PVS-Studio 7.28 has been released. Now you can run the analyzer on the ARM architecture, analyze .NET 8 projects, and check Unreal Engine projects without Unity Build — and there is more to come! See the details in this press release.
You can download the latest PVS-Studio version here.
Support for the ARM architecture
Now the PVS-Studio analyzer can be used on the ARM architecture on Windows. PVS-Studio works in x64 compatibility mode.
Next year, we plan to implement the native ARM analyzer version for macOS.
Analysis of .NET 8 projects
PVS-Studio for C# now supports the analysis of .NET 8 projects.
The C# analyzer on Linux and macOS will be working under .NET 8.
Analysis of Unreal Engine projects without Unity Build
When analyzing Unreal Engine projects with PVS-Studio, we often encounter issues with high memory usage and analysis slowdown. They usually arise when individual translation units are combined into a single file (the Unity Build system).
Although the merging of translation units may have a positive impact on the compilation time, the large file size may increase the resource requirements for analysis.
We've added a new section to the documentation on analyzing Unreal Engine projects, which describes how to configure the analysis without Unity Build, while keeping the opportunity to use this mode for building the project.
Support for relative paths in the SARIF reports
We've added support for relative paths to analyzed files in the SARIF files according to the standard SARIF documentation.
Learn more about the SARIF reports in the documentation.
Wildcard patterns for CLMonitor
Now the analyzer supports wildcard patterns in the compile commands for CLMonitor (the compiler monitoring utility on Windows).
Learn more about using the CLMonitor utility in the documentation.
Enhancing .pvsconfig in the C# analyzer
In the C# analyzer, we've enhanced and standardized the enabling and disabling of separate diagnostic rules via the analyzer configuration files — .pvsconfig.
Here is an example:
//-V::3022,5623:1,3
The syntax pattern turns off the warnings of 'High' and 'Low' levels for the V3022 and V5623 diagnostic rules.
Learn more about using the analyzer configuration files (.pvsconfig) in the documentation.
Enhancing the diagnostic rule in the C# analyzer
In the C# analyzer, we've enhanced the handling of parameters that have null as the default value.
It enables the V3080 diagnostic rule to detect more errors related to null dereferencing.
Let's take a look at an example from a real project and see what the analyzer can detect now:
public MyEffectInstance CreateEffect(
IMySourceVoice input,
MyStringHash effect,
MySourceVoice[] cues = null, // <=
float? duration = null)
{
if(!m_effects.ContainsKey(effect))
{
Debug.Fail(string.Format("Effect not found: {0}", effect.ToString()));
return null;
}
var instance = new MyEffectInstance
(m_effects[effect], input, cues, duration, m_engine); // <=
m_activeEffects.Add(instance);
return instance;
}
public MyEffectInstance(
MyAudioEffect effect,
IMySourceVoice input,
MySourceVoice[] cues,
float? duration,
XAudio2 engine)
{
m_engine = engine;
m_effect = effect;
var inputSound = input as MySourceVoice;
....
foreach(var sound in cues) // <=
{
....
}
}
Suspicious code from one of the legacy versions of the Space Engineers project.
In the CreateEffect method, the cues *parameter has *null as a default value. However, when creating the MyEffectInstance class object, the cues *array is traversed in the *foreach(var sound in cues) loop.
As a result, if the cues *parameter has a default value, a null reference is accessed on loop entry when the class object is created, and a *NullReferenceException is thrown.
Fixing the compatibility issues between PVS-Studio and Visual Assist
When working concurrently with the PVS-Studio plugin and Visual Assist, there were issues with file switching in Visual Studio 2019 and 2022.
We've fixed it :).
New diagnostic rules
C++
- V1103. The values of padding bytes are unspecified. Comparing objects with padding using 'memcmp' may lead to unexpected result.
- V2624. MISRA. The initializer for an aggregate or union should be enclosed in braces.
C#
- V3193. Data processing results are potentially used before asynchronous output reading is complete. Consider calling 'WaitForExit' overload with no arguments before using the data.
- V4005. Unity Engine. The expensive operation is performed inside method or property. Using such member in performance-sensitive context can lead to decreased performance.
A nightmare on Bug Street
It just so happened that Halloween coincided with the release dates! Even though it has passed, the terrible bugs are still here! Can you find them?
Let yourself play ghostbusters! We've collected 8 spooky stories for you. Read them and try to find the lurking bugs.
Articles
For C++ programmers:
- 30 years of DOOM: new code, new bugs
- Games! How they write code for SDL (+ interview with the creator)
- A deep look into YTsaurus. Availability, reliability, open source
- Typos, null pointers, and treacherous TAB: 33 fragments in the GTK library
For C# programmers:
- Using the PVS-Studio extension for VS Code to effectively handle errors in C# code
- Return to Grove Street. Checking the Grand Theft Auto: San Andreas engine in Unity
- Microsoft PowerToys: the GitHub king among C# projects with C++ errors
- What's new in .NET 8?
- What's new in C# 12: overview
For Java programmers:
Other:
- How to lure programmers to your conference booth?
- What C++, C# or Java article would you like to read on our blog?
- Interview with developers of Flipper Zero — a multi-tool for hackers and pentesters
- Day when Skynet becomes self-aware, and 69 reasons to chill out with colleagues. Part 1.
- Day when Skynet becomes self-aware, and 69 reasons to chill out with colleagues. Part 2.
Do you want to check a project with PVS-Studio? Then start from this page.
We have also launched an IT events newsletter for developers! Here you can subscribe to the PVS-Studio events and digest newsletter.
Top comments (0)