Errors detected in Open Source projects by the PVS-Studio developers through static analysis
We regularly check various open-source projects with PVS-Studio and send analysis results to developers and usually describe them in our posts as well. Besides, we add them into our bug database. This database is posted below on this page.
The bugs are grouped according to the number of the diagnostic rule that is used to detect them. The right column contains a link to the corresponding error samples.
We have deliberately refused to implement an option to view all the bugs found in a particular project: this might lead to an incorrect impression regarding the number of errors in the project and the analyzer's capabilities. You see, the tool is rapidly developing. While it found 10 bugs in a project one year ago, it doesn't mean at all that it will find the same amount now. Compare, for instance, the reports of ReactOS checks: first report, second report (a year and a half later).
You can offer us other open-source projects for analysis. The project types supported by PVS-Studio are given in the tool description.
This database may serve a unique resource for reflection on coding standards development, concepts of articles on programming rules, and help you in other researches regarding enhancing software reliability. We wish you interesting researches.
Error Code | Error Description | Project List |
V501 | Identical sub-expressions to the left and to the right of 'foo' operator. | Captain Blood, VCMI, CodeLite, Microsoft PowerToys, YTsaurus, Qt Creator, qdEngine, OpenVINO, DPDK, Telegram, ... |
V502 | The '?:' operator may not work as expected. The '?:' operator has a lower priority than the 'foo' operator. | OpenJDK, CryEngine V, GCC, Linux Kernel, Scilab, Amazon Lumberyard, Perl 5, NCBI Genome Workbench, LLVM/Clang, Heawei Ark Compiler, ... |
V503 | Nonsensical comparison: pointer < 0. | OGDF, Asterisk, .NET CoreCLR, Haiku Operation System, GINV, FreeBSD Kernel, OpenToonz, Far2l, Tizen, LLVM/Clang, ... |
V504 | Semicolon ';' is probably missing after the 'return' keyword. | Inkscape, Kodi, LLVM/Clang. |
V505 | The 'alloca' function is used inside the loop. This can quickly overflow stack. | Crystal Space 3D SDK, Multi-threaded Dynamic Queue, Pixie, DeSmuME, Synergy, Tizen, EFL Core Libraries. |
V506 | Pointer to local variable 'X' is stored outside the scope of this variable. Such a pointer will become invalid. | WinSCP, Miranda NG, Unreal Engine 4, PHP:Hypertext Preprocessor, RT-Thread, Haiku Operation System, MuseScore, Ogre3D. |
V507 | Pointer to local array 'X' is stored outside the scope of this array. Such a pointer will become invalid. | Scilab, Miranda NG, MAME, GNU Octave, Inkscape, GCC, Tizen, Android, Doom 1, Command & Conquer, ... |
V509 | Exceptions raised inside noexcept functions must be wrapped in a try..catch block. | Geant4 software, Protocol Buffers, Source Engine SDK, Data Distribution Service, FlightGear, TortoiseGit, WebRTC, LibreOffice, 7-Zip, MuditaOS, ... |
V510 | The 'Foo' function receives class-type variable as Nth actual argument. This is unexpected behavior. | Wild Magic 5, Scilab, Unreal Engine 4, Chromium, Apple II emulator, Telegram, Computational Network Toolkit, CryEngine V, libusbx, qdEngine, ... |
V511 | The sizeof() operator returns pointer size instead of array size. | Shareaza, Wolfenstein 3D, Chromium, MySQL, Intel AMT SDK, ReactOS, Samba, Source Engine SDK, Oracle VM Virtual Box. |
V512 | Call of the 'Foo' function will lead to buffer overflow. | FreeBSD Kernel, Stickies, Tizen, EFL Core Libraries, XNU kernel, rdesktop, VVVVVV, Zephyr, Command & Conquer, GPCS4, ... |
V513 | Use _beginthreadex/_endthreadex functions instead of CreateThread/ExitThread functions. | Multi Theft Auto, Trans-Proteomic Pipeline, SeqAn, Snes9x, PostgreSQL Database Management System, Source Engine SDK, Tesseract. |
V514 | Potential logical error. Size of a pointer is divided by another value. | Miranda IM, ReactOS, Notepad++, OpenMS, OpenCOLLADA, Scilab, Miranda NG. |
V516 | Non-null function pointer is compared to null. Consider inspecting the expression. | Audacity, Micro-Manager. |
V517 | Potential logical error. The 'if (A) {...} else if (A) {...}' pattern was detected. | Haiku Operation System, Bullet Physics SDK, ROOT, Qemu, TheXTech, MuditaOS, GPCS4, Microsoft PowerToys, OpenVINO, DPDK, ... |
V518 | The 'malloc' function allocates suspicious amount of memory calculated by 'strlen(expr)'. Perhaps the correct expression is strlen(expr) + 1. | FCEUX. |
V519 | The 'x' variable is assigned values twice successively. Perhaps this is a mistake. | Darwin-XNU, Storm Engine, LFortran, libtorrent, RPCS3, GPCS4, VCMI, GZDoom, iSulad, DPDK, ... |
V520 | Comma operator ',' in array index expression. | G3D Content Pak. |
V521 | Expressions that use comma operator ',' are dangerous. Make sure the expression is correct. | Oracle VM Virtual Box, Unreal Engine 4, ReactOS, CryEngine V, Steinberg SDKs, Amazon Lumberyard, Azure Service Fabric, Godot Engine, Dlib, LLVM/Clang, ... |
V522 | Possible null pointer dereference. | CARLA, MuditaOS, VCMI, GCC, FreeCAD, GZDoom, Dagor Engine, OpenVINO, DPDK, Telegram, ... |
V523 | The 'then' statement is equivalent to the 'else' statement. | Espressif IoT Development Framework, TheXTech, Blend2D, Overgrowth, Captain Blood, CodeLite, Qt Creator, qdEngine, OpenVINO, DPDK, ... |
V524 | It is suspicious that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function. | MuseScore, FreeRDP, EAStdC, Heawei Ark Compiler, Newton Game Dynamics, Command & Conquer, Indicators, Qt, FaCT++, Blend2D, ... |
V525 | Code contains collection of similar blocks. Check items X, Y, Z, ... in lines N1, N2, N3, ... | MySQL, Trans-Proteomic Pipeline, SeqAn, Source Engine SDK, Scilab, SlimDX, Android, xrdp, Newton Game Dynamics, FreeCAD, ... |
V526 | The 'strcmp' function returns 0 if corresponding strings are equal. Consider inspecting the condition for mistakes. | wxWidgets, Network Security Services (NSS), PostgreSQL Database Management System, Micro-Manager. |
V527 | The 'zero' value is assigned to pointer. Probably meant: *ptr = zero. | PNG library, Apache HTTP Server, ReactOS, Trans-Proteomic Pipeline, Scilab, Haiku Operation System, Tizen. |
V528 | Pointer is compared with 'zero' value. Probably meant: *ptr != zero. | Apache HTTP Server, Scilab, TortoiseGit, Miranda NG, The GTK+ Project, GCC, ReOpenLDAP, GDB, Partio, Aspell, ... |
V529 | Suspicious semicolon ';' after 'if/for/while' operator. | ReactOS, CamStudio, Windows 8 Driver Samples, QuickThread, VirtualDub, Oracle VM Virtual Box, Haiku Operation System, MAME, CryEngine V, GuiLite, ... |
V530 | Return value of 'Foo' function is required to be used. | CryEngine V, Scilab, Audacity, Ardour, Android, ANGLE, LibreOffice, Haiku Operation System, Blender, Ogre3D, ... |
V531 | The sizeof() operator is multiplied by sizeof(). Consider inspecting the expression. | XUIFramework, NetDefender Firewall, ReactOS, CrashRpt library, Oracle VM Virtual Box, CMake, GPCS4. |
V532 | Consider inspecting the statement of '*pointer++' pattern. Probably meant: '(*pointer)++'. | eMule Plus, FCEUX, IPP Samples, Apache HTTP Server, DeSmuME, OpenSSL, Miranda NG, Godot Engine, Open X-Ray Engine. |
V533 | It is possible that a wrong variable is incremented inside the 'for' operator. Consider inspecting 'X'. | Doom 3, Simple DirectMedia Layer, Godot Engine, Unreal Engine 4, Open X-Ray Engine, LibreOffice, GTK, Chromium. |
V534 | It is possible that a wrong variable is compared inside the 'for' operator. Consider inspecting 'X'. | Source Engine SDK, Coin3D, Oracle VM Virtual Box, .NET CoreCLR, Android, Azure Service Fabric, NCBI Genome Workbench, Qalculate!. |
V535 | The 'X' variable is used for this loop and outer loops. | Haiku Operation System, FreeBSD Kernel, The GTK+ Project, CryEngine V, Blender, Tizen, Android, NCBI Genome Workbench, libcurl, DPDK, ... |
V536 | Constant value is represented by an octal form. | eLynx Image Processing SDK and Lab, Miranda IM, PostgreSQL Database Management System, Micro-Manager, TortoiseGit, Chromium, Linux Kernel. |
V537 | Potential incorrect use of item 'X'. Consider inspecting the expression. | IPP Samples, Miranda IM, ReactOS, Quake-III-Arena, Trinity Core, Blender, Source Engine SDK, Expat, FreeCAD. |
V538 | The line contains control character 0x0B (vertical tabulation). | EA WebKit. |
V539 | Iterators are passed as arguments to 'Foo' function. Consider inspecting the expression. | CryEngine V, OpenVINO. |
V540 | Member 'x' should point to string terminated by two 0 characters. | Fennec Media, Chromium, WinSCP. |
V541 | String is printed into itself. Consider inspecting the expression. | PCSX2, CAMEL, Mozilla Firefox, UCSniff, TinyCAD, Scilab, FreeBSD Kernel, Serious Engine 1 v.1.10, Ardour. |
V542 | Suspicious type cast: 'Type1' to ' Type2'. Consider inspecting the expression. | Miranda IM, Platinum. |
V543 | It is suspicious that value 'X' is assigned to the variable 'Y' of HRESULT type. | WinMerge, Oracle VM Virtual Box, Unreal Engine 4, Mozilla Thunderbird. |
V545 | Conditional expression of 'if' statement is incorrect for the HRESULT type value 'Foo'. The SUCCEEDED or FAILED macro should be used instead. | VirtualDub, Qt, LibreOffice, Apache HTTP Server, ANGLE, qdEngine. |
V546 | The 'Foo(Foo)' class member is initialized with itself. | Boost (C++ libraries), OpenToonz, CryEngine V, ClickHouse, Amazon Lumberyard, Blender. |
V547 | Expression is always true/false. | VCMI, Microsoft PowerToys, YTsaurus, GZDoom, iSulad, Blender, OpenVINO, x64dbg, DPDK, Telegram, ... |
V548 | TYPE X[][] is not equivalent to TYPE **X. Consider inspecting type casting. | Haiku Operation System. |
V549 | The 'first' argument of 'Foo' function is equal to the 'second' argument. | Miranda NG, The GTK+ Project, GDB, Linux Kernel, CryEngine V, Skia Graphics Engine, Android, Amazon Lumberyard, PMDK, DPDK, ... |
V550 | Suspicious precise comparison. Consider using a comparison with defined precision: fabs(A - B) < Epsilon or fabs(A - B) > Epsilon. | CAMEL, ffdshow, Windows Calculator, ArduPod. |
V551 | Unreachable code under a 'case' label. | Command & Conquer. |
V552 | A bool type variable is incremented. Perhaps another variable should be incremented instead. | 7-Zip, Command & Conquer. |
V554 | Incorrect use of smart pointer. | Haiku Operation System, OpenToonz, Casablanca, Nana, Skia Graphics Engine, Android, 0 A.D., LibreOffice, LLVM/Clang, CodeLite, ... |
V555 | Expression of the 'A - B > 0' kind will work as 'A != B'. | Trans-Proteomic Pipeline, Scilab, OpenSSL, Wine Is Not an Emulator, PHP:Hypertext Preprocessor, OpenJPEG, K Desktop Environment, FreeSWITCH. |
V556 | Values of different enum types are compared. | Linux Kernel, OpenToonz, Casablanca, Blender, SCIM, Tizen, EFL Core Libraries, Doom 1, Celestia, Command & Conquer, ... |
V557 | Possible array overrun. | Blend2D, Ogre3D, GPCS4, GCC, FreeCAD, GTK, Qt Creator, OpenVINO, DPDK, x64dbg, ... |
V558 | Function returns pointer/reference to temporary local object. | SeqAn, VirtualDub, Geant4 software, LLVM/Clang, EFL Core Libraries, Android. |
V559 | Suspicious assignment inside the conditional expression of 'if/while/for' statement. | Miranda IM, Intel AMT SDK, Data Distribution Service, Scilab, Miranda NG, The GTK+ Project, Serious Engine 1 v.1.10. |
V560 | Part of conditional expression is always true/false. | GTK, Snort, Darwin-XNU, Storm Engine, libtorrent, RPCS3, Ogre3D, VCMI, GZDoom, x64dbg, ... |
V561 | Consider assigning value to 'foo' variable instead of declaring it anew. | Oracle VM Virtual Box, Godot Engine, Telegram, Firebird, OpenJDK, Chromium, Amazon Lumberyard, NCBI Genome Workbench, Qt, Overgrowth, ... |
V562 | Bool type value is compared with value of N. Consider inspecting the expression. | Spvolren, ReactOS, Blender, Windows 8 Driver Samples, Haiku Operation System, NCBI Genome Workbench, TheXTech. |
V563 | An 'else' branch may apply to the previous 'if' statement. | BCmenu, Squirrel, PeerBlock, Trans-Proteomic Pipeline, Cfront, Open X-Ray Engine, Amnesia: The Dark Descent. |
V564 | The '&' or '|' operator is applied to bool type value. Check for missing parentheses or use the '&&' or '||' operator. | Blender, FFmpeg, Unreal Engine 4, OpenMW, K Desktop Environment, Oracle VM Virtual Box, Amazon Lumberyard, Perl 5, Haiku Operation System, ReactOS, ... |
V565 | Empty exception handler. Silent suppression of exceptions can hide errors in source code during testing. | G3D Content Pak. |
V567 | Modification of variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior. | CryEngine V, CMaNGOS, Far2l, Steinberg SDKs, ofPennerEasing, LibreOffice, Doom 1, glTF library, LLVM/Clang, Darwin-XNU, ... |
V568 | It is suspicious that the argument of sizeof() operator is the expression. | Haiku Operation System, Far2l, CryEngine V, EFL Core Libraries, XNU kernel, RT-Thread, Android, Azure Service Fabric, PMDK, Microsoft PowerToys, ... |
V569 | Truncation of constant value. | FreeBSD Kernel, VCMI. |
V570 | Variable is assigned to itself. | Heawei Ark Compiler, GCC, Command & Conquer, Storm Engine, TheXTech, Ogre3D, Captain Blood, Blender, x64dbg, Xenia, ... |
V571 | Recurring check. This condition was already verified in previous line. | NCBI Genome Workbench, LibrePCB, Kodi, ROOT, jsoncons, LLVM/Clang, Darwin-XNU, MuditaOS, Godot Engine, Telegram, ... |
V572 | Object created using 'new' operator is immediately cast to another type. Consider inspecting the expression. | wxWidgets, Cocos2d-x, Tizen. |
V573 | Use of uninitialized variable 'Foo'. The variable was used to initialize itself. | Multi Theft Auto, Firebird, Word for Windows 1.1a, LLVM/Clang, Blend2D, Microsoft PowerToys. |
V574 | Pointer is used both as an array and as a pointer to single object. | Amazon FreeRTOS. |
V575 | Function receives suspicious argument. | Transmission, LLVM/Clang, FlipperZero, Blender, GTK, GZDoom, Dagor Engine, iSulad, OpenVINO, DPDK, ... |
V576 | Incorrect format. Consider checking the Nth actual argument of the 'Foo' function. | ReOpenLDAP, ICQ, Far2l, EFL Core Libraries, Tizen, Enlightenment, 0 A.D., FreeRDP, FlipperZero, DPDK, ... |
V578 | Suspicious bitwise operation was detected. Consider inspecting it. | NetXMS, RT-Thread, Android, Godot Engine. |
V579 | The 'Foo' function receives the pointer and its size as arguments. This may be a potential error. Inspect the Nth argument. | OpenJDK, CryEngine V, GDB, GNU GRUB, MySQL, RT-Thread, Doom 1, PMDK, Captain Blood, Microsoft PowerToys, ... |
V581 | Conditional expressions of 'if' statements located next to each other are identical. | Celestia, TON, Universal, LLVM/Clang, Qt, Snort, RPCS3, GTK, DPDK, Telegram, ... |
V583 | The '?:' operator, regardless of its conditional expression, always returns the same value. | Chromium, CMaNGOS, Audacity, V8 JavaScript Engine, TDLib, Krita, Vangers: One For The Road, Command & Conquer, DuckStation, Captain Blood, ... |
V584 | Same value is present on both sides of the operator. The expression is incorrect or can be simplified. | Far2l, Asterisk, Ruby MRI, Command & Conquer. |
V586 | The 'Foo' function is called twice to deallocate the same resource. | Blender, OpenMW, VNL, Miranda NG, Telegram. |
V587 | Suspicious sequence of assignments: A = B; B = A;. | Windows 8 Driver Samples, Mozilla Firefox, LibreOffice, Git, GNU GRUB, EFL Core Libraries, ORCT2, CodeLite. |
V588 | Expression of the 'A =+ B' kind is used. Possibly meant: 'A += B'. Consider inspecting the expression. | Libxml2, Trans-Proteomic Pipeline. |
V590 | Possible excessive expression or typo. Consider inspecting the expression. | NCBI Genome Workbench, Qalculate!, libarchive, ROOT, Command & Conquer, Darwin-XNU, CodeLite, GTK, GZDoom, PPSSPP, ... |
V591 | Non-void function must return value. | ROOT, Command & Conquer, Strf, Chobo Single-Header Libraries, PpluX, Universal, manif, qdEngine, OpenVINO, Xenia, ... |
V592 | Expression is enclosed by parentheses twice: ((expression)). One pair of parentheses is unnecessary or typo is present. | wxWidgets, Spring Engine, TensorFlow, CMake. |
V593 | Expression 'A = B == C' is calculated as 'A = (B == C)'. Consider inspecting the expression. | ReOpenLDAP, OpenSubdiv, CMaNGOS, XNU kernel, Android, ROOT, PMDK, Espressif IoT Development Framework, Qt Creator, DPDK, ... |
V594 | Pointer to array is out of array bounds. | ReactOS. |
V595 | Pointer was used before its check for nullptr. Check lines: N1, N2. | GPCS4, Overgrowth, VCMI, GZDoom, iSulad, qdEngine, OpenVINO, DPDK, PPSSPP, Xenia, ... |
V596 | Object was created but is not used. Check for missing 'throw' keyword. | OpenMW, FreeCAD, Computational Network Toolkit, OpenToonz, MySQL, Amazon Lumberyard, Haiku Operation System, ROOT, Hnswlib, tiny-dnn, ... |
V597 | Compiler may delete 'memset' function call that is used to clear 'Foo' buffer. Use the RtlSecureZeroMemory() function to erase private data. | PPSSPP, ROOT, Qemu, Espressif IoT Development Framework, GTK, Snort, Transmission, RPCS3, iSulad, DPDK, ... |
V598 | Memory manipulation function is used to work with a class object containing a virtual table pointer. The result of such an operation may be unexpected. | IPP Samples, Coin3D, SlimDX, Miranda NG, .NET CoreCLR, GZDoom. |
V599 | The virtual destructor is not present, although the 'Foo' class contains virtual functions. | ANGLE, TortoiseGit, Miranda NG, FreeCAD, GINV, Unreal Engine 4, Computational Network Toolkit, OpenToonz, Notepad++, Xenia, ... |
V600 | The 'Foo' pointer is always not equal to NULL. Consider inspecting the condition. | Notepad++, OpenSSL, Multi Theft Auto, Firebird, ITK, FreeSWITCH. |
V601 | Suspicious implicit type casting. | Doxygen, Firebird, Notepad++, SCIM, Rosegarden, TON, VVVVVV, Dlib, qdEngine, PPSSPP, ... |
V602 | The '<' operator should probably be replaced with '<<'. Consider inspecting this expression. | RT-Thread. |
V603 | Object was created but not used. If you wish to call constructor, use 'this->Foo::Foo(....)'. | ChakraCore, Open X-Ray Engine, CryEngine V, EA WebKit, Android, Azure Service Fabric, Etc2Comp, NCBI Genome Workbench, Stellarium, Haiku Operation System, ... |
V604 | Number of iterations in loop equals size of a pointer. Consider inspecting the expression. | Windows 8 Driver Samples. |
V605 | Unsigned value is compared to the NN number. Consider inspecting the expression. | VirtualDub, PHP:Hypertext Preprocessor, FreeSWITCH, The GTK+ Project, ReactOS. |
V606 | Ownerless token 'Foo'. | RunAsAdmin Explorer Shim, Windows 8 Driver Samples, Oracle VM Virtual Box, Amazon Lumberyard, Azure Service Fabric. |
V607 | Ownerless expression 'Foo'. | Unreal Engine 4, Miranda NG, Godot Engine, Serious Engine 1 v.1.10, System Shock, Azure Service Fabric, Captain Blood, Microsoft PowerToys, GZDoom, Qt Creator, ... |
V609 | Possible division or mod by zero. | Mozilla Thunderbird, Inkscape, Chromium, EFL Core Libraries, SpeedCrunch, Haiku Operation System, ROOT, LLVM/Clang, MuditaOS, Ogre3D, ... |
V610 | Undefined behavior. Check the shift operator. | SpeedCrunch, TON, Command & Conquer, PMDK, Qemu, Boost (C++ libraries), Overgrowth, GZDoom, Dagor Engine, PPSSPP, ... |
V611 | Memory allocation and deallocation methods are incompatible. | Vangers: One For The Road, Qalculate!, Haiku Operation System, Command & Conquer, Storm Engine, Overgrowth, Captain Blood, GTK, qdEngine, PPSSPP, ... |
V612 | Unconditional 'break/continue/return/goto' within a loop. | Inkscape, CMaNGOS, Audacity, Rosegarden, XNU kernel, RT-Thread, MuseScore, CARLA, GCC, Xenia, ... |
V614 | Use of 'Foo' uninitialized variable. | LLVM/Clang, Protocol Buffers, DuckStation, Ogre3D, Captain Blood, CodeLite, GCC, Dagor Engine, Blender, Xenia, ... |
V615 | Suspicious explicit conversion from 'float *' type to 'double *' type. | OpenJDK, Xenia. |
V616 | Use of 'Foo' named constant with 0 value in bitwise operation. | Unreal Engine 4, Mozilla Thunderbird, ReactOS, LLVM/Clang, CMaNGOS, Qt, Minetest, Qemu, Dlib, Chromium, ... |
V617 | Argument of the '|' bitwise operation always contains non-zero value. Consider inspecting the condition. | OpenSSL, Multi Theft Auto, Word for Windows 1.1a, WebRTC, FreeBSD Kernel, XNU kernel, Android, Command & Conquer, POCO C++ Libraries, MuditaOS, ... |
V618 | Dangerous call of 'Foo' function. The passed line may contain format specification. Example of safe code: printf("%s", str); | TortoiseSVN, Source Engine SDK, CryEngine 3 SDK, WinSCP, Miranda NG, LibreOffice, Apple II emulator, Tizen. |
V619 | Array is used as pointer to single object. | Amazon FreeRTOS. |
V620 | Expression of sizeof(T)*N kind is summed up with pointer to T type. Consider inspecting the expression. | Apache Xerces Project, Snes9x, Miranda NG, Chromium. |
V621 | Loop may execute incorrectly or may not execute at all. Consider inspecting the 'for' operator. | EFL Core Libraries, Godot Engine, Windows Calculator, ROOT, Newton Game Dynamics, GTK, Free Heroes of Might and Magic II, Snort, GCC, DPDK, ... |
V622 | First 'case' operator may be missing. Consider inspecting the 'switch' statement. | K Desktop Environment, Miranda NG, CryEngine V, Tizen, Amazon Lumberyard, LLVM/Clang. |
V623 | Temporary object is created and then destroyed. Consider inspecting the '?:' operator. | Far2l. |
V624 | Use of constant NN. The resulting value may be inaccurate. Consider using the M_NN constant from <math.h>. | ffdshow, OpenMS, Geant4 software, Inkscape, Tizen, Bullet Physics SDK, Celestia. |
V625 | Initial and final values of the iterator are the same. Consider inspecting the 'for' operator. | Synergy, LibreOffice, Oracle VM Virtual Box, GCC. |
V626 | It's possible that ',' should be replaced by ';'. Consider checking for typos. | Oracle VM Virtual Box, LibreOffice. |
V627 | Argument of sizeof() is a macro, which expands to a number. Consider inspecting the expression. | Samba, Network Security Services (NSS), Data Distribution Service, WebRTC, Haiku Operation System. |
V628 | It is possible that a line was commented out improperly, thus altering the program's operation logic. | Trans-Proteomic Pipeline, Spring Engine, Inkscape. |
V629 | Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type. Consider inspecting the expression. | Bitcoin, Alembic, TensorFlow, Android, Qemu, jsoncons, PGM-index, YTsaurus, iSulad, PPSSPP, ... |
V630 | The 'malloc' function is used to allocate memory for an array of objects that are classes containing constructors/destructors. | Cocos2d-x, Haiku Operation System, Computational Network Toolkit, CryEngine V, EFL Core Libraries, Newton Game Dynamics, MuseScore, Blender. |
V631 | Defining absolute path to file or directory is considered a poor coding style. Consider inspecting the 'Foo' function call. | ffdshow, NetXMS, VirtualDub. |
V634 | Priority of '+' operation is higher than priority of '<<' operation. Consider using parentheses in the expression. | Haiku Operation System, CryEngine V, System Shock, Stellarium, Qemu, Snort, DPDK. |
V635 | Length should be probably multiplied by sizeof(wchar_t). Consider inspecting the expression. | WinMerge, Miranda NG. |
V636 | Expression was implicitly cast from integer type to real type. Consider using an explicit type cast to avoid overflow or loss of a fractional part. | Qt, Tesseract, Cocos2d-x, Miranda NG, Open X-Ray Engine, ICQ, EFL Core Libraries, Tizen, Minetest, GTK, ... |
V637 | Use of two opposite conditions. The second condition is always false. | TortoiseGit, K Desktop Environment, .NET CoreCLR, ReactOS, Firebird, Blender, LibreOffice, MuseScore, RPCS3, DPDK, ... |
V638 | Terminal null is present inside a string. Use of '\0xNN' characters. Probably meant: '\xNN'. | Oracle VM Virtual Box, Linux Kernel. |
V639 | One of closing ')' parentheses is probably positioned incorrectly. Consider inspecting the expression for function call. | CryEngine 3 SDK, Eigen, LibreOffice, LLVM/Clang. |
V640 | Code's operational logic does not correspond with its formatting. | Miranda NG, Spring Engine, Haiku Operation System, CryEngine V, CMaNGOS, GCC, FreeBSD Kernel, Augeas, Tizen, Android, ... |
V641 | Buffer size is not a multiple of element size. | Miranda NG, GZDoom. |
V642 | Function result is saved inside the 'byte' type variable. Significant bits may be lost. This may break the program's logic. | Xpdf, ReactOS, Firebird, Linux Kernel, OpenToonz, Tizen, Amazon FreeRTOS, Espressif IoT Development Framework. |
V643 | Suspicious pointer arithmetic. Value of 'char' type is added to a string pointer. | Spring Engine, OpenToonz. |
V645 | Function call may lead to buffer overflow. Bounds should not contain size of a buffer, but a number of characters it can hold. | ReactOS, ICU, Multi Theft Auto, Miranda NG, Enlightenment, Tizen, Haiku Operation System. |
V646 | The 'else' keyword may be missing. Consider inspecting the program's logic. | Aspell, EFL Core Libraries, Tizen, XNU kernel, Krita, LLVM/Clang, ROOT, Minetest, Qemu, ReactOS, ... |
V647 | Value of 'A' type is assigned to a pointer of 'B' type. | Tizen. |
V648 | Priority of '&&' operation is higher than priority of '||' operation. | Wolfenstein 3D, Oracle VM Virtual Box, Command & Conquer. |
V649 | Two 'if' statements with identical conditional expressions. The first 'if' statement contains function return. This means that the second 'if' statement is senseless. | Wolfenstein 3D, Coin3D, Micro-Manager, Blender, LLVM/Clang, EFL Core Libraries, Chromium, Skia Graphics Engine, LibreOffice, CodeLite, ... |
V650 | Type casting is used 2 times in a row. The '+' operation is executed. Probably meant: (T1)((T2)a + b). | Wine Is Not an Emulator. |
V652 | Operation is executed 3 or more times in a row. | FreeSWITCH. |
V653 | Suspicious string consisting of two parts is used for initialization. Comma may be missing. | Asterisk, Linux Kernel. |
V654 | Condition of a loop is always true/false. | Android, Stellarium, Haiku Operation System, Doom 1, Newton Game Dynamics, Free Heroes of Might and Magic II, Snort, TheXTech, FlipperZero, Captain Blood, ... |
V655 | Strings were concatenated but not used. Consider inspecting the expression. | Scilab, K Desktop Environment, FreeCAD, OpenToonz, LLVM/Clang. |
V656 | Variables are initialized through the call to the same function. It's probably an error or un-optimized code. | Doom 3, ReactOS, Qt, LibreOffice, Skia Graphics Engine, Krita, LLVM/Clang, FreeCAD. |
V658 | Value is subtracted from unsigned variable. It can result in an overflow. In such a case, the comparison operation may behave unexpectedly. | VCMI. |
V661 | Suspicious expression 'A[B < C]'. Probably meant 'A[B] < C'. | NCBI Genome Workbench. |
V662 | Different containers are used to set up initial and final values of iterator. Consider inspecting the loop expression. | Rhino (JavaScript engine). |
V663 | Infinite loop is possible. The 'cin.eof()' condition is insufficient to break from the loop. Consider adding the 'cin.fail()' function call to the conditional expression. | POCO C++ Libraries, OpenMW, Grassroots DICOM library (GDCM), ITK, SETI@home, GNU Octave, NCBI Genome Workbench, ROOT, FreeCAD, OpenVINO. |
V664 | Pointer is dereferenced on the initialization list before its check for null inside the body of a constructor function. | LLVM/Clang, FreeCAD, GZDoom. |
V665 | Possible incorrect use of '#pragma warning(default: X)'. The '#pragma warning(push/pop)' should be used instead. | Newton Game Dynamics, FreeSWITCH, Dolphin Smalltalk 7, OpenToonz, Apache HTTP Server, usrsctp, tiny-dnn, PGM-index, Microsoft PowerToys, Qt Creator, ... |
V666 | Value may not correspond with the length of a string passed with YY argument. Consider inspecting the NNth argument of the 'Foo' function. | ITK, Spring Engine, LibreOffice, OpenJDK, Inkscape, Linux Kernel, FreeBSD Kernel, Bind, Enlightenment, CARLA, ... |
V668 | Possible meaningless check for null, as memory was allocated using 'new' operator. Memory allocation will lead to an exception. | SpeedCrunch, Celestia, TON, Newton Game Dynamics, Minetest, SystemC, RPCS3, MuditaOS, qdEngine, PPSSPP, ... |
V669 | Argument is a non-constant reference. The analyzer is unable to determine the position where this argument is modified. Consider checking the function for an error. | WinMerge, CryEngine 3 SDK, Micro-Manager, CMaNGOS. |
V670 | Uninitialized class member is used to initialize another member. Remember that members are initialized in the order of their declarations inside a class. | Tesseract, .NET CoreCLR, Unreal Engine 4, Appleseed, Mozilla Thunderbird, Rosegarden, NCBI Genome Workbench, LibreOffice, Haiku Operation System, Qt Creator. |
V671 | The 'swap' function may interchange a variable with itself. | Haiku Operation System. |
V672 | It is possible that creating a new variable is unnecessary. One of the function's arguments has the same name and this argument is a reference. | Qalculate!, Haiku Operation System, Command & Conquer. |
V673 | More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits. | .NET CoreCLR. |
V674 | Expression contains a suspicious mix of integer and real types. | Unreal Engine 4, Open X-Ray Engine, ICQ, CMaNGOS, Tizen, EFL Core Libraries, MuseScore, Rosegarden, 0 A.D., Stellarium, ... |
V675 | Writing into read-only memory. | Tizen. |
V676 | Incorrect comparison of BOOL type variable with TRUE. | VirtualDub, Firebird, CryEngine 3 SDK, Apple II emulator, Amazon FreeRTOS. |
V677 | Custom declaration of standard type. Consider using the declaration from system header files instead. | SlimDX, Miranda NG. |
V678 | Object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' function. | Shareaza, Mozilla Thunderbird, ROOT. |
V681 | The language standard does not define order in which 'Foo' functions are called during evaluation of arguments. | Wine Is Not an Emulator, Android. |
V684 | Value of variable is not modified. It is possible that '1' should be present instead of '0'. Consider inspecting the expression. | V8 JavaScript Engine, Chromium. |
V686 | Pattern A || (A && ...) was detected. The expression is excessive or contains a logical error. | Blender, Tor, EFL Core Libraries, Tizen. |
V688 | The 'foo' local variable has the same name as one of class members. This can result in confusion. | Computational Network Toolkit, CryEngine V, NCBI Genome Workbench, VVVVVV. |
V690 | The class implements a copy constructor/operator=, but lacks the operator=/copy constructor. | Bitcoin, Casablanca, OpenJDK, Tizen. |
V691 | Empirical analysis. Possible typo inside the string literal. The 'foo' word is suspicious. | Chromium. |
V692 | Inappropriate attempt to append a null character to a string. To determine the length of a string by 'strlen' function correctly, use a string ending with a null terminator in the first place. | Wine Is Not an Emulator, Linux Kernel, Haiku Operation System, Tizen, ReactOS. |
V693 | It is possible that 'i < X.size()' should be used instead of 'X.size()'. Consider inspecting conditional expression of the loop. | Godot Engine. |
V694 | The condition (ptr - const_value) is only false if the value of a pointer equals a magic constant. | Miranda NG, FreeSWITCH, EFL Core Libraries, Tizen, ICU. |
V695 | Range intersections are possible within conditional expressions. | Linux Kernel, The GTK+ Project, CryEngine V, Scilab, Android. |
V696 | The 'continue' operator will terminate 'do { ... } while (FALSE)' loop because the condition is always false. | Cocos2d-x, Linux Kernel, Haiku Operation System, LLVM/Clang, Tizen, Ardour, Android. |
V698 | Functions of strcmp() kind can return any values, not only -1, 0, or 1. | .NET CoreCLR. |
V700 | It is suspicious that variable is initialized through itself. Consider inspecting the 'T foo = foo = x;' expression. | .NET CoreCLR, Unreal Engine 4, Apple II emulator, Captain Blood. |
V701 | Possible realloc() leak: when realloc() fails to allocate memory, original pointer is lost. Consider assigning realloc() to a temporary pointer. | Tizen, Aspell, Free Lossless Audio Codec, WebRTC, 0 A.D., Qt, Qalculate!, Espressif IoT Development Framework, Blender, PPSSPP, ... |
V702 | Classes should always be derived from std::exception (and alike) as 'public'. | Windows Calculator, Celestia. |
V703 | It is suspicious that the 'foo' field in derived class overwrites field in base class. | ORCT2, DeepSpeech, Ogre3D, x64dbg. |
V704 | The expression is always false on newer compilers. Avoid using 'this == 0' comparison. | Miranda NG, .NET CoreCLR, Serious Engine 1 v.1.10, Inkscape, CMaNGOS, Notepad++. |
V705 | It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics. | K Desktop Environment, Miranda NG, Linux Kernel, FreeBSD Kernel, Valgrind, XNU kernel, Haiku Operation System, Command & Conquer. |
V706 | Suspicious division: sizeof(X) / Value. Size of every element in X array is not equal to divisor. | Haiku Operation System. |
V707 | Giving short names to global variables is considered to be bad practice. | Cfront, Yasm, PMDK. |
V708 | Dangerous construction is used: 'm[x] = m.size()', where 'm' is of 'T' class. This may lead to undefined behavior. | Chromium, LLVM/Clang. |
V709 | Suspicious comparison found: 'a == b == c'. Remember that 'a == b == c' is not equal to 'a == b && b == c'. | Unreal Engine 4, Amazon Lumberyard, Bullet Physics SDK. |
V711 | It is dangerous to create a local variable within a loop with a same name as a variable controlling this loop. | Haiku Operation System, Telegram, Wine Is Not an Emulator, FreeBSD Kernel. |
V712 | Compiler may optimize out this loop or make it infinite. Use volatile variable(s) or synchronization primitives to avoid this. | GINV, eMule Plus, FreeSWITCH, Shareaza, FCEUX, MPC-HC, ReactOS, Open X-Ray Engine, qdEngine, DPDK, ... |
V713 | Pointer was used in the logical expression before its check for nullptr in the same logical expression. | ChakraCore, FreeBSD Kernel, Firebird, CryEngine V, Notepad++, V8 JavaScript Engine, Celestia, Qt, Snort, DPDK, ... |
V714 | Variable is not passed into foreach loop by reference, but its value is changed inside of the loop. | Krita. |
V715 | The 'while' operator has empty body. This pattern is suspicious. | Enlightenment. |
V716 | Suspicious type conversion: HRESULT -> BOOL (BOOL -> HRESULT). | LibreOffice, Wine Is Not an Emulator, Dolphin Smalltalk 7, Command & Conquer, Xenia. |
V718 | The 'Foo' function should not be called from 'DllMain' function. | LibreOffice, Open X-Ray Engine. |
V719 | The switch statement does not cover all values of the enum. | Appleseed, Firebird, Windows Calculator. |
V721 | The VARIANT_BOOL type is used incorrectly. The true value (VARIANT_TRUE) is defined as -1. | MAME. |
V724 | Converting integers or pointers to BOOL can lead to a loss of high-order bits. Non-zero value can become 'FALSE'. | Ruby MRI. |
V726 | Attempt to free memory containing the 'int A[10]' array by using the 'free(A)' function. | CamStudio, Shareaza, DuckStation. |
V728 | Excessive check can be simplified. The '||' operator is surrounded by opposite expressions 'x' and '!x'. | LibreOffice, Windows Calculator, EAStdC, CMake, Heawei Ark Compiler, Overgrowth, VCMI, YTsaurus, PPSSPP, Telegram, ... |
V729 | Function body contains the 'X' label that is not used by any 'goto' statements. | FreeBSD Kernel, CodeLite. |
V730 | Not all members of a class are initialized inside the constructor. | Miranda IM, MuseScore, TDLib, ANGLE, LibrePCB, VVVVVV, DeepSpeech. |
V732 | Unary minus operator does not modify a bool type value. | Miranda IM, Krita, GPCS4. |
V733 | It is possible that macro expansion resulted in incorrect evaluation order. | FreeBSD Kernel, Linux Kernel. |
V734 | Excessive expression. Examine the substrings "abc" and "abcd". | CryEngine V, Linux Kernel. |
V735 | Possibly an incorrect HTML. The "</XX>" closing tag was encountered, while the "</YY>" tag was expected. | Qt. |
V737 | It is possible that ',' comma is missing at the end of the string. | Inkscape. |
V739 | EOF should not be compared with a value of the 'char' type. Consider using the 'int' type. | Computational Network Toolkit, Android, NCBI Genome Workbench, rdesktop. |
V742 | Function receives an address of a 'char' type variable instead of pointer to a buffer. | LFortran. |
V743 | The memory areas must not overlap. Use 'memmove' function. | Stickies. |
V745 | A 'wchar_t *' type string is incorrectly converted to 'BSTR' type string. | Oracle VM Virtual Box. |
V746 | Object slicing. An exception should be caught by reference rather than by value. | Oracle VM Virtual Box, OpenToonz, Open X-Ray Engine, Notepad++, Scilab, Tizen, Rosegarden, Ardour, NCBI Genome Workbench, Xenia. |
V749 | Destructor of the object will be invoked a second time after leaving the object's scope. | 0 A.D.. |
V751 | Parameter is not used inside function's body. | Linux Kernel, Valgrind, Steinberg SDKs, HarfBuzz, System Shock, Godot Engine, Bullet Physics SDK, Overgrowth. |
V756 | The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter. | LibreOffice. |
V757 | It is possible that an incorrect variable is compared with null after type conversion using 'dynamic_cast'. | LibreOffice, Haiku Operation System, MuditaOS. |
V760 | Two identical text blocks were detected. The second block starts with NN string. | CMaNGOS, TensorFlow, Bind, PDFium, Windows Calculator, FreeRDP, iSulad. |
V762 | Consider inspecting virtual function arguments. See NN argument of function 'Foo' in derived class and base class. | Notepad++, MuseScore, Ardour, Command & Conquer, CodeLite, Blender. |
V763 | Parameter is always rewritten in function body before being used. | Inkscape, ReOpenLDAP, Chromium, NCBI Genome Workbench, LibreOffice, Stellarium, Haiku Operation System, GCC, Command & Conquer, MuseScore. |
V764 | Possible incorrect order of arguments passed to function. | Linux Kernel, CMaNGOS, LibreOffice, Espressif IoT Development Framework, GTK, Darwin-XNU. |
V765 | Compound assignment expression 'X += X + N' is suspicious. Consider inspecting it for a possible error. | MuseScore, LibreOffice. |
V766 | An item with the same key has already been added. | Chromium, MuseScore, Android, NCBI Genome Workbench, RPCS3, CodeLite, OpenVINO. |
V767 | Suspicious access to element by a constant index inside a loop. | Skia Graphics Engine, RT-Thread, Godot Engine, ROOT. |
V768 | Variable is of enum type. It is suspicious that it is used as a variable of a Boolean-type. | XNU kernel, RT-Thread, Krita, Android, Qt, Doom 1, ROOT, Command & Conquer, Amnesia: The Dark Descent, OpenVINO, ... |
V769 | The pointer in the expression equals nullptr. The resulting value is meaningless and should not be used. | Hunspell, Android, Qt, FreeRDP, Newton Game Dynamics, CSV Parser, DeepSpeech, Overgrowth, GTK, GZDoom, ... |
V772 | Calling the 'delete' operator for a void pointer will cause undefined behavior. | Haiku Operation System, Command & Conquer, Overgrowth, Qt Creator. |
V773 | Function exited without releasing the pointer/handle. A memory/resource leak is possible. | VCMI, CodeLite, GCC, GTK, Microsoft PowerToys, Qt Creator, qdEngine, DPDK, PPSSPP, Xenia, ... |
V774 | Pointer was used after the memory was released. | Augeas, Bind, ICU, Qalculate!, Haiku Operation System, MuseScore. |
V778 | Two similar code fragments. Perhaps, it is a typo and 'X' variable should be used instead of 'Y'. | EA WebKit, Android, Godot Engine, LibrePCB, GCC, Newton Game Dynamics, Amnesia: The Dark Descent, MuseScore, YTsaurus, GZDoom, ... |
V779 | Unreachable code was detected. It is possible that an error is present. | rdesktop, LLVM/Clang, Doom 1, GTK, DuckStation, FlipperZero, VCMI, Qt Creator, qdEngine, Telegram, ... |
V780 | The object of non-passive (non-PDS) type cannot be used with the function. | Tizen, DeepSpeech, Godot Engine, Xenia. |
V781 | Value of a variable is checked after it is used. Possible error in program's logic. Check lines: N1, N2. | Qemu, GTK, libtorrent, TheXTech, LLVM/Clang, Captain Blood, GZDoom, Godot Engine, DPDK, x64dbg, ... |
V783 | Possible dereference of invalid iterator 'X'. | Rosegarden, 0 A.D., qdEngine. |
V784 | The size of the bit mask is less than the size of the first operand. This will cause the loss of the higher bits. | Perl 5, LLVM/Clang, Qemu, iSulad, DPDK. |
V786 | Assigning the value C to the X variable looks suspicious. The value range of the variable: [A, B]. | Tizen, iSulad. |
V789 | Iterators for the container, used in the range-based for loop, become invalid upon a function call. | ClickHouse, WebRTC. |
V791 | The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead. | Overgrowth. |
V792 | The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead. | Stellarium, Haiku Operation System, TheXTech, Blend2D, GCC. |
V793 | It is suspicious that the result of the statement is a part of the condition. Perhaps, this statement should have been compared with something else. | Android, ORCT2, Darwin-XNU. |
V794 | The assignment operator should be protected from the case of 'this == &src'. | RE2, WebRTC, EA WebKit, TDLib, Android, LibreOffice, SpeedCrunch, CARLA, GPCS4, VCMI, ... |
V796 | A 'break' statement is probably missing in a 'switch' statement. | Chromium, Android, System Shock, Godot Engine, GPCS4, DPDK. |
V797 | The function is used as if it returned a bool type. The return value of the function should probably be compared with std::string::npos. | Qalculate!. |
V799 | Variable is not used after memory is allocated for it. Consider checking the use of this variable. | Krita. |
V1001 | Variable is assigned but not used by the end of the function. | MuseScore, Skia Graphics Engine, XNU kernel, Android, LibreOffice, LLVM/Clang, TON, Zephyr, Universal, Snort, ... |
V1002 | Class that contains pointers, constructor and destructor is copied by the automatically generated operator= or copy constructor. | Ardour, YTsaurus, Dagor Engine. |
V1003 | Macro expression is dangerous or suspicious. | TON, x64dbg, Godot Engine. |
V1004 | Pointer was used unsafely after its check for nullptr. | LLVM/Clang, Amazon FreeRTOS, VVVVVV, ORCT2, PMDK, DeepSpeech, Snort, VCMI, DPDK, Telegram, ... |
V1005 | The resource was acquired using 'X' function but was released using incompatible 'Y' function. | FreeRDP. |
V1007 | Value from the uninitialized optional is used. It may be an error. | YTsaurus. |
V1008 | No more than one iteration of the loop will be performed. Consider inspecting the 'for' operator. | LibreOffice. |
V1009 | Check the array initialization. Only the first element is initialized explicitly. | EAStdC, MuseScore. |
V1010 | Unchecked tainted data is used in expression. | ReactOS. |
V1013 | Suspicious subexpression in a sequence of similar comparisons. | LibreOffice. |
V1020 | Function exited without performing epilogue actions. It is possible that there is an error. | Zephyr, iSulad, DPDK. |
V1022 | Exception was thrown by pointer. Consider throwing it by value instead. | LibrePCB, Haiku Operation System, FaCT++, Qt Creator. |
V1023 | A pointer without owner is added to the container by the 'emplace_back' method. A memory leak will occur in case of an exception. | LLVM/Clang, Dlib, iutest, Protocol Buffers, VCMI, YTsaurus. |
V1028 | Possible overflow. Consider casting operands, not the result. | FreeRDP, LLVM/Clang, PMDK, Qt, Snort, Darwin-XNU, libtorrent, Protocol Buffers, Dagor Engine. |
V1032 | Pointer is cast to a more strictly aligned pointer type. | FreeCAD, qdEngine. |
V1036 | Potentially unsafe double-checked locking. | Blender. |
V1037 | Two or more case-branches perform the same actions. | TON. |
V1040 | Possible typo in the spelling of a pre-defined macro name. | libuv, SimpleIni. |
V1043 | A global object variable is declared in the header. Multiple copies of it will be created in all translation units that include this header file. | GZDoom, LLVM/Clang. |
V1044 | Loop break conditions do not depend on the number of iterations. | Mozilla Thunderbird, Blend2D, Godot Engine, Telegram. |
V1046 | Unsafe usage of the 'bool' and integer types together in the operation '&='. | ROOT, Qemu. |
V1048 | Variable 'foo' was assigned the same value. | ORCT2, Qt, libtorrent, Ogre3D, GPCS4, x64dbg. |
V1051 | It is possible that an assigned variable should be checked in the next condition. Consider checking for typos. | FreeCAD, Dagor Engine, Xenia. |
V1053 | Calling the 'foo' virtual function in the constructor/destructor may lead to unexpected result at runtime. | qdEngine, Xenia. |
V1061 | Extending 'std' or 'posix' namespace may result in undefined behavior. | DeepSpeech, RPCS3, CARLA, YTsaurus. |
V1062 | Class defines a custom new or delete operator. The opposite operator must also be defined. | DeepSpeech. |
V1063 | The modulo by 1 operation is meaningless. The result will always be zero. | LLVM/Clang, Qt, MuseScore, GZDoom, Xenia. |
V1064 | The left operand of integer division is less than the right one. The result will always be zero. | Ogre3D, RPCS3, Xenia. |
V1065 | Expression can be simplified: check similar operands. | DuckStation, Ogre3D, Captain Blood. |
V1068 | Do not define an unnamed namespace in a header file. | iSulad. |
V1075 | The function expects the file to be opened in one mode, but it was opened in different mode. | Captain Blood. |
V1076 | Code contains invisible characters that may alter its logic. Consider enabling the display of invisible characters in the code editor. | Godot Engine. |
V1083 | Signed integer overflow in arithmetic expression. This leads to undefined behavior. | Godot Engine. |
V1086 | Call of the 'Foo' function will lead to buffer underflow. | Haiku Operation System, Unreal Engine 4, CodeLite, FreeBSD Kernel, CryEngine V, Tizen, Ardour, WebRTC, Command & Conquer, Microsoft PowerToys, ... |
V1089 | Waiting on condition variable without predicate. A thread can wait indefinitely or experience a spurious wake-up. | GZDoom. |
V1094 | Conditional escape sequence in literal. Its representation is implementation-defined. | GTK. |
V1109 | Function is deprecated. Consider switching to an equivalent newer function. | x64dbg. |
V3001 | There are identical sub-expressions to the left and to the right of the 'foo' operator. | AvalonStudio, Akka.NET, .NET 7, BTCPay Server, MassTransit, Entity Framework Core, .NET 8, DiIiS, WolvenKit, ScreenToGif, ... |
V3002 | The switch statement does not cover all values of the enum. | SharpDevelop, Microsoft Code Contracts, Orchard CMS, QuantConnect Lean. |
V3003 | The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence. | Old NASA World Wind (C#), Mono, Media Portal 2, PascalABC.NET, SubtitleEdit, Infer.NET, .NET Core Libraries (CoreFX), Azure PowerShell, Ryujinx, LINQ to DB, ... |
V3004 | The 'then' statement is equivalent to the 'else' statement. | AvaloniaUI, Emby, RunUO, Nethermind, QuantConnect Lean, ONLYOFFICE Community Server, DotNetNuke, Barotrauma, Orleans, AvalonStudio, ... |
V3005 | The 'x' variable is assigned to itself. | Chocolatey, QuantConnect Lean, DotNetNuke, Barotrauma, AvalonStudio, Discord.NET, GrandNode, nopCommerce, TowerDefense-GameFramework-Demo, Unity C# reference source code, ... |
V3006 | The object was created but it is not being used. The 'throw' keyword could be missing. | Unity3D, Azure PowerShell. |
V3008 | The 'x' variable is assigned values twice successively. Perhaps this is a mistake. | MonoGame, Eto.Forms, Bitwarden, MudBlazor, BTCPay Server, Entity Framework Core, SanAndreasUnity, .NET 8, nopCommerce, WolvenKit, ... |
V3009 | It's odd that this method always returns one and the same value of NN. | AWS SDK for .NET, .NET Core Libraries (CoreFX), AvaloniaUI, osu!, Open XML SDK, ONLYOFFICE Community Server, Ryujinx, Eto.Forms, Barotrauma, .NET 7, ... |
V3010 | The return value of function 'Foo' is required to be utilized. | LINQ to DB, DotNetNuke, BTCPay Server, Eto.Forms, Barotrauma, Akka.NET, Discord.NET, MudBlazor, nopCommerce, DiIiS, ... |
V3011 | Two opposite conditions were encountered. The second condition is always false. | MSBuild. |
V3012 | The '?:' operator, regardless of its conditional expression, always returns one and the same value. | MonoDevelop, IronPython and IronRuby, .NET Compiler Platform ("Roslyn"), Mono, RunUO, Garnet. |
V3013 | It is odd that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function. | Flax Engine, IronPython and IronRuby, .NET Compiler Platform ("Roslyn"), Samples by the Infragistics Company, FlashDevelop, Telerik UI for UWP, Emby, Ryujinx, PeachPie, AWS SDK for .NET. |
V3014 | It is likely that a wrong variable is being incremented inside the 'for' operator. Consider reviewing 'X'. | Microsoft Code Contracts, .NET Core Libraries (CoreFX), Entity Framework. |
V3015 | It is likely that a wrong variable is being compared inside the 'for' operator. Consider reviewing 'X'. | Accord.Net, Mono, Entity Framework. |
V3017 | A pattern was detected: A || (A && ...). The expression is excessive or contains a logical error. | RunUO. |
V3018 | Consider inspecting the application's logic. It's possible that 'else' keyword is missing. | PascalABC.NET. |
V3019 | It is possible that an incorrect variable is compared with null after type conversion using 'as' keyword. | Mono, Microsoft Bot Builder, PowerShell, Media Portal 2, PascalABC.NET, Logify Alert Clients, Unity C# reference source code, Telerik UI for UWP, QuantConnect Lean, AWS SDK for .NET, ... |
V3020 | An unconditional 'break/continue/return/goto' within a loop. | Mono, Media Portal 2, Unity C# reference source code, Infer.NET, FastReport, Telerik UI for UWP, LINQ to DB, Orleans, SanAndreasUnity, nopCommerce, ... |
V3021 | There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless. | Unity C# reference source code, .NET Core Libraries (CoreFX), OpenCvSharp, Emby, Nethermind, ONLYOFFICE Community Server, Umbraco, .NET 6 libraries, Barotrauma, GrandNode, ... |
V3022 | Expression is always true/false. | Entity Framework Core, Microsoft PowerToys, Power-Fx, .NET 8, nopCommerce, DiIiS, Garnet, WolvenKit, Starlight, ScreenToGif, ... |
V3023 | Consider inspecting this expression. The expression is excessive or contains a misprint. | SharpDevelop, MonoDevelop, IronPython and IronRuby, .NET Compiler Platform ("Roslyn"), Sony ATF, Xenko, Azure PowerShell. |
V3024 | An odd precise comparison. Consider using a comparison with defined precision: Math.Abs(A - B) < Epsilon or Math.Abs(A - B) > Epsilon. | IronPython and IronRuby. |
V3025 | Incorrect format. Consider checking the N format items of the 'Foo' function. | Unity C# reference source code, AWS SDK for .NET, Azure PowerShell, ILSpy, PeachPie, LINQ to DB, DotNetNuke, Barotrauma, .NET 8, TowerDefense-GameFramework-Demo, ... |
V3027 | The variable was utilized in the logical expression before it was verified against null in the same logical expression. | IronPython and IronRuby, .NET Compiler Platform ("Roslyn"), Space Engineers, Mono, PowerShell, Orchard CMS, Umbraco, PascalABC.NET, Cloudscribe, Barotrauma, ... |
V3028 | Consider inspecting the 'for' operator. Initial and final values of the iterator are the same. | Space Engineers, Media Portal 2. |
V3029 | The conditional expressions of the 'if' statements situated alongside each other are identical. | .NET Compiler Platform ("Roslyn"), Samples by the Infragistics Company, AWS SDK for .NET, Emby, Squidex, Unity C# reference source code, BTCPay Server, ScreenToGif. |
V3030 | Recurring check. This condition was already verified in previous line. | SharpDevelop, Microsoft Code Contracts, .NET Core Libraries (CoreFX), IronPython and IronRuby, PascalABC.NET, Telerik UI for UWP, Nethermind, ONLYOFFICE Community Server, Ryujinx, DotNetNuke. |
V3031 | An excessive check can be simplified. The operator '||' operator is surrounded by opposite expressions 'x' and '!x'. | SharpDevelop, Xamarin.Forms, FlashDevelop, Mono, Orchard CMS, Telerik UI for UWP, RunUO. |
V3032 | Waiting on this expression is unreliable, as compiler may optimize some of the variables. Use volatile variable(s) or synchronization primitives to avoid this. | Flax Engine, IronPython and IronRuby, Xenko, PascalABC.NET. |
V3033 | It is possible that this 'else' branch must apply to the previous 'if' statement. | Old NASA World Wind (C#), Mono, PascalABC.NET. |
V3035 | Consider inspecting the expression. Probably the '+=' should be used here. | Lucene.Net. |
V3037 | An odd sequence of assignments of this kind: A = B; B = A; | Accord.Net, Old NASA World Wind (C#). |
V3038 | The argument was passed to method several times. It is possible that another argument should be passed instead. | SharpDevelop, Xamarin.Forms, PascalABC.NET, OpenCvSharp, ONLYOFFICE Community Server, ILSpy, .NET 8, Starlight. |
V3040 | The expression contains a suspicious mix of integer and real types. | QuantConnect Lean. |
V3041 | The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid the loss of a fractional part. | Sony ATF, Xenko, Accord.Net, MSBuild, Infer.NET, ShareX, Emby, RunUO, MonoGame. |
V3042 | Possible NullReferenceException. The '?.' and '.' operators are used for accessing members of the same object. | Xamarin.Forms, .NET Core Libraries (CoreFX), Azure PowerShell, osu!, Ryujinx, LINQ to DB, DotNetNuke, Unity C# reference source code, Power-Fx, WolvenKit. |
V3043 | The code's operational logic does not correspond with its formatting. | Sony ATF, Mono, PascalABC.NET, RunUO. |
V3045 | WPF: the names of the property registered for DependencyProperty, and of the property used to access it, do not correspond with each other. | Samples by the Infragistics Company, WPF samples by Microsoft. |
V3046 | WPF: the type registered for DependencyProperty does not correspond with the type of the property used to access it. | Samples by the Infragistics Company, Xenko. |
V3050 | Possibly an incorrect HTML. The </XX> closing tag was encountered, while the </YY> tag was expected. | Emby. |
V3051 | An excessive type cast or check. The object is already of the same type. | Xamarin.Forms, Old NASA World Wind (C#), Mono, .NET Core Libraries (CoreFX), Emby, RunUO. |
V3052 | The original exception object was swallowed. Stack of original exception could be lost. | Xamarin.Forms, FlashDevelop, SharpDevelop, PascalABC.NET, ONLYOFFICE Community Server. |
V3053 | An excessive expression. Examine the substrings "abc" and "abcd". | GitExtensions, Orchard CMS, SharpDevelop, PascalABC.NET, Unity C# reference source code, Azure SDK for .NET. |
V3054 | Potentially unsafe double-checked locking. Use volatile variable(s) or synchronization primitives to avoid this. | RunUO. |
V3056 | Consider reviewing the correctness of 'X' item's usage. | FlashDevelop, Umbraco. |
V3057 | Function receives an odd argument. | Unity3D, MSBuild, Orchard CMS, Umbraco, QuantConnect Lean, DotNetNuke. |
V3061 | Parameter 'A' is always rewritten in method body before being used. | MSBuild, Mono, .NET Core Libraries (CoreFX), Telerik UI for UWP, RavenDB, QuantConnect Lean, Ryujinx, PeachPie, Unity C# reference source code, BTCPay Server, ... |
V3062 | An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' method. | Accord.Net, AWS SDK for .NET, .NET 7, nopCommerce. |
V3063 | A part of conditional expression is always true/false if it is evaluated. | RunUO, RavenDB, OpenRA, EFCore, Ryujinx, PeachPie, LINQ to DB, Bitwarden, Entity Framework Core, WolvenKit, ... |
V3064 | Division or mod division by zero. | Accord.Net, Umbraco, SharpDevelop, Unity C# reference source code, Ryujinx. |
V3065 | Parameter is not utilized inside method's body. | Xenko, Old NASA World Wind (C#). |
V3066 | Possible incorrect order of arguments passed to method. | osu!, RunUO, RavenDB, DotNetNuke, Umbraco, .NET 6 libraries, Discord.NET, .NET 7, Ryujinx, ScreenToGif, ... |
V3067 | It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics. | RunUO. |
V3068 | Calling overrideable class member from constructor is dangerous. | nopCommerce. |
V3070 | Uninitialized variables are used when initializing the 'A' variable. | Mono, PascalABC.NET, RunUO, ILSpy, AvalonStudio, AWS SDK for .NET. |
V3075 | The operation is executed 2 or more times in succession. | QuantConnect Lean. |
V3076 | Comparison with 'double.NaN' is meaningless. Use 'double.IsNaN()' method instead. | Old NASA World Wind (C#), Unity C# reference source code. |
V3077 | Property setter / event accessor does not utilize its 'value' parameter. | Azure PowerShell, DotNetNuke. |
V3078 | Sorting keys priority will be reversed relative to the order of 'OrderBy' method calls. Perhaps, 'ThenBy' should be used instead. | SharpDevelop, Telerik UI for UWP, Ryujinx, GrandNode, IL2CPU, TowerDefense-GameFramework-Demo. |
V3079 | The 'ThreadStatic' attribute is applied to a non-static 'A' field and will be ignored. | .NET 6 libraries. |
V3080 | Possible null dereference. | Orchard Core, Eto.Forms, Discord.NET, OrchardCore, GrandNode, protobuf-net, Microsoft PowerToys, TowerDefense-GameFramework-Demo, Garnet, WolvenKit, ... |
V3081 | The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter. | Entity Framework, Infer.NET. |
V3083 | Unsafe invocation of event, NullReferenceException is possible. Consider assigning event to a local variable before invoking it. | AWS SDK for .NET, ShareX, Telerik UI for UWP, Azure SDK for .NET, osu!, Emby, RunUO, ILSpy, MonoGame, Eto.Forms, ... |
V3085 | The name of 'X' field/property in a nested type is ambiguous. The outer type contains static field/property with identical name. | Emby, RunUO. |
V3087 | Type of variable enumerated in 'foreach' is not guaranteed to be castable to the type of collection's elements. | FlashDevelop. |
V3088 | The expression was enclosed by parentheses twice: ((expression)). One pair of parentheses is unnecessary or misprint is present. | .NET Core Libraries (CoreFX). |
V3089 | Initializer of a field marked by [ThreadStatic] attribute will be called once on the first accessing thread. The field will have default value on different threads. | Mono. |
V3090 | Unsafe locking on an object. | Old NASA World Wind (C#), Mono, Logify Alert Clients, Emby. |
V3091 | Empirical analysis. It is possible that a typo is present inside the string literal. The 'foo' word is suspicious. | Azure PowerShell, WolvenKit. |
V3092 | Range intersections are possible within conditional expressions. | Mono, RunUO. |
V3093 | The operator evaluates both operands. Perhaps a short-circuit operator should be used instead. | Accord.Net, Old NASA World Wind (C#), NUnit, Azure PowerShell, Chocolatey, Open XML SDK. |
V3095 | The object was used before it was verified against null. Check lines: N1, N2. | .NET 7, BTCPay Server, Microsoft PowerToys, SanAndreasUnity, Power-Fx, .NET 8, nopCommerce, TowerDefense-GameFramework-Demo, DiIiS, WolvenKit, ... |
V3097 | Possible exception: type marked by [Serializable] contains non-serializable members not marked by [NonSerialized]. | Accord.Net, Open XML SDK. |
V3102 | Suspicious access to element by a constant index inside a loop. | Accord.Net, Mono, SharpDevelop, .NET Core Libraries (CoreFX), Telerik UI for UWP, PascalABC.NET, Orleans, .NET 8. |
V3105 | The 'a' variable was used after it was assigned through null-conditional operator. NullReferenceException is possible. | Eto.Forms, Bitwarden, AvalonStudio, OrchardCore, .NET MAUI, Microsoft PowerToys, nopCommerce, Garnet, WolvenKit, ScreenToGif, ... |
V3106 | Possibly index is out of bound. | FastReport, .NET Core Libraries (CoreFX), AvaloniaUI, Nethermind, EFCore, Umbraco, MonoGame, Barotrauma, MassTransit, Starlight, ... |
V3107 | Identical expression to the left and to the right of compound assignment. | Barotrauma. |
V3108 | It is not recommended to return null or throw exceptions from 'ToString()' method. | Orchard CMS, FastReport, .NET Core Libraries (CoreFX), ShareX, BTCPay Server. |
V3110 | Possible infinite recursion. | Orchard CMS, Umbraco, PascalABC.NET, FastReport, AWS SDK for .NET, .NET Core Libraries (CoreFX). |
V3112 | An abnormality within similar comparisons. It is possible that a typo is present inside the expression. | Mono, Azure SDK for .NET. |
V3114 | IDisposable object is not disposed before method returns. | AWS SDK for .NET. |
V3115 | It is not recommended to throw exceptions from 'Equals(object obj)' method. | GitExtensions, Media Portal 2, PascalABC.NET, Unity C# reference source code, .NET Core Libraries (CoreFX), ONLYOFFICE Community Server, .NET 6 libraries, MudBlazor. |
V3116 | Consider inspecting the 'for' operator. It's possible that the loop will be executed incorrectly or won't be executed at all. | Orleans. |
V3117 | Constructor parameter is not used. | PowerShell, Infer.NET, FastReport, .NET Core Libraries (CoreFX), AvaloniaUI, Ryujinx, .NET 6 libraries, Discord.NET, MassTransit. |
V3118 | A component of TimeSpan is used, which does not represent full time interval. Possibly 'Total*' value was intended instead. | Orchard CMS, Media Portal 2, MSBuild, ONLYOFFICE Community Server. |
V3119 | Calling a virtual (overridden) event may lead to unpredictable behavior. Consider implementing event accessors explicitly or use 'sealed' keyword. | osu!. |
V3121 | An enumeration was declared with 'Flags' attribute, but does not set any initializers to override default values. | Azure SDK for .NET. |
V3122 | Uppercase (lowercase) string is compared with a different lowercase (uppercase) string. | DotNetNuke. |
V3123 | Perhaps the '??' operator works in a different way than it was expected. Its priority is lower than priority of other operators in its left part. | Telerik UI for UWP, osu!, Chocolatey, Nethermind, RavenDB, Bitwarden, Akka.NET, DiIiS. |
V3125 | The object was used after it was verified against null. Check lines: N1, N2. | Bitwarden, Orleans, AvalonStudio, Discord.NET, .NET MAUI, BTCPay Server, .NET 8, nopCommerce, TowerDefense-GameFramework-Demo, Garnet, ... |
V3127 | Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'. | OpenRA, PeachPie, DotNetNuke, Piranha, Orchard Core, Discord.NET, GrandNode, Garnet, Starlight, ScreenToGif, ... |
V3128 | The field (property) is used before it is initialized in constructor. | SharpDevelop, PascalABC.NET, .NET Core Libraries (CoreFX), OpenRA, Orleans. |
V3130 | Priority of the '&&' operator is higher than that of the '||' operator. Possible missing parentheses. | Media Portal 2, WolvenKit. |
V3131 | The expression is checked for compatibility with the type 'A', but is casted to the 'B' type. | RunUO. |
V3134 | Shift by N bits is greater than the size of type. | Orleans, Discord.NET, Microsoft PowerToys, WolvenKit. |
V3136 | Constant expression in switch statement. | Unity C# reference source code. |
V3137 | The variable is assigned but is not used by the end of the function. | Roslyn Analyzers, Azure PowerShell, Telerik UI for UWP, LINQ to DB, Umbraco, MonoGame, Unity C# reference source code, AWS SDK for .NET, Power-Fx, Starlight. |
V3138 | String literal contains potential interpolated expression. | .NET Core Libraries (CoreFX), Ryujinx, .NET 6 libraries, Unity C# reference source code, Orleans, AWS SDK for .NET. |
V3139 | Two or more case-branches perform the same actions. | Roslyn Analyzers, Orchard CMS, Open XML SDK, QuantConnect Lean, ILSpy, Ryujinx, PeachPie, DotNetNuke, Eto.Forms, ScreenToGif, ... |
V3140 | Property accessors use different backing fields. | RunUO, Eto.Forms. |
V3142 | Unreachable code detected. It is possible that an error is present. | osu!, Emby, MassTransit. |
V3143 | The 'value' parameter is rewritten inside a property setter, and is not used after that. | Azure PowerShell. |
V3145 | Unsafe dereference of a WeakReference target. The object could have been garbage collected before the 'Target' property was accessed. | Telerik UI for UWP, Unity C# reference source code. |
V3146 | Possible null dereference. A method can return default null value. | osu!, RavenDB, OpenRA, ONLYOFFICE Community Server, ILSpy, PascalABC.NET, MonoGame, Eto.Forms, Discord.NET, OrchardCore, ... |
V3148 | Casting potential 'null' value to a value type can lead to NullReferenceException. | RunUO. |
V3153 | Dereferencing the result of null-conditional access operator can lead to NullReferenceException. | MSBuild, Nethermind, .NET Compiler Platform ("Roslyn"), Barotrauma, Orleans, AvalonStudio, Garnet. |
V3156 | The argument of the method is not expected to be null. | MonoGame, Cloudscribe, TowerDefense-GameFramework-Demo. |
V3157 | Suspicious division. Absolute value of the left operand is less than the right operand. | .NET 7, Garnet. |
V3159 | Modified value of the operand is not used after the increment/decrement operation. | Bitwarden, DiIiS. |
V3168 | Awaiting on expression with potential null value can lead to throwing of 'NullReferenceException'. | BTCPay Server. |
V3177 | Logical literal belongs to second operator with a higher priority. It is possible literal was intended to belong to '??' operator instead. | MudBlazor. |
V3180 | The 'HasFlag' method always returns 'true' because the value '0' is passed as its argument. | RavenDB. |
V3181 | The result of '&' operator is '0' because one of the operands is '0'. | .NET 8. |
V3182 | The result of '&' operator is always '0'. | Ryujinx. |
V3197 | The compared value inside the 'Object.Equals' override is converted to a different type that does not contain the override. | Unity C# reference source code. |
V5609 | OWASP. Possible path traversal vulnerability. Potentially tainted data is used as a path. | Power-Fx. |
V5611 | OWASP. Potential insecure deserialization vulnerability. Potentially tainted data is used to create an object using deserialization. | Power-Fx. |
V5626 | OWASP. Possible ReDoS vulnerability. Potentially tainted data is processed by regular expression that contains an unsafe pattern. | ScreenToGif. |
V6001 | There are identical sub-expressions to the left and to the right of the 'foo' operator. | IntelliJ IDEA Community Edition, Elasticsearch, Apache Hadoop, Ghidra, Bouncy Castle, Apache Flink, ELKI, Rhino, NetBeans 21, Apache Kafka. |
V6002 | The switch statement does not cover all values of the enum. | CUBA Platform. |
V6003 | The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence. | Elasticsearch, XMage, Bouncy Castle, GeoGebra, GeoServer. |
V6004 | The 'then' statement is equivalent to the 'else' statement. | SonarQube, XMage, WildFly, Bouncy Castle, NGB, IntelliJ IDEA Community Edition, GeoServer. |
V6005 | The 'x' variable is assigned to itself. | Huawei Cloud. |
V6006 | The object was created but it is not being used. The 'throw' keyword could be missing. | Elasticsearch, Ghidra, Apache Solr. |
V6007 | Expression is always true/false. | Apache Dubbo, Huawei Cloud, Apache Hadoop, Ghidra, XMage, WildFly, Apache Flink, Rhino, NetBeans 21, GeoServer, ... |
V6008 | Potential null dereference. | Apache Hive, Huawei Cloud, Ghidra, XMage, WildFly, Rhino, NetBeans 21, Keycloak, Apache Solr, Apache Kafka, ... |
V6009 | Function receives an odd argument. | Elasticsearch, CUBA Platform, Apache Hive, Apache Dubbo, Huawei Cloud, ELKI, NGB, NetBeans 21. |
V6010 | The return value of function 'Foo' is required to be utilized. | Huawei Cloud, NGB, IntelliJ IDEA Community Edition, jMonkeyEngine, GeoServer. |
V6011 | The expression contains a suspicious mix of integer and real types. | IntelliJ IDEA Community Edition. |
V6012 | The '?:' operator, regardless of its conditional expression, always returns one and the same value. | XMage, ELKI. |
V6013 | Comparison of arrays, strings, collections by reference. Possibly an equality comparison was intended. | Elasticsearch, jBullet, Keycloak, Apache Solr. |
V6014 | It's odd that this method always returns one and the same value of NN. | CUBA Platform, Bouncy Castle. |
V6016 | Suspicious access to element by a constant index inside a loop. | Bouncy Castle, Apache Dubbo, Apache Solr. |
V6019 | Unreachable code detected. It is possible that an error is present. | CUBA Platform, Apache Dubbo, Apache Hadoop, Ghidra, WildFly, Bouncy Castle, ELKI, Rhino, IntelliJ IDEA Community Edition. |
V6020 | Division or mod division by zero. | Apache Hive, ELKI. |
V6021 | The value is assigned to the 'x' variable but is not used. | SpotBugs, CUBA Platform, Huawei Cloud, Rhino. |
V6022 | Parameter is not used inside method's body. | CUBA Platform, Huawei Cloud, WildFly, ELKI, GeoServer. |
V6023 | Parameter 'A' is always rewritten in method body before being used. | CUBA Platform. |
V6025 | Possibly index is out of bound. | Elasticsearch, Bouncy Castle, ELKI, Rhino, jMonkeyEngine, GeoGebra. |
V6026 | This value is already assigned to the 'b' variable. | CUBA Platform, XMage, jMonkeyEngine, jBullet. |
V6027 | Variables are initialized through the call to the same function. It's probably an error or un-optimized code. | Apache Hadoop, GeoServer. |
V6028 | Identical expression to the left and to the right of compound assignment. | Rhino. |
V6029 | Possible incorrect order of arguments passed to method. | Apache Flink, NGB. |
V6030 | The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead. | Apache Hive, DBeaver. |
V6032 | It is odd that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function. | SonarQube, CUBA Platform, Huawei Cloud, Apache Flink, Rhino, NetBeans 21, Apache Solr. |
V6033 | An item with the same key has already been added. | SonarJava, Bouncy Castle, Apache Hadoop, Ghidra, WildFly, GeoGebra. |
V6034 | Shift by N bits is inconsistent with the size of type. | Apache Hive. |
V6036 | The value from the uninitialized optional is used. | XMage. |
V6037 | An unconditional 'break/continue/return/goto' within a loop. | CUBA Platform. |
V6039 | There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless. | Elasticsearch, jMonkeyEngine. |
V6042 | The expression is checked for compatibility with type 'A', but is cast to type 'B'. | Apache Hive, XMage. |
V6043 | Consider inspecting the 'for' operator. Initial and final values of the iterator are the same. | Apache Hadoop. |
V6045 | Suspicious subexpression in a sequence of similar comparisons. | GeoGebra. |
V6046 | Incorrect format. Consider checking the N format items of the 'Foo' function. | Apache Hive, Apache Hadoop, WildFly, Apache Flink, Keycloak. |
V6048 | This expression can be simplified. One of the operands in the operation equals NN. Probably it is a mistake. | Ghidra, Apache Flink, Rhino. |
V6050 | Class initialization cycle is present. | Huawei Cloud. |
V6051 | Use of jump statements in 'finally' block can lead to the loss of unhandled exceptions. | Apache Hive. |
V6052 | Calling an overridden method in parent-class constructor may lead to use of uninitialized data. | DBeaver. |
V6053 | Collection is modified while iteration is in progress. ConcurrentModificationException may occur. | Ghidra. |
V6054 | Classes should not be compared by their name. | Apache Solr. |
V6058 | Comparing objects of incompatible types. | Elasticsearch, WildFly. |
V6060 | The reference was used before it was verified against null. | Elasticsearch, CUBA Platform, Huawei Cloud, XMage, WildFly, NetBeans 21, Keycloak, Apache Solr, GeoServer, Apache Kafka, ... |
V6062 | Possible infinite recursion. | CUBA Platform, ELKI, NetBeans 21. |
V6066 | Passing objects of incompatible types to the method of collection. | Apache Flink, NGB, Apache Kafka. |
V6067 | Two or more case-branches perform the same actions. | Apache Dubbo, Apache Hadoop, GeoGebra. |
V6072 | Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'. | Apache Hadoop, XMage, GeoServer. |
V6073 | It is not recommended to return null or throw exceptions from 'toString' / 'clone' methods. | Apache Solr. |
V6074 | Non-atomic modification of volatile variable. | Apache Flink, DBeaver. |
V6079 | Value of variable is checked after use. Potential logical error is present. Check lines: N1, N2. | ELKI. |
V6080 | Consider checking for misprints. It's possible that an assigned variable should be checked in the next condition. | NetBeans 21, GeoServer. |
V6082 | Unsafe double-checked locking. | WildFly, DBeaver, Keycloak. |
V6086 | Suspicious code formatting. 'else' keyword is probably missing. | XMage, GeoGebra. |
V6090 | Field 'A' is being used before it was initialized. | Apache Solr. |
V6091 | Suspicious getter/setter implementation. The 'A' field should probably be returned/assigned instead. | jBullet, Apache Solr. |
V6094 | The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid the loss of a fractional part. | ELKI, IntelliJ IDEA Community Edition. |
V6100 | An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' method. | Rhino. |
V6102 | Inconsistent synchronization of a field. Consider synchronizing the field on all usages. | Apache Solr, Apache Kafka. |
V6107 | The constant NN is being utilized. The resulting value could be inaccurate. Consider using the KK constant. | GeoGebra. |
V6113 | Suspicious division. Absolute value of the left operand is less than the value of the right operand. | Apache Solr. |