PVS-Studio is a static analysis tool for detecting bugs and security weaknesses in the source code of programs written in C, C++, C# and Java. It works under 64-bit systems in Windows, Linux and macOS environments, and can analyze source code intended for 32-bit, 64-bit and embedded ARM platforms.
To get trial license for the analyzer please follow PVS-Studio Download Page and fill out the form. We'll send you the trial license shorty.
- Online reference guide for all of the diagnostic rules, that is available locally, on our web site, and as a single .pdf file. More than 700 pages of documentation are available
- Automatic (incremental) analysis of individual files right after their recompilation in IDE.
- Intuitive interface - easy navigation along the warnings issued for the code. Everything you need is at your fingertips - warnings sorted by severity level, highlighted code fragments which require additional revision, and quick access to the documentation. PVS-Studio documentation suggests ways of how to fix the detected error.
- Great scalability - PVS-Studio supports multi-core and multi-processor systems with the ability to specify the number of cores to use; can be used together with Incredibuild.
- Baselining analysis results - suppression of "old" messages on the existing code, so that the analyzer issues 0 warnings for it. This allows to integrate static analysis easily at any point of the development lifecycle. It is especially helpful in case you need to check only newly written code fragments.
- Interactive filtering of the analysis results (log file) in PVS-Studio IDE/Standalone window: the issued warnings are sorted by diagnostic number, file name, the word in the text of the diagnostic, plus the ability to exclude files from the analysis by name, folder, or mask.
- Automatic notification of developers. The Blame Notifier tool allows you to send e-mail notifications to the developers about bugs that PVS-Studio found during a night run based on the blame information from version control system.
- Analysis of commits, merge and pull requests - analyzer can be configured to analyze only the modified files. This allows to quickly and automatically analyze every commit to version control system.
- Suppress false positives - use code markup to suppress a certain diagnostic in a particular code fragment.
- Analysis from command line: helps integrate PVS-Studio into nightly builds, CI/CD services.
- Portability of analysis results - view analysis results on different machines thanks to the use of relative paths.
- Compiler Monitoring for C and C++ - analysis of projects with build systems unsupported by IDE. In case of the monitoring functionality not being enough, there is the capability of integrating PVS-Studio in Makefile-based (or any other) build system directly.
- Static Application Security Testing (SAST) - the analyzer provides mappings for its warnings to Common Weakness Enumeration, SEI CERT Coding Standards, OWASP Top 10, and supports OWASP ASVS standard.
- Safety - PVS-Studio supports such safety standards as MISRA C, MISRA C++, AUTOSAR C++ Coding Guidelines. Analyzer also provides a way to generate MISRA Compliance report.
- Integration with SonarQube - an open-source platform, designed for continuous analysis and measurement of code quality.
PVS-Studio plugin for Qt Creator
The PVS-Studio plugin for Qt Creator allows you to work with the static analyzer reports. The plugin allows you to group and filter analyzer's warnings by levels of certainty, groups, error codes; mark them as false alarms, and filter warnings on certain files. A detailed description of PVS-Studio plugin for Qt Creator is available here.
To generate the analyzer report, install PVS-Studio and use the CMD version for the appropriate platform and language, analyze the project and upload the report in the PVS-Studio plugin. You can download the PVS-Studio static analyzer here.