A new release of the PVS-Studio static code analyzer became available to download. This tool is designed to detect errors and potential vulnerabilities in the source code of programs, written in C, C++, and C#.
An important improvement is the extension of the list of supported compilers. Support for Texas Instruments Code Composer Studio, ARM compiler was added under Windows\Linux.
In response to requests from users, a new option of Compiler monitoring was introduced which helps when working with large projects. Compiler monitoring under Windows now supports saving monitoring data to a dump file and starting the analysis from this dump file. This allows to re-run the analysis without the necessity to re-build the analyzed project each time.
Also, in response to requests from users, a new mode for checking individual files was added to the command line for Visual Studio analyzer projects under Windows.
8 new diagnostics were introduced to detect errors in C and C++ code:
· V1013. Suspicious subexpression in a sequence of similar comparisons.
· V1014. Structures with members of real type are compared byte-wise.
· V1015. Suspicious simultaneous use of bitwise and logical operators.
· V1016. The value is out of range of enum values. This causes unspecified or undefined behavior.
· V1017. Variable of the ‘string_view’ type references a temporary object which will be removed after evaluation of an expression.
· V1018. Usage of a suspicious mutex wrapper. It is probably unused, uninitialized, or already locked.
· V1019. Compound assignment expression is used inside condition.
· V1020. Function exited without performing epilogue actions. It is possible that there is an error.
In addition to the development of new diagnostics, we continue improving Data-Flow analysis that enables old diagnostics find more bugs. Thanks to these improvements, the analyzer finds more interesting errors, like the one we described in the article “February 31”. Download and try PVS-Studio.