This information sheet tells you about the static code analyzer PVS-Studio. PVS-Studio is a tool for bug detection in the source code of programs, written in C, C++ and C#. It works in Windows and Linux environment.

1. PVS-Studio is a tool for bug detection in the source code of programs, written in
C, C++ and C#. It works in Windows and Linux environment.
PROTECT THE PROGRAM CODE
ON THE DEVELOPMENT STAGE
 Optimize the time for
development by detecting bugs on
the earliest stages.
 Reduce the number of cost-
intensive program glitches to zero.
 Increase the code quality and the
qualification of the employees
using the static analysis
methodology.
Main features of PVS-Studio
Simple and seamless integration
with Visual Studio 2010-2015.
A large number of options for integration
into projects developed under Linux.
Automatic analysis of individual files after their
recompilation.
Mark as False Alarm - ability to mark the code to suppress a
certain diagnostic in a particular code fragment.
Online reference guide concerning all the diagnostics
available in the program, on the web site and offline
documentation (presented as a .pdf file)
Up to 400 pages of documentation.
Mass Suppression - ability to suppress all old messages raised
for the legacy code, so that the analyzer reports 0 warnings.
You can always go back to the suppressed messages later. This
feature allows you to seamlessly integrate PVS-Studio into your
development process and focus on errors found in new code
only.
Saving and loading analysis results allow doing overnight
checks - during the night the analyzer does the scanning
and provides you with the results in the morning.
Error statistics can be viewed in Excel. Ability to view the speed
of error correction, amount of bugs found for a certain period of
time and so on.
pvs-studio-analyzer - a utility similar to CLMonitoring, but
working under Linux
Relative paths in report files to view them on different
machines.
Great scalability Support of multi-core and multi-processor
systems with the possibility to specify the number of the
cores to use; IncrediBuild support.
CLMonitoring feature allows analyzing the projects that have
no Visual Studio files (.sln/.vcxproj); in case the CLMonitoring
functionality is not enough, there is a possibility to integrate
PVS-Studio in a Makefile-based build system manually.
Interactive filtering of the analysis results (the log file) in
the PVS-Studio window: by the diagnostic number, file
name, the keyword in the text of the diagnostic.
Project analysis run from the command line: helps integrate
PVS-Studio into overnight builds; a new log will be issued in
the morning.
Automatic check of PVS-Studio updates
(during the work in IDE and overnight builds).
Possibility to exclude files from the analysis by name, folder or
mask.
BlameNotifier utility. The tool allows you to send e-mail
notifications to the developers about bugs that PVS-Studio
found during a night run.
Integration with SonarQube. It is an open source platform,
designed for continuous analysis and measurement of code
quality.

2. PVS-Studio team has checked more than 270 various open source projects and found more than 10,000 errors. The
results of the analysis are sent to the project developers and are usually described in the articles. Besides that, PVS-
Studio provides a free license for students in educational purposes, for individual developers and teams of enthusiasts.
Improve the quality of your code with us!
Web site: www.viva64.com E-mail: support@viva64.com
What technologies we use?
The pattern-based analysis on the basis of an abstract
syntax tree is used to look for fragments in the source
code that are similar to the known code patterns with
an error.
The type inference based on the semantic model of the
program allows the analyzer to have full information
about all variables and statements in the code.
The symbolic execution allows evaluating values of
variables that can lead to errors, perform range
checking of values.
The data-flow analysis is used to evaluate limitations
that are imposed on values of variables when
processing various language constructs. For example,
values that a variable can take inside if/else blocks.
Method annotations provide more information about
the used methods than can be obtained by analyzing
only their signatures.
Main PVS-Studio diagnostic abilities:
 64-bit issues
 Check that addresses to stack memory does
not leave the function
 Arithmetic over/underflow
 Array index out of bounds
 Check for double-free
 Dead code
 Microoptimization
 Unreachable code
 Uninitialized variables
 Unused variables
 Illegal bitwise/shift operations
 Undefined/unspecified behavior
 Incorrect handling of the types (HRESULT,
BSTR, BOOL, VARIANT_BOOL)
 Improper understanding of function/class
operation logic
 Misprints
 Missing Virtual destructor
 Coding style not matching the operation
logic of the source code
 Copy-Paste
 Incorrect usage of exceptions
 Buffer overrun
 Security issues
 Operation priority
 Null pointer/null reference dereference
 Unchecked parameter dereference
 Synchronization errors
 WPF usage errors
 Resource leaks
 Check for integer division by zero
 Customized user rules
Supported languages and compilers
Windows. Visual Studio 2015
C, C++, C++/CLI, C++/CX (WinRT), C#
Windows. Visual Studio 2013
C, C++, C++/CLI, C++/CX (WinRT), C#
Windows. Visual Studio 2012
C, C++, C++/CLI, C++/CX (WinRT), C#
Windows. Visual Studio 2010
C, C++, C++/CLI, C#
Windows. MinGW C, C++
Windows/Linux. Clang C, C++
Linux. GCC C, C++
Supported projects
Windows Linux
Visual C++ Clang
Clang GCC
MinGW
Visual C#