')' parentheses is probably positioned incorrectly. Consider inspecting the expression for function call.
- V640. Code's operational logic does not correspond with its formatting.
- V641. Buffer size is not a multiple of element size.
- V642. Function result is saved inside the 'byte' type variable. Significant bits may be lost. This may break the program's logic.
- V643. Suspicious pointer arithmetic. Value of 'char' type is added to a string pointer.
- V644. Suspicious function declaration. Consider creating a 'T' type object.
- V645. Function call may lead to buffer overflow. Bounds should not contain size of a buffer, but a number of characters it can hold.
- V646. The 'else' keyword may be missing. Consider inspecting the program's logic.
- V647. Value of 'A' type is assigned to a pointer of 'B' type.
- V648. Priority of '&&' operation is higher than priority of '||' operation.
- V649. Two 'if' statements with identical conditional expressions. The first 'if' statement contains function return. This means that the second 'if' statement is senseless.
- V650. Type casting is used 2 times in a row. The '+' operation is executed. Probably meant: (T1)((T2)a + b).
- V2007. This expression can be simplified. One of the operands in the operation equals NN. Probably it is a mistake.
- V651. Suspicious operation of 'sizeof(X)/sizeof(T)' kind, where 'X' is of the 'class' type.
- V652. Operation is executed 3 or more times in a row.
- V653. Suspicious string consisting of two parts is used for initialization. Comma may be missing.
- V808. An array/object was declared but was not utilized.
- V654. Condition of a loop is always true/false.
- V655. Strings were concatenated but not used. Consider inspecting the expression.
- V656. Variables are initialized through the call to the same function. It's probably an error or un-optimized code.
- V809. Verifying that a pointer value is not NULL is not required. The 'if (ptr != NULL)' check can be removed.
- V2008. Cyclomatic complexity: NN. Consider refactoring the 'Foo' function.
- V657. Function always returns the same value of NN. Consider inspecting the function.
- V658. Value is subtracted from unsigned variable. It can result in an overflow. In such a case, the comparison operation may behave unexpectedly.
- V659. Functions' declarations with 'Foo' name differ in 'const' keyword only, while these functions' bodies have different composition. It is suspicious and can possibly be an error.
- V660. Program contains an unused label and function call: 'CC:AA()'. Probably meant: 'CC::AA()'.
- V810. Decreased performance. The 'A' function was called several times with identical arguments. The result should possibly be saved to a temporary variable, which then could be used while calling the 'B' function.
- V661. Suspicious expression 'A[B < C]'. Probably meant 'A[B] < C'.
- V662. Different containers are used to set up initial and final values of iterator. Consider inspecting the loop expression.
- V664. Pointer is dereferenced in the member initializer list before it is checked for null in the body of a constructor.
- V811. Decreased performance. Excessive type casting: string -> char * -> string.
- V663. Infinite loop is possible. The 'cin.eof()' condition is insufficient to break from the loop. Consider adding the 'cin.fail()' function call to the conditional expression.
- V665. Possible incorrect use of '#pragma warning(default: X)'. The '#pragma warning(push/pop)' should be used instead.
- V666. Value may not correspond with the length of a string passed with YY argument. Consider inspecting the NNth argument of the 'Foo' function.
- V667. The 'throw' operator does not have any arguments and is not located within the 'catch' block.
- V668. Possible meaningless check for null, as memory was allocated using 'new' operator. Memory allocation will lead to an exception.
- V812. Decreased performance. Ineffective use of the 'count' function. It can possibly be replaced by the call to the 'find' function.
- V128. A variable of the memsize type is read from a stream. Consider verifying the compatibility of 32 and 64 bit versions of the application in the context of a stored data.
- V2009. Consider passing the 'Foo' argument as a pointer/reference to const.
- V669. Argument is a non-constant reference. The analyzer is unable to determine the position where this argument is modified. Consider checking the function for an error.
- V670. Uninitialized class member is used to initialize another member. Remember that members are initialized in the order of their declarations inside a class.
- V671. The 'swap' function may interchange a variable with itself.
- V672. It is possible that creating a new variable is unnecessary. One of the function's arguments has the same name and this argument is a reference.
- V813. Decreased performance. The argument should probably be rendered as a constant pointer/reference.
- V673. More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits.
- V675. Writing into read-only memory.
- V674. Expression contains a suspicious mix of integer and real types.
- V814. Decreased performance. The 'strlen' function was called multiple times inside the body of a loop.
- V676. Incorrect comparison of BOOL type variable with TRUE.
- V677. Custom declaration of standard type. Consider using the declaration from system header files instead.
- V678. Object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' function.
- V679. The 'X' variable was not initialized. This variable is passed by reference to the 'Foo' function in which its value will be used.
- V680. The 'delete A, B' expression only destroys the 'A' object. Then the ',' operator returns a resulting value from the right side of the expression.
- V681. The language standard does not define order in which 'Foo' functions are called during evaluation of arguments.
- V682. Suspicious literal: '/r'. It is possible that a backslash should be used instead: '\r'.
- V683. The 'i' variable should probably be incremented instead of the 'n' variable. Consider inspecting the loop expression.
- V684. Value of variable is not modified. It is possible that '1' should be present instead of '0'. Consider inspecting the expression.
- V685. The expression contains a comma. Consider inspecting the return statement.
- V686. Pattern A || (A && ...) was detected. The expression is excessive or contains a logical error.
- V687. Size of array calculated by sizeof() operator was added to a pointer. It is possible that the number of elements should be calculated by sizeof(A)/sizeof(A[0]).
- V688. The 'foo' local variable has the same name as one of class members. This can result in confusion.
- V689. Destructor of 'Foo' class is not declared as virtual. A smart pointer may not destroy an object correctly.
- V2010. Handling of two different exception types is identical.
- V690. The class implements a copy constructor/operator=, but lacks the operator=/copy constructor.
- V691. Empirical analysis. Possible typo inside the string literal. The 'foo' word is suspicious.
- V692. Inappropriate attempt to append a null character to a string. To determine the length of a string by 'strlen' function correctly, use a string ending with a null terminator in the first place.
- V693. It is possible that 'i < X.size()' should be used instead of 'X.size()'. Consider inspecting conditional expression of the loop.
- V694. The condition (ptr - const_value) is only false if the value of a pointer equals a magic constant.
- V815. Decreased performance. Consider replacing the expression 'AA' with 'BB'.
- V695. Range intersections are possible within conditional expressions.
- V2011. Consider inspecting signed and unsigned function arguments. See NN argument of function 'Foo' in derived class and base class.
- V696. The 'continue' operator will terminate 'do { ... } while (FALSE)' loop because the condition is always false.
- V697. Number of elements in the allocated array equals the size of a pointer in bytes.
- V206. Explicit conversion from 'void *' to 'int *'.
- V698. Functions of strcmp() kind can return any values, not only -1, 0, or 1.
- V699. It is possible that 'foo = bar == baz ? .... : ....' should be used here instead of 'foo = bar = baz ? .... : ....'. Consider inspecting the expression.
- V700. It is suspicious that variable is initialized through itself. Consider inspecting the 'T foo = foo = x;' expression.
- V701. Possible realloc() leak: when realloc() fails to allocate memory, original pointer is lost. Consider assigning realloc() to a temporary pointer.
- V702. Classes should always be derived from std::exception (and alike) as 'public'.
- V703. It is suspicious that the 'foo' field in derived class overwrites field in base class.
- V704. The expression is always false on newer compilers. Avoid using 'this == 0' comparison.
- V705. It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics.
- V2012. Possibility of decreased performance. It is advised to pass arguments to std::unary_function/std::binary_function template as references.
- V706. Suspicious division: sizeof(X) / Value. Size of every element in X array is not equal to divisor.
- V707. Giving short names to global variables is considered to be bad practice.
- V708. Dangerous construction is used: 'm[x] = m.size()', where 'm' is of 'T' class. This may lead to undefined behavior.
- V709. Suspicious comparison found: 'a == b == c'. Remember that 'a == b == c' is not equal to 'a == b && b == c'.
- V710. Suspicious declaration. There is no point to declare constant reference to a number.
- V711. It is dangerous to create a local variable within a loop with a same name as a variable controlling this loop.
- V712. Compiler may optimize out this loop or make it infinite. Use volatile variable(s) or synchronization primitives to avoid this.
- V713. Pointer was used in the logical expression before its check for nullptr in the same logical expression.
- V714. Variable is not passed into foreach loop by reference, but its value is changed inside of the loop.
- V715. The 'while' operator has empty body. This pattern is suspicious.
- V716. Suspicious type conversion: HRESULT -> BOOL (BOOL -> HRESULT).
- V717. It is suspicious to cast object of base class V to derived class U.
- V718. The 'Foo' function should not be called from 'DllMain' function.
- V221. Suspicious sequence of types castings: pointer -> memsize -> 32-bit integer.
- V719. The switch statement does not cover all values of the enum.
- V720. The 'SuspendThread' function is usually used when developing a debugger. See documentation for details.
- V2013. Consider inspecting the correctness of handling the N argument in the 'Foo' function.
- V721. The VARIANT_BOOL type is used incorrectly. The true value (VARIANT_TRUE) is defined as -1.
- V722. Abnormality within similar comparisons. It is possible that a typo is present inside the expression.
- V723. Function returns a pointer to the internal string buffer of a local object, which will be destroyed.
- PVS-Studio Messages
- V724. Converting integers or pointers to BOOL can lead to a loss of high-order bits. Non-zero value can become 'FALSE'.
- V725. Dangerous cast of 'this' to 'void*' type in the 'Base' class, as it is followed by a subsequent cast to 'Class' type.
- V726. Attempt to free memory containing the 'int A[10]' array by using the 'free(A)' function.
- V207. A 32-bit variable is utilized as a reference to a pointer. A write outside the bounds of this variable may occur.
- V727. Return value of 'wcslen' function is not multiplied by 'sizeof(wchar_t)'.
- V728. Excessive check can be simplified. The '||' operator is surrounded by opposite expressions 'x' and '!x'.
- V729. Function body contains the 'X' label that is not used by any 'goto' statements.
- V730. Not all members of a class are initialized inside the constructor.
- V731. The variable of char type is compared with pointer to string.
- V732. Unary minus operator does not modify a bool type value.
- V733. It is possible that macro expansion resulted in incorrect evaluation order.
- V3001. There are identical sub-expressions to the left and to the right of the 'foo' operator.
- V3003. The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.
- V3012. The '?:' operator, regardless of its conditional expression, always returns one and the same value.
- V3014. It is likely that a wrong variable is being incremented inside the 'for' operator. Consider reviewing 'X'.
- V3015. It is likely that a wrong variable is being compared inside the 'for' operator. Consider reviewing 'X'.
- V3016. The variable 'X' is being used for this loop and for the outer loop.
- V3009. It's odd that this method always returns one and the same value of NN.
- V3019. It is possible that an incorrect variable is compared with null after type conversion using 'as' keyword.
- V3013. It is odd that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function.
- V3021. There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless.
- V3022. Expression is always true/false.
- V3025. Incorrect format. Consider checking the N format items of the 'Foo' function.
- V052. A critical error had occurred.
- V3008. The 'x' variable is assigned values twice successively. Perhaps this is a mistake.
- V3028. Consider inspecting the 'for' operator. Initial and final values of the iterator are the same.
- V3034. Consider inspecting the expression. Probably the '!=' should be used here.
- V3035. Consider inspecting the expression. Probably the '+=' should be used here.
- V3036. Consider inspecting the expression. Probably the '-=' should be used here.
- V3033. It is possible that this 'else' branch must apply to the previous 'if' statement.
- V3002. The switch statement does not cover all values of the enum.
- V3004. The 'then' statement is equivalent to the 'else' statement.
- V3005. The 'x' variable is assigned to itself.
- V3006. The object was created but it is not being used. The 'throw' keyword could be missing.
- V3007. Odd semicolon ';' after 'if/for/while' operator.
- V3010. The return value of function 'Foo' is required to be utilized.
- V3011. Two opposite conditions were encountered. The second condition is always false.
- V3017. A pattern was detected: A || (A && ...). The expression is excessive or contains a logical error.
- V3018. Consider inspecting the application's logic. It's possible that 'else' keyword is missing.
- V3020. An unconditional 'break/continue/return/goto' within a loop.
- V3023. Consider inspecting this expression. The expression is excessive or contains a misprint.
- V3024. An odd precise comparison. Consider using a comparison with defined precision: Math.Abs(A - B) < Epsilon or Math.Abs(A - B) > Epsilon.
- V3026. The constant NN is being utilized. The resulting value could be inaccurate. Consider using the KK constant.
- V3027. The variable was utilized in the logical expression before it was verified against null in the same logical expression.
- V3030. Recurring check. This condition was already verified in previous line.
- V3031. An excessive check can be simplified. The operator '||' operator is surrounded by opposite expressions 'x' and '!x'.
- V734. Excessive expression. Examine the substrings "abc" and "abcd".
- V3029. The conditional expressions of the 'if' statements situated alongside each other are identical.
- V3032. Waiting on this expression is unreliable, as compiler may optimize some of the variables. Use volatile variable(s) or synchronization primitives to avoid this.
- V3037. An odd sequence of assignments of this kind: A = B; B = A;
- V3039. Consider inspecting the 'Foo' function call. Defining an absolute path to the file or directory is considered a poor style.
- V735. Possibly an incorrect HTML. The "</XX>" closing tag was encountered, while the "</YY>" tag was expected.
- V3038. The argument was passed to method several times. It is possible that another argument should be passed instead.
- V3040. The expression contains a suspicious mix of integer and real types.
- V3041. The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid the loss of a fractional part.
- V3043. The code's operational logic does not correspond with its formatting.
- V3042. Possible NullReferenceException. The '?.' and '.' operators are used for accessing members of the same object.
- V743. The memory areas must not overlap. Use 'memmove' function.
- V736. The behavior is undefined for arithmetic or comparisons with pointers that do not point to members of the same array.
- V737. It is possible that ',' comma is missing at the end of the string.
- V738. Temporary anonymous object is used.
- V739. EOF should not be compared with a value of the 'char' type. Consider using the 'int' type.
- V740. Exception is of the 'int' type because NULL is defined as 0. Keyword 'nullptr' can be used for 'pointer' type exception.
- V741. Use of the throw (a, b); pattern. It is possible that type name was omitted: throw MyException(a, b);.
- V745. A 'wchar_t *' type string is incorrectly converted to 'BSTR' type string.
- V746. Object slicing. An exception should be caught by reference rather than by value.
- V747. Suspicious expression inside parentheses. A function name may be missing.
- V750. BSTR string becomes invalid. Notice that BSTR strings store their length before start of the text.
- V816. It is more efficient to catch exception by reference rather than by value.
- V3044. WPF: writing and reading are performed on a different Dependency Properties.
- V3045. WPF: the names of the property registered for DependencyProperty, and of the property used to access it, do not correspond with each other.
- V3046. WPF: the type registered for DependencyProperty does not correspond with the type of the property used to access it.
- V3047. WPF: A class containing registered property does not correspond with a type that is passed as the ownerType.type.
- V3048. WPF: several Dependency Properties are registered with a same name within the owner type.
- V3049. WPF: readonly field of 'DependencyProperty' type is not initialized.
- V742. Function receives an address of a 'char' type variable instead of pointer to a buffer.
- V3055. Suspicious assignment inside the condition expression of 'if/while/for' operator.
- V744. Temporary object is immediately destroyed after being created. Consider naming the object.
- V748. Memory for 'getline' function should be allocated only by 'malloc' or 'realloc' functions. Consider inspecting the first parameter of 'getline' function.
- V749. Destructor of the object will be invoked a second time after leaving the object's scope.
- V3050. Possibly an incorrect HTML. The </XX> closing tag was encountered, while the </YY> tag was expected.
- V3054. Potentially unsafe double-checked locking. Use volatile variable(s) or synchronization primitives to avoid this.
- V3056. Consider reviewing the correctness of 'X' item's usage.
- V3053. An excessive expression. Examine the substrings "abc" and "abcd".
- V3051. An excessive type cast or check. The object is already of the same type.
- V3052. The original exception object was swallowed. Stack of original exception could be lost.
- V3058. An item with the same key has already been added.
- V3060. A value of variable is not modified. Consider inspecting the expression. It is possible that other value should be present instead of '0'.
- V3066. Possible incorrect order of arguments passed to method.
- V3057. Function receives an odd argument.
- V3063. A part of conditional expression is always true/false if it is evaluated.
- V3064. Division or mod division by zero.
- V3067. It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics.
- V3068. Calling overrideable class member from constructor is dangerous.
- V3071. The object is returned from inside 'using' block. 'Dispose' will be invoked before exiting method.
- V3075. The operation is executed 2 or more times in succession.
- V3059. Consider adding '[Flags]' attribute to the enum.
- V3061. Parameter 'A' is always rewritten in method body before being used.
- V3062. An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' method.
- V3065. Parameter is not utilized inside method's body.
- V3069. It's possible that the line was commented out improperly, thus altering the program's operation logics.
- V3070. Uninitialized variables are used when initializing the 'A' variable.
- V3076. Comparison with 'double.NaN' is meaningless. Use 'double.IsNaN()' method instead.
- V3077. Property setter / event accessor does not utilize its 'value' parameter.
- V3072. The 'A' class containing IDisposable members does not itself implement IDisposable.
- V051. Some of the references in project are missing or incorrect. The analysis results could be incomplete. Consider making the project fully compilable and building it before analysis.
- V3073. Not all IDisposable members are properly disposed. Call 'Dispose' when disposing 'A' class.
- V3074. The 'A' class contains 'Dispose' method. Consider making it implement 'IDisposable' interface.
- V3081. The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter.
- V3080. Possible null dereference.
- V752. Creating an object with placement new requires a buffer of large size.
- V751. Parameter is not used inside function's body.
- V3078. Sorting keys priority will be reversed relative to the order of 'OrderBy' method calls. Perhaps, 'ThenBy' should be used instead.
- V3079. The 'ThreadStatic' attribute is applied to a non-static 'A' field and will be ignored.
- V3083. Unsafe invocation of event, NullReferenceException is possible. Consider assigning event to a local variable before invoking it.
- V3084. Anonymous function is used to unsubscribe from event. No handlers will be unsubscribed, as a separate delegate instance is created for each anonymous function declaration.
- V3085. The name of 'X' field/property in a nested type is ambiguous. The outer type contains static field/property with identical name.
- V3086. Variables are initialized through the call to the same function. It's probably an error or un-optimized code.
- V3087. Type of variable enumerated in 'foreach' is not guaranteed to be castable to the type of collection's elements.
- V3088. The expression was enclosed by parentheses twice: ((expression)). One pair of parentheses is unnecessary or misprint is present.
- V3091. Empirical analysis. It is possible that a typo is present inside the string literal. The 'foo' word is suspicious.
- V754. The expression of 'foo(foo(x))' pattern is excessive or contains an error.
- V3092. Range intersections are possible within conditional expressions.
- V3093. The operator evaluates both operands. Perhaps a short-circuit operator should be used instead.
- V3082. The 'Thread' object is created but is not started. It is possible that a call to 'Start' method is missing.
- V3089. Initializer of a field marked by [ThreadStatic] attribute will be called once on the first accessing thread. The field will have default value on different threads.
- V3090. Unsafe locking on an object.
- V753. The '&=' operation always sets a value of 'Foo' variable to zero.
- V3098. The 'continue' operator will terminate 'do { ... } while (false)' loop because the condition is always false.
- V3100. NullReferenceException is possible. Unhandled exceptions in destructor lead to termination of runtime.
- V755. Copying from potentially tainted data source. Buffer overflow is possible.
- V3102. Suspicious access to element by a constant index inside a loop.
- V3101. Potential resurrection of 'this' object instance from destructor. Without re-registering for finalization, destructor will not be called a second time on resurrected object.
- V3095. The object was used before it was verified against null. Check lines: N1, N2.
- V3094. Possible exception when deserializing type. The Ctor(SerializationInfo, StreamingContext) constructor is missing.
- V3096. Possible exception when serializing type. [Serializable] attribute is missing.
- V3097. Possible exception: type marked by [Serializable] contains non-serializable members not marked by [NonSerialized].
- V3099. Not all the members of type are serialized inside 'GetObjectData' method.
- V3103. A private Ctor(SerializationInfo, StreamingContext) constructor in unsealed type will not be accessible when deserializing derived types.
- V3104. The 'GetObjectData' implementation in unsealed type is not virtual, incorrect serialization of derived type is possible.
- V757. It is possible that an incorrect variable is compared with null after type conversion using 'dynamic_cast'.
- V756. The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter.
- V758. Reference was invalidated because of destruction of the temporary object returned by the function.
- V759. Violated order of exception handlers. Exception caught by handler for base class.
- V760. Two identical text blocks were detected. The second block starts with NN string.
- V762. Consider inspecting virtual function arguments. See NN argument of function 'Foo' in derived class and base class.
- V761. NN identical blocks were found.
- V3105. The 'a' variable was used after it was assigned through null-conditional operator. NullReferenceException is possible.
- V763. Parameter is always rewritten in function body before being used.
- V764. Possible incorrect order of arguments passed to function.
- V765. Compound assignment expression 'X += X + N' is suspicious. Consider inspecting it for a possible error.
- V3107. Identical expression to the left and to the right of compound assignment.
- V3106. Possibly index is out of bound.
- V766. An item with the same key has already been added.
- V767. Suspicious access to element by a constant index inside a loop.
- V3109. The same sub-expression is present on both sides of the operator. The expression is incorrect or it can be simplified.
- V3110. Possible infinite recursion.
- V3108. It is not recommended to return null or throw exceptions from 'ToString()' method.
- V3111. Checking value for null will always return false when generic type is instantiated with a value type.
- V3112. An abnormality within similar comparisons. It is possible that a typo is present inside the expression.
- V3113. Consider inspecting the loop expression. It is possible that different variables are used inside initializer and iterator.
- V3114. IDisposable object is not disposed before method returns.
- V3115. It is not recommended to throw exceptions from 'Equals(object obj)' method.
- V3116. Consider inspecting the 'for' operator. It's possible that the loop will be executed incorrectly or won't be executed at all.
- V768. Variable is of enum type. It is suspicious that it is used as a variable of a Boolean-type.
- V3117. Constructor parameter is not used.
- V3118. A component of TimeSpan is used, which does not represent full time interval. Possibly 'Total*' value was intended instead.
- V769. The pointer in the expression equals nullptr. The resulting value is meaningless and should not be used.
- V770. Possible use of left shift operator instead of comparison operator.
- V3119. Calling a virtual (overridden) event may lead to unpredictable behavior. Consider implementing event accessors explicitly or use 'sealed' keyword.
- V3121. An enumeration was declared with 'Flags' attribute, but does not set any initializers to override default values.
- V3120. Potentially infinite loop. The variable from the loop exit condition does not change its value between iterations.
- V771. The '?:' operator uses constants from different enums.
- V817. It is more efficient to search for 'X' character rather than a string.
- V009. To use free version of PVS-Studio, source code files are required to start with a special comment.
- V3122. Uppercase (lowercase) string is compared with a different lowercase (uppercase) string.
- V772. Calling the 'delete' operator for a void pointer will cause undefined behavior.
- V773. Function exited without releasing the pointer/handle. A memory/resource leak is possible.
- V774. Pointer was used after the memory was released.
- V775. It is suspicious that the BSTR data type is compared using a relational operator.
- V776. Potentially infinite loop. The variable in the loop exit condition does not change its value between iterations.
- V3123. Perhaps the '??' operator works in a different way than it was expected. Its priority is lower than priority of other operators in its left part.
- V3124. Appending an element and checking for key uniqueness is performed on two different variables.
- V778. Two similar code fragments. Perhaps, it is a typo and 'X' variable should be used instead of 'Y'.
- V777. Dangerous widening type conversion from an array of derived-class objects to a base-class pointer.
- V3125. The object was used after it was verified against null. Check lines: N1, N2.
- V3126. Type implementing IEquatable<T> interface does not override 'GetHashCode' method.
- V3127. Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'.
- V3129. The value of the captured variable will be overwritten on the next iteration of the loop in each instance of anonymous function that captures it.
- V3128. The field (property) is used before it is initialized in constructor.
- V3130. Priority of the '&&' operator is higher than that of the '||' operator. Possible missing parentheses.
- V779. Unreachable code was detected. It is possible that an error is present.
- V780. The object of non-passive (non-PDS) type cannot be used with the function.
- V3131. The expression is checked for compatibility with the type 'A', but is casted to the 'B' type.
- V3132. A terminal null is present inside a string. The '\0xNN' characters were encountered. Probably meant: '\xNN'.
- V3133. Postfix increment/decrement is senseless because this variable is overwritten.
- V3134. Shift by N bits is greater than the size of type.
- V781. Value of a variable is checked after it is used. Possible error in program's logic. Check lines: N1, N2.
- V783. Possible dereference of invalid iterator 'X'.
- V782. It is pointless to compute the distance between the elements of different arrays.
- V785. Constant expression in switch statement.
- V784. The size of the bit mask is less than the size of the first operand. This will cause the loss of the higher bits.
- V786. Assigning the value C to the X variable looks suspicious. The value range of the variable: [A, B].
- V787. Wrong variable is probably used in the for operator as an index.
- V788. Review captured variable in lambda expression.
- V010. Analysis for the project type or platform toolsets is not supported in this tool. Use direct analyzer integration or compiler monitoring instead.
- V819. Decreased performance. Memory is allocated and released multiple times inside the loop body.
- V797. The function is used as if it returned a bool type. The return value of the function should probably be compared with std::string::npos.
- V794. The assignment operator should be protected from the case of 'this == &src'.
- V795. Size of the 'time_t' type is not 64 bits. After the year 2038, the program will work incorrectly.
- V792. The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead.
- V793. It is suspicious that the result of the statement is a part of the condition. Perhaps, this statement should have been compared with something else.
- V790. It is suspicious that the assignment operator takes an object by a non-constant reference and returns this object.
- V818. It is more efficient to use an initialization list rather than an assignment operator.
- V789. Iterators for the container, used in the range-based for loop, become invalid upon a function call.
- V791. The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead.
- V798. The size of the dynamic array can be less than the number of elements in the initializer.
- V820. The variable is not used after copying. Copying can be replaced with move/swap for optimization.
- V796. A 'break' statement is probably missing in a 'switch' statement.
- V799. Variable is not used after memory is allocated for it. Consider checking the use of this variable.
- V3136. Constant expression in switch statement.
- V3135. The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead.
- V821. The variable can be constructed in a lower level scope.
- V1001. Variable is assigned but not used by the end of the function.
- V3137. The variable is assigned but is not used by the end of the function.
- V1002. Class that contains pointers, constructor and destructor is copied by the automatically generated operator= or copy constructor.
- V1003. Macro expression is dangerous or suspicious.
- V1004. Pointer was used unsafely after its check for nullptr.
- V1005. The resource was acquired using 'X' function but was released using incompatible 'Y' function.
- V1006. Several shared_ptr objects are initialized by the same pointer. A double memory deallocation will occur.
- V1007. Value from the uninitialized optional is used. It may be an error.
- V1008. No more than one iteration of the loop will be performed. Consider inspecting the 'for' operator.
- V1010. Unchecked tainted data is used in expression.
- V1009. Check the array initialization. Only the first element is initialized explicitly.
- V011. Presence of #line directives may cause some diagnostic messages to have incorrect file name and line number.
- V1012. The expression is always false. Overflow check is incorrect.
- V1011. Function execution could be deferred. Consider specifying execution policy explicitly.
- V1013. Suspicious subexpression in a sequence of similar comparisons.
- V1015. Suspicious simultaneous use of bitwise and logical operators.
- V1014. Structures with members of real type are compared byte-wise.
- V1016. The value is out of range of enum values. This causes unspecified or undefined behavior.
- V1017. Variable of the 'string_view' type references a temporary object, which will be removed after evaluation of an expression.
- V6004. The 'then' statement is equivalent to the 'else' statement.
- V6034. Shift by N bits is inconsistent with the size of type.
- V6035. Double negation is present in the expression: !!x.
- V6043. Consider inspecting the 'for' operator. Initial and final values of the iterator are the same.
- V6013. Comparison of arrays, strings, collections by reference. Possibly an equality comparison was intended.
- V6015. Consider inspecting the expression. Probably the '!='/'-='/'+=' should be used here.
- V6024. The 'continue' operator will terminate 'do { ... } while (false)' loop because the condition is always false.
- V6007. Expression is always true/false.
- V6031. The variable 'X' is being used for this loop and for the outer loop.
- V6037. An unconditional 'break/continue/return/goto' within a loop.
- V6040. The code's operational logic does not correspond with its formatting.
- V6005. The 'x' variable is assigned to itself.
- V6028. Identical expression to the left and to the right of compound assignment.
- V6027. Variables are initialized through the call to the same function. It's probably an error or un-optimized code.
- V6019. Unreachable code detected. It is possible that an error is present.
- V6025. Possibly index is out of bound.
- V6044. Postfix increment/decrement is senseless because this variable is overwritten.
- V6002. The switch statement does not cover all values of the enum.
- V6006. The object was created but it is not being used. The 'throw' keyword could be missing.
- V6018. Constant expression in switch statement.
- V6012. The '?:' operator, regardless of its conditional expression, always returns one and the same value.
- V6036. The value from the uninitialized optional is used.
- V6010. The return value of function 'Foo' is required to be utilized.
- V6048. This expression can be simplified. One of the operands in the operation equals NN. Probably it is a mistake.
- V6029. Possible incorrect order of arguments passed to method.
- V6023. Parameter 'A' is always rewritten in method body before being used.
- V6022. Parameter is not used inside method's body.
- V6009. Function receives an odd argument.
- V6049. Classes that define 'equals' method must also define 'hashCode' method.
- V6033. An item with the same key has already been added.
- V6014. It's odd that this method always returns one and the same value of NN.
- V6026. This value is already assigned to the 'b' variable.
- V6041. Suspicious assignment inside the conditional expression of 'if/while/do...while' statement.
- V6020. Division or mod division by zero.
- V6016. Suspicious access to element by a constant index inside a loop.
- V6030. The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead.
- V6046. Incorrect format. Consider checking the N format items of the 'Foo' function.
- V6008. Potential null dereference.
- V6042. The expression is checked for compatibility with type 'A', but is cast to type 'B'.
- V6032. It is odd that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function.
- V6038. Comparison with 'double.NaN' is meaningless. Use 'double.isNaN()' method instead.
- V6011. The expression contains a suspicious mix of integer and real types.
- V6045. Suspicious subexpression in a sequence of similar comparisons.
- V6047. It is possible that this 'else' branch must apply to the previous 'if' statement.
- V6001. There are identical sub-expressions to the left and to the right of the 'foo' operator.
- V6021. The value is assigned to the 'x' variable but is not used.
- V6039. There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless.
- V6003. The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.
- V6017. The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter.
- V1018. Usage of a suspicious mutex wrapper. It is probably unused, uninitialized, or already locked.
- V6050. Class initialization cycle is present.
- V1020. Function exited without performing epilogue actions. It is possible that there is an error.
- V1019. Compound assignment expression is used inside condition.
- V6055. Expression inside assert statement can change object's state.
- V6051. Use of jump statements in 'finally' block can lead to the loss of unhandled exceptions.
- V6056. Implementation of 'compareTo' overloads the method from a base class. Possibly, an override was intended.
- V6052. Calling an overridden method in parent-class constructor may lead to use of uninitialized data.
- V6054. Classes should not be compared by their name.
- V6053. Collection is modified while iteration is in progress. ConcurrentModificationException may occur.
- V1021. The variable is assigned the same value on several loop iterations.
- V1029. Numeric Truncation Error. Return value of function is written to N-bit variable.
- V1025. New variable with default value is created instead of 'std::unique_lock' that locks on the mutex.
- V1028. Possible overflow. Consider casting operands, not the result.
- V1027. Pointer to an object of the class is cast to unrelated class.
- V1026. The variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow.
- V1030. Variable is used after it is moved.
- V1022. Exception was thrown by pointer. Consider throwing it by value instead.
- V1024. Potential use of invalid data. The stream is checked for EOF before reading from it but is not checked after reading.
- V1023. A pointer without owner is added to the container by the 'emplace_back' method. A memory leak will occur in case of an exception.
- V6060. The reference was used before it was verified against null.
- V6057. Consider inspecting this expression. The expression is excessive or contains a misprint.
- V6058. Comparing objects of incompatible types.
- V1031. Function is not declared. The passing of data to or from this function may be affected.
- V1034. Do not use real-type variables as loop counters.
- V1032. Pointer is cast to a more strictly aligned pointer type.
- V6059. Odd use of special character in regular expression. Possibly, it was intended to be escaped.
- V1035. Only values returned from fgetpos() can be used as arguments to fsetpos().
- V1033. Variable is declared as auto in C. Its default type is int.
- V2014. Don't use terminating functions in library code.
- V6061. The used constant value is represented by an octal form.
- V2523. MISRA. All integer constants of unsigned type should have 'u' or 'U' suffix.
- V2524. MISRA. A switch-label should only appear at the top level of the compound statement forming the body of a 'switch' statement.
- V2516. MISRA. The 'if' ... 'else if' construct should be terminated with an 'else' statement.
- V2506. MISRA. A function should have a single point of exit at the end.
- V2504. MISRA. Size of an array is not specified.
- V6063. Odd semicolon ';' after 'if/for/while' operator.
- V2508. MISRA. The function with the 'atof/atoi/atol/atoll' name should not be used.
- V2518. MISRA. The 'default' label should be either the first or the last label of a 'switch' statement.
- V2503. MISRA. Implicitly specified enumeration constants should be unique – consider specifying non-unique constants explicitly.
- V2507. MISRA. The body of a loop\conditional statement should be enclosed in braces.
- V2517. MISRA. Literal suffixes should not contain lowercase characters.
- V2515. MISRA. Declaration should contain no more than two levels of pointer nesting.
- V2505. MISRA. The 'goto' statement shouldn't jump to a label declared earlier.
- V2519. MISRA. Every 'switch' statement should have a 'default' label, which, in addition to the terminating 'break' statement, should contain either a statement or a comment.
- V2501. MISRA. Octal constants should not be used.
- V2511. MISRA. Memory allocation and deallocation functions should not be used.
- V2509. MISRA. The function with the 'abort/exit/getenv/system' name should not be used.
- V2513. MISRA. Unbounded functions performing string operations should not be used.
- V2521. MISRA. Only the first member of enumerator list should be explicitly initialized, unless all members are explicitly initialized.
- V6062. Possible infinite recursion.
- V2525. MISRA. Every 'switch' statement should contain non-empty switch-clauses.
- V2514. MISRA. Unions should not be used.
- V2510. MISRA. The function with the 'qsort/bsearch' name should not be used.
- V2522. MISRA. The 'switch' statement should have 'default' as the last label.
- V2520. MISRA. Every switch-clause should be terminated by an unconditional 'break' or 'throw' statement.
- V2502. MISRA. The 'goto' statement should not be used.
- V2512. MISRA. The macro with the 'setjmp' name and the function with the 'longjmp' name should not be used.
- V063. Analysis aborted by timeout.
- V6065. A non-serializable class should not be serialized.
- V6064. Suspicious invocation of Thread.run().
- V062. Failed to run analyzer core. Make sure the correct 64-bit Java 11 or higher executable is used, or specify it manually.
- V061. An error has occurred.
- V1036. Potentially unsafe double-checked locking.
- V2526. MISRA. The functions from time.h/ctime should not be used.
- V6066. Passing objects of incompatible types to the method of collection.
- V2528. MISRA. The comma operator should not be used.
- V2527. MISRA. A switch-expression should not have Boolean type. Consider using of 'if-else' construct.
- V2529. MISRA. Any label should be declared in the same block as 'goto' statement or in any block enclosing it.
- V2530. MISRA. Any loop should be terminated with no more than one 'break' or 'goto' statement.
- V1037. Two or more case-branches perform the same actions.
- V2532. MISRA. String literal should not be assigned to object unless it has type of pointer to const-qualified char.
- V2531. MISRA. Expression of essential type 'foo' should not be explicitly cast to essential type 'bar'.
- V2536. MISRA. Function should not contain labels not used by any 'goto' statements.
- V2537. MISRA. Functions should not have unused parameters.
- V2538. MISRA. The value of uninitialized variable should not be used.
- V2541. MISRA. Function should not be declared implicitly.
- V2533. MISRA. C-style and functional notation casts should not be performed.
- V2534. MISRA. The loop counter should not have floating-point type.
- V2539. MISRA. Class destructor should not exit with an exception.
- V2540. MISRA. Arrays should not be partially initialized.
- V2535. MISRA. Unreachable code should not be present in the project.
- V2542. MISRA. Function with a non-void return type should return a value from all exit paths.
- V1038. It is suspicious that a char or string literal is added to a pointer.
- V6067. Two or more case-branches perform the same actions.
- V3138. String literal contains potential interpolated expression.
- V3139. Two or more case-branches perform the same actions.
- V1039. Character escape is used in multicharacter literal. This causes implementation-defined behavior.
- V2547. MISRA. The return value of non-void function should be used.
- V2544. MISRA. The values used in expressions should have appropriate essential types.
- V2550. MISRA. Floating-point values should not be tested for equality or inequality.
- V2543. MISRA. Value of the essential character type should be used appropriately in the addition/subtraction operations.
- V2546. MISRA. Expression resulting from the macro expansion should be surrounded by parentheses.
- V2548. MISRA. The address of an object with local scope should not be passed out of its scope.
- V2549. MISRA. Pointer to FILE should not be dereferenced.
- V2545. MISRA. Conversion between pointers of different object types should not be performed.
- V1040. Possible typo in the spelling of a pre-defined macro name.
- V3140. Property accessors use different backing fields.
- V3141. Expression under 'throw' is a potential null, which can lead to NullReferenceException.
- V6068. Suspicious use of BigDecimal class.
- V6069. Unsigned right shift assignment of negative 'byte' / 'short' value.
- V3142. Unreachable code detected. It is possible that an error is present.
- V6070. Unsafe synchronization on an object.
- V3143. The 'value' parameter is rewritten inside a property setter, and is not used after that.
- V1042. This file is marked with copyleft license, which requires you to open the derived source code.
- V3144. This file is marked with copyleft license, which requires you to open the derived source code.
- V6071. This file is marked with copyleft license, which requires you to open the derived source code.
- V1043. A global object variable is declared in the header. Multiple copies of it will be created in all translation units that include this header file.
- V3145. Unsafe dereference of a WeakReference target. The object could have been garbage collected before the 'Target' property was accessed.
- V2552. MISRA. Expressions with enum underlying type should have values corresponding to the enumerators of the enumeration.
- V2554. MISRA. Expression containing increment (++) or decrement (--) should not have other side effects.
- V2551. MISRA. Variable should be declared in a scope that minimizes its visibility.
- V2556. MISRA. Use of a pointer to FILE when the associated stream has already been closed.
- V2553. MISRA. Unary minus operator should not be applied to an expression of the unsigned type.
- V2555. MISRA. Incorrect shifting expression.
- V2557. MISRA. Operand of sizeof() operator should not have other side effects.
- V1044. Loop break conditions do not depend on the number of iterations.
- V6072. Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'.
- V1045. The DllMain function throws an exception. Consider wrapping the throw operator in a try..catch block.
- V6073. It is not recommended to return null or throw exceptions from 'toString' / 'clone' methods.
- V1046. Unsafe usage of the 'bool' and integer types together in the operation '&='.
- V3146. Possible null dereference. A method can return default null value.
- V6074. Non-atomic modification of volatile variable.
- V6075. The signature of method 'X' does not conform to serialization requirements.
- V1047. Lifetime of the lambda is greater than lifetime of the local variable captured by reference.
- V1048. Variable 'foo' was assigned the same value.
- V822. Decreased performance. A new object is created, while a reference to an object is expected.
- V3148. Casting potential 'null' value to a value type can lead to NullReferenceException.
- V3147. Non-atomic modification of volatile variable.
- V2561. MISRA. The result of an assignment expression should not be used.
- V2560. MISRA. There should be no user-defined variadic functions.
- V2558. MISRA. A pointer/reference parameter in a function should be declared as pointer/reference to const if the corresponding object was not modified.
- V2562. MISRA. Expressions with pointer type should not be used in the '+', '-', '+=' and '-=' operations.
- V3149. Dereferencing the result of 'as' operator can lead to NullReferenceException.
- V2559. MISRA. Subtraction, >, >=, <, <= should be applied only to pointers that address elements of the same array.
- V6076. Recurrent serialization will use cached object state from first serialization.
- V2564. MISRA. There should be no implicit integral-floating conversion.
- V1049. The 'foo' include guard is already defined in the 'bar1.h' header. The 'bar2.h' header will be excluded from compilation.
- V1050. Uninitialized class member is used when initializing the base class.
- V2563. MISRA. Array indexing should be the only form of pointer arithmetic and it should be applied only to objects defined as an array type.
- V2566. MISRA. Constant expression evaluation should not result in an unsigned integer wrap-around.
- V2568. MISRA. Both operands of an operator should be of the same type category.
- V2567. MISRA. Cast should not remove 'const' / 'volatile' qualification from the type that is pointed to by a pointer or a reference.
- V2570. MISRA. Operands of the logical '&&' or the '||' operators, the '!' operator should have 'bool' type.
- V2572. MISRA. Value of the expression should not be converted to the different essential type or the narrower essential type.
- V2565. MISRA. A function should not call itself either directly or indirectly.
- V2569. MISRA. The 'operator &&', 'operator ||', 'operator ,' and the unary 'operator &' should not be overloaded.
- V2571. MISRA. Conversions between pointers to objects and integer types should not be performed.
- V3150. Loop break conditions do not depend on the number of iterations.
- V1051. It is possible that an assigned variable should be checked in the next condition. Consider checking for typos.
- V3151. Potential division by zero. Variable was used as a divisor before it was compared to zero. Check lines: N1, N2.
- V6077. A suspicious label is present inside a switch(). It is possible that these are misprints and 'default:' label should be used instead.
- V823. Decreased performance. Object may be created in-place in a container. Consider replacing methods: 'insert' -> 'emplace', 'push_*' -> 'emplace_*'.
- V3152. Potential division by zero. Variable was compared to zero before it was used as a divisor. Check lines: N1, N2.
- V3153. Dereferencing the result of null-conditional access operator can lead to NullReferenceException.
- V1052. Declaring virtual methods in a class marked as 'final' is pointless.
- V2573. MISRA. Identifiers that start with '__' or '_[A-Z]' are reserved.
- V2015. An identifier declared in an inner scope should not hide an identifier in an outer scope.
- V1053. Calling the 'foo' virtual function in the constructor/destructor may lead to unexpected result at runtime.
- V1054. Object slicing. Derived class object was copied to the base class object.
- V1055. The 'sizeof' expression returns the size of the container type, not the number of elements. Consider using the 'size()' function.
- V6078. Potential Java SE API compatibility issue.
- V1057. Pseudo random sequence is the same at every program run. Consider assigning the seed to a value not known at compile-time.
- V1056. The predefined identifier '__func__' always contains the string 'operator()' inside function body of the overloaded 'operator()'.
- V6079. Value of variable is checked after use. Potential logical error is present. Check lines: N1, N2.
- V825. Expression is equivalent to moving one unique pointer to another. Consider using 'std::move' instead.
- V824. It is recommended to use the 'make_unique/make_shared' function to create smart pointers.
- V6080. Consider checking for misprints. It's possible that an assigned variable should be checked in the next condition.
- V1058. Nonsensical comparison of two different functions' addresses.
- V6081. Annotation that does not have 'RUNTIME' retention policy will not be accessible through Reflection API.
- V6082. Unsafe double-checked locking.
- V6084. Suspicious return of an always empty collection.
- V6083. Serialization order of fields should be preserved during deserialization.
- V6085. An abnormality within similar comparisons. It is possible that a typo is present inside the expression.
- V6086. Suspicious code formatting. 'else' keyword is probably missing.
- V6087. InvalidClassException may occur during deserialization.
- V6088. Result of this expression will be implicitly cast to 'Type'. Check if program logic handles it correctly.
- V826. Consider replacing standard container with a different one.
- V827. Maximum size of a vector is known at compile time. Consider pre-allocating it by calling reserve(N).
- V1118. Excessive file permissions can lead to vulnerabilities. Consider restricting file permissions.
- V2634. MISRA. Features from <fenv.h> should not be used.
- V2635. MISRA. The function with the 'system' name should not be used.
- V2636. MISRA. The functions with the 'rand' and 'srand' name of <stdlib.h> should not be used.
- V2637. MISRA. A 'noreturn' function should have 'void' return type.
- V2638. MISRA. Generic association should list an appropriate type.
- V2639. MISRA. Default association should appear as either the first or the last association of a generic selection.
- V2640. MISRA. Thread objects, thread synchronization objects and thread-specific storage pointers should have appropriate storage duration.
- V2641. MISRA. Types should be explicitly specified.
- V2642. MISRA. The '_Atomic' specifier should not be applied to the incomplete type 'void'.
- V2643. MISRA. All memory synchronization operation should be executed in sequentially consistent order.
- V2644. MISRA. Controlling expression of generic selection must not have side effects.
- V2645. MISRA. The language features specified in Annex K should not be used.
- V2646. MISRA. All arguments of any multi-argument type-generic macros from <tgmath.h> should have the same type.
- V2647. MISRA. Structure and union members of atomic objects should not be directly accessed.
- V2648. MISRA. Null pointer constant must be derived by expansion of the NULL macro provided by the implementation.
- V2649. MISRA. All arguments of any type-generic macros from <tgmath.h> should have an appropriate essential type.
- V2650. MISRA. Controlling expression of generic selection should have essential type that matches its standard type
- V2651. MISRA. Initializer using chained designators should not contain initializers without designators.
- V2652. MISRA. Argument of an integer constant macro should have an appropriate form.
- V2653. MISRA. The small integer variants of the minimum-width integer constant macros should not be used.
- V2654. MISRA. Initializer list should not contain persistent side effects.
- V2655. MISRA. The right operand of a logical '&&' or '||' operator should not contain persistent side effects.
- V2656. MISRA. Standard Library function 'memcmp' should not be used to compare null-terminated strings.
- V2657. MISRA. Obsolescent language features should not be used.
- V2658. MISRA. Dead code should not be used in a project.
- V2659. MISRA. Switch statements should be well-formed.
- V2660. MISRA. A function declared with a _Noreturn specifier should not return to its caller.
- V2661. MISRA. A 'for' loop should be well-formed.
- V2662. MISRA. Any value passed to a function from <ctype.h> should be representable as an unsigned character or be the value EOF.
- V3218. Loop condition may be incorrect due to an off-by-one error.
- V3219. The variable was changed after it was captured in a LINQ method with deferred execution. The original value will not be used when the method is executed.
- V3220. The result of the LINQ method with deferred execution is never used. The method will not be executed.
- V3221. Modifying a collection during its enumeration will lead to an exception.
- V3222. Potential resource leak. An inner IDisposable object might remain non-disposed if the constructor of the outer object throws an exception.
- V3223. Inconsistent use of a potentially shared variable with and without a lock can lead to a data race.
- V3224. Consider using an overload with 'IEqualityComparer', as it is present in similar cases for the same collection element type.
- V3225. A data reading method returns the number of bytes that were read and cannot return the value of -1.
- V3226. Potential resource leak. The disposing method will not be called if an exception occurs in the 'try' block. Consider calling it in the 'finally' block.
- V3227. The precedence of the arithmetic operator is higher than that of the shift operator. Consider using parentheses in the expression.
- V5320. OWASP. Use of potentially tainted data in configuration may lead to security issues.
- V5321. OWASP. Possible LDAP injection. Potentially tainted data is used in a search filter.
- V5322. OWASP. Possible reflection injection. Potentially tainted data is used to select class or method.
- V5323. OWASP. Potentially tainted data is used to define 'Access-Control-Allow-Origin' header.
- V5324. OWASP. Possible open redirect vulnerability. Potentially tainted data is used in the URL.
- V5325. OWASP. Setting the value of the 'Access-Control-Allow-Origin' header to '*' is potentially insecure.
- V5326. OWASP. A password for a database connection should not be empty
- V5327. OWASP. Possible regex injection. Potentially tainted data is used to create regular expression
- V5328. OWASP. Using non-restrictive authorization checks could lead to security violations.
- V5329. OWASP. Using non-atomic file creation is not recommended because an attacker might intercept file ownership.
- V5330. OWASP. Possible XSS injection. Potentially tainted data might be used to execute a malicious script.
- V5331. OWASP. Hardcoded IP addresses are not secure.
- V5332. OWASP. Possible path traversal vulnerability. Potentially tainted data might be used to access files or folders outside a target directory.
- V5333. OWASP. Possible insecure deserialization vulnerability. Potentially tainted data is used to create an object during deserialization.
- V5334. OWASP. Possible server-side request forgery. Potentially tainted data in the URL is used to access a remote resource.
- V5335. OWASP. Potential XXE vulnerability. Insecure XML parser is used to process potentially tainted data.
- V5336. OWASP. Potential XEE vulnerability. Insecure XML parser is used to process potentially tainted data.
- V5629. OWASP. Code contains invisible characters that may alter its logic. Consider enabling the display of invisible characters in the code editor.
- V5630. OWASP. Possible cookie injection. Potentially tainted data is used to create a cookie.
- V5631. OWASP. Use of externally-controlled format string. Potentially tainted data is used as a format string.
- V6126. Native synchronization used on high-level concurrency class.
- V6127. Closeable object is not closed. This may lead to a resource leak.
- V6128. Using a Closeable object after it was closed can lead to an exception.
- V6129. Possible deadlock due to incorrect synchronization order between locks.
- V6130. Integer overflow in arithmetic expression.
- V6131. Casting to a type with a smaller range will result in an overflow.
- V6132. It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics.
- V6106. Casting expression to 'X' type before implicitly casting it to other type may be excessive or incorrect.
- V3535. AUTOSAR. Operand of sizeof() operator should not have other side effects.
- V3519. AUTOSAR. The comma operator should not be used.
- V5008. OWASP. Classes should always be derived from std::exception (and alike) as 'public'.
- V3523. AUTOSAR. Functions should not have unused parameters.
- V5005. OWASP. A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the comparison operation can potentially behave unexpectedly.
- V5012. OWASP. Potentially unsafe double-checked locking.
- V3541. AUTOSAR. A function should not call itself either directly or indirectly.
- V3509. AUTOSAR. Unions should not be used.
- V5001. OWASP. It is highly probable that the semicolon ';' is missing after 'return' keyword.
- V3534. AUTOSAR. Incorrect shifting expression.
- V5010. OWASP. The variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow.
- V3536. AUTOSAR. A pointer/reference parameter in a function should be declared as pointer/reference to const if the corresponding object was not modified.
- V3524. AUTOSAR. The value of uninitialized variable should not be used.
- V3501. AUTOSAR. Octal constants should not be used.
- V5007. OWASP. Consider inspecting the loop expression. It is possible that the 'i' variable should be incremented instead of the 'n' variable.
- V3529. AUTOSAR. Floating-point values should not be tested for equality or inequality.
- V3518. AUTOSAR. A switch-expression should not have Boolean type. Consider using of 'if-else' construct.
- V3504. AUTOSAR. The body of a loop\conditional statement should be enclosed in braces.
- V3543. AUTOSAR. Cast should not remove 'const' / 'volatile' qualification from the type that is pointed to by a pointer or a reference.
- V3520. AUTOSAR. Any label should be declared in the same block as 'goto' statement or in any block enclosing it.
- V3539. AUTOSAR. Array indexing should be the only form of pointer arithmetic and it should be applied only to objects defined as an array type.
- V3530. AUTOSAR. Variable should be declared in a scope that minimizes its visibility.
- V3505. AUTOSAR. The function with the 'atof/atoi/atol/atoll' name should not be used.
- V3525. AUTOSAR. Function with a non-void return type should return a value from all exit paths.
- V3546. AUTOSAR. Conversions between pointers to objects and integer types should not be performed.
- V3513. AUTOSAR. Every switch-clause should be terminated by an unconditional 'break' or 'throw' statement.
- V3516. AUTOSAR. A switch-label should only appear at the top level of the compound statement forming the body of a 'switch' statement.
- V5002. OWASP. An empty exception handler. Silent suppression of exceptions can hide the presence of bugs in source code during testing.
- V3511. AUTOSAR. The 'if' ... 'else if' construct should be terminated with an 'else' statement.
- V3526. AUTOSAR. Expression resulting from the macro expansion should be surrounded by parentheses.
- V3510. AUTOSAR. Declaration should contain no more than two levels of pointer nesting.
- V3537. AUTOSAR. Subtraction, >, >=, <, <= should be applied only to pointers that address elements of the same array.
- V3531. AUTOSAR. Expressions with enum underlying type should have values corresponding to the enumerators of the enumeration.
- V3533. AUTOSAR. Expression containing increment (++) or decrement (--) should not have other side effects.
- V5004. OWASP. Consider inspecting the expression. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type.
- V3538. AUTOSAR. The result of an assignment expression should not be used.
- V3545. AUTOSAR. Operands of the logical '&&' or the '||' operators, the '!' operator should have 'bool' type.
- V3508. AUTOSAR. Unbounded functions performing string operations should not be used.
- V3544. AUTOSAR. The 'operator &&', 'operator ||', 'operator ,' and the unary 'operator &' should not be overloaded.
- V3528. AUTOSAR. The address of an object with local scope should not be passed out of its scope.
- V3547. AUTOSAR. Identifiers that start with '__' or '_[A-Z]' are reserved.
- V5009. OWASP. Unchecked tainted data is used in expression.
- V3512. AUTOSAR. Literal suffixes should not contain lowercase characters.
- V3506. AUTOSAR. The function with the 'abort/exit/getenv/system' name should not be used.
- V3503. AUTOSAR. The 'goto' statement shouldn't jump to a label declared earlier.
- V3515. AUTOSAR. All integer constants of unsigned type should have 'U' suffix.
- V5006. OWASP. More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits.
- V3517. AUTOSAR. The functions from time.h/ctime should not be used.
- V3527. AUTOSAR. The return value of non-void function should be used.
- V3522. AUTOSAR. Unreachable code should not be present in the project.
- V3540. AUTOSAR. There should be no implicit integral-floating conversion.
- V5003. OWASP. The object was created but it is not being used. The 'throw' keyword could be missing.
- V5011. OWASP. Possible overflow. Consider casting operands, not the result.
- V3514. AUTOSAR. The 'switch' statement should have 'default' as the last label.
- V3507. AUTOSAR. The macro with the 'setjmp' name and the function with the 'longjmp' name should not be used.
- V3532. AUTOSAR. Unary minus operator should not be applied to an expression of the unsigned type.
- V3521. AUTOSAR. The loop counter should not have floating-point type.
- V3502. AUTOSAR. Size of an array is not specified.
- V3542. AUTOSAR. Constant expression evaluation should not result in an unsigned integer wrap-around.
- V5305. OWASP. Storing credentials inside source code can lead to security issues.
- V3167. Parameter of 'CancellationToken' type is not used inside function's body.
- V3168. Awaiting on expression with potential null value can lead to throwing of 'NullReferenceException'.
- V6105. Consider inspecting the loop expression. It is possible that different variables are used inside initializer and iterator.
- V3169. Suspicious return of a local reference variable which always equals null.
- V5602. OWASP. The object was created but it is not being used. The 'throw' keyword could be missing.
- V5604. OWASP. Potentially unsafe double-checked locking. Use volatile variable(s) or synchronization primitives to avoid this.
- V5606. OWASP. An exception handling block does not contain any code.
- V5605. OWASP. Unsafe invocation of event, NullReferenceException is possible. Consider assigning event to a local variable before invoking it.
- V5603. OWASP. The original exception object was swallowed. Stack of original exception could be lost.
- V5607. OWASP. Exception classes should be publicly accessible.
- V1069. Do not concatenate string literals with different prefixes.
- V1068. Do not define an unnamed namespace in a header file.
- V6103. Ignored InterruptedException could lead to delayed thread shutdown.
- V6104. A pattern was detected: A || (A && ...). The expression is excessive or contains a logical error.
- V3165. The expression of the 'char' type is passed as an argument of the 'A' type whereas similar overload with the string parameter exists.
- V2574. MISRA. Functions should not be declared at block scope.
- V6102. Inconsistent synchronization of a field. Consider synchronizing the field on all usages.
- V3166. Calling the 'SingleOrDefault' method may lead to 'InvalidOperationException'.
- V5304. OWASP. Unsafe double-checked locking.
- V5303. OWASP. The object was created but it is not being used. The 'throw' keyword could be missing.
- V5302. OWASP. Exception classes should be publicly accessible.
- V6100. An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' method.
- V6098. The method does not override another method from the base class.
- V6099. The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead.
- V1066. The 'SysFreeString' function should be called only for objects of the 'BSTR' type.
- V5601. OWASP. Storing credentials inside source code can lead to security issues.
- V1067. Throwing from exception constructor may lead to unexpected behavior.
- V6096. An odd precise comparison. Consider using a comparison with defined precision: Math.abs(A - B) < Epsilon or Math.abs(A - B) > Epsilon.
- V3164. Exception classes should be publicly accessible.
- V6097. Lowercase 'L' at the end of a long literal can be mistaken for '1'.
- V3163. An exception handling block does not contain any code.
- V5301. OWASP. An exception handling block does not contain any code.
- V3161. Comparing value type variables with 'ReferenceEquals' is incorrect because compared values will be boxed.
- V831. Decreased performance. Consider replacing the call to the 'at()' method with the 'operator[]'.
- V3160. Argument of incorrect type is passed to the 'Enum.HasFlag' method.
- V1065. Expression can be simplified: check similar operands.
- V3162. Suspicious return of an always empty collection.
- V6095. Thread.sleep() inside synchronized block/method may cause decreased performance.
- V6094. The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid the loss of a fractional part.
- V830. Decreased performance. Consider replacing the use of 'std::optional::value()' with either the '*' or '->' operator.
- V1064. The left operand of integer division is less than the right one. The result will always be zero.
- V3158. Suspicious division. Absolute values of both operands are equal.
- V3159. Modified value of the operand is not used after the increment/decrement operation.
- V6093. Automatic unboxing of a variable may cause NullPointerException.
- V3156. The argument of the method is not expected to be null.
- V6092. A resource is returned from try-with-resources statement. It will be closed before the method exits.
- V829. Lifetime of the heap-allocated variable is limited to the current function's scope. Consider allocating it on the stack instead.
- V1063. The modulo by 1 operation is meaningless. The result will always be zero.
- V3155. The expression is incorrect or it can be simplified.
- V6091. Suspicious getter/setter implementation. The 'A' field should probably be returned/assigned instead.
- V828. Decreased performance. Moving an object in a return statement prevents copy elision.
- V012. Some warnings could have been disabled.
- V3154. The 'a % b' expression always evaluates to 0.
- V6101. compareTo()-like methods can return not only the values -1, 0 and 1, but any values.
- V1060. Passing 'BSTR ' to the 'SysAllocString' function may lead to incorrect object creation.
- V6090. Field 'A' is being used before it was initialized.
- V6089. It's possible that the line was commented out improperly, thus altering the program's operation logics.
- V1062. Class defines a custom new or delete operator. The opposite operator must also be defined.
- V1061. Extending 'std' or 'posix' namespace may result in undefined behavior.
- V1059. Macro name overrides a keyword/reserved name. This may lead to undefined behavior.
- V3157. Suspicious division. Absolute value of the left operand is less than the right operand.
- V1041. Class member is initialized with dangling reference.
- V3548. AUTOSAR. Functions should not be declared at block scope.
- V2575. MISRA. The global namespace should only contain 'main', namespace declarations and 'extern "C"' declarations.
- V3549. AUTOSAR. The global namespace should only contain 'main', namespace declarations and 'extern "C"' declarations.
- V2576. MISRA. The identifier 'main' should not be used for a function other than the global function 'main'.
- V3550. AUTOSAR. The identifier 'main' should not be used for a function other than the global function 'main'.
- V1072. Buffer needs to be securely cleared on all execution paths.
- V2581. MISRA. Single-line comments should not end with a continuation token.
- V2582. MISRA. Block of memory should only be freed if it was allocated by a Standard Library function.
- V2578. MISRA. An identifier with array type passed as a function argument should not decay to a pointer.
- V832. It's better to use '= default;' syntax instead of empty body.
- V2580. MISRA. The 'restrict' specifier should not be used.
- V2583. MISRA. Line whose first token is '#' should be a valid preprocessing directive.
- V3171. Potentially negative value is used as the size of an array.
- V5013. OWASP. Storing credentials inside source code can lead to security issues.
- V5608. OWASP. Possible SQL injection. Potentially tainted data is used to create SQL command.
- V1073. Check the following code block after the 'if' statement. Consider checking for typos.
- V1070. Signed value is converted to an unsigned one with subsequent expansion to a larger type in ternary operator.
- V1071. Return value is not always used. Consider inspecting the 'foo' function.
- V2577. MISRA. The function argument corresponding to a parameter declared to have an array type should have an appropriate number of elements.
- V2579. MISRA. Macro should not be defined with the same name as a keyword.
- V3551. AUTOSAR. An identifier with array type passed as a function argument should not decay to a pointer.
- V3170. Both operands of the '??' operator are identical.
- V2584. MISRA. Expression used in condition should have essential Boolean type.
- V2585. MISRA. Casts between a void pointer and an arithmetic type should not be performed.
- V2586. MISRA. Flexible array members should not be declared.
- V2587. MISRA. The '//' and '/*' character sequences should not appear within comments.
- V2588. MISRA. All memory or resources allocated dynamically should be explicitly released.
- V2589. MISRA. Casts between a pointer and a non-integer arithmetic type should not be performed.
- V5609. OWASP. Possible path traversal vulnerability. Potentially tainted data is used as a path.
- V5610. OWASP. Possible XSS vulnerability. Potentially tainted data might be used to execute a malicious script.
- V2016. Consider inspecting the function call. The function was annotated as dangerous.
- V5611. OWASP. Potential insecure deserialization vulnerability. Potentially tainted data is used to create an object using deserialization.
- V2590. MISRA. Conversions should not be performed between pointer to function and any other type.
- V2591. MISRA. Bit fields should only be declared with explicitly signed or unsigned integer type
- V2592. MISRA. An identifier declared in an inner scope should not hide an identifier in an outer scope.
- V2593. MISRA. Single-bit bit fields should not be declared as signed type.
- V2594. MISRA. Controlling expressions should not be invariant.
- V2595. MISRA. Array size should be specified explicitly when array declaration uses designated initialization.
- V2596. MISRA. The value of a composite expression should not be assigned to an object with wider essential type.
- V2597. MISRA. Cast should not convert pointer to function to any other pointer type.
- V3552. AUTOSAR. Cast should not convert a pointer to a function to any other pointer type, including a pointer to function type.
- V2598. MISRA. Variable length array types are not allowed.
- V2599. MISRA. The standard signal handling functions should not be used.
- V3553. AUTOSAR. The standard signal handling functions should not be used.
- V3172. The 'if/if-else/for/while/foreach' statement and code block after it are not related. Inspect the program's logic.
- V2600. MISRA. The standard input/output functions should not be used.
- V3554. AUTOSAR. The standard input/output functions should not be used.
- V2602. MISRA. Octal and hexadecimal escape sequences should be terminated.
- V2601. MISRA. Functions should be declared in prototype form with named parameters.
- V2603. MISRA. The 'static' keyword shall not be used between [] in the declaration of an array parameter.
- V1074. Boundary between numeric escape sequence and string is unclear. The escape sequence ends with a letter and the next character is also a letter. Check for typos.
- V013. Intermodular analysis may be incomplete, as it is not run on all source files.
- V3173. Possible incorrect initialization of variable. Consider verifying the initializer.
- V2604. MISRA. Features from <stdarg.h> should not be used.
- V2605. MISRA. Features from <tgmath.h> should not be used.
- V1075. The function expects the file to be opened in one mode, but it was opened in different mode.
- V2606. MISRA. There should be no attempt to write to a stream that has been opened for reading.
- V2607. MISRA. Inline functions should be declared with the static storage class.
- V2608. MISRA. The 'static' storage class specifier should be used in all declarations of object and functions that have internal linkage.
- V3555. AUTOSAR. The 'static' storage class specifier should be used in all declarations of functions that have internal linkage.
- V2609. MISRA. There should be no occurrence of undefined or critical unspecified behaviour.
- V2610. MISRA. The ', " or \ characters and the /* or // character sequences should not occur in a header file name.
- V5612. OWASP. Do not use old versions of SSL/TLS protocols as it may cause security issues.
- V5613. OWASP. Use of outdated cryptographic algorithm is not recommended.
- V2611. MISRA. Casts between a pointer to an incomplete type and any other type shouldn't be performed.
- V2612. MISRA. Array element should not be initialized more than once.
- V2613. MISRA. Operand that is a composite expression has more narrow essential type than the other operand.
- V5615. OWASP. Potential XEE vulnerability. Insecure XML parser is used to process potentially tainted data.
- V5614. OWASP. Potential XXE vulnerability. Insecure XML parser is used to process potentially tainted data.
- V2614. MISRA. External identifiers should be distinct.
- V2615. MISRA. A compatible declaration should be visible when an object or function with external linkage is defined.
- V2616. MISRA. All conditional inclusion preprocessor directives should reside in the same file as the conditional inclusion directive to which they are related.
- V2617. MISRA. Object should not be assigned or copied to an overlapping object.
- V2618. MISRA. Identifiers declared in the same scope and name space should be distinct.
- V2619. MISRA. Typedef names should be unique across all name spaces.
- V2620. MISRA. Value of a composite expression should not be cast to a different essential type category or a wider essential type.
- V2621. MISRA. Tag names should be unique across all name spaces.
- V5616. OWASP. Possible command injection. Potentially tainted data is used to create OS command.
- V2622. MISRA. External object or function should be declared once in one and only one file.
- V833. Using 'std::move' function's with const object disables move semantics.
- V1076. Code contains invisible characters that may alter its logic. Consider enabling the display of invisible characters in the code editor.
- V1077. Conditional initialization inside the constructor may leave some members uninitialized.
- V3174. Suspicious subexpression in a sequence of similar comparisons.
- V1078. An empty container is iterated. The loop will not be executed.
- V014. The version of your suppress file is outdated. Appending new suppressed messages to it is not possible. Consider re-generating your suppress file to continue updating it.
- V2017. String literal is identical to variable name. It is possible that the variable should be used instead of the string literal.
- V5617. OWASP. Assigning potentially negative or large value as timeout of HTTP session can lead to excessive session expiration time.
- V5618. OWASP. Possible server-side request forgery. Potentially tainted data is used in the URL.
- V015. All analyzer messages were filtered out or marked as false positive. Use filter buttons or 'Don't Check Files' settings to enable message display.
- V1079. Parameter of 'std::stop_token' type is not used inside function's body.
- V1080. Call of 'std::is_constant_evaluated' function always returns the same value.
- V1081. Argument of abs() function is minimal negative value. Such absolute value can't be represented in two's complement. This leads to undefined behavior.
- V5620. OWASP. Possible LDAP injection. Potentially tainted data is used in a search filter.
- V5619. OWASP. Possible log injection. Potentially tainted data is written into logs.
- V1082. Function marked as 'noreturn' may return control. This will result in undefined behavior.
- V5621. OWASP. Error message contains potentially sensitive data that may be exposed.
- V3175. Locking operations must be performed on the same thread. Using 'await' in a critical section may lead to a lock being released on a different thread.
- V5622. OWASP. Possible XPath injection. Potentially tainted data is used in the XPath expression.
- V5623. OWASP. Possible open redirect vulnerability. Potentially tainted data is used in the URL.
- V1084. The expression is always true/false. The value is out of range of enum values.
- V1083. Signed integer overflow in arithmetic expression. This leads to undefined behavior.
- V1085. Negative value is implicitly converted to unsigned integer type in arithmetic expression.
- V3176. The '&=' or '|=' operator is redundant because the right operand is always true/false.
- V834. Incorrect type of a loop variable. This leads to the variable binding to a temporary object instead of a range element.
- V835. Passing cheap-to-copy argument by reference may lead to decreased performance.
- V5624. OWASP. Use of potentially tainted data in configuration may lead to security issues.
- V1086. Call of the 'Foo' function will lead to buffer underflow.
- V1088. No objects are passed to the 'std::scoped_lock' constructor. No locking will be performed. This can cause concurrency issues.
- V1087. Upper bound of case range is less than its lower bound. This case may be unreachable.
- V3177. Logical literal belongs to second operator with a higher priority. It is possible literal was intended to belong to '??' operator instead.
- V5625. OWASP. Referenced package contains vulnerability.
- V1089. Waiting on condition variable without predicate. A thread can wait indefinitely or experience a spurious wake-up.
- V3181. The result of '&' operator is '0' because one of the operands is '0'.
- V3179. Calling element access method for potentially empty collection may result in exception.
- V3178. Calling method or accessing property of potentially disposed object may result in exception.
- V1091. The pointer is cast to an integer type of a larger size. Casting pointer to a type of a larger size is an implementation-defined behavior.
- V3180. The 'HasFlag' method always returns 'true' because the value '0' is passed as its argument.
- V1090. The 'std::uncaught_exception' function is deprecated since C++17 and is removed in C++20. Consider replacing this function with 'std::uncaught_exceptions'.
- V3182. The result of '&' operator is always '0'.
- V1092. Recursive function call during the static/thread_local variable initialization might occur. This may lead to undefined behavior.
- V5626. OWASP. Possible ReDoS vulnerability. Potentially tainted data is processed by regular expression that contains an unsafe pattern.
- V5627. OWASP. Possible NoSQL injection. Potentially tainted data is used to create query.
- V3183. Code formatting implies that the statement should not be a part of the 'then' branch that belongs to the preceding 'if' statement.
- V2018. Cast should not remove 'const' qualifier from the type that is pointed to by a pointer or a reference.
- V2019. Cast should not remove 'volatile' qualifier from the type that is pointed to by a pointer or a reference.
- V5628. OWASP. Possible Zip Slip vulnerability. Potentially tainted data is used in the path to extract the file.
- V836. Expression's value is copied at the variable declaration. The variable is never modified. Consider declaring it as a reference.
- V1093. The result of the right shift operation will always be 0. The right operand is greater than or equal to the number of bits in the left operand.
- V3184. The argument's value is greater than the size of the collection. Passing the value into the 'Foo' method will result in an exception.
- V3186. The arguments violate the bounds of collection. Passing these values into the method will result in an exception.
- V3185. An argument containing a file path could be mixed up with another argument. The other function parameter expects a file path instead.
- V1094. Conditional escape sequence in literal. Its representation is implementation-defined.
- V3187. Parts of an SQL query are not delimited by any separators or whitespaces. Executing this query may lead to an error.
- V3189. The assignment to a member of the readonly field will have no effect when the field is of a value type. Consider restricting the type parameter to reference types.
- V3188. Unity Engine. The value of an expression is a potentially destroyed Unity object or null. Member invocation on this value may lead to an exception.
- V1095. Usage of potentially invalid handle. The value should be non-negative.
- V1097. Line splice results in a character sequence that matches the syntax of a universal-character-name. Using this sequence lead to undefined behavior.
- V1096. Variable with static storage duration is declared inside the inline function with external linkage. This may lead to ODR violation.
- V4001. Unity Engine. Boxing inside a frequently called method may decrease performance.
- V3190. Concurrent modification of a variable may lead to errors.
- V2020. The loop body contains the 'break;' / 'continue;' statement. This may complicate the control flow.
- V1098. The 'emplace' / 'insert' function call contains potentially dangerous move operation. Moved object can be destroyed even if there is no insertion.
- V837. The 'emplace' / 'insert' function does not guarantee that arguments will not be copied or moved if there is no insertion. Consider using the 'try_emplace' function.
- V1099. Using the function of uninitialized derived class while initializing the base class will lead to undefined behavior.
- V016. User annotation was not applied to a virtual function. To force the annotation, use the 'enable_on_virtual' flag.
- V3191. Iteration through collection makes no sense because it is always empty.
- V1100. Unreal Engine. Declaring a pointer to a type derived from 'UObject' in a class that is not derived from 'UObject' is dangerous. The pointer may start pointing to an invalid object after garbage collection.
- V1101. Changing the default argument of a virtual function parameter in a derived class may result in unexpected behavior.
- V838. Temporary object is constructed during lookup in ordered associative container. Consider using a container with heterogeneous lookup to avoid construction of temporary objects.
- V4003. Unity Engine. Avoid capturing variable in performance-sensitive context. This can lead to decreased performance.
- V4002. Unity Engine. Avoid storing consecutive concatenations inside a single string in performance-sensitive context. Consider using StringBuilder to improve performance.
- V3192. Type member is used in the 'GetHashCode' method but is missing from the 'Equals' method.
- V017. The analyzer terminated abnormally due to lack of memory.
- V2623. MISRA. Macro identifiers should be distinct.
- V4004. Unity Engine. New array object is returned from method or property. Using such member in performance-sensitive context can lead to decreased performance.
- V1102. Unreal Engine. Violation of naming conventions may cause Unreal Header Tool to work incorrectly.
- V4005. Unity Engine. The expensive operation is performed inside method or property. Using such member in performance-sensitive context can lead to decreased performance.
- V3193. Data processing results are potentially used before asynchronous output reading is complete. Consider calling 'WaitForExit' overload with no arguments before using the data.
- V2624. MISRA. The initializer for an aggregate or union should be enclosed in braces.
- V6107. The constant NN is being utilized. The resulting value could be inaccurate. Consider using the KK constant.
- V1103. The values of padding bytes are unspecified. Comparing objects with padding using 'memcmp' may lead to unexpected result.
- V3194. Calling 'OfType' for collection will return an empty collection. It is not possible to cast collection elements to the type parameter.
- V6108. Do not use real-type variables in 'for' loop counters.
- V6109. Potentially predictable seed is used in pseudo-random number generator.
- V1104. Priority of the 'M' operator is higher than that of the 'N' operator. Possible missing parentheses.
- V3195. Collection initializer implicitly calls 'Add' method. Using it on member with default value of null will result in null dereference exception.
- V839. Function returns a constant value. This may interfere with move semantics.
- V2625. MISRA. Identifiers that define objects or functions with external linkage shall be unique.
- V6110. Using an environment variable could be unsafe or unreliable. Consider using trusted system property instead
- V3196. Parameter is not utilized inside the method body, but an identifier with a similar name is used inside the same method.
- V3197. The compared value inside the 'Object.Equals' override is converted to a different type that does not contain the override.
- V3198. The variable is assigned the same value that it already holds.
- V6111. Potentially negative value is used as the size of an array.
- V6112. Calling the 'getClass' method repeatedly or on the value of the '.class' literal will always return the instance of the 'Class<Class>' type.
- V1105. Suspicious string modification using the 'operator+='. The right operand is implicitly converted to a character type.
- V1106. Qt. Class inherited from 'QObject' should contain at least one constructor that takes a pointer to 'QObject'.
- V1107. Function was declared as accepting unspecified number of parameters. Consider explicitly specifying the function parameters list.
- V018. False Alarm marks without hash codes were ignored because the 'V_HASH_ONLY' option is enabled.
- V019. Error occurred while working with the user annotation mechanism.
- V020. Error occurred while working with rules configuration files.
- V1108. Constraint specified in a custom function annotation on the parameter is violated.
- V1109. Function is deprecated. Consider switching to an equivalent newer function.
- V6113. Suspicious division. Absolute value of the left operand is less than the value of the right operand.
- V3199. The index from end operator is used with the value that is less than or equal to zero. Collection index will be out of bounds.
- V1110. Constructor of a class inherited from 'QObject' does not use a pointer to a parent object.
- V3200. Possible overflow. The expression will be evaluated before casting. Consider casting one of the operands instead.
- V6114. The 'A' class containing Closeable members does not release the resources that the field is holding.
- V6115. Not all Closeable members are released inside the 'close' method.
- V3201. Return value is not always used. Consider inspecting the 'foo' method.
- V3202. Unreachable code detected. The 'case' value is out of the range of the match expression.
- V3203. Method parameter is not used.
- V6116. The class does not implement the Closeable interface, but it contains the 'close' method that releases resources.
- V6117. Possible overflow. The expression will be evaluated before casting. Consider casting one of the operands instead.
- V2021. Using assertions may cause the abnormal program termination in undesirable contexts.
- V1111. The index was used without check after it was checked in previous lines.
- V1112. Comparing expressions with different signedness can lead to unexpected results.
- V1113. Potential resource leak. Calling the 'memset' function will change the pointer itself, not the allocated resource. Check the first and third arguments.
- V4006. Unity Engine. Multiple operations between complex and numeric values. Prioritizing operations between numeric values can optimize execution time.
- V5306. OWASP. The original exception object was swallowed. Cause of original exception could be lost.
- V6118. The original exception object was swallowed. Cause of original exception could be lost.
- V6119. The result of '&' operator is always '0'.
- V6120. The result of the '&' operator is '0' because one of the operands is '0'.
- V6121. Return value is not always used. Consider inspecting the 'foo' method.
- V6122. The 'Y' (week year) pattern is used for date formatting. Check whether the 'y' (year) pattern was intended instead.
- V5307. OWASP. Potentially predictable seed is used in pseudo-random number generator.
- V5308. OWASP. Possible overflow. The expression will be evaluated before casting. Consider casting one of the operands instead.
- V1114. Suspicious use of type conversion operator when working with COM interfaces. Consider using the 'QueryInterface' member function.
- V3204. The expression is always false due to implicit type conversion. Overflow check is incorrect.
- V3205. Unity Engine. Improper creation of 'MonoBehaviour' or 'ScriptableObject' object using the 'new' operator. Use the special object creation method instead.
- V3206. Unity Engine. A direct call to the coroutine-like method will not start it. Use the 'StartCoroutine' method instead.
- V1115. Function annotated with the 'pure' attribute has side effects.
- V6123. Modified value of the operand is not used after the increment/decrement operation.
- V6124. Converting an integer literal to the type with a smaller value range will result in overflow.
- V5014. OWASP. Cryptographic function is deprecated. Its use can lead to security issues. Consider switching to an equivalent newer function.
- V3207. The 'not A or B' logical pattern may not work as expected. The 'not' pattern is matched only to the first expression from the 'or' pattern.
- V6125. Calling the 'wait', 'notify', and 'notifyAll' methods outside of synchronized context will lead to 'IllegalMonitorStateException'.
- V4007. Unity Engine. Avoid creating and destroying UnityEngine objects in performance-sensitive context. Consider activating and deactivating them instead.
- V3208. Unity Engine. Using 'WeakReference' with 'UnityEngine.Object' is not supported. GC will not reclaim the object's memory because it is linked to a native object.
- V2022. Implicit type conversion from integer type to enum type.
- V5309. OWASP. Possible SQL injection. Potentially tainted data is used to create SQL command.
- V3209. Unity Engine. Using await on 'Awaitable' object more than once can lead to exception or deadlock, as such objects are returned to the pool after being awaited.
- V3210. Unity Engine. Unity does not allow removing the 'Transform' component using 'Destroy' or 'DestroyImmediate' methods. The method call will be ignored.
- V1116. Creating an exception object without an explanatory message may result in insufficient logging.
- V1117. The declared function type is cv-qualified. The behavior when using this type is undefined.
- V5310. OWASP. Possible command injection. Potentially tainted data is used to create OS command.
- V5311. OWASP. Possible argument injection. Potentially tainted data is used to create OS command.
- V5312. OWASP. Possible XPath injection. Potentially tainted data is used in the XPath expression.
- V5316. Do not use the 'HttpServletRequest.getRequestedSessionId' method because it uses a session ID provided by a client.
- V5317. OWASP. Implementing a cryptographic algorithm is not advised because an attacker might break it.
- V5313. OWASP. Do not use old versions of SSL/TLS protocols as it may cause security issues.
- V5314. OWASP. Use of an outdated hash algorithm is not recommended.
- V5318. OWASP. Setting POSIX file permissions to 'all' or 'others' groups can lead to unintended access to files or directories.
- V5315. OWASP. Use of an outdated cryptographic algorithm is not recommended.
- V4008. Unity Engine. Avoid using memory allocation Physics APIs in performance-sensitive context.
- V3212. Unity Engine. Pattern matching does not correctly handle destroyed objects derived from 'UnityEngine.Object'.
- V3213. Unity Engine. The 'GetComponent' method must be instantiated with a type that inherits from 'UnityEngine.Component'.
- V3214. Unity Engine. Using Unity API in the background thread may result in an error.
- V3211. Unity Engine. The operators '?.', '??' and '??=' do not correctly handle destroyed objects derived from 'UnityEngine.Object'.
- V3215. Unity Engine. Passing a method name as a string literal into the 'StartCoroutine' is unreliable.
- V3216. Unity Engine. Checking a field with a specific Unity Engine type for null may not work correctly due to implicit field initialization by the engine.
- V3217. Possible overflow as a result of an arithmetic operation.
- V5319. OWASP. Possible log injection. Potentially tainted data is written into logs.
- V2627. MISRA. Function type should not be type qualified.
- V2626. MISRA. The 'sizeof' operator should not have an operand which is a function parameter declared as 'array of type'.
- V2628. MISRA. The pointer arguments to the Standard Library functions memcpy, memmove and memcmp should be pointers to qualified or unqualified versions of compatible types.
- V2629. MISRA. Pointer arguments to the 'memcmp' function should point to an appropriate type.
- V2631. MISRA. Pointers to variably-modified array types should not be used.
- V2630. MISRA. Bit field should not be declared as a member of a union.
- V2632. MISRA. Object with temporary lifetime should not undergo array-to-pointer conversion.
- V2633. MISRA. Identifiers should be distinct from macro names.
- Who you are in C++
- Who you are in C#
- Save Christmas from bugs!
- Junior or expert: How well do you know the history of IT?
- PVS-Studio’s challenge: can you spot an error in C++ code?
- PVS-Studio’s challenge: can you spot an error in C# code?
- PVS-Studio’s challenge: can you spot an error in Java code?
- A nightmare on Bug Street
- C++ quiz by PVS-Studio and Sergei Kushnirenko
- Quiz on undefined behavior by Dmitry Sviridkin
- How to use mass suppression in PVS-Studio for C#?
- How to use mass suppression in PVS-Studio for Java?
- How to not drown in the static analyzer's first report? [Mass Suppression]
- What is SAST and how does it help a developer?
- How to hide the analyzer false positives?
- How to exclude unnecessary files from static analysis?
- How to speed up the project analysis and not to waste your time?
- Analyzing Java Code in IntelliJ using PVS-Studio Analyzer | How to find bugs in your Java Code
- Static Code Analysis Using PVS-Studio // Static Code Analysis For Java, C++, and C# // Thetips4you
- Static Analysis in Unreal Engine 4 | UE4 Tutorial
- Static Analysis in C++
- The cpp.chat podcast
- Don’t take on C++ programmers support
- How to write more reliable code
- PVS-Studio to check Unreal Engine projects?
- Using Static Analysis Online [Compiler Explorer]
- Hypercritical C++ Code Review - Yuri Minaev [ C++ on Sea ]
- itCppCon21 - Inside a static analyzer: type system
- What's New in PVS-Studio in the First Half of 2021? [SAST] [AUTOSAR] [OWASP]
- How Does LINQ Slow Down Your App?
- Top 5 Myths About Static Analysis
- How To Make Fewer Bugs?
- Everything You Wanted to Know About PVS-Studio
- How Can Taint Analysis Protect You from Attacks? [SQL Injenctions] [Path Traversal]
- Short-lived music [MuseScore code analysis]
- C++ for Beginners: Tips to Write Better Code
- Inside a static analyser: type system - Yuri Minaev - NDC TechTown 2021
- Embedded Development Explained | How Can Static Analysis Help?
- Compiler Monitoring System in the PVS-Studio Static Analyzer
- How Software Bugs Stole Christmas
- What's New in PVS-Studio in the Second Half of 2021
- C++ Puzzlers - Yuri Minaev - C++ on Sea 2022
- What Makes a Good Programmer - Yuri Minaev // Cherno Podcast #1
- Sponsored: Modern Static Code Analysis the Example of PVS-Studio
- PVS-Studio on CppCast: Exploring the World of C++ Parsing and Analysis
- Parsing C++
- C++ Semantics
- Evaluation
- Mistakes and suspicious code fragments — or how the static analyzer checked .NET 6
- How to make code reliable and secure [The MISRA standard and PVS-Studio]
- 10 C# tips for beginners
- Code errors in LLVM 13.0.0 that compiler and analyzers couldn't find. But PVS-Studio did.
- Using PVS-Studio for JetBrains CLion
- Antipatterns in C++
- PVS-Studio in 2019
- How to use mass suppression in PVS-Studio for C++?
- Static code analysis with PVS-Studio as an Example
- How to work with PVS-Studio in the Visual Studio IDE
- What is PVS-Studio?
- What is new in PVS-Studio for 3 years? (2025)
- How to integrate PVS-Studio analysis results into SonarQube
- How to use PVS-Studio extension in Visual Studio Code
- What is PVS-Studio?
- Using PVS-Studio with JetBrains Rider
- Introducing paid development of custom diagnostics in PVS-Studio code analyzer
- Le représentant global
- Our Vacancies
- CppCat Project Closed Down
- Buy PVS-Studio
- Privacy Policy
- It's time to renew your license for PVS-Studio!
- Download and evaluate PVS-Studio 7.39
- Terms and Conditions of Use
- About the company
- Projects where we found errors with the PVS-Studio analyzer
- Download PVS-Studio beta
- Classification of PVS-Studio warnings according to the SEI CERT Coding Standard
- Classification of PVS-Studio warnings according to the Common Weakness Enumeration (CWE)
- PVS-Studio comme la solution SAST
- La licence PVS-Studio gratuite pour l'Open Source
- PVS-Studio ROI
- Need a Single User License?
- Why do we ask to use Business Email when contacting us?
- Merchandise
- Classification of PVS-Studio warnings according to the standards: MISRA C, MISRA C++
- PVS-Studio Early Access Program
- La licence PVS-Studio gratuite pour les étudiants et les professeurs
- Classification of PVS-Studio warnings according to OWASP Top 10 Web Application Security Risks
- Classification of PVS-Studio warnings according to the OWASP Application Security Verification Standard (ASVS)
- Classification of PVS-Studio warnings according to the AUTOSAR C++14 Coding Guidelines
- La licence PVS-Studio gratuite pour les spécialistes Microsoft MVP
- Didn't get our email?
- How Programmers Spent 50 Hours Searching for One Small Error
- Classification of PVS-Studio warnings according to 2023 CWE Top 25 Most Dangerous Software Weaknesses
- Installing Beta-version of PVS-Studio on Linux and macOS from repositories
- How to correctly determine the number of developers when choosing a PVS-Studio license?
- SCA (software composition analysis)
- Quick start of PVS-Studio C/C++ on Linux and macOS
- Quick start of PVS-Studio on Windows
- GOST R 71207–2024 State Standard
- FSTEC certification
- What's new in PVS-Studio
- Didn't get our email?
- Customers
- PVS-Studio analyzer
- Online Examples (C, C++)
- All PVS-Studio Downloads
- Frequent questions and honest answers
- Subscribe to PVS-Studio newsletter
- Quizzes