Ошибки, обнаруженные в Open Source проектах разработчиками PVS-Studio с помощью статического анализа
Мы регулярно проверяем различные open-source проекты с помощью PVS-Studio. Результаты проверки мы отправляем разработчикам и, как правило, описываем в статье. Помимо этого, мы пополняем базу примеров ошибок. Именно она и представлена ниже на этой странице.
Ошибки разделены по номеру диагностического сообщения, с помощью которого они были найдены. В правом столбце приводится ссылка на соответствующие примеры ошибок.
Мы специально не стали делать возможность посмотреть все ошибки, найденные в конкретном проекте. Это даст неправильное впечатление о количестве ошибок в проекте и возможностях анализатора. Анализатор быстро развивается. Если он нашёл 10 ошибок в проекте год назад, вовсе не означает, что он найдет столько же ошибок и сейчас. Сравните для примера отчеты о проверке ReactOS: первый отчет, второй отчет (прошло полтора года).
Вы можете предложить нам для проверки другие open-source проекты. Типы проектов, которые умеет проверять PVS-Studio, приведены в описании инструмента.
Эта база может послужить уникальным материалом для размышлений о разработке стандартов кодирования, написания статей о правилах программирования и помочь в других исследованиях связанных с повышением надежности программного обеспечения. Желаем интересных исследований.
| Код ошибки | Название ошибки | Список проектов |
| V501 | Identical sub-expressions to the left and to the right of 'foo' operator. | Captain Blood, VCMI, CodeLite, Microsoft PowerToys, YTsaurus, Qt Creator, qdEngine, OpenVINO, DPDK, Telegram, ... |
| V502 | The '?:' operator may not work as expected. The '?:' operator has a lower priority than the 'foo' operator. | OpenJDK, CryEngine V, GCC, Linux Kernel, Scilab, Amazon Lumberyard, Perl 5, NCBI Genome Workbench, LLVM/Clang, Heawei Ark Compiler, ... |
| V503 | Nonsensical comparison: pointer < 0. | OGDF, Asterisk, .NET CoreCLR, Haiku Operation System, GINV, FreeBSD Kernel, OpenToonz, Far2l, Tizen, LLVM/Clang, ... |
| V504 | Semicolon ';' is probably missing after the 'return' keyword. | Inkscape, Kodi, LLVM/Clang. |
| V505 | The 'alloca' function is used inside the loop. This can quickly overflow stack. | Crystal Space 3D SDK, Multi-threaded Dynamic Queue, Pixie, DeSmuME, Synergy, Tizen, EFL Core Libraries. |
| V506 | Pointer to local variable 'X' is stored outside the scope of this variable. Such a pointer will become invalid. | WinSCP, Miranda NG, Unreal Engine 4, PHP:Hypertext Preprocessor, RT-Thread, Haiku Operation System, MuseScore, Ogre3D. |
| V507 | Pointer to local array 'X' is stored outside the scope of this array. Such a pointer will become invalid. | Scilab, Miranda NG, MAME, GNU Octave, Inkscape, GCC, Tizen, Android, Doom 1, Command & Conquer, ... |
| V509 | Exceptions raised inside noexcept functions must be wrapped in a try..catch block. | Geant4 software, Protocol Buffers, Source Engine SDK, Data Distribution Service, FlightGear, TortoiseGit, WebRTC, LibreOffice, 7-Zip, MuditaOS, ... |
| V510 | The 'Foo' function receives class-type variable as Nth actual argument. This is unexpected behavior. | Wild Magic 5, Scilab, Unreal Engine 4, Chromium, Apple II emulator, Telegram, Computational Network Toolkit, CryEngine V, libusbx, qdEngine, ... |
| V511 | The sizeof() operator returns pointer size instead of array size. | Shareaza, Wolfenstein 3D, Chromium, MySQL, Intel AMT SDK, ReactOS, Samba, Source Engine SDK, Oracle VM Virtual Box. |
| V512 | Call of the 'Foo' function will lead to buffer overflow. | FreeBSD Kernel, Stickies, Tizen, EFL Core Libraries, XNU kernel, rdesktop, VVVVVV, Zephyr, Command & Conquer, GPCS4, ... |
| V513 | Use _beginthreadex/_endthreadex functions instead of CreateThread/ExitThread functions. | Multi Theft Auto, Trans-Proteomic Pipeline, SeqAn, Snes9x, PostgreSQL Database Management System, Source Engine SDK, Tesseract. |
| V514 | Potential logical error. Size of a pointer is divided by another value. | Miranda IM, ReactOS, Notepad++, OpenMS, OpenCOLLADA, Scilab, Miranda NG. |
| V516 | Non-null function pointer is compared to null. Consider inspecting the expression. | Audacity, Micro-Manager. |
| V517 | Potential logical error. The 'if (A) {...} else if (A) {...}' pattern was detected. | Haiku Operation System, Bullet Physics SDK, ROOT, Qemu, TheXTech, MuditaOS, GPCS4, Microsoft PowerToys, OpenVINO, DPDK, ... |
| V518 | The 'malloc' function allocates suspicious amount of memory calculated by 'strlen(expr)'. Perhaps the correct expression is strlen(expr) + 1. | FCEUX. |
| V519 | The 'x' variable is assigned values twice successively. Perhaps this is a mistake. | Darwin-XNU, Storm Engine, LFortran, libtorrent, RPCS3, GPCS4, VCMI, GZDoom, iSulad, DPDK, ... |
| V520 | Comma operator ',' in array index expression. | G3D Content Pak. |
| V521 | Expressions that use comma operator ',' are dangerous. Make sure the expression is correct. | Oracle VM Virtual Box, Unreal Engine 4, ReactOS, CryEngine V, Steinberg SDKs, Amazon Lumberyard, Azure Service Fabric, Godot Engine, Dlib, LLVM/Clang, ... |
| V522 | Possible null pointer dereference. | CARLA, MuditaOS, VCMI, GCC, FreeCAD, GZDoom, Dagor Engine, OpenVINO, DPDK, Telegram, ... |
| V523 | The 'then' statement is equivalent to the 'else' statement. | Espressif IoT Development Framework, TheXTech, Blend2D, Overgrowth, Captain Blood, CodeLite, Qt Creator, qdEngine, OpenVINO, DPDK, ... |
| V524 | It is suspicious that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function. | MuseScore, FreeRDP, EAStdC, Heawei Ark Compiler, Newton Game Dynamics, Command & Conquer, Indicators, Qt, FaCT++, Blend2D, ... |
| V525 | Code contains collection of similar blocks. Check items X, Y, Z, ... in lines N1, N2, N3, ... | MySQL, Trans-Proteomic Pipeline, SeqAn, Source Engine SDK, Scilab, SlimDX, Android, xrdp, Newton Game Dynamics, FreeCAD, ... |
| V526 | The 'strcmp' function returns 0 if corresponding strings are equal. Consider inspecting the condition for mistakes. | wxWidgets, Network Security Services (NSS), PostgreSQL Database Management System, Micro-Manager. |
| V527 | The 'zero' value is assigned to pointer. Probably meant: *ptr = zero. | PNG library, Apache HTTP Server, ReactOS, Trans-Proteomic Pipeline, Scilab, Haiku Operation System, Tizen. |
| V528 | Pointer is compared with 'zero' value. Probably meant: *ptr != zero. | Apache HTTP Server, Scilab, TortoiseGit, Miranda NG, The GTK+ Project, GCC, ReOpenLDAP, GDB, Partio, Aspell, ... |
| V529 | Suspicious semicolon ';' after 'if/for/while' operator. | ReactOS, CamStudio, Windows 8 Driver Samples, QuickThread, VirtualDub, Oracle VM Virtual Box, Haiku Operation System, MAME, CryEngine V, GuiLite, ... |
| V530 | Return value of 'Foo' function is required to be used. | CryEngine V, Scilab, Audacity, Ardour, Android, ANGLE, LibreOffice, Haiku Operation System, Blender, Ogre3D, ... |
| V531 | The sizeof() operator is multiplied by sizeof(). Consider inspecting the expression. | XUIFramework, NetDefender Firewall, ReactOS, CrashRpt library, Oracle VM Virtual Box, CMake, GPCS4. |
| V532 | Consider inspecting the statement of '*pointer++' pattern. Probably meant: '(*pointer)++'. | eMule Plus, FCEUX, IPP Samples, Apache HTTP Server, DeSmuME, OpenSSL, Miranda NG, Godot Engine, Open X-Ray Engine. |
| V533 | It is possible that a wrong variable is incremented inside the 'for' operator. Consider inspecting 'X'. | Doom 3, Simple DirectMedia Layer, Godot Engine, Unreal Engine 4, Open X-Ray Engine, LibreOffice, GTK, Chromium. |
| V534 | It is possible that a wrong variable is compared inside the 'for' operator. Consider inspecting 'X'. | Source Engine SDK, Coin3D, Oracle VM Virtual Box, .NET CoreCLR, Android, Azure Service Fabric, NCBI Genome Workbench, Qalculate!. |
| V535 | The 'X' variable is used for this loop and outer loops. | Haiku Operation System, FreeBSD Kernel, The GTK+ Project, CryEngine V, Blender, Tizen, Android, NCBI Genome Workbench, libcurl, DPDK, ... |
| V536 | Constant value is represented by an octal form. | eLynx Image Processing SDK and Lab, Miranda IM, PostgreSQL Database Management System, Micro-Manager, TortoiseGit, Chromium, Linux Kernel. |
| V537 | Potential incorrect use of item 'X'. Consider inspecting the expression. | IPP Samples, Miranda IM, ReactOS, Quake-III-Arena, Trinity Core, Blender, Source Engine SDK, Expat, FreeCAD. |
| V538 | The line contains control character 0x0B (vertical tabulation). | EA WebKit. |
| V539 | Iterators are passed as arguments to 'Foo' function. Consider inspecting the expression. | CryEngine V, OpenVINO. |
| V540 | Member 'x' should point to string terminated by two 0 characters. | Fennec Media, Chromium, WinSCP. |
| V541 | String is printed into itself. Consider inspecting the expression. | PCSX2, CAMEL, Mozilla Firefox, UCSniff, TinyCAD, Scilab, FreeBSD Kernel, Serious Engine 1 v.1.10, Ardour. |
| V542 | Suspicious type cast: 'Type1' to ' Type2'. Consider inspecting the expression. | Miranda IM, Platinum. |
| V543 | It is suspicious that value 'X' is assigned to the variable 'Y' of HRESULT type. | WinMerge, Oracle VM Virtual Box, Unreal Engine 4, Mozilla Thunderbird. |
| V545 | Conditional expression of 'if' statement is incorrect for the HRESULT type value 'Foo'. The SUCCEEDED or FAILED macro should be used instead. | VirtualDub, Qt, LibreOffice, Apache HTTP Server, ANGLE, qdEngine. |
| V546 | The 'Foo(Foo)' class member is initialized with itself. | Boost (C++ libraries), OpenToonz, CryEngine V, ClickHouse, Amazon Lumberyard, Blender. |
| V547 | Expression is always true/false. | VCMI, Microsoft PowerToys, YTsaurus, GZDoom, iSulad, Blender, OpenVINO, x64dbg, DPDK, Telegram, ... |
| V548 | TYPE X[][] is not equivalent to TYPE **X. Consider inspecting type casting. | Haiku Operation System. |
| V549 | The 'first' argument of 'Foo' function is equal to the 'second' argument. | Miranda NG, The GTK+ Project, GDB, Linux Kernel, CryEngine V, Skia Graphics Engine, Android, Amazon Lumberyard, PMDK, DPDK, ... |
| V550 | Suspicious precise comparison. Consider using a comparison with defined precision: fabs(A - B) < Epsilon or fabs(A - B) > Epsilon. | CAMEL, ffdshow, Windows Calculator, ArduPod. |
| V551 | Unreachable code under a 'case' label. | Command & Conquer. |
| V552 | A bool type variable is incremented. Perhaps another variable should be incremented instead. | 7-Zip, Command & Conquer. |
| V554 | Incorrect use of smart pointer. | Haiku Operation System, OpenToonz, Casablanca, Nana, Skia Graphics Engine, Android, 0 A.D., LibreOffice, LLVM/Clang, CodeLite, ... |
| V555 | Expression of the 'A - B > 0' kind will work as 'A != B'. | Trans-Proteomic Pipeline, Scilab, OpenSSL, Wine Is Not an Emulator, PHP:Hypertext Preprocessor, OpenJPEG, K Desktop Environment, FreeSWITCH. |
| V556 | Values of different enum types are compared. | Linux Kernel, OpenToonz, Casablanca, Blender, SCIM, Tizen, EFL Core Libraries, Doom 1, Celestia, Command & Conquer, ... |
| V557 | Possible array overrun. | RPCS3, Blend2D, Ogre3D, GPCS4, GCC, FreeCAD, GTK, Qt Creator, OpenVINO, DPDK, ... |
| V558 | Function returns pointer/reference to temporary local object. | SeqAn, VirtualDub, Geant4 software, LLVM/Clang, EFL Core Libraries, Android. |
| V559 | Suspicious assignment inside the condition expression of 'if/while/for' operator. | Miranda IM, Intel AMT SDK, Data Distribution Service, Scilab, Miranda NG, The GTK+ Project, Serious Engine 1 v.1.10. |
| V560 | Part of conditional expression is always true/false. | GTK, Snort, Darwin-XNU, Storm Engine, libtorrent, RPCS3, Ogre3D, VCMI, GZDoom, x64dbg, ... |
| V561 | Consider assigning value to 'foo' variable instead of declaring it anew. | Oracle VM Virtual Box, Godot Engine, Telegram, Firebird, OpenJDK, Chromium, Amazon Lumberyard, NCBI Genome Workbench, Qt, Overgrowth, ... |
| V562 | Bool type value is compared with value of N. Consider inspecting the expression. | Spvolren, ReactOS, Blender, Windows 8 Driver Samples, Haiku Operation System, NCBI Genome Workbench, TheXTech. |
| V563 | An 'else' branch may apply to the previous 'if' statement. | BCmenu, Squirrel, PeerBlock, Trans-Proteomic Pipeline, Cfront, Open X-Ray Engine, Amnesia: The Dark Descent. |
| V564 | The '&' or '|' operator is applied to bool type value. Check for missing parentheses or use the '&&' or '||' operator. | Blender, FFmpeg, Unreal Engine 4, OpenMW, K Desktop Environment, Oracle VM Virtual Box, Amazon Lumberyard, Perl 5, Haiku Operation System, ReactOS, ... |
| V565 | Empty exception handler. Silent suppression of exceptions can hide errors in source code during testing. | G3D Content Pak. |
| V567 | Modification of variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior. | CryEngine V, CMaNGOS, Far2l, Steinberg SDKs, ofPennerEasing, LibreOffice, Doom 1, glTF library, LLVM/Clang, Darwin-XNU, ... |
| V568 | It is suspicious that the argument of sizeof() operator is the expression. | Haiku Operation System, Far2l, CryEngine V, EFL Core Libraries, XNU kernel, RT-Thread, Android, Azure Service Fabric, PMDK, Microsoft PowerToys, ... |
| V569 | Truncation of constant value. | FreeBSD Kernel, VCMI. |
| V570 | Variable is assigned to itself. | Heawei Ark Compiler, GCC, Command & Conquer, Storm Engine, TheXTech, Ogre3D, Captain Blood, Blender, x64dbg, Xenia, ... |
| V571 | Recurring check. This condition was already verified in previous line. | NCBI Genome Workbench, LibrePCB, Kodi, ROOT, jsoncons, LLVM/Clang, Darwin-XNU, MuditaOS, Godot Engine, Telegram, ... |
| V572 | Object created using 'new' operator is immediately cast to another type. Consider inspecting the expression. | wxWidgets, Cocos2d-x, Tizen. |
| V573 | Use of uninitialized variable 'Foo'. The variable was used to initialize itself. | Multi Theft Auto, Firebird, Word for Windows 1.1a, LLVM/Clang, Blend2D, Microsoft PowerToys. |
| V574 | Pointer is used both as an array and as a pointer to single object. | Amazon FreeRTOS. |
| V575 | Function receives suspicious argument. | Transmission, LLVM/Clang, FlipperZero, Blender, GTK, GZDoom, Dagor Engine, iSulad, OpenVINO, DPDK, ... |
| V576 | Incorrect format. Consider checking the Nth actual argument of the 'Foo' function. | ReOpenLDAP, ICQ, Far2l, EFL Core Libraries, Tizen, Enlightenment, 0 A.D., FreeRDP, FlipperZero, DPDK, ... |
| V578 | Suspicious bitwise operation was detected. Consider inspecting it. | NetXMS, RT-Thread, Android, Godot Engine. |
| V579 | The 'Foo' function receives the pointer and its size as arguments. This may be a potential error. Inspect the Nth argument. | OpenJDK, CryEngine V, GDB, GNU GRUB, MySQL, RT-Thread, Doom 1, PMDK, Captain Blood, Microsoft PowerToys, ... |
| V581 | Conditional expressions of 'if' statements located next to each other are identical. | Celestia, TON, Universal, LLVM/Clang, Qt, Snort, RPCS3, GTK, DPDK, Telegram, ... |
| V583 | The '?:' operator, regardless of its conditional expression, always returns the same value. | Chromium, CMaNGOS, Audacity, V8 JavaScript Engine, TDLib, Krita, Vangers: One For The Road, Command & Conquer, DuckStation, Captain Blood, ... |
| V584 | Same value is present on both sides of the operator. The expression is incorrect or can be simplified. | Far2l, Asterisk, Ruby MRI, Command & Conquer. |
| V586 | The 'Foo' function is called twice to deallocate the same resource. | Blender, OpenMW, VNL, Miranda NG, Telegram. |
| V587 | Suspicious sequence of assignments: A = B; B = A;. | Windows 8 Driver Samples, Mozilla Firefox, LibreOffice, Git, GNU GRUB, EFL Core Libraries, ORCT2, CodeLite. |
| V588 | Expression of the 'A =+ B' kind is used. Possibly meant: 'A += B'. Consider inspecting the expression. | Libxml2, Trans-Proteomic Pipeline. |
| V590 | Possible excessive expression or typo. Consider inspecting the expression. | NCBI Genome Workbench, Qalculate!, libarchive, ROOT, Command & Conquer, Darwin-XNU, CodeLite, GTK, GZDoom, PPSSPP, ... |
| V591 | Non-void function must return value. | ROOT, Command & Conquer, Strf, Chobo Single-Header Libraries, PpluX, Universal, manif, qdEngine, OpenVINO, Xenia, ... |
| V592 | Expression is enclosed by parentheses twice: ((expression)). One pair of parentheses is unnecessary or typo is present. | wxWidgets, Spring Engine, TensorFlow, CMake. |
| V593 | Expression 'A = B == C' is calculated as 'A = (B == C)'. Consider inspecting the expression. | ReOpenLDAP, OpenSubdiv, CMaNGOS, XNU kernel, Android, ROOT, PMDK, Espressif IoT Development Framework, Qt Creator, DPDK, ... |
| V594 | Pointer to array is out of array bounds. | ReactOS. |
| V595 | Pointer was used before its check for nullptr. Check lines: N1, N2. | GPCS4, Overgrowth, VCMI, GZDoom, iSulad, qdEngine, OpenVINO, DPDK, PPSSPP, Xenia, ... |
| V596 | Object was created but is not used. Check for missing 'throw' keyword. | OpenMW, FreeCAD, Computational Network Toolkit, OpenToonz, MySQL, Amazon Lumberyard, Haiku Operation System, ROOT, Hnswlib, tiny-dnn, ... |
| V597 | Compiler may delete 'memset' function call that is used to clear 'Foo' buffer. Use the RtlSecureZeroMemory() function to erase private data. | PPSSPP, ROOT, Qemu, Espressif IoT Development Framework, GTK, Snort, Transmission, RPCS3, iSulad, DPDK, ... |
| V598 | Memory manipulation function is used to work with a class object containing a virtual table pointer. The result of such an operation may be unexpected. | IPP Samples, Coin3D, SlimDX, Miranda NG, .NET CoreCLR, GZDoom. |
| V599 | The virtual destructor is not present, although the 'Foo' class contains virtual functions. | ANGLE, TortoiseGit, Miranda NG, FreeCAD, GINV, Unreal Engine 4, Computational Network Toolkit, OpenToonz, Notepad++, Xenia, ... |
| V600 | The 'Foo' pointer is always not equal to NULL. Consider inspecting the condition. | Notepad++, OpenSSL, Multi Theft Auto, Firebird, ITK, FreeSWITCH. |
| V601 | Suspicious implicit type casting. | Doxygen, Firebird, Notepad++, SCIM, Rosegarden, TON, VVVVVV, Dlib, qdEngine, PPSSPP, ... |
| V602 | The '<' operator should probably be replaced with '<<'. Consider inspecting this expression. | RT-Thread. |
| V603 | Object was created but not used. If you wish to call constructor, use 'this->Foo::Foo(....)'. | ChakraCore, Open X-Ray Engine, CryEngine V, EA WebKit, Android, Azure Service Fabric, Etc2Comp, NCBI Genome Workbench, Stellarium, Haiku Operation System, ... |
| V604 | Number of iterations in loop equals size of a pointer. Consider inspecting the expression. | Windows 8 Driver Samples. |
| V605 | Unsigned value is compared to the NN number. Consider inspecting the expression. | VirtualDub, PHP:Hypertext Preprocessor, FreeSWITCH, The GTK+ Project, ReactOS. |
| V606 | Ownerless token 'Foo'. | RunAsAdmin Explorer Shim, Windows 8 Driver Samples, Oracle VM Virtual Box, Amazon Lumberyard, Azure Service Fabric. |
| V607 | Ownerless expression 'Foo'. | Unreal Engine 4, Miranda NG, Godot Engine, Serious Engine 1 v.1.10, System Shock, Azure Service Fabric, Captain Blood, Microsoft PowerToys, GZDoom, Qt Creator, ... |
| V609 | Possible division or mod by zero. | Mozilla Thunderbird, Inkscape, Chromium, EFL Core Libraries, SpeedCrunch, Haiku Operation System, ROOT, LLVM/Clang, MuditaOS, Ogre3D, ... |
| V610 | Undefined behavior. Check the shift operator. | SpeedCrunch, TON, Command & Conquer, PMDK, Qemu, Boost (C++ libraries), Overgrowth, GZDoom, Dagor Engine, PPSSPP, ... |
| V611 | Memory allocation and deallocation methods are incompatible. | Vangers: One For The Road, Qalculate!, Haiku Operation System, Command & Conquer, Storm Engine, Overgrowth, Captain Blood, GTK, qdEngine, PPSSPP, ... |
| V612 | Unconditional 'break/continue/return/goto' within a loop. | Inkscape, CMaNGOS, Audacity, Rosegarden, XNU kernel, RT-Thread, MuseScore, CARLA, GCC, Xenia, ... |
| V614 | Use of 'Foo' uninitialized variable. | LLVM/Clang, Protocol Buffers, DuckStation, Ogre3D, Captain Blood, CodeLite, GCC, Dagor Engine, Blender, Xenia, ... |
| V615 | Suspicious explicit conversion from 'float *' type to 'double *' type. | OpenJDK, Xenia. |
| V616 | Use of 'Foo' named constant with 0 value in bitwise operation. | Unreal Engine 4, Mozilla Thunderbird, ReactOS, LLVM/Clang, CMaNGOS, Qt, Minetest, Qemu, Dlib, Chromium, ... |
| V617 | Argument of the '|' bitwise operation always contains non-zero value. Consider inspecting the condition. | OpenSSL, Multi Theft Auto, Word for Windows 1.1a, WebRTC, FreeBSD Kernel, XNU kernel, Android, Command & Conquer, POCO C++ Libraries, MuditaOS, ... |
| V618 | Dangerous call of 'Foo' function. The passed line may contain format specification. Example of safe code: printf("%s", str); | TortoiseSVN, Source Engine SDK, CryEngine 3 SDK, WinSCP, Miranda NG, LibreOffice, Apple II emulator, Tizen. |
| V619 | Array is used as pointer to single object. | Amazon FreeRTOS. |
| V620 | Expression of sizeof(T)*N kind is summed up with pointer to T type. Consider inspecting the expression. | Apache Xerces Project, Snes9x, Miranda NG, Chromium. |
| V621 | Loop may execute incorrectly or may not execute at all. Consider inspecting the 'for' operator. | EFL Core Libraries, Godot Engine, Windows Calculator, ROOT, Newton Game Dynamics, GTK, Free Heroes of Might and Magic II, Snort, GCC, DPDK, ... |
| V622 | First 'case' operator may be missing. Consider inspecting the 'switch' statement. | K Desktop Environment, Miranda NG, CryEngine V, Tizen, Amazon Lumberyard, LLVM/Clang. |
| V623 | Temporary object is created and then destroyed. Consider inspecting the '?:' operator. | Far2l. |
| V624 | Use of constant NN. The resulting value may be inaccurate. Consider using the M_NN constant from <math.h>. | ffdshow, OpenMS, Geant4 software, Inkscape, Tizen, Bullet Physics SDK, Celestia. |
| V625 | Initial and final values of the iterator are the same. Consider inspecting the 'for' operator. | Synergy, LibreOffice, Oracle VM Virtual Box, GCC. |
| V626 | It's possible that ',' should be replaced by ';'. Consider checking for typos. | Oracle VM Virtual Box, LibreOffice. |
| V627 | Argument of sizeof() is a macro, which expands to a number. Consider inspecting the expression. | Samba, Network Security Services (NSS), Data Distribution Service, WebRTC, Haiku Operation System. |
| V628 | It is possible that a line was commented out improperly, thus altering the program's operation logic. | Trans-Proteomic Pipeline, Spring Engine, Inkscape. |
| V629 | Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type. Consider inspecting the expression. | Bitcoin, Alembic, TensorFlow, Android, Qemu, jsoncons, PGM-index, YTsaurus, iSulad, PPSSPP, ... |
| V630 | The 'malloc' function is used to allocate memory for an array of objects that are classes containing constructors/destructors. | Cocos2d-x, Haiku Operation System, Computational Network Toolkit, CryEngine V, EFL Core Libraries, Newton Game Dynamics, MuseScore, Blender. |
| V631 | Defining absolute path to file or directory is considered a poor coding style. Consider inspecting the 'Foo' function call. | ffdshow, NetXMS, VirtualDub. |
| V634 | Priority of '+' operation is higher than priority of '<<' operation. Consider using parentheses in the expression. | Haiku Operation System, CryEngine V, System Shock, Stellarium, Qemu, Snort, DPDK. |
| V635 | Length should be probably multiplied by sizeof(wchar_t). Consider inspecting the expression. | WinMerge, Miranda NG. |
| V636 | Expression was implicitly cast from integer type to real type. Consider using an explicit type cast to avoid overflow or loss of a fractional part. | Qt, Tesseract, Cocos2d-x, Miranda NG, Open X-Ray Engine, ICQ, EFL Core Libraries, Tizen, Minetest, GTK, ... |
| V637 | Use of two opposite conditions. The second condition is always false. | TortoiseGit, K Desktop Environment, .NET CoreCLR, ReactOS, Firebird, Blender, LibreOffice, MuseScore, RPCS3, DPDK, ... |
| V638 | Terminal null is present inside a string. Use of '\0xNN' characters. Probably meant: '\xNN'. | Oracle VM Virtual Box, Linux Kernel. |
| V639 | One of closing ')' parentheses is probably positioned incorrectly. Consider inspecting the expression for function call. | CryEngine 3 SDK, Eigen, LibreOffice, LLVM/Clang. |
| V640 | Code's operational logic does not correspond with its formatting. | Miranda NG, Spring Engine, Haiku Operation System, CryEngine V, CMaNGOS, GCC, FreeBSD Kernel, Augeas, Tizen, Android, ... |
| V641 | Buffer size is not a multiple of element size. | Miranda NG, GZDoom. |
| V642 | Function result is saved inside the 'byte' type variable. Significant bits may be lost. This may break the program's logic. | Xpdf, ReactOS, Firebird, Linux Kernel, OpenToonz, Tizen, Amazon FreeRTOS, Espressif IoT Development Framework. |
| V643 | Suspicious pointer arithmetic. Value of 'char' type is added to a string pointer. | Spring Engine, OpenToonz. |
| V645 | Function call may lead to buffer overflow. Bounds should not contain size of a buffer, but a number of characters it can hold. | ReactOS, ICU, Multi Theft Auto, Miranda NG, Enlightenment, Tizen, Haiku Operation System. |
| V646 | The 'else' keyword may be missing. Consider inspecting the program's logic. | Aspell, EFL Core Libraries, Tizen, XNU kernel, Krita, LLVM/Clang, ROOT, Minetest, Qemu, ReactOS, ... |
| V647 | Value of 'A' type is assigned to a pointer of 'B' type. | Tizen. |
| V648 | Priority of '&&' operation is higher than priority of '||' operation. | Wolfenstein 3D, Oracle VM Virtual Box, Command & Conquer. |
| V649 | Two 'if' statements with identical conditional expressions. The first 'if' statement contains function return. This means that the second 'if' statement is senseless. | Wolfenstein 3D, Coin3D, Micro-Manager, Blender, LLVM/Clang, EFL Core Libraries, Chromium, Skia Graphics Engine, LibreOffice, CodeLite, ... |
| V650 | Type casting is used 2 times in a row. The '+' operation is executed. Probably meant: (T1)((T2)a + b). | Wine Is Not an Emulator. |
| V652 | Operation is executed 3 or more times in a row. | FreeSWITCH. |
| V653 | Suspicious string consisting of two parts is used for initialization. Comma may be missing. | Asterisk, Linux Kernel. |
| V654 | Condition of a loop is always true/false. | Android, Stellarium, Haiku Operation System, Doom 1, Newton Game Dynamics, Free Heroes of Might and Magic II, Snort, TheXTech, FlipperZero, Captain Blood, ... |
| V655 | Strings were concatenated but not used. Consider inspecting the expression. | Scilab, K Desktop Environment, FreeCAD, OpenToonz, LLVM/Clang. |
| V656 | Variables are initialized through the call to the same function. It's probably an error or un-optimized code. | Doom 3, ReactOS, Qt, LibreOffice, Skia Graphics Engine, Krita, LLVM/Clang, FreeCAD. |
| V658 | Value is subtracted from unsigned variable. It can result in an overflow. In such a case, the comparison operation may behave unexpectedly. | VCMI. |
| V661 | Suspicious expression 'A[B < C]'. Probably meant 'A[B] < C'. | NCBI Genome Workbench. |
| V662 | Different containers are used to set up initial and final values of iterator. Consider inspecting the loop expression. | Rhino (JavaScript engine). |
| V663 | Infinite loop is possible. The 'cin.eof()' condition is insufficient to break from the loop. Consider adding the 'cin.fail()' function call to the conditional expression. | POCO C++ Libraries, OpenMW, Grassroots DICOM library (GDCM), ITK, SETI@home, GNU Octave, NCBI Genome Workbench, ROOT, FreeCAD, OpenVINO. |
| V664 | Pointer is dereferenced on the initialization list before its check for null inside the body of a constructor function. | LLVM/Clang, FreeCAD, GZDoom. |
| V665 | Possible incorrect use of '#pragma warning(default: X)'. The '#pragma warning(push/pop)' should be used instead. | Newton Game Dynamics, FreeSWITCH, Dolphin Smalltalk 7, OpenToonz, Apache HTTP Server, usrsctp, tiny-dnn, PGM-index, Microsoft PowerToys, Qt Creator, ... |
| V666 | Value may not correspond with the length of a string passed with YY argument. Consider inspecting the NNth argument of the 'Foo' function. | ITK, Spring Engine, LibreOffice, OpenJDK, Inkscape, Linux Kernel, FreeBSD Kernel, Bind, Enlightenment, CARLA, ... |
| V668 | Possible meaningless check for null, as memory was allocated using 'new' operator. Memory allocation will lead to an exception. | SpeedCrunch, Celestia, TON, Newton Game Dynamics, Minetest, SystemC, RPCS3, MuditaOS, qdEngine, PPSSPP, ... |
| V669 | Argument is a non-constant reference. The analyzer is unable to determine the position where this argument is modified. Consider checking the function for an error. | WinMerge, CryEngine 3 SDK, Micro-Manager, CMaNGOS. |
| V670 | Uninitialized class member is used to initialize another member. Remember that members are initialized in the order of their declarations inside a class. | Tesseract, .NET CoreCLR, Unreal Engine 4, Appleseed, Mozilla Thunderbird, Rosegarden, NCBI Genome Workbench, LibreOffice, Haiku Operation System, Qt Creator. |
| V671 | The 'swap' function may interchange a variable with itself. | Haiku Operation System. |
| V672 | It is possible that creating a new variable is unnecessary. One of the function's arguments has the same name and this argument is a reference. | Qalculate!, Haiku Operation System, Command & Conquer. |
| V673 | More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits. | .NET CoreCLR. |
| V674 | Expression contains a suspicious mix of integer and real types. | Unreal Engine 4, Open X-Ray Engine, ICQ, CMaNGOS, Tizen, EFL Core Libraries, MuseScore, Rosegarden, 0 A.D., Stellarium, ... |
| V675 | Writing into read-only memory. | Tizen. |
| V676 | Incorrect comparison of BOOL type variable with TRUE. | VirtualDub, Firebird, CryEngine 3 SDK, Apple II emulator, Amazon FreeRTOS. |
| V677 | Custom declaration of standard type. Consider using the declaration from system header files instead. | SlimDX, Miranda NG. |
| V678 | Object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' function. | Shareaza, Mozilla Thunderbird, ROOT. |
| V681 | The language standard does not define order in which 'Foo' functions are called during evaluation of arguments. | Wine Is Not an Emulator, Android. |
| V684 | Value of variable is not modified. It is possible that '1' should be present instead of '0'. Consider inspecting the expression. | V8 JavaScript Engine, Chromium. |
| V686 | Pattern A || (A && ...) was detected. The expression is excessive or contains a logical error. | Blender, Tor, EFL Core Libraries, Tizen. |
| V688 | The 'foo' local variable has the same name as one of class members. This can result in confusion. | Computational Network Toolkit, CryEngine V, NCBI Genome Workbench, VVVVVV. |
| V690 | The class implements a copy constructor/operator=, but lacks the operator=/copy constructor. | Bitcoin, Casablanca, OpenJDK, Tizen. |
| V691 | Empirical analysis. Possible typo inside the string literal. The 'foo' word is suspicious. | Chromium. |
| V692 | Inappropriate attempt to append a null character to a string. To determine the length of a string by 'strlen' function correctly, use a string ending with a null terminator in the first place. | Wine Is Not an Emulator, Linux Kernel, Haiku Operation System, Tizen, ReactOS. |
| V693 | It is possible that 'i < X.size()' should be used instead of 'X.size()'. Consider inspecting conditional expression of the loop. | Godot Engine. |
| V694 | The condition (ptr - const_value) is only false if the value of a pointer equals a magic constant. | Miranda NG, FreeSWITCH, EFL Core Libraries, Tizen, ICU. |
| V695 | Range intersections are possible within conditional expressions. | Linux Kernel, The GTK+ Project, CryEngine V, Scilab, Android. |
| V696 | The 'continue' operator will terminate 'do { ... } while (FALSE)' loop because the condition is always false. | Cocos2d-x, Linux Kernel, Haiku Operation System, LLVM/Clang, Tizen, Ardour, Android. |
| V698 | Functions of strcmp() kind can return any values, not only -1, 0, or 1. | .NET CoreCLR. |
| V700 | It is suspicious that variable is initialized through itself. Consider inspecting the 'T foo = foo = x;' expression. | .NET CoreCLR, Unreal Engine 4, Apple II emulator, Captain Blood. |
| V701 | Possible realloc() leak: when realloc() fails to allocate memory, original pointer is lost. Consider assigning realloc() to a temporary pointer. | Tizen, Aspell, Free Lossless Audio Codec, WebRTC, 0 A.D., Qt, Qalculate!, Espressif IoT Development Framework, Blender, PPSSPP, ... |
| V702 | Classes should always be derived from std::exception (and alike) as 'public'. | Windows Calculator, Celestia. |
| V703 | It is suspicious that the 'foo' field in derived class overwrites field in base class. | ORCT2, DeepSpeech, Ogre3D. |
| V704 | The expression is always false on newer compilers. Avoid using 'this == 0' comparison. | Miranda NG, .NET CoreCLR, Serious Engine 1 v.1.10, Inkscape, CMaNGOS, Notepad++. |
| V705 | It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics. | K Desktop Environment, Miranda NG, Linux Kernel, FreeBSD Kernel, Valgrind, XNU kernel, Haiku Operation System, Command & Conquer. |
| V706 | Suspicious division: sizeof(X) / Value. Size of every element in X array is not equal to divisor. | Haiku Operation System. |
| V707 | Giving short names to global variables is considered to be bad practice. | Cfront, Yasm, PMDK. |
| V708 | Dangerous construction is used: 'm[x] = m.size()', where 'm' is of 'T' class. This may lead to undefined behavior. | Chromium, LLVM/Clang. |
| V709 | Suspicious comparison found: 'a == b == c'. Remember that 'a == b == c' is not equal to 'a == b && b == c'. | Unreal Engine 4, Amazon Lumberyard, Bullet Physics SDK. |
| V711 | It is dangerous to create a local variable within a loop with a same name as a variable controlling this loop. | Haiku Operation System, Telegram, Wine Is Not an Emulator, FreeBSD Kernel. |
| V712 | Compiler may optimize out this loop or make it infinite. Use volatile variable(s) or synchronization primitives to avoid this. | GINV, eMule Plus, FreeSWITCH, Shareaza, FCEUX, MPC-HC, ReactOS, Open X-Ray Engine, qdEngine, DPDK, ... |
| V713 | Pointer was used in the logical expression before its check for nullptr in the same logical expression. | ChakraCore, FreeBSD Kernel, Firebird, CryEngine V, Notepad++, V8 JavaScript Engine, Celestia, Qt, Snort, DPDK, ... |
| V714 | Variable is not passed into foreach loop by reference, but its value is changed inside of the loop. | Krita. |
| V715 | The 'while' operator has empty body. This pattern is suspicious. | Enlightenment. |
| V716 | Suspicious type conversion: HRESULT -> BOOL (BOOL -> HRESULT). | LibreOffice, Wine Is Not an Emulator, Dolphin Smalltalk 7, Command & Conquer, Xenia. |
| V718 | The 'Foo' function should not be called from 'DllMain' function. | LibreOffice, Open X-Ray Engine. |
| V719 | The switch statement does not cover all values of the enum. | Appleseed, Firebird, Windows Calculator. |
| V721 | The VARIANT_BOOL type is used incorrectly. The true value (VARIANT_TRUE) is defined as -1. | MAME. |
| V724 | Converting integers or pointers to BOOL can lead to a loss of high-order bits. Non-zero value can become 'FALSE'. | Ruby MRI. |
| V726 | Attempt to free memory containing the 'int A[10]' array by using the 'free(A)' function. | CamStudio, Shareaza, DuckStation. |
| V728 | Excessive check can be simplified. The '||' operator is surrounded by opposite expressions 'x' and '!x'. | LibreOffice, Windows Calculator, EAStdC, CMake, Heawei Ark Compiler, Overgrowth, VCMI, YTsaurus, PPSSPP, Telegram, ... |
| V729 | Function body contains the 'X' label that is not used by any 'goto' statements. | FreeBSD Kernel, CodeLite. |
| V730 | Not all members of a class are initialized inside the constructor. | Miranda IM, MuseScore, TDLib, ANGLE, LibrePCB, VVVVVV, DeepSpeech. |
| V732 | Unary minus operator does not modify a bool type value. | Miranda IM, Krita, GPCS4. |
| V733 | It is possible that macro expansion resulted in incorrect evaluation order. | FreeBSD Kernel, Linux Kernel. |
| V734 | Excessive expression. Examine the substrings "abc" and "abcd". | CryEngine V, Linux Kernel. |
| V735 | Possibly an incorrect HTML. The "</XX>" closing tag was encountered, while the "</YY>" tag was expected. | Qt. |
| V737 | It is possible that ',' comma is missing at the end of the string. | Inkscape. |
| V739 | EOF should not be compared with a value of the 'char' type. Consider using the 'int' type. | Computational Network Toolkit, Android, NCBI Genome Workbench, rdesktop. |
| V742 | Function receives an address of a 'char' type variable instead of pointer to a buffer. | LFortran. |
| V743 | The memory areas must not overlap. Use 'memmove' function. | Stickies. |
| V745 | A 'wchar_t *' type string is incorrectly converted to 'BSTR' type string. | Oracle VM Virtual Box. |
| V746 | Object slicing. An exception should be caught by reference rather than by value. | Oracle VM Virtual Box, OpenToonz, Open X-Ray Engine, Notepad++, Scilab, Tizen, Rosegarden, Ardour, NCBI Genome Workbench, Xenia. |
| V749 | Destructor of the object will be invoked a second time after leaving the object's scope. | 0 A.D.. |
| V751 | Parameter is not used inside function's body. | Linux Kernel, Valgrind, Steinberg SDKs, HarfBuzz, System Shock, Godot Engine, Bullet Physics SDK, Overgrowth. |
| V756 | The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter. | LibreOffice. |
| V757 | It is possible that an incorrect variable is compared with null after type conversion using 'dynamic_cast'. | LibreOffice, Haiku Operation System, MuditaOS. |
| V760 | Two identical text blocks were detected. The second block starts with NN string. | CMaNGOS, TensorFlow, Bind, PDFium, Windows Calculator, FreeRDP, iSulad. |
| V762 | Consider inspecting virtual function arguments. See NN argument of function 'Foo' in derived class and base class. | Notepad++, MuseScore, Ardour, Command & Conquer, CodeLite, Blender. |
| V763 | Parameter is always rewritten in function body before being used. | Inkscape, ReOpenLDAP, Chromium, NCBI Genome Workbench, LibreOffice, Stellarium, Haiku Operation System, GCC, Command & Conquer, MuseScore. |
| V764 | Possible incorrect order of arguments passed to function. | Linux Kernel, CMaNGOS, LibreOffice, Espressif IoT Development Framework, GTK, Darwin-XNU. |
| V765 | Compound assignment expression 'X += X + N' is suspicious. Consider inspecting it for a possible error. | MuseScore, LibreOffice. |
| V766 | An item with the same key has already been added. | Chromium, MuseScore, Android, NCBI Genome Workbench, RPCS3, CodeLite, OpenVINO. |
| V767 | Suspicious access to element by a constant index inside a loop. | Skia Graphics Engine, RT-Thread, Godot Engine, ROOT. |
| V768 | Variable is of enum type. It is suspicious that it is used as a variable of a Boolean-type. | XNU kernel, RT-Thread, Krita, Android, Qt, Doom 1, ROOT, Command & Conquer, Amnesia: The Dark Descent, OpenVINO, ... |
| V769 | The pointer in the expression equals nullptr. The resulting value is senseless and it should not be used. | Hunspell, Android, Qt, FreeRDP, Newton Game Dynamics, CSV Parser, DeepSpeech, Overgrowth, GTK, GZDoom, ... |
| V772 | Calling a 'delete' operator for a void pointer will cause undefined behavior. | Haiku Operation System, Command & Conquer, Overgrowth, Qt Creator. |
| V773 | Function exited without releasing the pointer/handle. A memory/resource leak is possible. | VCMI, CodeLite, GCC, GTK, Microsoft PowerToys, Qt Creator, qdEngine, DPDK, PPSSPP, Xenia, ... |
| V774 | Pointer was used after the memory was released. | Augeas, Bind, ICU, Qalculate!, Haiku Operation System, MuseScore. |
| V778 | Two similar code fragments. Perhaps, it is a typo and 'X' variable should be used instead of 'Y'. | EA WebKit, Android, Godot Engine, LibrePCB, GCC, Newton Game Dynamics, Amnesia: The Dark Descent, MuseScore, YTsaurus, GZDoom, ... |
| V779 | Unreachable code was detected. It is possible that an error is present. | rdesktop, LLVM/Clang, Doom 1, GTK, DuckStation, FlipperZero, VCMI, Qt Creator, qdEngine, Telegram, ... |
| V780 | The object of non-passive (non-PDS) type cannot be used with the function. | Tizen, DeepSpeech, Godot Engine, Xenia. |
| V781 | Value of a variable is checked after it is used. Possible error in program's logic. Check lines: N1, N2. | Minetest, Qemu, GTK, libtorrent, TheXTech, LLVM/Clang, Captain Blood, GZDoom, Godot Engine, DPDK, ... |
| V783 | Possible dereference of invalid iterator 'X'. | Rosegarden, 0 A.D., qdEngine. |
| V784 | The size of the bit mask is less than the size of the first operand. This will cause the loss of higher bits. | Perl 5, LLVM/Clang, Qemu, iSulad, DPDK. |
| V786 | It is odd that value C is assigned to the X variable. The value range of variable: [A, B]. | Tizen, iSulad. |
| V789 | Iterators for the container, used in the range-based for loop, become invalid upon a function call. | ClickHouse, WebRTC. |
| V791 | The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead. | Overgrowth. |
| V792 | The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead. | Stellarium, Haiku Operation System, TheXTech, Blend2D, GCC. |
| V793 | It is suspicious that the result of the statement is a part of the condition. Perhaps, this statement should have been compared with something else. | Android, ORCT2, Darwin-XNU. |
| V794 | The assignment operator should be protected from the case of 'this == &src'. | RE2, WebRTC, EA WebKit, TDLib, Android, LibreOffice, SpeedCrunch, CARLA, GPCS4, VCMI, ... |
| V796 | A 'break' statement is probably missing in a 'switch' statement. | Chromium, Android, System Shock, Godot Engine, GPCS4, DPDK. |
| V797 | The function is used as if it returned a bool type. The return value of the function should probably be compared with std::string::npos. | Qalculate!. |
| V799 | Variable is not used after memory is allocated for it. Consider checking the use of this variable. | Krita. |
| V1001 | Variable is assigned but not used by the end of the function. | MuseScore, Skia Graphics Engine, XNU kernel, Android, LibreOffice, LLVM/Clang, TON, Zephyr, Universal, Snort, ... |
| V1002 | Class that contains pointers, constructor and destructor is copied by the automatically generated operator= or copy constructor. | Ardour, YTsaurus, Dagor Engine. |
| V1003 | Macro expression is dangerous or suspicious. | TON, x64dbg, Godot Engine. |
| V1004 | Pointer was used unsafely after its check for nullptr. | LLVM/Clang, Amazon FreeRTOS, VVVVVV, ORCT2, PMDK, DeepSpeech, Snort, VCMI, DPDK, Telegram, ... |
| V1005 | The resource was acquired using 'X' function but was released using incompatible 'Y' function. | FreeRDP. |
| V1007 | Value from the uninitialized optional is used. It may be an error. | YTsaurus. |
| V1008 | No more than one iteration of the loop will be performed. Consider inspecting the 'for' operator. | LibreOffice. |
| V1009 | Check the array initialization. Only the first element is initialized explicitly. | EAStdC, MuseScore. |
| V1010 | Unchecked tainted data is used in expression. | ReactOS. |
| V1013 | Suspicious subexpression in a sequence of similar comparisons. | LibreOffice. |
| V1020 | Function exited without performing epilogue actions. It is possible that there is an error. | Zephyr, iSulad, DPDK. |
| V1022 | Exception was thrown by pointer. Consider throwing it by value instead. | LibrePCB, Haiku Operation System, FaCT++, Qt Creator. |
| V1023 | A pointer without owner is added to the container by the 'emplace_back' method. A memory leak will occur in case of an exception. | LLVM/Clang, Dlib, iutest, Protocol Buffers, VCMI, YTsaurus. |
| V1028 | Possible overflow. Consider casting operands, not the result. | FreeRDP, LLVM/Clang, PMDK, Qt, Snort, Darwin-XNU, libtorrent, Protocol Buffers, Dagor Engine. |
| V1032 | Pointer is cast to a more strictly aligned pointer type. | FreeCAD, qdEngine. |
| V1036 | Potentially unsafe double-checked locking. | Blender. |
| V1037 | Two or more case-branches perform the same actions. | TON. |
| V1040 | Possible typo in the spelling of a pre-defined macro name. | libuv, SimpleIni. |
| V1043 | A global object variable is declared in the header. Multiple copies of it will be created in all translation units that include this header file. | GZDoom, LLVM/Clang. |
| V1044 | Loop break conditions do not depend on the number of iterations. | Mozilla Thunderbird, Blend2D, Godot Engine, Telegram. |
| V1046 | Unsafe usage of the 'bool' and integer types together in the operation '&='. | ROOT, Qemu. |
| V1048 | Variable 'foo' was assigned the same value. | ORCT2, Qt, libtorrent, Ogre3D, GPCS4. |
| V1051 | It is possible that an assigned variable should be checked in the next condition. Consider checking for typos. | FreeCAD, Dagor Engine, Xenia. |
| V1053 | Calling the 'foo' virtual function in the constructor/destructor may lead to unexpected result at runtime. | qdEngine, Xenia. |
| V1061 | Extending 'std' or 'posix' namespace may result in undefined behavior. | DeepSpeech, RPCS3, CARLA, YTsaurus. |
| V1062 | Class defines a custom new or delete operator. The opposite operator must also be defined. | DeepSpeech. |
| V1063 | The modulo by 1 operation is meaningless. The result will always be zero. | LLVM/Clang, Qt, MuseScore, GZDoom, Xenia. |
| V1064 | The left operand of integer division is less than the right one. The result will always be zero. | Ogre3D, RPCS3, Xenia. |
| V1065 | Expression can be simplified: check similar operands. | DuckStation, Ogre3D, Captain Blood. |
| V1068 | Do not define an unnamed namespace in a header file. | iSulad. |
| V1075 | The function expects the file to be opened in one mode, but it was opened in different mode. | Captain Blood. |
| V1076 | Code contains invisible characters that may alter its logic. Consider enabling the display of invisible characters in the code editor. | Godot Engine. |
| V1083 | Signed integer overflow in arithmetic expression. This leads to undefined behavior. | Godot Engine. |
| V1086 | Call of the 'Foo' function will lead to buffer underflow. | Haiku Operation System, Unreal Engine 4, CodeLite, FreeBSD Kernel, CryEngine V, Tizen, Ardour, WebRTC, Command & Conquer, Microsoft PowerToys, ... |
| V1089 | Waiting on condition variable without predicate. A thread can wait indefinitely or experience a spurious wake-up. | GZDoom. |
| V1094 | Conditional escape sequence in literal. Its representation is implementation-defined. | GTK. |
| V1109 | Function is deprecated. Consider switching to an equivalent newer function. | x64dbg. |
| V3001 | There are identical sub-expressions to the left and to the right of the 'foo' operator. | Barotrauma, AvalonStudio, Akka.NET, .NET 7, BTCPay Server, MassTransit, Entity Framework Core, .NET 8, DiIiS, WolvenKit, ... |
| V3002 | The switch statement does not cover all values of the enum. | SharpDevelop, Microsoft Code Contracts, Orchard CMS, QuantConnect Lean. |
| V3003 | The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence. | Old NASA World Wind (C#), Mono, Media Portal 2, PascalABC.NET, SubtitleEdit, Infer.NET, .NET Core Libraries (CoreFX), Azure PowerShell, Ryujinx, LINQ to DB, ... |
| V3004 | The 'then' statement is equivalent to the 'else' statement. | AvaloniaUI, Emby, RunUO, Nethermind, QuantConnect Lean, ONLYOFFICE Community Server, DotNetNuke, Barotrauma, Orleans, AvalonStudio, ... |
| V3005 | The 'x' variable is assigned to itself. | Chocolatey, QuantConnect Lean, DotNetNuke, Barotrauma, AvalonStudio, Discord.NET, GrandNode, nopCommerce, TowerDefense-GameFramework-Demo, Unity C# reference source code, ... |
| V3006 | The object was created but it is not being used. The 'throw' keyword could be missing. | Unity3D, Azure PowerShell. |
| V3008 | The 'x' variable is assigned values twice successively. Perhaps this is a mistake. | MonoGame, Eto.Forms, Bitwarden, MudBlazor, BTCPay Server, Entity Framework Core, SanAndreasUnity, .NET 8, nopCommerce, WolvenKit, ... |
| V3009 | It's odd that this method always returns one and the same value of NN. | AWS SDK for .NET, .NET Core Libraries (CoreFX), AvaloniaUI, osu!, Open XML SDK, ONLYOFFICE Community Server, Ryujinx, Eto.Forms, Barotrauma, .NET 7, ... |
| V3010 | The return value of function 'Foo' is required to be utilized. | LINQ to DB, DotNetNuke, BTCPay Server, Eto.Forms, Barotrauma, Akka.NET, Discord.NET, MudBlazor, nopCommerce, DiIiS, ... |
| V3011 | Two opposite conditions were encountered. The second condition is always false. | MSBuild. |
| V3012 | The '?:' operator, regardless of its conditional expression, always returns one and the same value. | MonoDevelop, IronPython and IronRuby, .NET Compiler Platform ("Roslyn"), Mono, RunUO, Garnet. |
| V3013 | It is odd that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function. | Flax Engine, IronPython and IronRuby, .NET Compiler Platform ("Roslyn"), Samples by the Infragistics Company, FlashDevelop, Telerik UI for UWP, Emby, Ryujinx, PeachPie, AWS SDK for .NET. |
| V3014 | It is likely that a wrong variable is being incremented inside the 'for' operator. Consider reviewing 'X'. | Microsoft Code Contracts, .NET Core Libraries (CoreFX), Entity Framework. |
| V3015 | It is likely that a wrong variable is being compared inside the 'for' operator. Consider reviewing 'X'. | Accord.Net, Mono, Entity Framework. |
| V3017 | A pattern was detected: A || (A && ...). The expression is excessive or contains a logical error. | RunUO. |
| V3018 | Consider inspecting the application's logic. It's possible that 'else' keyword is missing. | PascalABC.NET. |
| V3019 | It is possible that an incorrect variable is compared with null after type conversion using 'as' keyword. | Mono, Microsoft Bot Builder, PowerShell, Media Portal 2, PascalABC.NET, Logify Alert Clients, Unity C# reference source code, Telerik UI for UWP, QuantConnect Lean, AWS SDK for .NET, ... |
| V3020 | An unconditional 'break/continue/return/goto' within a loop. | Mono, Media Portal 2, Unity C# reference source code, Infer.NET, FastReport, Telerik UI for UWP, LINQ to DB, Orleans, SanAndreasUnity, nopCommerce, ... |
| V3021 | There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless. | Unity C# reference source code, .NET Core Libraries (CoreFX), OpenCvSharp, Emby, Nethermind, ONLYOFFICE Community Server, Umbraco, .NET 6 libraries, Barotrauma, GrandNode, ... |
| V3022 | Expression is always true/false. | MassTransit, Entity Framework Core, Microsoft PowerToys, Power-Fx, .NET 8, nopCommerce, DiIiS, Garnet, WolvenKit, Starlight, ... |
| V3023 | Consider inspecting this expression. The expression is excessive or contains a misprint. | SharpDevelop, MonoDevelop, IronPython and IronRuby, .NET Compiler Platform ("Roslyn"), Sony ATF, Xenko, Azure PowerShell. |
| V3024 | An odd precise comparison. Consider using a comparison with defined precision: Math.Abs(A - B) < Epsilon or Math.Abs(A - B) > Epsilon. | IronPython and IronRuby. |
| V3025 | Incorrect format. Consider checking the N format items of the 'Foo' function. | Unity C# reference source code, AWS SDK for .NET, Azure PowerShell, ILSpy, PeachPie, LINQ to DB, DotNetNuke, Barotrauma, .NET 8, TowerDefense-GameFramework-Demo, ... |
| V3027 | The variable was utilized in the logical expression before it was verified against null in the same logical expression. | IronPython and IronRuby, .NET Compiler Platform ("Roslyn"), Space Engineers, Mono, PowerShell, Orchard CMS, Umbraco, PascalABC.NET, Cloudscribe, Barotrauma, ... |
| V3028 | Consider inspecting the 'for' operator. Initial and final values of the iterator are the same. | Space Engineers, Media Portal 2. |
| V3029 | The conditional expressions of the 'if' statements situated alongside each other are identical. | .NET Compiler Platform ("Roslyn"), Samples by the Infragistics Company, AWS SDK for .NET, Emby, Squidex, Unity C# reference source code, BTCPay Server. |
| V3030 | Recurring check. This condition was already verified in previous line. | SharpDevelop, Microsoft Code Contracts, .NET Core Libraries (CoreFX), IronPython and IronRuby, PascalABC.NET, Telerik UI for UWP, Nethermind, ONLYOFFICE Community Server, Ryujinx, DotNetNuke. |
| V3031 | An excessive check can be simplified. The operator '||' operator is surrounded by opposite expressions 'x' and '!x'. | SharpDevelop, Xamarin.Forms, FlashDevelop, Mono, Orchard CMS, Telerik UI for UWP, RunUO. |
| V3032 | Waiting on this expression is unreliable, as compiler may optimize some of the variables. Use volatile variable(s) or synchronization primitives to avoid this. | Flax Engine, IronPython and IronRuby, Xenko, PascalABC.NET. |
| V3033 | It is possible that this 'else' branch must apply to the previous 'if' statement. | Old NASA World Wind (C#), Mono, PascalABC.NET. |
| V3035 | Consider inspecting the expression. Probably the '+=' should be used here. | Lucene.Net. |
| V3037 | An odd sequence of assignments of this kind: A = B; B = A; | Accord.Net, Old NASA World Wind (C#). |
| V3038 | The argument was passed to method several times. It is possible that another argument should be passed instead. | SharpDevelop, Xamarin.Forms, PascalABC.NET, OpenCvSharp, ONLYOFFICE Community Server, ILSpy, .NET 8, Starlight. |
| V3040 | The expression contains a suspicious mix of integer and real types. | QuantConnect Lean. |
| V3041 | The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid the loss of a fractional part. | Sony ATF, Xenko, Accord.Net, MSBuild, Infer.NET, ShareX, Emby, RunUO, MonoGame. |
| V3042 | Possible NullReferenceException. The '?.' and '.' operators are used for accessing members of the same object. | Xamarin.Forms, .NET Core Libraries (CoreFX), Azure PowerShell, osu!, Ryujinx, LINQ to DB, DotNetNuke, Unity C# reference source code, Power-Fx, WolvenKit. |
| V3043 | The code's operational logic does not correspond with its formatting. | Sony ATF, Mono, PascalABC.NET, RunUO. |
| V3045 | WPF: the names of the property registered for DependencyProperty, and of the property used to access it, do not correspond with each other. | Samples by the Infragistics Company, WPF samples by Microsoft. |
| V3046 | WPF: the type registered for DependencyProperty does not correspond with the type of the property used to access it. | Samples by the Infragistics Company, Xenko. |
| V3050 | Possibly an incorrect HTML. The </XX> closing tag was encountered, while the </YY> tag was expected. | Emby. |
| V3051 | An excessive type cast or check. The object is already of the same type. | Xamarin.Forms, Old NASA World Wind (C#), Mono, .NET Core Libraries (CoreFX), Emby, RunUO. |
| V3052 | The original exception object was swallowed. Stack of original exception could be lost. | Xamarin.Forms, FlashDevelop, SharpDevelop, PascalABC.NET, ONLYOFFICE Community Server. |
| V3053 | An excessive expression. Examine the substrings "abc" and "abcd". | GitExtensions, Orchard CMS, SharpDevelop, PascalABC.NET, Unity C# reference source code, Azure SDK for .NET. |
| V3054 | Potentially unsafe double-checked locking. Use volatile variable(s) or synchronization primitives to avoid this. | RunUO. |
| V3056 | Consider reviewing the correctness of 'X' item's usage. | FlashDevelop, Umbraco. |
| V3057 | Function receives an odd argument. | Unity3D, MSBuild, Orchard CMS, Umbraco, QuantConnect Lean, DotNetNuke. |
| V3061 | Parameter 'A' is always rewritten in method body before being used. | MSBuild, Mono, .NET Core Libraries (CoreFX), Telerik UI for UWP, RavenDB, QuantConnect Lean, Ryujinx, PeachPie, Unity C# reference source code, BTCPay Server, ... |
| V3062 | An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' method. | Accord.Net, AWS SDK for .NET, .NET 7, nopCommerce. |
| V3063 | A part of conditional expression is always true/false if it is evaluated. | RunUO, RavenDB, OpenRA, EFCore, Ryujinx, PeachPie, LINQ to DB, Bitwarden, Entity Framework Core, WolvenKit, ... |
| V3064 | Division or mod division by zero. | Accord.Net, Umbraco, SharpDevelop, Unity C# reference source code, Ryujinx. |
| V3065 | Parameter is not utilized inside method's body. | Xenko, Old NASA World Wind (C#). |
| V3066 | Possible incorrect order of arguments passed to method. | AvaloniaUI, osu!, RunUO, RavenDB, DotNetNuke, Umbraco, .NET 6 libraries, Discord.NET, .NET 7, Ryujinx, ... |
| V3067 | It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics. | RunUO. |
| V3068 | Calling overrideable class member from constructor is dangerous. | nopCommerce. |
| V3070 | Uninitialized variables are used when initializing the 'A' variable. | Mono, PascalABC.NET, RunUO, ILSpy, AvalonStudio, AWS SDK for .NET. |
| V3075 | The operation is executed 2 or more times in succession. | QuantConnect Lean. |
| V3076 | Comparison with 'double.NaN' is meaningless. Use 'double.IsNaN()' method instead. | Old NASA World Wind (C#), Unity C# reference source code. |
| V3077 | Property setter / event accessor does not utilize its 'value' parameter. | Azure PowerShell, DotNetNuke. |
| V3078 | Sorting keys priority will be reversed relative to the order of 'OrderBy' method calls. Perhaps, 'ThenBy' should be used instead. | SharpDevelop, Telerik UI for UWP, Ryujinx, GrandNode, IL2CPU, TowerDefense-GameFramework-Demo. |
| V3079 | The 'ThreadStatic' attribute is applied to a non-static 'A' field and will be ignored. | .NET 6 libraries. |
| V3080 | Possible null dereference. | Orchard Core, Eto.Forms, Discord.NET, OrchardCore, GrandNode, protobuf-net, Microsoft PowerToys, TowerDefense-GameFramework-Demo, Garnet, WolvenKit, ... |
| V3081 | The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter. | Entity Framework, Infer.NET. |
| V3083 | Unsafe invocation of event, NullReferenceException is possible. Consider assigning event to a local variable before invoking it. | AWS SDK for .NET, ShareX, Telerik UI for UWP, Azure SDK for .NET, osu!, Emby, RunUO, ILSpy, MonoGame, Eto.Forms, ... |
| V3085 | The name of 'X' field/property in a nested type is ambiguous. The outer type contains static field/property with identical name. | Emby, RunUO. |
| V3087 | Type of variable enumerated in 'foreach' is not guaranteed to be castable to the type of collection's elements. | FlashDevelop. |
| V3088 | The expression was enclosed by parentheses twice: ((expression)). One pair of parentheses is unnecessary or misprint is present. | .NET Core Libraries (CoreFX). |
| V3089 | Initializer of a field marked by [ThreadStatic] attribute will be called once on the first accessing thread. The field will have default value on different threads. | Mono. |
| V3090 | Unsafe locking on an object. | Old NASA World Wind (C#), Mono, Logify Alert Clients, Emby. |
| V3091 | Empirical analysis. It is possible that a typo is present inside the string literal. The 'foo' word is suspicious. | Azure PowerShell, WolvenKit. |
| V3092 | Range intersections are possible within conditional expressions. | Mono, RunUO. |
| V3093 | The operator evaluates both operands. Perhaps a short-circuit operator should be used instead. | Accord.Net, Old NASA World Wind (C#), NUnit, Azure PowerShell, Chocolatey, Open XML SDK. |
| V3095 | The object was used before it was verified against null. Check lines: N1, N2. | .NET 7, BTCPay Server, Microsoft PowerToys, SanAndreasUnity, Power-Fx, .NET 8, nopCommerce, TowerDefense-GameFramework-Demo, DiIiS, WolvenKit, ... |
| V3097 | Possible exception: type marked by [Serializable] contains non-serializable members not marked by [NonSerialized]. | Accord.Net, Open XML SDK. |
| V3102 | Suspicious access to element by a constant index inside a loop. | Accord.Net, Mono, SharpDevelop, .NET Core Libraries (CoreFX), Telerik UI for UWP, PascalABC.NET, Orleans, .NET 8. |
| V3105 | The 'a' variable was used after it was assigned through null-conditional operator. NullReferenceException is possible. | Umbraco, Eto.Forms, Bitwarden, AvalonStudio, OrchardCore, .NET MAUI, Microsoft PowerToys, nopCommerce, Garnet, WolvenKit, ... |
| V3106 | Possibly index is out of bound. | FastReport, .NET Core Libraries (CoreFX), AvaloniaUI, Nethermind, EFCore, Umbraco, MonoGame, Barotrauma, MassTransit, Starlight, ... |
| V3107 | Identical expression to the left and to the right of compound assignment. | Barotrauma. |
| V3108 | It is not recommended to return null or throw exceptions from 'ToString()' method. | Orchard CMS, FastReport, .NET Core Libraries (CoreFX), ShareX, BTCPay Server. |
| V3110 | Possible infinite recursion. | Orchard CMS, Umbraco, PascalABC.NET, FastReport, AWS SDK for .NET, .NET Core Libraries (CoreFX). |
| V3112 | An abnormality within similar comparisons. It is possible that a typo is present inside the expression. | Mono, Azure SDK for .NET. |
| V3114 | IDisposable object is not disposed before method returns. | AWS SDK for .NET. |
| V3115 | It is not recommended to throw exceptions from 'Equals(object obj)' method. | GitExtensions, Media Portal 2, PascalABC.NET, Unity C# reference source code, .NET Core Libraries (CoreFX), ONLYOFFICE Community Server, .NET 6 libraries, MudBlazor. |
| V3116 | Consider inspecting the 'for' operator. It's possible that the loop will be executed incorrectly or won't be executed at all. | Orleans. |
| V3117 | Constructor parameter is not used. | PowerShell, Infer.NET, FastReport, .NET Core Libraries (CoreFX), AvaloniaUI, Ryujinx, .NET 6 libraries, Discord.NET, MassTransit. |
| V3118 | A component of TimeSpan is used, which does not represent full time interval. Possibly 'Total*' value was intended instead. | Orchard CMS, Media Portal 2, MSBuild, ONLYOFFICE Community Server. |
| V3119 | Calling a virtual (overridden) event may lead to unpredictable behavior. Consider implementing event accessors explicitly or use 'sealed' keyword. | osu!. |
| V3121 | An enumeration was declared with 'Flags' attribute, but does not set any initializers to override default values. | Azure SDK for .NET. |
| V3122 | Uppercase (lowercase) string is compared with a different lowercase (uppercase) string. | DotNetNuke. |
| V3123 | Perhaps the '??' operator works in a different way than it was expected. Its priority is lower than priority of other operators in its left part. | Telerik UI for UWP, osu!, Chocolatey, Nethermind, RavenDB, Bitwarden, Akka.NET, DiIiS. |
| V3125 | The object was used after it was verified against null. Check lines: N1, N2. | Bitwarden, Orleans, AvalonStudio, Discord.NET, .NET MAUI, BTCPay Server, .NET 8, nopCommerce, TowerDefense-GameFramework-Demo, Garnet, ... |
| V3127 | Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'. | RavenDB, OpenRA, PeachPie, DotNetNuke, Piranha, Orchard Core, Discord.NET, GrandNode, Garnet, Starlight, ... |
| V3128 | The field (property) is used before it is initialized in constructor. | SharpDevelop, PascalABC.NET, .NET Core Libraries (CoreFX), OpenRA, Orleans. |
| V3130 | Priority of the '&&' operator is higher than that of the '||' operator. Possible missing parentheses. | Media Portal 2, WolvenKit. |
| V3131 | The expression is checked for compatibility with the type 'A', but is casted to the 'B' type. | RunUO. |
| V3134 | Shift by N bits is greater than the size of type. | Orleans, Discord.NET, Microsoft PowerToys, WolvenKit. |
| V3136 | Constant expression in switch statement. | Unity C# reference source code. |
| V3137 | The variable is assigned but is not used by the end of the function. | Roslyn Analyzers, Azure PowerShell, Telerik UI for UWP, LINQ to DB, Umbraco, MonoGame, Unity C# reference source code, AWS SDK for .NET, Power-Fx, Starlight. |
| V3138 | String literal contains potential interpolated expression. | .NET Core Libraries (CoreFX), Ryujinx, .NET 6 libraries, Unity C# reference source code, Orleans, AWS SDK for .NET. |
| V3139 | Two or more case-branches perform the same actions. | .NET Core Libraries (CoreFX), Roslyn Analyzers, Orchard CMS, Open XML SDK, QuantConnect Lean, ILSpy, Ryujinx, PeachPie, DotNetNuke, Eto.Forms, ... |
| V3140 | Property accessors use different backing fields. | RunUO, Eto.Forms. |
| V3142 | Unreachable code detected. It is possible that an error is present. | osu!, Emby, MassTransit. |
| V3143 | The 'value' parameter is rewritten inside a property setter, and is not used after that. | Azure PowerShell. |
| V3145 | Unsafe dereference of a WeakReference target. The object could have been garbage collected before the 'Target' property was accessed. | Telerik UI for UWP, Unity C# reference source code. |
| V3146 | Possible null dereference. A method can return default null value. | osu!, RavenDB, OpenRA, ONLYOFFICE Community Server, ILSpy, PascalABC.NET, MonoGame, Eto.Forms, Discord.NET, OrchardCore, ... |
| V3148 | Casting potential 'null' value to a value type can lead to NullReferenceException. | RunUO. |
| V3153 | Dereferencing the result of null-conditional access operator can lead to NullReferenceException. | MSBuild, Nethermind, .NET Compiler Platform ("Roslyn"), Barotrauma, Orleans, AvalonStudio, Garnet. |
| V3156 | The argument of the method is not expected to be null. | MonoGame, Cloudscribe, TowerDefense-GameFramework-Demo. |
| V3157 | Suspicious division. Absolute value of the left operand is less than the right operand. | .NET 7, Garnet. |
| V3159 | Modified value of the operand is not used after the increment/decrement operation. | Bitwarden, DiIiS. |
| V3168 | Awaiting on expression with potential null value can lead to throwing of 'NullReferenceException'. | BTCPay Server. |
| V3177 | Logical literal belongs to second operator with a higher priority. It is possible literal was intended to belong to '??' operator instead. | MudBlazor. |
| V3180 | The 'HasFlag' method always returns 'true' because the value '0' is passed as its argument. | RavenDB. |
| V3181 | The result of '&' operator is '0' because one of the operands is '0'. | .NET 8. |
| V3182 | The result of '&' operator is always '0'. | Ryujinx. |
| V3197 | The compared value inside the 'Object.Equals' override is converted to a different type that does not contain the override. | Unity C# reference source code. |
| V5609 | OWASP. Possible path traversal vulnerability. Potentially tainted data is used as a path. | Power-Fx. |
| V5611 | OWASP. Potential insecure deserialization vulnerability. Potentially tainted data is used to create an object using deserialization. | Power-Fx. |
| V6001 | There are identical sub-expressions to the left and to the right of the 'foo' operator. | IntelliJ IDEA Community Edition, Elasticsearch, Apache Hadoop, Ghidra, Bouncy Castle, Apache Flink, ELKI, Rhino, NetBeans 21, Apache Kafka. |
| V6002 | The switch statement does not cover all values of the enum. | CUBA Platform. |
| V6003 | The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence. | Elasticsearch, XMage, Bouncy Castle, GeoGebra, GeoServer. |
| V6004 | The 'then' statement is equivalent to the 'else' statement. | SonarQube, XMage, WildFly, Bouncy Castle, NGB, IntelliJ IDEA Community Edition, GeoServer. |
| V6005 | The 'x' variable is assigned to itself. | Huawei Cloud. |
| V6006 | The object was created but it is not being used. The 'throw' keyword could be missing. | Elasticsearch, Ghidra, Apache Solr. |
| V6007 | Expression is always true/false. | Apache Dubbo, Huawei Cloud, Apache Hadoop, Ghidra, XMage, WildFly, Apache Flink, Rhino, NetBeans 21, GeoServer, ... |
| V6008 | Potential null dereference. | Apache Hive, Huawei Cloud, Ghidra, XMage, WildFly, Rhino, NetBeans 21, Keycloak, Apache Solr, Apache Kafka, ... |
| V6009 | Function receives an odd argument. | Elasticsearch, CUBA Platform, Apache Hive, Apache Dubbo, Huawei Cloud, ELKI, NGB, NetBeans 21. |
| V6010 | The return value of function 'Foo' is required to be utilized. | Huawei Cloud, NGB, IntelliJ IDEA Community Edition, jMonkeyEngine, GeoServer. |
| V6011 | The expression contains a suspicious mix of integer and real types. | IntelliJ IDEA Community Edition. |
| V6012 | The '?:' operator, regardless of its conditional expression, always returns one and the same value. | XMage, ELKI. |
| V6013 | Comparison of arrays, strings, collections by reference. Possibly an equality comparison was intended. | Elasticsearch, jBullet, Keycloak, Apache Solr. |
| V6014 | It's odd that this method always returns one and the same value of NN. | CUBA Platform, Bouncy Castle. |
| V6016 | Suspicious access to element by a constant index inside a loop. | Bouncy Castle, Apache Dubbo, Apache Solr. |
| V6019 | Unreachable code detected. It is possible that an error is present. | CUBA Platform, Apache Dubbo, Apache Hadoop, Ghidra, WildFly, Bouncy Castle, ELKI, Rhino, IntelliJ IDEA Community Edition. |
| V6020 | Division or mod division by zero. | Apache Hive, ELKI. |
| V6021 | The value is assigned to the 'x' variable but is not used. | SpotBugs, CUBA Platform, Huawei Cloud, Rhino. |
| V6022 | Parameter is not used inside method's body. | CUBA Platform, Huawei Cloud, WildFly, ELKI, GeoServer. |
| V6023 | Parameter 'A' is always rewritten in method body before being used. | CUBA Platform. |
| V6025 | Possibly index is out of bound. | Elasticsearch, Bouncy Castle, ELKI, Rhino, jMonkeyEngine, GeoGebra. |
| V6026 | This value is already assigned to the 'b' variable. | CUBA Platform, XMage, jMonkeyEngine, jBullet. |
| V6027 | Variables are initialized through the call to the same function. It's probably an error or un-optimized code. | Apache Hadoop, GeoServer. |
| V6028 | Identical expression to the left and to the right of compound assignment. | Rhino. |
| V6029 | Possible incorrect order of arguments passed to method. | Apache Flink, NGB. |
| V6030 | The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead. | Apache Hive, DBeaver. |
| V6032 | It is odd that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function. | SonarQube, CUBA Platform, Huawei Cloud, Apache Flink, Rhino, NetBeans 21, Apache Solr. |
| V6033 | An item with the same key has already been added. | SonarJava, Bouncy Castle, Apache Hadoop, Ghidra, WildFly, GeoGebra. |
| V6034 | Shift by N bits is inconsistent with the size of type. | Apache Hive. |
| V6036 | The value from the uninitialized optional is used. | XMage. |
| V6037 | An unconditional 'break/continue/return/goto' within a loop. | CUBA Platform. |
| V6039 | There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless. | Elasticsearch, jMonkeyEngine. |
| V6042 | The expression is checked for compatibility with type 'A', but is cast to type 'B'. | Apache Hive, XMage. |
| V6043 | Consider inspecting the 'for' operator. Initial and final values of the iterator are the same. | Apache Hadoop. |
| V6045 | Suspicious subexpression in a sequence of similar comparisons. | GeoGebra. |
| V6046 | Incorrect format. Consider checking the N format items of the 'Foo' function. | Apache Hive, Apache Hadoop, WildFly, Apache Flink, Keycloak. |
| V6048 | This expression can be simplified. One of the operands in the operation equals NN. Probably it is a mistake. | Ghidra, Apache Flink, Rhino. |
| V6050 | Class initialization cycle is present. | Huawei Cloud. |
| V6051 | Use of jump statements in 'finally' block can lead to the loss of unhandled exceptions. | Apache Hive. |
| V6052 | Calling an overridden method in parent-class constructor may lead to use of uninitialized data. | DBeaver. |
| V6053 | Collection is modified while iteration is in progress. ConcurrentModificationException may occur. | Ghidra. |
| V6054 | Classes should not be compared by their name. | Apache Solr. |
| V6058 | Comparing objects of incompatible types. | Elasticsearch, WildFly. |
| V6060 | The reference was used before it was verified against null. | Elasticsearch, CUBA Platform, Huawei Cloud, XMage, WildFly, NetBeans 21, Keycloak, Apache Solr, GeoServer, Apache Kafka, ... |
| V6062 | Possible infinite recursion. | CUBA Platform, ELKI, NetBeans 21. |
| V6066 | Passing objects of incompatible types to the method of collection. | Apache Flink, NGB, Apache Kafka. |
| V6067 | Two or more case-branches perform the same actions. | Apache Dubbo, Apache Hadoop, GeoGebra. |
| V6072 | Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'. | Apache Hadoop, XMage, GeoServer. |
| V6073 | It is not recommended to return null or throw exceptions from 'toString' / 'clone' methods. | Apache Solr. |
| V6074 | Non-atomic modification of volatile variable. | Apache Flink, DBeaver. |
| V6079 | Value of variable is checked after use. Potential logical error is present. Check lines: N1, N2. | ELKI. |
| V6080 | Consider checking for misprints. It's possible that an assigned variable should be checked in the next condition. | NetBeans 21, GeoServer. |
| V6082 | Unsafe double-checked locking. | WildFly, DBeaver, Keycloak. |
| V6086 | Suspicious code formatting. 'else' keyword is probably missing. | XMage, GeoGebra. |
| V6090 | Field 'A' is being used before it was initialized. | Apache Solr. |
| V6091 | Suspicious getter/setter implementation. The 'A' field should probably be returned/assigned instead. | jBullet, Apache Solr. |
| V6094 | The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid the loss of a fractional part. | ELKI, IntelliJ IDEA Community Edition. |
| V6100 | An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' method. | Rhino. |
| V6102 | Inconsistent synchronization of a field. Consider synchronizing the field on all usages. | Apache Solr, Apache Kafka. |
| V6107 | The constant NN is being utilized. The resulting value could be inaccurate. Consider using the KK constant. | GeoGebra. |
| V6113 | Suspicious division. Absolute value of the left operand is less than the value of the right operand. | Apache Solr. |