PVS-Studio Release History

11.12.2014

PVS-Studio 5.21 (December 11, 2014)

  • We are cancelling support for the Embarcadero RAD Studio IDE.
  • We are cancelling support for OpenMP diagnostics (VivaMP rule set)
  • New diagnostic – V711. It is dangerous to create a local variable within a loop with a same name as a variable controlling this loop.
  • New diagnostic – V712. Be advised that compiler may delete this cycle or make it infinity. Use volatile variable(s) or synchronization primitives to avoid this.
  • New diagnostic – V713. The pointer was utilized in the logical expression before it was verified against nullptr in the same logical expression.
  • New diagnostic – V714. Variable is not passed into foreach loop by a reference, but its value is changed inside of the loop.
  • New diagnostic – V715. The 'while' operator has empty body. Suspicious pattern detected.
  • New diagnostic – V716. Suspicious type conversion: HRESULT -> BOOL (BOOL -> HRESULT).
  • New diagnostic – V717. It is strange to cast object of base class V to derived class U.

PVS-Studio 5.20 (November 12, 2014)

  • New diagnostic – V706. Suspicious division: sizeof(X) / Value. Size of every element in X array does not equal to divisor.
  • New diagnostic – V707. Giving short names to global variables is considered to be bad practice.
  • New diagnostic – V708. Dangerous construction is used: 'm[x] = m.size()', where 'm' is of 'T' class. This may lead to undefined behavior.
  • New diagnostic – V709. Suspicious comparison found: 'a == b == c'. Remember that 'a == b == c' is not equal to 'a == b && b == c.
  • New diagnostic – V710. Suspicious declaration found. There is no point to declare constant reference to a number.
  • New diagnostic – V2012. Possibility of decreased performance. It is advised to pass arguments to std::unary_function/std::binary_function template as references.
  • New feature - Mass Suppression of Analyzer Messages. Sometimes, during deployment of static analysis, especially at large-scale projects, the developer has no desire (or even has no means of) to correct hundreds or even thousands of analyzer's messages which were generated on the existing source code base. In this situation, the need arises to "suppress" all of the analyzer's messages generated on the current state of the code, and, from that point, to be able to see only the messages related to the newly written or modified code. As such code was not yet thoroughly debugged and tested, it can potentially contain a large number of errors.

PVS-Studio 5.19 (September 18, 2014)

  • New diagnostic – V698. strcmp()-like functions can return not only the values -1, 0 and 1, but any values.
  • New diagnostic – V699. Consider inspecting the 'foo = bar = baz ? .... : ....' expression. It is possible that 'foo = bar == baz ? .... : ....' should be used here instead.
  • New diagnostic – V700. Consider inspecting the 'T foo = foo = x;' expression. It is odd that variable is initialized through itself.
  • New diagnostic – V701. realloc() possible leak: when realloc() fails in allocating memory, original pointer is lost. Consider assigning realloc() to a temporary pointer.
  • New diagnostic – V702. Classes should always be derived from std::exception (and alike) as 'public'.
  • New diagnostic – V703. It is odd that the 'foo' field in derived class overwrites field in base class.
  • New diagnostic – V704. 'this == 0' comparison should be avoided - this comparison is always false on newer compilers.
  • New diagnostic – V705. It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics.

PVS-Studio 5.18 (July 30, 2014)

  • ClMonitoring - automatic detection of compiler's platform.
  • ClMonitoring - performance increase resulting from the reduction of an impact of antiviral software during preprocessing of analyzed files.
  • ClMonitoring - incorrect handling of 64-bit processes resulting from a system update for .NET Framework 4 was fixed.
  • New diagnostic – V695. Range intersections are possible within conditional expressions.
  • New diagnostic – V696. The 'continue' operator will terminate 'do { ... } while (FALSE)' loop because the condition is always false.
  • New diagnostic – V697. A number of elements in the allocated array is equal to size of a pointer in bytes.
  • New diagnostic – V206. Explicit conversion from 'void *' to 'int *'.
  • New diagnostic – V2011. Consider inspecting signed and unsigned function arguments. See NN argument of function 'Foo' in derived class and base class.

PVS-Studio 5.17 (May 20, 2014)

  • New diagnostic – V690. The class implements a copy constructor/operator=, but lacks the the operator=/copy constructor.
  • New diagnostic – V691. Empirical analysis. It is possible that a typo is present inside the string literal. The 'foo' word is suspicious.
  • New diagnostic – V692. An inappropriate attempt to append a null character to a string. To determine the length of a string by 'strlen' function correctly, a string ending with a null terminator should be used in the first place.
  • New diagnostic – V693. Consider inspecting conditional expression of the loop. It is possible that 'i < X.size()' should be used instead of 'X.size()'.
  • New diagnostic – V694. The condition (ptr - const_value) is only false if the value of a pointer equals a magic constant.
  • New diagnostic – V815. Decreased performance. Consider replacing the expression 'AA' with 'BB'.
  • New diagnostic – V2010. Handling of two different exception types is identical.

PVS-Studio 5.16 (April 29, 2014)

  • Support of C++/CLI projects was greatly improved.
  • TFSRipper plugin was removed.
  • Fix for crash in PVS-Studio Standalone when installing in non-default location on a 64-bit system.
  • Fixed issue with hiding of diagnostic messages in some case.

PVS-Studio 5.15 (April 14, 2014)

  • New diagnostic – V689. The destructor of the 'Foo' class is not declared as a virtual. It is possible that a smart pointer will not destroy an object correctly.
  • Several crucial improvements in Compiler Monitoring in PVS-Studio.

PVS-Studio 5.14 (March 12, 2014)

  • New option "DIsable 64-bit Analysis" in Specific Analyzer Settings option page can improve analysis speed and decrease .plog file size.
  • New feature: Compiler Monitoring in PVS-Studio.
  • Fixed problem with incremental analysis notification with auto hide PVS-Studio Output Window.
  • New diagnostic – V687. Size of an array calculated by the sizeof() operator was added to a pointer. It is possible that the number of elements should be calculated by sizeof(A)/sizeof(A[0]).
  • New diagnostic – V688. The 'foo' local variable possesses the same name as one of the class members, which can result in a confusion.

PVS-Studio 5.13 (February 5, 2014)

  • Support for Embarcadero RAD Studio XE5 was implemented.
  • New diagnostic – V684. A value of variable is not modified. Consider inspecting the expression. It is possible that '1' should be present instead of '0'.
  • New diagnostic – V685. Consider inspecting the return statement. The expression contains a comma.
  • New diagnostic – V686. A pattern was detected: A || (A && ...). The expression is excessive or contains a logical error.

PVS-Studio 5.12 (December 23, 2013)

  • Fix for the issue with SolutionDir property when direct integration of the analyzer into MSBuild system is utilized.
  • The analysis can now be launched from within the context menu of Solution Explorer tool window.
  • The 'ID' column will now be hidden by default in the PVS-Studio Output toolwindow. It is possible to enable it again by using the Show Columns -> ID context menu command.
  • New diagnostic – V682. Suspicious literal is present: '/r'. It is possible that a backslash should be used here instead: '\r'.
  • New diagnostic – V683. Consider inspecting the loop expression. It is possible that the 'i' variable should be incremented instead of the 'n' variable.

PVS-Studio 5.11 (November 6, 2013)

  • Support for the release version of Microsoft Visual Studio 2013 was implemented.
  • New diagnostic – V680. The 'delete A, B' expression only destroys the 'A' object. Then the ',' operator returns a resulting value from the right side of the expression.
  • New diagnostic – V681. The language standard does not define an order in which the 'Foo' functions will be called during evaluation of arguments.

PVS-Studio 5.10 (October 7, 2013)

  • Fixed the issue with the analyzer when Visual Studio is called with the parameter /useenv: devenv.exe /useenv.
  • VS2012 has finally got support for Clang so that it can be used as the preprocessor. It means that PVS-Studio users will see a significant performance boost in VS2012.
  • Several crucial improvements were made to the analyzer's performance when parsing code in VS2012.
  • The PVS-Studio distribution package now ships with a new application PVS-Studio Standalone.
  • You can now export analysis results into a .CSV-file to handle them in Excel.
  • Support of precompiled headers in Visual Studio and MSBuild was greatly improved.
  • New diagnostic – V676. It is incorrect to compare the variable of BOOL type with TRUE.
  • New diagnostic – V677. Custom declaration of a standard type. The declaration from system header files should be used instead.
  • New diagnostic – V678. An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' function.
  • New diagnostic – V679. The 'X' variable was not initialized. This variable is passed by a reference to the 'Foo' function in which its value will be utilized.

PVS-Studio 5.06 (August 13, 2013)

  • Fix for incorrect number of verified files when using 'Check Open File(s)' command in Visual Studio 2010.
  • New diagnostic – V673. More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits.
  • New diagnostic – V674. The expression contains a suspicious mix of integer and real types.
  • New diagnostic – V675. Writing into the read-only memory.
  • New diagnostic – V814. Decreased performance. The 'strlen' function was called multiple times inside the body of a loop.

PVS-Studio 5.05 (May 28, 2013)

  • Support for proxy server with authorization was implemented for trial extension window.
  • An issue with using certain special characters in diagnostic message filters was resolved.
  • A portion of 'Common Analyzer Settings' page options and all of the options from 'Customer Specific Settings' page were merged together into the new page: Specific Analyzer Settings.
  • A new SaveModifiedLog option was implemented. It allows you to define the behavior of 'Save As' dialog for a new\modified analysis report log (always ask, save automatically, do not save).
  • Customer diagnostics (V20xx) were assigned to a separate diagnostics group (CS – Customer Specific).
  • A new menu command was added: "Check Open File(s)". It allows starting the analysis on all of the C/C++ source files that are currently open in IDE text editor.

PVS-Studio 5.04 (May 14, 2013)

  • Support has been implemented for C++Builder XE4. Now PVS-Studio supports the following versions of C++Builder: XE4, XE3 Update 1, XE2, XE, 2010, 2009.
  • New diagnostic – V669. The argument is a non-constant reference. The analyzer is unable to determine the position at which this argument is being modified. It is possible that the function contains an error.
  • New diagnostic – V670. An uninitialized class member is used to initialize another member. Remember that members are initialized in the order of their declarations inside a class.
  • New diagnostic – V671. It is possible that the 'swap' function interchanges a variable with itself.
  • New diagnostic – V672. There is probably no need in creating a new variable here. One of the function's arguments possesses the same name and this argument is a reference.
  • New diagnostic – V128. A variable of the memsize type is read from a stream. Consider verifying the compatibility of 32 and 64 bit versions of the application in the context of a stored data.
  • New diagnostic – V813. Decreased performance. The argument should probably be rendered as a constant pointer/reference.
  • New diagnostic – V2009. Consider passing the 'Foo' argument as a constant pointer/reference.

PVS-Studio 5.03 (April 16, 2013)

  • Enhanced analysis/interface performance when checking large projects and generating a large number of diagnostic messages (the total number of unfiltered messages).
  • Fixed the issue with incorrect integration of the PVS-Studio plugin into the C++Builder 2009/2010/XE environments after installation.
  • Fixed the bug with the trial-mode.
  • The analyzer can now be set to generate relative paths to source files in its log files.
  • The analyzer now supports direct integration into the MSBuild build system.
  • Integrated Help Language option added to Customer's Settings page. The setting allows you to select a language to be used for integrated help on the diagnostic messages (a click to the message error code in PVS-Studio output window) and online documentation (the PVS-Studio -> Help -> Open PVS-Studio Documentation (html, online) menu command), which are also available at our site. This setting will not change the language of IDE plug-in's interface and messages produced by the analyzer.
  • Fix for Command line analysis mode in Visual Studio 2012 in the case of project background loading.
  • New diagnostic - V665. Possibly, the usage of '#pragma warning(default: X)' is incorrect in this context. The '#pragma warning(push/pop)' should be used instead.
  • New diagnostic - V666. Consider inspecting NN argument of the function 'Foo'. It is possible that the value does not correspond with the length of a string which was passed with the YY argument.
  • New diagnostic - V667. The 'throw' operator does not possess any arguments and is not situated within the 'catch' block.
  • New diagnostic - V668. There is no sense in testing the pointer against null, as the memory was allocated using the 'new' operator. The exception will be generated in the case of memory allocation error.
  • New diagnostic -V812. Decreased performance. Ineffective use of the 'count' function. It can possibly be replaced by the call to the 'find' function.

PVS-Studio 5.02 (March 6, 2013)

  • Incorrect navigation in C++Builder modules that contain several header/source files was fixed.
  • The option for inserting user-specified comments while performing false alarm mark-ups (for example, to provide the automatic documentation generation systems with appropriate descriptions) was implemented.
  • An issue of incorrectly starting up a C++ preprocessor for some of the files utilizing precompiled headers was fixed.
  • New diagnostic - V663. Infinite loop is possible. The 'cin.eof()' condition is insufficient to break from the loop. Consider adding the 'cin.fail()' function call to the conditional expression.
  • New diagnostic - V664. The pointer is being dereferenced on the initialization list before it is verified against null inside the body of the constructor function.
  • New diagnostic - V811. Decreased performance. Excessive type casting: string -> char * -> string.

PVS-Studio 5.01 (February 13, 2013)

  • Support has been implemented for several previous versions of C++Builder. Now PVS-Studio supports the following versions of C++Builder: XE3 Update 1, XE2, XE, 2010, 2009.
  • A bug in C++Builder version with incremental analysis starting-up incorrectly in several situations was fixed.
  • Occasional incorrect placement of false alarm markings for C++Builder version was fixed.
  • Incorrect display of localized filenames containing regional-specific characters in C++Builder version was fixed.
  • An issue with opening source files during diagnostic message navigation in C++Builder version was resolved.
  • The issue was fixed of system includes paths being resolved incompletely when starting the preprocessor for the analyzer in C++ Builder versions.
  • New diagnostic - V661. A suspicious expression 'A[B < C]'. Probably meant 'A[B] < C'.
  • New diagnostic - V662. Consider inspecting the loop expression. Different containers are utilized for setting up initial and final values of the iterator.

PVS-Studio 5.00 (January 31, 2013)

  • Support for the integration to Embarcadero RAD Studio, or Embarcadero C++ Builder to be more precise, was added! As of this moment, PVS-Studio diagnostics capabilities are available to the users of C++ Builder. While in the past PVS-Studio could be conveniently utilized only from within Visual Studio environment, but now C++ developers who choses Embarcadero products will be able to fully utilize PVS-Studio static analyzer as well. Presently, the supported versions are XE2 and XE3, including the XE3 Update 1 with 64-bit C++ compiler.
  • Microsoft Design Language (formerly known as Metro Language) C++/CX Windows 8 Store (WinRT) projects on x86/ARM platforms and Windows Phone 8 projects support was implemented.
  • A fix for the users of Clang-preprocessor in Visual Studio version was implemented. Previously it was impossible to use Clang as a preprocessor while analyzing projects utilizing the Boost library because of the preprocessing errors. Now these issues were resolved. This significantly decreased the time it takes to analyze Boost projects with the help of Clang preprocessor.
  • The obsolete Viva64 options page was removed.
  • V004 message text was modified to provide a more correct description.
  • New diagnostic - V810. Decreased performance. The 'A' function was called several times with identical arguments. The result should possibly be saved to a temporary variable, which then could be used while calling the 'B' function.
  • New diagnostic - V2008. Cyclomatic complexity: NN. Consider refactoring the 'Foo' function.
  • New diagnostic - V657. It's odd that this function always returns one and the same value of NN.
  • New diagnostic - V658. A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the comparison operation can potentially behave unexpectedly.
  • New diagnostic - V659. Declarations of functions with 'Foo' name differ in the 'const' keyword only, but the bodies of these functions have different composition. This is suspicious and can possibly be an error.
  • New diagnostic - V660. The program contains an unused label and a function call: 'CC:AA()'. It's possible that the following was intended: 'CC::AA()'.

Release history for old versions

Please read release history for old versions here.