Сообщения PVS-Studio

• Какие ошибки ловит PVS-Studio?
• Список всех диагностик анализатора в XML
• Диагностики общего назначения (General Analysis, C++)
• Диагностики общего назначения (General Analysis, C#)
• Диагностики общего назначения (General Analysis, Java)
• Микрооптимизации (C++)
• Микрооптимизации (C#)
• Диагностика 64-битных ошибок (Viva64, C++)
• Реализовано по запросам пользователей (C++)
• Cтандарт MISRA
• Стандарт AUTOSAR
• Стандарт OWASP (C++)
• Стандарт OWASP (C#)
• Стандарт OWASP (Java)
• Проблемы при работе анализатора кода

Какие ошибки ловит PVS-Studio?

Мы постарались сгруппировать большинство диагностик в несколько групп, чтобы вы могли получить общее представление о возможностях анализатора кода PVS-Studio.

Так как деление диагностик весьма условно, то некоторые диагностики входят в несколько групп. Например, неправильное условие "if (abc == abc)", можно одновременно интерпретировать и как простую опечатку, и как проблему безопасности, так как ошибка приводит к уязвимости кода при некорректных входных данных.

Некоторым ошибкам наоборот места в таблице не нашлось - уж слишком они специфичны. Тем не менее, таблица в целом дает представление о функциональности статического анализатора кода.

Список всех диагностик анализатора в XML

Список диагностик анализатора в формате XML, предназначенный для автоматического разбора, доступен по постоянной ссылке здесь.

Таблица 1 – Возможности PVS-Studio.

Как видите, анализатор максимально проявляет себя в таких областях, как поиск ошибок, возникших из-за опечаток и Copy-Paste. Хорошо диагностирует проблемы, которые связаны с безопасностью кода.

Как всё это работает на практике можно узнать, заглянув в базу ошибок. Мы собираем в эту базу все ошибки, которые нашли, проверяя различные открытые проекты с помощью PVS-Studio.

Диагностики общего назначения (General Analysis, C++)

• V501. Identical sub-expressions to the left and to the right of 'foo' operator.
• V502. The '?:' operator may not work as expected. The '?:' operator has a lower priority than the 'foo' operator.
• V503. Nonsensical comparison: pointer < 0.
• V504. Semicolon ';' is probably missing after the 'return' keyword.
• V505. The 'alloca' function is used inside the loop. This can quickly overflow stack.
• V506. Pointer to local variable 'X' is stored outside the scope of this variable. Such a pointer will become invalid.
• V507. Pointer to local array 'X' is stored outside the scope of this array. Such a pointer will become invalid.
• V508. The 'new type(n)' pattern was detected. Probably meant: 'new type[n]'.
• V509. Exceptions raised inside noexcept functions must be wrapped in a try..catch block.
• V510. The 'Foo' function receives class-type variable as Nth actual argument. This is unexpected behavior.
• V511. The sizeof() operator returns pointer size instead of array size.
• V512. Call of the 'Foo' function will lead to buffer overflow.
• V513. Use _beginthreadex/_endthreadex functions instead of CreateThread/ExitThread functions.
• V514. Potential logical error. Size of a pointer is divided by another value.
• V515. The 'delete' operator is applied to non-pointer.
• V516. Non-null function pointer is compared to null. Consider inspecting the expression.
• V517. Potential logical error. The 'if (A) {...} else if (A) {...}' pattern was detected.
• V518. The 'malloc' function allocates suspicious amount of memory calculated by 'strlen(expr)'. Perhaps the correct expression is strlen(expr) + 1.
• V519. The 'x' variable is assigned values twice successively. Perhaps this is a mistake.
• V520. Comma operator ',' in array index expression.
• V521. Expressions that use comma operator ',' are dangerous. Make sure the expression is correct.
• V522. Possible null pointer dereference.
• V523. The 'then' statement is equivalent to the 'else' statement.
• V524. It is suspicious that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function.
• V525. Code contains collection of similar blocks. Check items X, Y, Z, ... in lines N1, N2, N3, ...
• V526. The 'strcmp' function returns 0 if corresponding strings are equal. Consider inspecting the condition for mistakes.
• V527. The 'zero' value is assigned to pointer. Probably meant: *ptr = zero.
• V528. Pointer is compared with 'zero' value. Probably meant: *ptr != zero.
• V529. Suspicious semicolon ';' after 'if/for/while' operator.
• V530. Return value of 'Foo' function is required to be used.
• V531. The sizeof() operator is multiplied by sizeof(). Consider inspecting the expression.
• V532. Consider inspecting the statement of '*pointer++' pattern. Probably meant: '(*pointer)++'.
• V533. It is possible that a wrong variable is incremented inside the 'for' operator. Consider inspecting 'X'.
• V534. It is possible that a wrong variable is compared inside the 'for' operator. Consider inspecting 'X'.
• V535. The 'X' variable is used for this loop and outer loops.
• V536. Constant value is represented by an octal form.
• V537. Potential incorrect use of item 'X'. Consider inspecting the expression.
• V538. The line contains control character 0x0B (vertical tabulation).
• V539. Iterators are passed as arguments to 'Foo' function. Consider inspecting the expression.
• V540. Member 'x' should point to string terminated by two 0 characters.
• V541. String is printed into itself. Consider inspecting the expression.
• V542. Suspicious type cast: 'Type1' to ' Type2'. Consider inspecting the expression.
• V543. It is suspicious that value 'X' is assigned to the variable 'Y' of HRESULT type.
• V544. It is suspicious that the value 'X' of HRESULT type is compared with 'Y'.
• V545. Conditional expression of 'if' statement is incorrect for the HRESULT type value 'Foo'. The SUCCEEDED or FAILED macro should be used instead.
• V546. The 'Foo(Foo)' class member is initialized with itself.
• V547. Expression is always true/false.
• V548. TYPE X[][] is not equivalent to TYPE **X. Consider inspecting type casting.
• V549. The 'first' argument of 'Foo' function is equal to the 'second' argument.
• V550. Suspicious precise comparison. Consider using a comparison with defined precision: fabs(A - B) < Epsilon or fabs(A - B) > Epsilon.
• V551. Unreachable code under a 'case' label.
• V552. A bool type variable is incremented. Perhaps another variable should be incremented instead.
• V553. Length of function body or class declaration is more than 2000 lines. Consider refactoring the code.
• V554. Incorrect use of smart pointer.
• V555. Expression of the 'A - B > 0' kind will work as 'A != B'.
• V556. Values of different enum types are compared.
• V557. Possible array overrun.
• V558. Function returns pointer/reference to temporary local object.
• V559. Suspicious assignment inside the conditional expression of 'if/while/for' statement.
• V560. Part of conditional expression is always true/false.
• V561. Consider assigning value to 'foo' variable instead of declaring it anew.
• V562. Bool type value is compared with value of N. Consider inspecting the expression.
• V563. An 'else' branch may apply to the previous 'if' statement.
• V564. The '&' or '|' operator is applied to bool type value. Check for missing parentheses or use the '&&' or '||' operator.
• V565. Empty exception handler. Silent suppression of exceptions can hide errors in source code during testing.
• V566. Integer constant is converted to pointer. Check for an error or bad coding style.
• V567. Modification of variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior.
• V568. It is suspicious that the argument of sizeof() operator is the expression.
• V569. Truncation of constant value.
• V570. Variable is assigned to itself.
• V571. Recurring check. This condition was already verified in previous line.
• V572. Object created using 'new' operator is immediately cast to another type. Consider inspecting the expression.
• V573. Use of uninitialized variable 'Foo'. The variable was used to initialize itself.
• V574. Pointer is used both as an array and as a pointer to single object.
• V575. Function receives suspicious argument.
• V576. Incorrect format. Consider checking the Nth actual argument of the 'Foo' function.
• V577. Label is present inside switch(). Check for typos and consider using the 'default:' operator instead.
• V578. Suspicious bitwise operation was detected. Consider inspecting it.
• V579. The 'Foo' function receives the pointer and its size as arguments. This may be a potential error. Inspect the Nth argument.
• V580. Suspicious explicit type casting. Consider inspecting the expression.
• V581. Conditional expressions of 'if' statements located next to each other are identical.
• V582. Consider reviewing the source code that uses the container.
• V583. The '?:' operator, regardless of its conditional expression, always returns the same value.
• V584. Same value is present on both sides of the operator. The expression is incorrect or can be simplified.
• V585. Attempt to release memory that stores the 'Foo' local variable.
• V586. The 'Foo' function is called twice to deallocate the same resource.
• V587. Suspicious sequence of assignments: A = B; B = A;.
• V588. Expression of the 'A =+ B' kind is used. Possibly meant: 'A += B'. Consider inspecting the expression.
• V589. Expression of the 'A =- B' kind is used. Possibly meant: 'A -= B'. Consider inspecting the expression.
• V590. Possible excessive expression or typo. Consider inspecting the expression.
• V591. Non-void function must return value.
• V592. Expression is enclosed by parentheses twice: ((expression)). One pair of parentheses is unnecessary or typo is present.
• V593. Expression 'A = B == C' is calculated as 'A = (B == C)'. Consider inspecting the expression.
• V594. Pointer to array is out of array bounds.
• V595. Pointer was used before its check for nullptr. Check lines: N1, N2.
• V596. Object was created but is not used. Check for missing 'throw' keyword.
• V597. Compiler may delete 'memset' function call that is used to clear 'Foo' buffer. Use the RtlSecureZeroMemory() function to erase private data.
• V598. Memory manipulation function is used to work with a class object containing a virtual table pointer. The result of such an operation may be unexpected.
• V599. The virtual destructor is not present, although the 'Foo' class contains virtual functions.
• V600. The 'Foo' pointer is always not equal to NULL. Consider inspecting the condition.
• V601. Suspicious implicit type casting.
• V602. The '<' operator should probably be replaced with '<<'. Consider inspecting this expression.
• V603. Object was created but not used. If you wish to call constructor, use 'this->Foo::Foo(....)'.
• V604. Number of iterations in loop equals size of a pointer. Consider inspecting the expression.
• V605. Unsigned value is compared to the NN number. Consider inspecting the expression.
• V606. Ownerless token 'Foo'.
• V607. Ownerless expression 'Foo'.
• V608. Recurring sequence of explicit type casts.
• V609. Possible division or mod by zero.
• V610. Undefined behavior. Check the shift operator.
• V611. Memory allocation and deallocation methods are incompatible.
• V612. Unconditional 'break/continue/return/goto' within a loop.
• V613. Suspicious pointer arithmetic with 'malloc/new'.
• V614. Use of 'Foo' uninitialized variable.
• V615. Suspicious explicit conversion from 'float *' type to 'double *' type.
• V616. Use of 'Foo' named constant with 0 value in bitwise operation.
• V617. Argument of the '|' bitwise operation always contains non-zero value. Consider inspecting the condition.
• V618. Dangerous call of 'Foo' function. The passed line may contain format specification. Example of safe code: printf("%s", str);
• V619. Array is used as pointer to single object.
• V620. Expression of sizeof(T)*N kind is summed up with pointer to T type. Consider inspecting the expression.
• V621. Loop may execute incorrectly or may not execute at all. Consider inspecting the 'for' operator.
• V622. First 'case' operator may be missing. Consider inspecting the 'switch' statement.
• V623. Temporary object is created and then destroyed. Consider inspecting the '?:' operator.
• V624. Use of constant NN. The resulting value may be inaccurate. Consider using the M_NN constant from <math.h>.
• V625. Initial and final values of the iterator are the same. Consider inspecting the 'for' operator.
• V626. It's possible that ',' should be replaced by ';'. Consider checking for typos.
• V627. Argument of sizeof() is a macro, which expands to a number. Consider inspecting the expression.
• V628. It is possible that a line was commented out improperly, thus altering the program's operation logic.
• V629. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type. Consider inspecting the expression.
• V630. The 'malloc' function is used to allocate memory for an array of objects that are classes containing constructors/destructors.
• V631. Defining absolute path to file or directory is considered a poor coding style. Consider inspecting the 'Foo' function call.
• V632. Argument is of the 'T' type. Consider inspecting the NN argument of the 'Foo' function.
• V633. The '!=' operator should probably be used here. Consider inspecting the expression.
• V634. Priority of '+' operation is higher than priority of '<<' operation. Consider using parentheses in the expression.
• V635. Length should be probably multiplied by sizeof(wchar_t). Consider inspecting the expression.
• V636. Expression was implicitly cast from integer type to real type. Consider using an explicit type cast to avoid overflow or loss of a fractional part.
• V637. Use of two opposite conditions. The second condition is always false.
• V638. Terminal null is present inside a string. Use of '\0xNN' characters. Probably meant: '\xNN'.
• V639. One of closing ')' parentheses is probably positioned incorrectly. Consider inspecting the expression for function call.
• V640. Code's operational logic does not correspond with its formatting.
• V641. Buffer size is not a multiple of element size.
• V642. Function result is saved inside the 'byte' type variable. Significant bits may be lost. This may break the program's logic.
• V643. Suspicious pointer arithmetic. Value of 'char' type is added to a string pointer.
• V644. Suspicious function declaration. Consider creating a 'T' type object.
• V645. Function call may lead to buffer overflow. Bounds should not contain size of a buffer, but a number of characters it can hold.
• V646. The 'else' keyword may be missing. Consider inspecting the program's logic.
• V647. Value of 'A' type is assigned to a pointer of 'B' type.
• V648. Priority of '&&' operation is higher than priority of '||' operation.
• V649. Two 'if' statements with identical conditional expressions. The first 'if' statement contains function return. This means that the second 'if' statement is senseless.
• V650. Type casting is used 2 times in a row. The '+' operation is executed. Probably meant: (T1)((T2)a + b).
• V651. Suspicious operation of 'sizeof(X)/sizeof(T)' kind, where 'X' is of the 'class' type.
• V652. Operation is executed 3 or more times in a row.
• V653. Suspicious string consisting of two parts is used for initialization. Comma may be missing.
• V654. Condition of a loop is always true/false.
• V655. Strings were concatenated but not used. Consider inspecting the expression.
• V656. Variables are initialized through the call to the same function. It's probably an error or un-optimized code.
• V657. Function always returns the same value of NN. Consider inspecting the function.
• V658. Value is subtracted from unsigned variable. It can result in an overflow. In such a case, the comparison operation may behave unexpectedly.
• V659. Functions' declarations with 'Foo' name differ in 'const' keyword only, while these functions' bodies have different composition. It is suspicious and can possibly be an error.
• V660. Program contains an unused label and function call: 'CC:AA()'. Probably meant: 'CC::AA()'.
• V661. Suspicious expression 'A[B < C]'. Probably meant 'A[B] < C'.
• V662. Different containers are used to set up initial and final values of iterator. Consider inspecting the loop expression.
• V663. Infinite loop is possible. The 'cin.eof()' condition is insufficient to break from the loop. Consider adding the 'cin.fail()' function call to the conditional expression.
• V664. Pointer is dereferenced on the initialization list before its check for null inside the body of a constructor function.
• V665. Possible incorrect use of '#pragma warning(default: X)'. The '#pragma warning(push/pop)' should be used instead.
• V666. Value may not correspond with the length of a string passed with YY argument. Consider inspecting the NNth argument of the 'Foo' function.
• V667. The 'throw' operator does not have any arguments and is not located within the 'catch' block.
• V668. Possible meaningless check for null, as memory was allocated using 'new' operator. Memory allocation will lead to an exception.
• V669. Argument is a non-constant reference. The analyzer is unable to determine the position where this argument is modified. Consider checking the function for an error.
• V670. Uninitialized class member is used to initialize another member. Remember that members are initialized in the order of their declarations inside a class.
• V671. The 'swap' function may interchange a variable with itself.
• V672. It is possible that creating a new variable is unnecessary. One of the function's arguments has the same name and this argument is a reference.
• V673. More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits.
• V674. Expression contains a suspicious mix of integer and real types.
• V675. Writing into read-only memory.
• V676. Incorrect comparison of BOOL type variable with TRUE.
• V677. Custom declaration of standard type. Consider using the declaration from system header files instead.
• V678. Object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' function.
• V679. The 'X' variable was not initialized. This variable is passed by reference to the 'Foo' function in which its value will be used.
• V680. The 'delete A, B' expression only destroys the 'A' object. Then the ',' operator returns a resulting value from the right side of the expression.
• V681. The language standard does not define order in which 'Foo' functions are called during evaluation of arguments.
• V682. Suspicious literal: '/r'. It is possible that a backslash should be used instead: '\r'.
• V683. The 'i' variable should probably be incremented instead of the 'n' variable. Consider inspecting the loop expression.
• V684. Value of variable is not modified. It is possible that '1' should be present instead of '0'. Consider inspecting the expression.
• V685. The expression contains a comma. Consider inspecting the return statement.
• V686. Pattern A || (A && ...) was detected. The expression is excessive or contains a logical error.
• V687. Size of array calculated by sizeof() operator was added to a pointer. It is possible that the number of elements should be calculated by sizeof(A)/sizeof(A[0]).
• V688. The 'foo' local variable has the same name as one of class members. This can result in confusion.
• V689. Destructor of 'Foo' class is not declared as virtual. A smart pointer may not destroy an object correctly.
• V690. The class implements a copy constructor/operator=, but lacks the operator=/copy constructor.
• V691. Empirical analysis. Possible typo inside the string literal. The 'foo' word is suspicious.
• V692. Inappropriate attempt to append a null character to a string. To determine the length of a string by 'strlen' function correctly, use a string ending with a null terminator in the first place.
• V693. It is possible that 'i < X.size()' should be used instead of 'X.size()'. Consider inspecting conditional expression of the loop.
• V694. The condition (ptr - const_value) is only false if the value of a pointer equals a magic constant.
• V695. Range intersections are possible within conditional expressions.
• V696. The 'continue' operator will terminate 'do { ... } while (FALSE)' loop because the condition is always false.
• V697. Number of elements in the allocated array equals the size of a pointer in bytes.
• V698. Functions of strcmp() kind can return any values, not only -1, 0, or 1.
• V699. It is possible that 'foo = bar == baz ? .... : ....' should be used here instead of 'foo = bar = baz ? .... : ....'. Consider inspecting the expression.
• V700. It is suspicious that variable is initialized through itself. Consider inspecting the 'T foo = foo = x;' expression.
• V701. Possible realloc() leak: when realloc() fails to allocate memory, original pointer is lost. Consider assigning realloc() to a temporary pointer.
• V702. Classes should always be derived from std::exception (and alike) as 'public'.
• V703. It is suspicious that the 'foo' field in derived class overwrites field in base class.
• V704. The expression is always false on newer compilers. Avoid using 'this == 0' comparison.
• V705. It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics.
• V706. Suspicious division: sizeof(X) / Value. Size of every element in X array is not equal to divisor.
• V707. Giving short names to global variables is considered to be bad practice.
• V708. Dangerous construction is used: 'm[x] = m.size()', where 'm' is of 'T' class. This may lead to undefined behavior.
• V709. Suspicious comparison found: 'a == b == c'. Remember that 'a == b == c' is not equal to 'a == b && b == c'.
• V710. Suspicious declaration. There is no point to declare constant reference to a number.
• V711. It is dangerous to create a local variable within a loop with a same name as a variable controlling this loop.
• V712. Compiler may optimize out this loop or make it infinite. Use volatile variable(s) or synchronization primitives to avoid this.
• V713. Pointer was used in the logical expression before its check for nullptr in the same logical expression.
• V714. Variable is not passed into foreach loop by reference, but its value is changed inside of the loop.
• V715. The 'while' operator has empty body. This pattern is suspicious.
• V716. Suspicious type conversion: HRESULT -> BOOL (BOOL -> HRESULT).
• V717. It is suspicious to cast object of base class V to derived class U.
• V718. The 'Foo' function should not be called from 'DllMain' function.
• V719. The switch statement does not cover all values of the enum.
• V720. The 'SuspendThread' function is usually used when developing a debugger. See documentation for details.
• V721. The VARIANT_BOOL type is used incorrectly. The true value (VARIANT_TRUE) is defined as -1.
• V722. Abnormality within similar comparisons. It is possible that a typo is present inside the expression.
• V723. Function returns a pointer to the internal string buffer of a local object, which will be destroyed.
• V724. Converting integers or pointers to BOOL can lead to a loss of high-order bits. Non-zero value can become 'FALSE'.
• V725. Dangerous cast of 'this' to 'void*' type in the 'Base' class, as it is followed by a subsequent cast to 'Class' type.
• V726. Attempt to free memory containing the 'int A[10]' array by using the 'free(A)' function.
• V727. Return value of 'wcslen' function is not multiplied by 'sizeof(wchar_t)'.
• V728. Excessive check can be simplified. The '||' operator is surrounded by opposite expressions 'x' and '!x'.
• V729. Function body contains the 'X' label that is not used by any 'goto' statements.
• V730. Not all members of a class are initialized inside the constructor.
• V731. The variable of char type is compared with pointer to string.
• V732. Unary minus operator does not modify a bool type value.
• V733. It is possible that macro expansion resulted in incorrect evaluation order.
• V734. Excessive expression. Examine the substrings "abc" and "abcd".
• V735. Possibly an incorrect HTML. The "</XX>" closing tag was encountered, while the "</YY>" tag was expected.
• V736. The behavior is undefined for arithmetic or comparisons with pointers that do not point to members of the same array.
• V737. It is possible that ',' comma is missing at the end of the string.
• V738. Temporary anonymous object is used.
• V739. EOF should not be compared with a value of the 'char' type. Consider using the 'int' type.
• V740. Exception is of the 'int' type because NULL is defined as 0. Keyword 'nullptr' can be used for 'pointer' type exception.
• V741. Use of the throw (a, b); pattern. It is possible that type name was omitted: throw MyException(a, b);.
• V742. Function receives an address of a 'char' type variable instead of pointer to a buffer.
• V743. The memory areas must not overlap. Use 'memmove' function.
• V744. Temporary object is immediately destroyed after being created. Consider naming the object.
• V745. A 'wchar_t *' type string is incorrectly converted to 'BSTR' type string.
• V746. Object slicing. An exception should be caught by reference rather than by value.
• V747. Suspicious expression inside parentheses. A function name may be missing.
• V748. Memory for 'getline' function should be allocated only by 'malloc' or 'realloc' functions. Consider inspecting the first parameter of 'getline' function.
• V749. Destructor of the object will be invoked a second time after leaving the object's scope.
• V750. BSTR string becomes invalid. Notice that BSTR strings store their length before start of the text.
• V751. Parameter is not used inside function's body.
• V752. Creating an object with placement new requires a buffer of large size.
• V753. The '&=' operation always sets a value of 'Foo' variable to zero.
• V754. The expression of 'foo(foo(x))' pattern is excessive or contains an error.
• V755. Copying from potentially tainted data source. Buffer overflow is possible.
• V756. The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter.
• V757. It is possible that an incorrect variable is compared with null after type conversion using 'dynamic_cast'.
• V758. Reference was invalidated because of destruction of the temporary object returned by the function.
• V759. Violated order of exception handlers. Exception caught by handler for base class.
• V760. Two identical text blocks were detected. The second block starts with NN string.
• V761. NN identical blocks were found.
• V762. Consider inspecting virtual function arguments. See NN argument of function 'Foo' in derived class and base class.
• V763. Parameter is always rewritten in function body before being used.
• V764. Possible incorrect order of arguments passed to function.
• V765. Compound assignment expression 'X += X + N' is suspicious. Consider inspecting it for a possible error.
• V766. An item with the same key has already been added.
• V767. Suspicious access to element by a constant index inside a loop.
• V768. Variable is of enum type. It is suspicious that it is used as a variable of a Boolean-type.
• V769. The pointer in the expression equals nullptr. The resulting value is meaningless and should not be used.
• V770. Possible use of left shift operator instead of comparison operator.
• V771. The '?:' operator uses constants from different enums.
• V772. Calling the 'delete' operator for a void pointer will cause undefined behavior.
• V773. Function exited without releasing the pointer/handle. A memory/resource leak is possible.
• V774. Pointer was used after the memory was released.
• V775. It is suspicious that the BSTR data type is compared using a relational operator.
• V776. Potentially infinite loop. The variable in the loop exit condition does not change its value between iterations.
• V777. Dangerous widening type conversion from an array of derived-class objects to a base-class pointer.
• V778. Two similar code fragments. Perhaps, it is a typo and 'X' variable should be used instead of 'Y'.
• V779. Unreachable code was detected. It is possible that an error is present.
• V780. The object of non-passive (non-PDS) type cannot be used with the function.
• V781. Value of a variable is checked after it is used. Possible error in program's logic. Check lines: N1, N2.
• V782. It is pointless to compute the distance between the elements of different arrays.
• V783. Possible dereference of invalid iterator 'X'.
• V784. The size of the bit mask is less than the size of the first operand. This will cause the loss of the higher bits.
• V785. Constant expression in switch statement.
• V786. Assigning the value C to the X variable looks suspicious. The value range of the variable: [A, B].
• V787. Wrong variable is probably used in the for operator as an index.
• V788. Review captured variable in lambda expression.
• V789. Iterators for the container, used in the range-based for loop, become invalid upon a function call.
• V790. It is suspicious that the assignment operator takes an object by a non-constant reference and returns this object.
• V791. The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead.
• V792. The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead.
• V793. It is suspicious that the result of the statement is a part of the condition. Perhaps, this statement should have been compared with something else.
• V794. The assignment operator should be protected from the case of 'this == &src'.
• V795. Size of the 'time_t' type is not 64 bits. After the year 2038, the program will work incorrectly.
• V796. A 'break' statement is probably missing in a 'switch' statement.
• V797. The function is used as if it returned a bool type. The return value of the function should probably be compared with std::string::npos.
• V798. The size of the dynamic array can be less than the number of elements in the initializer.
• V799. Variable is not used after memory is allocated for it. Consider checking the use of this variable.
• V1001. Variable is assigned but not used by the end of the function.
• V1002. Class that contains pointers, constructor and destructor is copied by the automatically generated operator= or copy constructor.
• V1003. Macro expression is dangerous or suspicious.
• V1004. Pointer was used unsafely after its check for nullptr.
• V1005. The resource was acquired using 'X' function but was released using incompatible 'Y' function.
• V1006. Several shared_ptr objects are initialized by the same pointer. A double memory deallocation will occur.
• V1007. Value from the uninitialized optional is used. It may be an error.
• V1008. No more than one iteration of the loop will be performed. Consider inspecting the 'for' operator.
• V1009. Check the array initialization. Only the first element is initialized explicitly.
• V1010. Unchecked tainted data is used in expression.
• V1011. Function execution could be deferred. Consider specifying execution policy explicitly.
• V1012. The expression is always false. Overflow check is incorrect.
• V1013. Suspicious subexpression in a sequence of similar comparisons.
• V1014. Structures with members of real type are compared byte-wise.
• V1015. Suspicious simultaneous use of bitwise and logical operators.
• V1016. The value is out of range of enum values. This causes unspecified or undefined behavior.
• V1017. Variable of the 'string_view' type references a temporary object, which will be removed after evaluation of an expression.
• V1018. Usage of a suspicious mutex wrapper. It is probably unused, uninitialized, or already locked.
• V1019. Compound assignment expression is used inside condition.
• V1020. Function exited without performing epilogue actions. It is possible that there is an error.
• V1021. The variable is assigned the same value on several loop iterations.
• V1022. Exception was thrown by pointer. Consider throwing it by value instead.
• V1023. A pointer without owner is added to the container by the 'emplace_back' method. A memory leak will occur in case of an exception.
• V1024. Potential use of invalid data. The stream is checked for EOF before reading from it but is not checked after reading.
• V1025. New variable with default value is created instead of 'std::unique_lock' that locks on the mutex.
• V1026. The variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow.
• V1027. Pointer to an object of the class is cast to unrelated class.
• V1028. Possible overflow. Consider casting operands, not the result.
• V1029. Numeric Truncation Error. Return value of function is written to N-bit variable.
• V1030. Variable is used after it is moved.
• V1031. Function is not declared. The passing of data to or from this function may be affected.
• V1032. Pointer is cast to a more strictly aligned pointer type.
• V1033. Variable is declared as auto in C. Its default type is int.
• V1034. Do not use real-type variables as loop counters.
• V1035. Only values returned from fgetpos() can be used as arguments to fsetpos().
• V1036. Potentially unsafe double-checked locking.
• V1037. Two or more case-branches perform the same actions.
• V1038. It is suspicious that a char or string literal is added to a pointer.
• V1039. Character escape is used in multicharacter literal. This causes implementation-defined behavior.
• V1040. Possible typo in the spelling of a pre-defined macro name.
• V1041. Class member is initialized with dangling reference.
• V1042. This file is marked with copyleft license, which requires you to open the derived source code.
• V1043. A global object variable is declared in the header. Multiple copies of it will be created in all translation units that include this header file.
• V1044. Loop break conditions do not depend on the number of iterations.
• V1045. The DllMain function throws an exception. Consider wrapping the throw operator in a try..catch block.
• V1046. Unsafe usage of the 'bool' and integer types together in the operation '&='.
• V1047. Lifetime of the lambda is greater than lifetime of the local variable captured by reference.
• V1048. Variable 'foo' was assigned the same value.
• V1049. The 'foo' include guard is already defined in the 'bar1.h' header. The 'bar2.h' header will be excluded from compilation.
• V1050. Uninitialized class member is used when initializing the base class.
• V1051. It is possible that an assigned variable should be checked in the next condition. Consider checking for typos.
• V1052. Declaring virtual methods in a class marked as 'final' is pointless.
• V1053. Calling the 'foo' virtual function in the constructor/destructor may lead to unexpected result at runtime.
• V1054. Object slicing. Derived class object was copied to the base class object.
• V1055. The 'sizeof' expression returns the size of the container type, not the number of elements. Consider using the 'size()' function.
• V1056. The predefined identifier '__func__' always contains the string 'operator()' inside function body of the overloaded 'operator()'.
• V1057. Pseudo random sequence is the same at every program run. Consider assigning the seed to a value not known at compile-time.
• V1058. Nonsensical comparison of two different functions' addresses.
• V1059. Macro name overrides a keyword/reserved name. This may lead to undefined behavior.
• V1060. Passing 'BSTR ' to the 'SysAllocString' function may lead to incorrect object creation.
• V1061. Extending 'std' or 'posix' namespace may result in undefined behavior.
• V1062. Class defines a custom new or delete operator. The opposite operator must also be defined.
• V1063. The modulo by 1 operation is meaningless. The result will always be zero.
• V1064. The left operand of integer division is less than the right one. The result will always be zero.
• V1065. Expression can be simplified: check similar operands.
• V1066. The 'SysFreeString' function should be called only for objects of the 'BSTR' type.
• V1067. Throwing from exception constructor may lead to unexpected behavior.
• V1068. Do not define an unnamed namespace in a header file.
• V1069. Do not concatenate string literals with different prefixes.
• V1070. Signed value is converted to an unsigned one with subsequent expansion to a larger type in ternary operator.
• V1071. Return value is not always used. Consider inspecting the 'foo' function.
• V1072. Buffer needs to be securely cleared on all execution paths.
• V1073. Check the following code block after the 'if' statement. Consider checking for typos.
• V1074. Boundary between numeric escape sequence and string is unclear. The escape sequence ends with a letter and the next character is also a letter. Check for typos.
• V1075. The function expects the file to be opened in one mode, but it was opened in different mode.
• V1076. Code contains invisible characters that may alter its logic. Consider enabling the display of invisible characters in the code editor.
• V1077. Constructor contains potentially uninitialized members.
• V1078. An empty container is iterated. The loop will not be executed.
• V1079. Parameter of 'std::stop_token' type is not used inside function's body.
• V1080. Call of 'std::is_constant_evaluated' function always returns the same value.
• V1081. Argument of abs() function is minimal negative value. Such absolute value can't be represented in two's complement. This leads to undefined behavior.
• V1082. Function marked as 'noreturn' may return control. This will result in undefined behavior.
• V1083. Signed integer overflow in arithmetic expression. This leads to undefined behavior.
• V1084. The expression is always true/false. The value is out of range of enum values.
• V1085. Negative value is implicitly converted to unsigned integer type in arithmetic expression.
• V1086. Call of the 'Foo' function will lead to buffer underflow.
• V1087. Upper bound of case range is less than its lower bound. This case may be unreachable.
• V1088. No objects are passed to the 'std::scoped_lock' constructor. No locking will be performed. This can cause concurrency issues.
• V1089. Waiting on condition variable without predicate. A thread can wait indefinitely or experience a spurious wake-up.
• V1090. The 'std::uncaught_exception' function is deprecated since C++17 and is removed in C++20. Consider replacing this function with 'std::uncaught_exceptions'.
• V1091. The pointer is cast to an integer type of a larger size. Casting pointer to a type of a larger size is an implementation-defined behavior.
• V1092. Recursive function call during the static/thread_local variable initialization might occur. This may lead to undefined behavior.
• V1093. The result of the right shift operation will always be 0. The right operand is greater than or equal to the number of bits in the left operand.
• V1094. Conditional escape sequence in literal. Its representation is implementation-defined.
• V1095. Usage of potentially invalid handle. The value should be non-negative.
• V1096. Variable with static storage duration is declared inside the inline function with external linkage. This may lead to ODR violation.
• V1097. Line splice results in a character sequence that matches the syntax of a universal-character-name. Using this sequence lead to undefined behavior.
• V1098. The 'emplace' / 'insert' function call contains potentially dangerous move operation. Moved object can be destroyed even if there is no insertion.
• V1099. Using the function of uninitialized derived class while initializing the base class will lead to undefined behavior.
• V1100. Unreal Engine. Declaring a pointer to a type derived from 'UObject' in a class that is not derived from 'UObject' is dangerous. The pointer may start pointing to an invalid object after garbage collection.
• V1101. Changing the default argument of a virtual function parameter in a derived class may result in unexpected behavior.
• V1102. Unreal Engine. Violation of naming conventions may cause Unreal Header Tool to work incorrectly.
• V1103. The values of padding bytes are unspecified. Comparing objects with padding using 'memcmp' may lead to unexpected result.
• V1104. Priority of the 'M' operator is higher than that of the 'N' operator. Possible missing parentheses.
• V1105. Suspicious string modification using the 'operator+='. The right operand is implicitly converted to a character type.
• V1106. Qt. Class inherited from 'QObject' should contain at least one constructor that takes a pointer to 'QObject'.
• V1107. Function was declared as accepting unspecified number of parameters. Consider explicitly specifying the function parameters list.
• V1108. Constraint specified in a custom function annotation on the parameter is violated.
• V1109. Function is deprecated. Consider switching to an equivalent newer function.
• V1110. Constructor of a class inherited from 'QObject' does not use a pointer to a parent object.
• V1111. The index was used without check after it was checked in previous lines.
• V1112. Comparing expressions with different signedness can lead to unexpected results.
• V1113. Potential resource leak. Calling the 'memset' function will change the pointer itself, not the allocated resource. Check the first and third arguments.
• V1114. Suspicious use of 'dynamic_cast' when working with COM interfaces. Consider using the 'QueryInterface' member function.
• V1115. Function annotated with the 'pure' attribute has side effects.

Диагностики общего назначения (General Analysis, C#)

• V3001. There are identical sub-expressions to the left and to the right of the 'foo' operator.
• V3002. The switch statement does not cover all values of the enum.
• V3003. The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.
• V3004. The 'then' statement is equivalent to the 'else' statement.
• V3005. The 'x' variable is assigned to itself.
• V3006. The object was created but it is not being used. The 'throw' keyword could be missing.
• V3007. Odd semicolon ';' after 'if/for/while' operator.
• V3008. The 'x' variable is assigned values twice successively. Perhaps this is a mistake.
• V3009. It's odd that this method always returns one and the same value of NN.
• V3010. The return value of function 'Foo' is required to be utilized.
• V3011. Two opposite conditions were encountered. The second condition is always false.
• V3012. The '?:' operator, regardless of its conditional expression, always returns one and the same value.
• V3013. It is odd that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function.
• V3014. It is likely that a wrong variable is being incremented inside the 'for' operator. Consider reviewing 'X'.
• V3015. It is likely that a wrong variable is being compared inside the 'for' operator. Consider reviewing 'X'.
• V3016. The variable 'X' is being used for this loop and for the outer loop.
• V3017. A pattern was detected: A || (A && ...). The expression is excessive or contains a logical error.
• V3018. Consider inspecting the application's logic. It's possible that 'else' keyword is missing.
• V3019. It is possible that an incorrect variable is compared with null after type conversion using 'as' keyword.
• V3020. An unconditional 'break/continue/return/goto' within a loop.
• V3021. There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless.
• V3022. Expression is always true/false.
• V3023. Consider inspecting this expression. The expression is excessive or contains a misprint.
• V3024. An odd precise comparison. Consider using a comparison with defined precision: Math.Abs(A - B) < Epsilon or Math.Abs(A - B) > Epsilon.
• V3025. Incorrect format. Consider checking the N format items of the 'Foo' function.
• V3026. The constant NN is being utilized. The resulting value could be inaccurate. Consider using the KK constant.
• V3027. The variable was utilized in the logical expression before it was verified against null in the same logical expression.
• V3028. Consider inspecting the 'for' operator. Initial and final values of the iterator are the same.
• V3029. The conditional expressions of the 'if' statements situated alongside each other are identical.
• V3030. Recurring check. This condition was already verified in previous line.
• V3031. An excessive check can be simplified. The operator '||' operator is surrounded by opposite expressions 'x' and '!x'.
• V3032. Waiting on this expression is unreliable, as compiler may optimize some of the variables. Use volatile variable(s) or synchronization primitives to avoid this.
• V3033. It is possible that this 'else' branch must apply to the previous 'if' statement.
• V3034. Consider inspecting the expression. Probably the '!=' should be used here.
• V3035. Consider inspecting the expression. Probably the '+=' should be used here.
• V3036. Consider inspecting the expression. Probably the '-=' should be used here.
• V3037. An odd sequence of assignments of this kind: A = B; B = A;
• V3038. The argument was passed to method several times. It is possible that another argument should be passed instead.
• V3039. Consider inspecting the 'Foo' function call. Defining an absolute path to the file or directory is considered a poor style.
• V3040. The expression contains a suspicious mix of integer and real types.
• V3041. The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid the loss of a fractional part.
• V3042. Possible NullReferenceException. The '?.' and '.' operators are used for accessing members of the same object.
• V3043. The code's operational logic does not correspond with its formatting.
• V3044. WPF: writing and reading are performed on a different Dependency Properties.
• V3045. WPF: the names of the property registered for DependencyProperty, and of the property used to access it, do not correspond with each other.
• V3046. WPF: the type registered for DependencyProperty does not correspond with the type of the property used to access it.
• V3047. WPF: A class containing registered property does not correspond with a type that is passed as the ownerType.type.
• V3048. WPF: several Dependency Properties are registered with a same name within the owner type.
• V3049. WPF: readonly field of 'DependencyProperty' type is not initialized.
• V3050. Possibly an incorrect HTML. The </XX> closing tag was encountered, while the </YY> tag was expected.
• V3051. An excessive type cast or check. The object is already of the same type.
• V3052. The original exception object was swallowed. Stack of original exception could be lost.
• V3053. An excessive expression. Examine the substrings "abc" and "abcd".
• V3054. Potentially unsafe double-checked locking. Use volatile variable(s) or synchronization primitives to avoid this.
• V3055. Suspicious assignment inside the condition expression of 'if/while/for' operator.
• V3056. Consider reviewing the correctness of 'X' item's usage.
• V3057. Function receives an odd argument.
• V3058. An item with the same key has already been added.
• V3059. Consider adding '[Flags]' attribute to the enum.
• V3060. A value of variable is not modified. Consider inspecting the expression. It is possible that other value should be present instead of '0'.
• V3061. Parameter 'A' is always rewritten in method body before being used.
• V3062. An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' method.
• V3063. A part of conditional expression is always true/false if it is evaluated.
• V3064. Division or mod division by zero.
• V3065. Parameter is not utilized inside method's body.
• V3066. Possible incorrect order of arguments passed to method.
• V3067. It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics.
• V3068. Calling overrideable class member from constructor is dangerous.
• V3069. It's possible that the line was commented out improperly, thus altering the program's operation logics.
• V3070. Uninitialized variables are used when initializing the 'A' variable.
• V3071. The object is returned from inside 'using' block. 'Dispose' will be invoked before exiting method.
• V3072. The 'A' class containing IDisposable members does not itself implement IDisposable.
• V3073. Not all IDisposable members are properly disposed. Call 'Dispose' when disposing 'A' class.
• V3074. The 'A' class contains 'Dispose' method. Consider making it implement 'IDisposable' interface.
• V3075. The operation is executed 2 or more times in succession.
• V3076. Comparison with 'double.NaN' is meaningless. Use 'double.IsNaN()' method instead.
• V3077. Property setter / event accessor does not utilize its 'value' parameter.
• V3078. Sorting keys priority will be reversed relative to the order of 'OrderBy' method calls. Perhaps, 'ThenBy' should be used instead.
• V3079. The 'ThreadStatic' attribute is applied to a non-static 'A' field and will be ignored.
• V3080. Possible null dereference.
• V3081. The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter.
• V3082. The 'Thread' object is created but is not started. It is possible that a call to 'Start' method is missing.
• V3083. Unsafe invocation of event, NullReferenceException is possible. Consider assigning event to a local variable before invoking it.
• V3084. Anonymous function is used to unsubscribe from event. No handlers will be unsubscribed, as a separate delegate instance is created for each anonymous function declaration.
• V3085. The name of 'X' field/property in a nested type is ambiguous. The outer type contains static field/property with identical name.
• V3086. Variables are initialized through the call to the same function. It's probably an error or un-optimized code.
• V3087. Type of variable enumerated in 'foreach' is not guaranteed to be castable to the type of collection's elements.
• V3088. The expression was enclosed by parentheses twice: ((expression)). One pair of parentheses is unnecessary or misprint is present.
• V3089. Initializer of a field marked by [ThreadStatic] attribute will be called once on the first accessing thread. The field will have default value on different threads.
• V3090. Unsafe locking on an object.
• V3091. Empirical analysis. It is possible that a typo is present inside the string literal. The 'foo' word is suspicious.
• V3092. Range intersections are possible within conditional expressions.
• V3093. The operator evaluates both operands. Perhaps a short-circuit operator should be used instead.
• V3094. Possible exception when deserializing type. The Ctor(SerializationInfo, StreamingContext) constructor is missing.
• V3095. The object was used before it was verified against null. Check lines: N1, N2.
• V3096. Possible exception when serializing type. [Serializable] attribute is missing.
• V3097. Possible exception: type marked by [Serializable] contains non-serializable members not marked by [NonSerialized].
• V3098. The 'continue' operator will terminate 'do { ... } while (false)' loop because the condition is always false.
• V3099. Not all the members of type are serialized inside 'GetObjectData' method.
• V3100. NullReferenceException is possible. Unhandled exceptions in destructor lead to termination of runtime.
• V3101. Potential resurrection of 'this' object instance from destructor. Without re-registering for finalization, destructor will not be called a second time on resurrected object.
• V3102. Suspicious access to element by a constant index inside a loop.
• V3103. A private Ctor(SerializationInfo, StreamingContext) constructor in unsealed type will not be accessible when deserializing derived types.
• V3104. The 'GetObjectData' implementation in unsealed type is not virtual, incorrect serialization of derived type is possible.
• V3105. The 'a' variable was used after it was assigned through null-conditional operator. NullReferenceException is possible.
• V3106. Possibly index is out of bound.
• V3107. Identical expression to the left and to the right of compound assignment.
• V3108. It is not recommended to return null or throw exceptions from 'ToString()' method.
• V3109. The same sub-expression is present on both sides of the operator. The expression is incorrect or it can be simplified.
• V3110. Possible infinite recursion.
• V3111. Checking value for null will always return false when generic type is instantiated with a value type.
• V3112. An abnormality within similar comparisons. It is possible that a typo is present inside the expression.
• V3113. Consider inspecting the loop expression. It is possible that different variables are used inside initializer and iterator.
• V3114. IDisposable object is not disposed before method returns.
• V3115. It is not recommended to throw exceptions from 'Equals(object obj)' method.
• V3116. Consider inspecting the 'for' operator. It's possible that the loop will be executed incorrectly or won't be executed at all.
• V3117. Constructor parameter is not used.
• V3118. A component of TimeSpan is used, which does not represent full time interval. Possibly 'Total*' value was intended instead.
• V3119. Calling a virtual (overridden) event may lead to unpredictable behavior. Consider implementing event accessors explicitly or use 'sealed' keyword.
• V3120. Potentially infinite loop. The variable from the loop exit condition does not change its value between iterations.
• V3121. An enumeration was declared with 'Flags' attribute, but does not set any initializers to override default values.
• V3122. Uppercase (lowercase) string is compared with a different lowercase (uppercase) string.
• V3123. Perhaps the '??' operator works in a different way than it was expected. Its priority is lower than priority of other operators in its left part.
• V3124. Appending an element and checking for key uniqueness is performed on two different variables.
• V3125. The object was used after it was verified against null. Check lines: N1, N2.
• V3126. Type implementing IEquatable<T> interface does not override 'GetHashCode' method.
• V3127. Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'.
• V3128. The field (property) is used before it is initialized in constructor.
• V3129. The value of the captured variable will be overwritten on the next iteration of the loop in each instance of anonymous function that captures it.
• V3130. Priority of the '&&' operator is higher than that of the '||' operator. Possible missing parentheses.
• V3131. The expression is checked for compatibility with the type 'A', but is casted to the 'B' type.
• V3132. A terminal null is present inside a string. The '\0xNN' characters were encountered. Probably meant: '\xNN'.
• V3133. Postfix increment/decrement is senseless because this variable is overwritten.
• V3134. Shift by N bits is greater than the size of type.
• V3135. The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead.
• V3136. Constant expression in switch statement.
• V3137. The variable is assigned but is not used by the end of the function.
• V3138. String literal contains potential interpolated expression.
• V3139. Two or more case-branches perform the same actions.
• V3140. Property accessors use different backing fields.
• V3141. Expression under 'throw' is a potential null, which can lead to NullReferenceException.
• V3142. Unreachable code detected. It is possible that an error is present.
• V3143. The 'value' parameter is rewritten inside a property setter, and is not used after that.
• V3144. This file is marked with copyleft license, which requires you to open the derived source code.
• V3145. Unsafe dereference of a WeakReference target. The object could have been garbage collected before the 'Target' property was accessed.
• V3146. Possible null dereference. A method can return default null value.
• V3147. Non-atomic modification of volatile variable.
• V3148. Casting potential 'null' value to a value type can lead to NullReferenceException.
• V3149. Dereferencing the result of 'as' operator can lead to NullReferenceException.
• V3150. Loop break conditions do not depend on the number of iterations.
• V3151. Potential division by zero. Variable was used as a divisor before it was compared to zero. Check lines: N1, N2.
• V3152. Potential division by zero. Variable was compared to zero before it was used as a divisor. Check lines: N1, N2.
• V3153. Dereferencing the result of null-conditional access operator can lead to NullReferenceException.
• V3154. The 'a % b' expression always evaluates to 0.
• V3155. The expression is incorrect or it can be simplified.
• V3156. The argument of the method is not expected to be null.
• V3157. Suspicious division. Absolute value of the left operand is less than the right operand.
• V3158. Suspicious division. Absolute values of both operands are equal.
• V3159. Modified value of the operand is not used after the increment/decrement operation.
• V3160. Argument of incorrect type is passed to the 'Enum.HasFlag' method.
• V3161. Comparing value type variables with 'ReferenceEquals' is incorrect because compared values will be boxed.
• V3162. Suspicious return of an always empty collection.
• V3163. An exception handling block does not contain any code.
• V3164. Exception classes should be publicly accessible.
• V3165. The expression of the 'char' type is passed as an argument of the 'A' type whereas similar overload with the string parameter exists.
• V3166. Calling the 'SingleOrDefault' method may lead to 'InvalidOperationException'.
• V3167. Parameter of 'CancellationToken' type is not used inside function's body.
• V3168. Awaiting on expression with potential null value can lead to throwing of 'NullReferenceException'.
• V3169. Suspicious return of a local reference variable which always equals null.
• V3170. Both operands of the '??' operator are identical.
• V3171. Potentially negative value is used as the size of an array.
• V3172. The 'if/if-else/for/while/foreach' statement and code block after it are not related. Inspect the program's logic.
• V3173. Possible incorrect initialization of variable. Consider verifying the initializer.
• V3174. Suspicious subexpression in a sequence of similar comparisons.
• V3175. Locking operations must be performed on the same thread. Using 'await' in a critical section may lead to a lock being released on a different thread.
• V3176. The '&=' or '|=' operator is redundant because the right operand is always true/false.
• V3177. Logical literal belongs to second operator with a higher priority. It is possible literal was intended to belong to '??' operator instead.
• V3178. Calling method or accessing property of potentially disposed object may result in exception.
• V3179. Calling element access method for potentially empty collection may result in exception.
• V3180. The 'HasFlag' method always returns 'true' because the value '0' is passed as its argument.
• V3181. The result of '&' operator is '0' because one of the operands is '0'.
• V3182. The result of '&' operator is always '0'.
• V3183. Code formatting implies that the statement should not be a part of the 'then' branch that belongs to the preceding 'if' statement.
• V3184. The argument's value is greater than the size of the collection. Passing the value into the 'Foo' method will result in an exception.
• V3185. An argument containing a file path could be mixed up with another argument. The other function parameter expects a file path instead.
• V3186. The arguments violate the bounds of collection. Passing these values into the method will result in an exception.
• V3187. Parts of an SQL query are not delimited by any separators or whitespaces. Executing this query may lead to an error.
• V3188. Unity Engine. The value of an expression is a potentially destroyed Unity object or null. Member invocation on this value may lead to an exception.
• V3189. The assignment to a member of the readonly field will have no effect when the field is of a value type. Consider restricting the type parameter to reference types.
• V3190. Concurrent modification of a variable may lead to errors.
• V3191. Iteration through collection makes no sense because it is always empty.
• V3192. Type member is used in the 'GetHashCode' method but is missing from the 'Equals' method.
• V3193. Data processing results are potentially used before asynchronous output reading is complete. Consider calling 'WaitForExit' overload with no arguments before using the data.
• V3194. Calling 'OfType' for collection will return an empty collection. It is not possible to cast collection elements to the type parameter.
• V3195. Collection initializer implicitly calls 'Add' method. Using it on member with default value of null will result in null dereference exception.
• V3196. Parameter is not utilized inside the method body, but an identifier with a similar name is used inside the same method.
• V3197. The compared value inside the 'Object.Equals' override is converted to a different type that does not contain the override.
• V3198. The variable is assigned the same value that it already holds.
• V3199. The index from end operator is used with the value that is less than or equal to zero. Collection index will be out of bounds.
• V3200. Possible overflow. The expression will be evaluated before casting. Consider casting one of the operands instead.
• V3201. Return value is not always used. Consider inspecting the 'foo' method.
• V3202. Unreachable code detected. The 'case' value is out of the range of the match expression.
• V3203. Method parameter is not used.
• V3204. The expression is always false due to implicit type conversion. Overflow check is incorrect.
• V3205. Unity Engine. Improper creation of 'MonoBehaviour' or 'ScriptableObject' object using the 'new' operator. Use the special object creation method instead.
• V3206. Unity Engine. A direct call to the coroutine-like method will not start it. Use the 'StartCoroutine' method instead.
• V3207. The 'not A or B' logical pattern may not work as expected. The 'not' pattern is matched only to the first expression from the 'or' pattern.

Диагностики общего назначения (General Analysis, Java)

• V6001. There are identical sub-expressions to the left and to the right of the 'foo' operator.
• V6002. The switch statement does not cover all values of the enum.
• V6003. The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.
• V6004. The 'then' statement is equivalent to the 'else' statement.
• V6005. The 'x' variable is assigned to itself.
• V6006. The object was created but it is not being used. The 'throw' keyword could be missing.
• V6007. Expression is always true/false.
• V6008. Potential null dereference.
• V6009. Function receives an odd argument.
• V6010. The return value of function 'Foo' is required to be utilized.
• V6011. The expression contains a suspicious mix of integer and real types.
• V6012. The '?:' operator, regardless of its conditional expression, always returns one and the same value.
• V6013. Comparison of arrays, strings, collections by reference. Possibly an equality comparison was intended.
• V6014. It's odd that this method always returns one and the same value of NN.
• V6015. Consider inspecting the expression. Probably the '!='/'-='/'+=' should be used here.
• V6016. Suspicious access to element by a constant index inside a loop.
• V6017. The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter.
• V6018. Constant expression in switch statement.
• V6019. Unreachable code detected. It is possible that an error is present.
• V6020. Division or mod division by zero.
• V6021. The value is assigned to the 'x' variable but is not used.
• V6022. Parameter is not used inside method's body.
• V6023. Parameter 'A' is always rewritten in method body before being used.
• V6024. The 'continue' operator will terminate 'do { ... } while (false)' loop because the condition is always false.
• V6025. Possibly index is out of bound.
• V6026. This value is already assigned to the 'b' variable.
• V6027. Variables are initialized through the call to the same function. It's probably an error or un-optimized code.
• V6028. Identical expression to the left and to the right of compound assignment.
• V6029. Possible incorrect order of arguments passed to method.
• V6030. The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead.
• V6031. The variable 'X' is being used for this loop and for the outer loop.
• V6032. It is odd that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function.
• V6033. An item with the same key has already been added.
• V6034. Shift by N bits is inconsistent with the size of type.
• V6035. Double negation is present in the expression: !!x.
• V6036. The value from the uninitialized optional is used.
• V6037. An unconditional 'break/continue/return/goto' within a loop.
• V6038. Comparison with 'double.NaN' is meaningless. Use 'double.isNaN()' method instead.
• V6039. There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless.
• V6040. The code's operational logic does not correspond with its formatting.
• V6041. Suspicious assignment inside the conditional expression of 'if/while/do...while' statement.
• V6042. The expression is checked for compatibility with type 'A', but is cast to type 'B'.
• V6043. Consider inspecting the 'for' operator. Initial and final values of the iterator are the same.
• V6044. Postfix increment/decrement is senseless because this variable is overwritten.
• V6045. Suspicious subexpression in a sequence of similar comparisons.
• V6046. Incorrect format. Consider checking the N format items of the 'Foo' function.
• V6047. It is possible that this 'else' branch must apply to the previous 'if' statement.
• V6048. This expression can be simplified. One of the operands in the operation equals NN. Probably it is a mistake.
• V6049. Classes that define 'equals' method must also define 'hashCode' method.
• V6050. Class initialization cycle is present.
• V6051. Use of jump statements in 'finally' block can lead to the loss of unhandled exceptions.
• V6052. Calling an overridden method in parent-class constructor may lead to use of uninitialized data.
• V6053. Collection is modified while iteration is in progress. ConcurrentModificationException may occur.
• V6054. Classes should not be compared by their name.
• V6055. Expression inside assert statement can change object's state.
• V6056. Implementation of 'compareTo' overloads the method from a base class. Possibly, an override was intended.
• V6057. Consider inspecting this expression. The expression is excessive or contains a misprint.
• V6058. Comparing objects of incompatible types.
• V6059. Odd use of special character in regular expression. Possibly, it was intended to be escaped.
• V6060. The reference was used before it was verified against null.
• V6061. The used constant value is represented by an octal form.
• V6062. Possible infinite recursion.
• V6063. Odd semicolon ';' after 'if/for/while' operator.
• V6064. Suspicious invocation of Thread.run().
• V6065. A non-serializable class should not be serialized.
• V6066. Passing objects of incompatible types to the method of collection.
• V6067. Two or more case-branches perform the same actions.
• V6068. Suspicious use of BigDecimal class.
• V6069. Unsigned right shift assignment of negative 'byte' / 'short' value.
• V6070. Unsafe synchronization on an object.
• V6071. This file is marked with copyleft license, which requires you to open the derived source code.
• V6072. Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'.
• V6073. It is not recommended to return null or throw exceptions from 'toString' / 'clone' methods.
• V6074. Non-atomic modification of volatile variable.
• V6075. The signature of method 'X' does not conform to serialization requirements.
• V6076. Recurrent serialization will use cached object state from first serialization.
• V6077. A suspicious label is present inside a switch(). It is possible that these are misprints and 'default:' label should be used instead.
• V6078. Potential Java SE API compatibility issue.
• V6079. Value of variable is checked after use. Potential logical error is present. Check lines: N1, N2.
• V6080. Consider checking for misprints. It's possible that an assigned variable should be checked in the next condition.
• V6081. Annotation that does not have 'RUNTIME' retention policy will not be accessible through Reflection API.
• V6082. Unsafe double-checked locking.
• V6083. Serialization order of fields should be preserved during deserialization.
• V6084. Suspicious return of an always empty collection.
• V6085. An abnormality within similar comparisons. It is possible that a typo is present inside the expression.
• V6086. Suspicious code formatting. 'else' keyword is probably missing.
• V6087. InvalidClassException may occur during deserialization.
• V6088. Result of this expression will be implicitly cast to 'Type'. Check if program logic handles it correctly.
• V6089. It's possible that the line was commented out improperly, thus altering the program's operation logics.
• V6090. Field 'A' is being used before it was initialized.
• V6091. Suspicious getter/setter implementation. The 'A' field should probably be returned/assigned instead.
• V6092. A resource is returned from try-with-resources statement. It will be closed before the method exits.
• V6093. Automatic unboxing of a variable may cause NullPointerException.
• V6094. The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid the loss of a fractional part.
• V6095. Thread.sleep() inside synchronized block/method may cause decreased performance.
• V6096. An odd precise comparison. Consider using a comparison with defined precision: Math.abs(A - B) < Epsilon or Math.abs(A - B) > Epsilon.
• V6097. Lowercase 'L' at the end of a long literal can be mistaken for '1'.
• V6098. The method does not override another method from the base class.
• V6099. The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead.
• V6100. An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' method.
• V6101. compareTo()-like methods can return not only the values -1, 0 and 1, but any values.
• V6102. Inconsistent synchronization of a field. Consider synchronizing the field on all usages.
• V6103. Ignored InterruptedException could lead to delayed thread shutdown.
• V6104. A pattern was detected: A || (A && ...). The expression is excessive or contains a logical error.
• V6105. Consider inspecting the loop expression. It is possible that different variables are used inside initializer and iterator.
• V6106. Casting expression to 'X' type before implicitly casting it to other type may be excessive or incorrect.
• V6107. The constant NN is being utilized. The resulting value could be inaccurate. Consider using the KK constant.
• V6108. Do not use real-type variables in 'for' loop counters.
• V6109. Potentially predictable seed is used in pseudo-random number generator.
• V6110. Using an environment variable could be unsafe or unreliable. Consider using trusted system property instead
• V6111. Potentially negative value is used as the size of an array.
• V6112. Calling the 'getClass' method repeatedly or on the value of the '.class' literal will always return the instance of the 'Class<Class>' type.
• V6113. Suspicious division. Absolute value of the left operand is less than the value of the right operand.
• V6114. The 'A' class containing Closeable members does not release the resources that the field is holding.
• V6115. Not all Closeable members are released inside the 'close' method.
• V6116. The class does not implement the Closeable interface, but it contains the 'close' method that releases resources.
• V6117. Possible overflow. The expression will be evaluated before casting. Consider casting one of the operands instead.
• V6118. The original exception object was swallowed. Cause of original exception could be lost.
• V6119. The result of '&' operator is always '0'.
• V6120. The result of the '&' operator is '0' because one of the operands is '0'.
• V6121. Return value is not always used. Consider inspecting the 'foo' method.
• V6122. The 'Y' (week year) pattern is used for date formatting. Check whether the 'y' (year) pattern was intended instead.
• V6123. Modified value of the operand is not used after the increment/decrement operation.
• V6124. Converting an integer literal to the type with a smaller value range will result in overflow.
• V6125. Calling the 'wait', 'notify', and 'notifyAll' methods outside of synchronized context will lead to 'IllegalMonitorStateException'.

Микрооптимизации (C++)

• V801. Decreased performance. It is better to redefine the N function argument as a reference. Consider replacing 'const T' with 'const .. &T' / 'const .. *T'.
• V802. On 32-bit/64-bit platform, structure size can be reduced from N to K bytes by rearranging the fields according to their sizes in decreasing order.
• V803. Decreased performance. It is more effective to use the prefix form of ++it. Replace iterator++ with ++iterator.
• V804. Decreased performance. The 'Foo' function is called twice in the specified expression to calculate length of the same string.
• V805. Decreased performance. It is inefficient to identify an empty string by using 'strlen(str) > 0' construct. A more efficient way is to check: str[0] != '\0'.
• V806. Decreased performance. The expression of strlen(MyStr.c_str()) kind can be rewritten as MyStr.length().
• V807. Decreased performance. Consider creating a pointer/reference to avoid using the same expression repeatedly.
• V808. An array/object was declared but was not utilized.
• V809. Verifying that a pointer value is not NULL is not required. The 'if (ptr != NULL)' check can be removed.
• V810. Decreased performance. The 'A' function was called several times with identical arguments. The result should possibly be saved to a temporary variable, which then could be used while calling the 'B' function.
• V811. Decreased performance. Excessive type casting: string -> char * -> string.
• V812. Decreased performance. Ineffective use of the 'count' function. It can possibly be replaced by the call to the 'find' function.
• V813. Decreased performance. The argument should probably be rendered as a constant pointer/reference.
• V814. Decreased performance. The 'strlen' function was called multiple times inside the body of a loop.
• V815. Decreased performance. Consider replacing the expression 'AA' with 'BB'.
• V816. It is more efficient to catch exception by reference rather than by value.
• V817. It is more efficient to search for 'X' character rather than a string.
• V818. It is more efficient to use an initialization list rather than an assignment operator.
• V819. Decreased performance. Memory is allocated and released multiple times inside the loop body.
• V820. The variable is not used after copying. Copying can be replaced with move/swap for optimization.
• V821. The variable can be constructed in a lower level scope.
• V822. Decreased performance. A new object is created, while a reference to an object is expected.
• V823. Decreased performance. Object may be created in-place in a container. Consider replacing methods: 'insert' -> 'emplace', 'push_*' -> 'emplace_*'.
• V824. It is recommended to use the 'make_unique/make_shared' function to create smart pointers.
• V825. Expression is equivalent to moving one unique pointer to another. Consider using 'std::move' instead.
• V826. Consider replacing standard container with a different one.
• V827. Maximum size of a vector is known at compile time. Consider pre-allocating it by calling reserve(N).
• V828. Decreased performance. Moving an object in a return statement prevents copy elision.
• V829. Lifetime of the heap-allocated variable is limited to the current function's scope. Consider allocating it on the stack instead.
• V830. Decreased performance. Consider replacing the use of 'std::optional::value()' with either the '*' or '->' operator.
• V831. Decreased performance. Consider replacing the call to the 'at()' method with the 'operator[]'.
• V832. It's better to use '= default;' syntax instead of empty body.
• V833. Using 'std::move' function's with const object disables move semantics.
• V834. Incorrect type of a loop variable. This leads to the variable binding to a temporary object instead of a range element.
• V835. Passing cheap-to-copy argument by reference may lead to decreased performance.
• V836. Expression's value is copied at the variable declaration. The variable is never modified. Consider declaring it as a reference.
• V837. The 'emplace' / 'insert' function does not guarantee that arguments will not be copied or moved if there is no insertion. Consider using the 'try_emplace' function.
• V838. Temporary object is constructed during lookup in ordered associative container. Consider using a container with heterogeneous lookup to avoid construction of temporary objects.
• V839. Function returns a constant value. This may interfere with move semantics.

Микрооптимизации (C#)

• V4001. Unity Engine. Boxing inside a frequently called method may decrease performance.
• V4002. Unity Engine. Avoid storing consecutive concatenations inside a single string in performance-sensitive context. Consider using StringBuilder to improve performance.
• V4003. Unity Engine. Avoid capturing variable in performance-sensitive context. This can lead to decreased performance.
• V4004. Unity Engine. New array object is returned from method or property. Using such member in performance-sensitive context can lead to decreased performance.
• V4005. Unity Engine. The expensive operation is performed inside method or property. Using such member in performance-sensitive context can lead to decreased performance.
• V4006. Unity Engine. Multiple operations between complex and numeric values. Prioritizing operations between numeric values can optimize execution time.
• V4007. Unity Engine. Avoid creating and destroying UnityEngine objects in performance-sensitive context. Consider activating and deactivating them instead.

Диагностика 64-битных ошибок (Viva64, C++)

• V101. Implicit assignment type conversion to memsize type.
• V102. Usage of non memsize type for pointer arithmetic.
• V103. Implicit type conversion from memsize type to 32-bit type.
• V104. Implicit type conversion to memsize type in an arithmetic expression.
• V105. N operand of '?:' operation: implicit type conversion to memsize type.
• V106. Implicit type conversion N argument of function 'foo' to memsize type.
• V107. Implicit type conversion N argument of function 'foo' to 32-bit type.
• V108. Incorrect index type: 'foo[not a memsize-type]'. Use memsize type instead.
• V109. Implicit type conversion of return value to memsize type.
• V110. Implicit type conversion of return value from memsize type to 32-bit type.
• V111. Call of function 'foo' with variable number of arguments. N argument has memsize type.
• V112. Dangerous magic number N used.
• V113. Implicit type conversion from memsize to double type or vice versa.
• V114. Dangerous explicit type pointer conversion.
• V115. Memsize type is used for throw.
• V116. Memsize type is used for catch.
• V117. Memsize type is used in the union.
• V118. malloc() function accepts a dangerous expression in the capacity of an argument.
• V119. More than one sizeof() operator is used in one expression.
• V120. Member operator[] of object 'foo' is declared with 32-bit type argument, but is called with memsize type argument.
• V121. Implicit conversion of the type of 'new' operator's argument to size_t type.
• V122. Memsize type is used in the struct/class.
• V123. Allocation of memory by the pattern "(X*)malloc(sizeof(Y))" where the sizes of X and Y types are not equal.
• V124. Function 'Foo' writes/reads 'N' bytes. The alignment rules and type sizes have been changed. Consider reviewing this value.
• V125. It is not advised to declare type 'T' as 32-bit type.
• V126. Be advised that the size of the type 'long' varies between LLP64/LP64 data models.
• V127. An overflow of the 32-bit variable is possible inside a long cycle which utilizes a memsize-type loop counter.
• V128. A variable of the memsize type is read from a stream. Consider verifying the compatibility of 32 and 64 bit versions of the application in the context of a stored data.
• V201. Explicit conversion from 32-bit integer type to memsize type.
• V202. Explicit conversion from memsize type to 32-bit integer type.
• V203. Explicit type conversion from memsize to double type or vice versa.
• V204. Explicit conversion from 32-bit integer type to pointer type.
• V205. Explicit conversion of pointer type to 32-bit integer type.
• V206. Explicit conversion from 'void *' to 'int *'.
• V207. A 32-bit variable is utilized as a reference to a pointer. A write outside the bounds of this variable may occur.
• V220. Suspicious sequence of types castings: memsize -> 32-bit integer -> memsize.
• V221. Suspicious sequence of types castings: pointer -> memsize -> 32-bit integer.
• V301. Unexpected function overloading behavior. See N argument of function 'foo' in derived class 'derived' and base class 'base'.
• V302. Member operator[] of 'foo' class has a 32-bit type argument. Use memsize-type here.
• V303. The function is deprecated in the Win64 system. It is safer to use the 'foo' function.

Реализовано по запросам пользователей (C++)

• V2001. Consider using the extended version of the 'foo' function here.
• V2002. Consider using the 'Ptr' version of the 'foo' function here.
• V2003. Explicit conversion from 'float/double' type to signed integer type.
• V2004. Explicit conversion from 'float/double' type to unsigned integer type.
• V2005. C-style explicit type casting is utilized. Consider using: static_cast/const_cast/reinterpret_cast.
• V2006. Implicit type conversion from enum type to integer type.
• V2007. This expression can be simplified. One of the operands in the operation equals NN. Probably it is a mistake.
• V2008. Cyclomatic complexity: NN. Consider refactoring the 'Foo' function.
• V2009. Consider passing the 'Foo' argument as a pointer/reference to const.
• V2010. Handling of two different exception types is identical.
• V2011. Consider inspecting signed and unsigned function arguments. See NN argument of function 'Foo' in derived class and base class.
• V2012. Possibility of decreased performance. It is advised to pass arguments to std::unary_function/std::binary_function template as references.
• V2013. Consider inspecting the correctness of handling the N argument in the 'Foo' function.
• V2014. Don't use terminating functions in library code.
• V2015. An identifier declared in an inner scope should not hide an identifier in an outer scope.
• V2016. Consider inspecting the function call. The function was annotated as dangerous.
• V2017. String literal is identical to variable name. It is possible that the variable should be used instead of the string literal.
• V2018. Cast should not remove 'const' qualifier from the type that is pointed to by a pointer or a reference.
• V2019. Cast should not remove 'volatile' qualifier from the type that is pointed to by a pointer or a reference.
• V2020. The loop body contains the 'break;' / 'continue;' statement. This may complicate the control flow.
• V2021. Using assertions may cause the abnormal program termination in undesirable contexts.

Cтандарт MISRA

• V2501. MISRA. Octal constants should not be used.
• V2502. MISRA. The 'goto' statement should not be used.
• V2503. MISRA. Implicitly specified enumeration constants should be unique – consider specifying non-unique constants explicitly.
• V2504. MISRA. Size of an array is not specified.
• V2505. MISRA. The 'goto' statement shouldn't jump to a label declared earlier.
• V2506. MISRA. A function should have a single point of exit at the end.
• V2507. MISRA. The body of a loop\conditional statement should be enclosed in braces.
• V2508. MISRA. The function with the 'atof/atoi/atol/atoll' name should not be used.
• V2509. MISRA. The function with the 'abort/exit/getenv/system' name should not be used.
• V2510. MISRA. The function with the 'qsort/bsearch' name should not be used.
• V2511. MISRA. Memory allocation and deallocation functions should not be used.
• V2512. MISRA. The macro with the 'setjmp' name and the function with the 'longjmp' name should not be used.
• V2513. MISRA. Unbounded functions performing string operations should not be used.
• V2514. MISRA. Unions should not be used.
• V2515. MISRA. Declaration should contain no more than two levels of pointer nesting.
• V2516. MISRA. The 'if' ... 'else if' construct should be terminated with an 'else' statement.
• V2517. MISRA. Literal suffixes should not contain lowercase characters.
• V2518. MISRA. The 'default' label should be either the first or the last label of a 'switch' statement.
• V2519. MISRA. Every 'switch' statement should have a 'default' label, which, in addition to the terminating 'break' statement, should contain either a statement or a comment.
• V2520. MISRA. Every switch-clause should be terminated by an unconditional 'break' or 'throw' statement.
• V2521. MISRA. Only the first member of enumerator list should be explicitly initialized, unless all members are explicitly initialized.
• V2522. MISRA. The 'switch' statement should have 'default' as the last label.
• V2523. MISRA. All integer constants of unsigned type should have 'u' or 'U' suffix.
• V2524. MISRA. A switch-label should only appear at the top level of the compound statement forming the body of a 'switch' statement.
• V2525. MISRA. Every 'switch' statement should contain non-empty switch-clauses.
• V2526. MISRA. The functions from time.h/ctime should not be used.
• V2527. MISRA. A switch-expression should not have Boolean type. Consider using of 'if-else' construct.
• V2528. MISRA. The comma operator should not be used.
• V2529. MISRA. Any label should be declared in the same block as 'goto' statement or in any block enclosing it.
• V2530. MISRA. Any loop should be terminated with no more than one 'break' or 'goto' statement.
• V2531. MISRA. Expression of essential type 'foo' should not be explicitly cast to essential type 'bar'.
• V2532. MISRA. String literal should not be assigned to object unless it has type of pointer to const-qualified char.
• V2533. MISRA. C-style and functional notation casts should not be performed.
• V2534. MISRA. The loop counter should not have floating-point type.
• V2535. MISRA. Unreachable code should not be present in the project.
• V2536. MISRA. Function should not contain labels not used by any 'goto' statements.
• V2537. MISRA. Functions should not have unused parameters.
• V2538. MISRA. The value of uninitialized variable should not be used.
• V2539. MISRA. Class destructor should not exit with an exception.
• V2540. MISRA. Arrays should not be partially initialized.
• V2541. MISRA. Function should not be declared implicitly.
• V2542. MISRA. Function with a non-void return type should return a value from all exit paths.
• V2543. MISRA. Value of the essential character type should be used appropriately in the addition/subtraction operations.
• V2544. MISRA. The values used in expressions should have appropriate essential types.
• V2545. MISRA. Conversion between pointers of different object types should not be performed.
• V2546. MISRA. Expression resulting from the macro expansion should be surrounded by parentheses.
• V2547. MISRA. The return value of non-void function should be used.
• V2548. MISRA. The address of an object with local scope should not be passed out of its scope.
• V2549. MISRA. Pointer to FILE should not be dereferenced.
• V2550. MISRA. Floating-point values should not be tested for equality or inequality.
• V2551. MISRA. Variable should be declared in a scope that minimizes its visibility.
• V2552. MISRA. Expressions with enum underlying type should have values corresponding to the enumerators of the enumeration.
• V2553. MISRA. Unary minus operator should not be applied to an expression of the unsigned type.
• V2554. MISRA. Expression containing increment (++) or decrement (--) should not have other side effects.
• V2555. MISRA. Incorrect shifting expression.
• V2556. MISRA. Use of a pointer to FILE when the associated stream has already been closed.
• V2557. MISRA. Operand of sizeof() operator should not have other side effects.
• V2558. MISRA. A pointer/reference parameter in a function should be declared as pointer/reference to const if the corresponding object was not modified.
• V2559. MISRA. Subtraction, >, >=, <, <= should be applied only to pointers that address elements of the same array.
• V2560. MISRA. There should be no user-defined variadic functions.
• V2561. MISRA. The result of an assignment expression should not be used.
• V2562. MISRA. Expressions with pointer type should not be used in the '+', '-', '+=' and '-=' operations.
• V2563. MISRA. Array indexing should be the only form of pointer arithmetic and it should be applied only to objects defined as an array type.
• V2564. MISRA. There should be no implicit integral-floating conversion.
• V2565. MISRA. A function should not call itself either directly or indirectly.
• V2566. MISRA. Constant expression evaluation should not result in an unsigned integer wrap-around.
• V2567. MISRA. Cast should not remove 'const' / 'volatile' qualification from the type that is pointed to by a pointer or a reference.
• V2568. MISRA. Both operands of an operator should be of the same type category.
• V2569. MISRA. The 'operator &&', 'operator ||', 'operator ,' and the unary 'operator &' should not be overloaded.
• V2570. MISRA. Operands of the logical '&&' or the '||' operators, the '!' operator should have 'bool' type.
• V2571. MISRA. Conversions between pointers to objects and integer types should not be performed.
• V2572. MISRA. Value of the expression should not be converted to the different essential type or the narrower essential type.
• V2573. MISRA. Identifiers that start with '__' or '_[A-Z]' are reserved.
• V2574. MISRA. Functions should not be declared at block scope.
• V2575. MISRA. The global namespace should only contain 'main', namespace declarations and 'extern "C"' declarations.
• V2576. MISRA. The identifier 'main' should not be used for a function other than the global function 'main'.
• V2577. MISRA. The function argument corresponding to a parameter declared to have an array type should have an appropriate number of elements.
• V2578. MISRA. An identifier with array type passed as a function argument should not decay to a pointer.
• V2579. MISRA. Macro should not be defined with the same name as a keyword.
• V2580. MISRA. The 'restrict' specifier should not be used.
• V2581. MISRA. Single-line comments should not end with a continuation token.
• V2582. MISRA. Block of memory should only be freed if it was allocated by a Standard Library function.
• V2583. MISRA. Line whose first token is '#' should be a valid preprocessing directive.
• V2584. MISRA. Expression used in condition should have essential Boolean type.
• V2585. MISRA. Casts between a void pointer and an arithmetic type should not be performed.
• V2586. MISRA. Flexible array members should not be declared.
• V2587. MISRA. The '//' and '/*' character sequences should not appear within comments.
• V2588. MISRA. All memory or resources allocated dynamically should be explicitly released.
• V2589. MISRA. Casts between a pointer and a non-integer arithmetic type should not be performed.
• V2590. MISRA. Conversions should not be performed between pointer to function and any other type.
• V2591. MISRA. Bit fields should only be declared with explicitly signed or unsigned integer type
• V2592. MISRA. An identifier declared in an inner scope should not hide an identifier in an outer scope.
• V2593. MISRA. Single-bit bit fields should not be declared as signed type.
• V2594. MISRA. Controlling expressions should not be invariant.
• V2595. MISRA. Array size should be specified explicitly when array declaration uses designated initialization.
• V2596. MISRA. The value of a composite expression should not be assigned to an object with wider essential type.
• V2597. MISRA. Cast should not convert pointer to function to any other pointer type.
• V2598. MISRA. Variable length array types are not allowed.
• V2599. MISRA. The standard signal handling functions should not be used.
• V2600. MISRA. The standard input/output functions should not be used.
• V2601. MISRA. Functions should be declared in prototype form with named parameters.
• V2602. MISRA. Octal and hexadecimal escape sequences should be terminated.
• V2603. MISRA. The 'static' keyword shall not be used between [] in the declaration of an array parameter.
• V2604. MISRA. Features from <stdarg.h> should not be used.
• V2605. MISRA. Features from <tgmath.h> should not be used.
• V2606. MISRA. There should be no attempt to write to a stream that has been opened for reading.
• V2607. MISRA. Inline functions should be declared with the static storage class.
• V2608. MISRA. The 'static' storage class specifier should be used in all declarations of object and functions that have internal linkage.
• V2609. MISRA. There should be no occurrence of undefined or critical unspecified behaviour.
• V2610. MISRA. The ', " or \ characters and the /* or // character sequences should not occur in a header file name.
• V2611. MISRA. Casts between a pointer to an incomplete type and any other type shouldn't be performed.
• V2612. MISRA. Array element should not be initialized more than once.
• V2613. MISRA. Operand that is a composite expression has more narrow essential type than the other operand.
• V2614. MISRA. External identifiers should be distinct.
• V2615. MISRA. A compatible declaration should be visible when an object or function with external linkage is defined.
• V2616. MISRA. All conditional inclusion preprocessor directives should reside in the same file as the conditional inclusion directive to which they are related.
• V2617. MISRA. Object should not be assigned or copied to an overlapping object.
• V2618. MISRA. Identifiers declared in the same scope and name space should be distinct.
• V2619. MISRA. Typedef names should be unique across all name spaces.
• V2620. MISRA. Value of a composite expression should not be cast to a different essential type category or a wider essential type.
• V2621. MISRA. Tag names should be unique across all name spaces.
• V2622. MISRA. External object or function should be declared once in one and only one file.
• V2623. MISRA. Macro identifiers should be distinct.
• V2624. MISRA. The initializer for an aggregate or union should be enclosed in braces.
• V2625. MISRA. Identifiers that define objects or functions with external linkage shall be unique.

Стандарт AUTOSAR

• V3501. AUTOSAR. Octal constants should not be used.
• V3502. AUTOSAR. Size of an array is not specified.
• V3503. AUTOSAR. The 'goto' statement shouldn't jump to a label declared earlier.
• V3504. AUTOSAR. The body of a loop\conditional statement should be enclosed in braces.
• V3505. AUTOSAR. The function with the 'atof/atoi/atol/atoll' name should not be used.
• V3506. AUTOSAR. The function with the 'abort/exit/getenv/system' name should not be used.
• V3507. AUTOSAR. The macro with the 'setjmp' name and the function with the 'longjmp' name should not be used.
• V3508. AUTOSAR. Unbounded functions performing string operations should not be used.
• V3509. AUTOSAR. Unions should not be used.
• V3510. AUTOSAR. Declaration should contain no more than two levels of pointer nesting.
• V3511. AUTOSAR. The 'if' ... 'else if' construct should be terminated with an 'else' statement.
• V3512. AUTOSAR. Literal suffixes should not contain lowercase characters.
• V3513. AUTOSAR. Every switch-clause should be terminated by an unconditional 'break' or 'throw' statement.
• V3514. AUTOSAR. The 'switch' statement should have 'default' as the last label.
• V3515. AUTOSAR. All integer constants of unsigned type should have 'U' suffix.
• V3516. AUTOSAR. A switch-label should only appear at the top level of the compound statement forming the body of a 'switch' statement.
• V3517. AUTOSAR. The functions from time.h/ctime should not be used.
• V3518. AUTOSAR. A switch-expression should not have Boolean type. Consider using of 'if-else' construct.
• V3519. AUTOSAR. The comma operator should not be used.
• V3520. AUTOSAR. Any label should be declared in the same block as 'goto' statement or in any block enclosing it.
• V3521. AUTOSAR. The loop counter should not have floating-point type.
• V3522. AUTOSAR. Unreachable code should not be present in the project.
• V3523. AUTOSAR. Functions should not have unused parameters.
• V3524. AUTOSAR. The value of uninitialized variable should not be used.
• V3525. AUTOSAR. Function with a non-void return type should return a value from all exit paths.
• V3526. AUTOSAR. Expression resulting from the macro expansion should be surrounded by parentheses.
• V3527. AUTOSAR. The return value of non-void function should be used.
• V3528. AUTOSAR. The address of an object with local scope should not be passed out of its scope.
• V3529. AUTOSAR. Floating-point values should not be tested for equality or inequality.
• V3530. AUTOSAR. Variable should be declared in a scope that minimizes its visibility.
• V3531. AUTOSAR. Expressions with enum underlying type should have values corresponding to the enumerators of the enumeration.
• V3532. AUTOSAR. Unary minus operator should not be applied to an expression of the unsigned type.
• V3533. AUTOSAR. Expression containing increment (++) or decrement (--) should not have other side effects.
• V3534. AUTOSAR. Incorrect shifting expression.
• V3535. AUTOSAR. Operand of sizeof() operator should not have other side effects.
• V3536. AUTOSAR. A pointer/reference parameter in a function should be declared as pointer/reference to const if the corresponding object was not modified.
• V3537. AUTOSAR. Subtraction, >, >=, <, <= should be applied only to pointers that address elements of the same array.
• V3538. AUTOSAR. The result of an assignment expression should not be used.
• V3539. AUTOSAR. Array indexing should be the only form of pointer arithmetic and it should be applied only to objects defined as an array type.
• V3540. AUTOSAR. There should be no implicit integral-floating conversion.
• V3541. AUTOSAR. A function should not call itself either directly or indirectly.
• V3542. AUTOSAR. Constant expression evaluation should not result in an unsigned integer wrap-around.
• V3543. AUTOSAR. Cast should not remove 'const' / 'volatile' qualification from the type that is pointed to by a pointer or a reference.
• V3544. AUTOSAR. The 'operator &&', 'operator ||', 'operator ,' and the unary 'operator &' should not be overloaded.
• V3545. AUTOSAR. Operands of the logical '&&' or the '||' operators, the '!' operator should have 'bool' type.
• V3546. AUTOSAR. Conversions between pointers to objects and integer types should not be performed.
• V3547. AUTOSAR. Identifiers that start with '__' or '_[A-Z]' are reserved.
• V3548. AUTOSAR. Functions should not be declared at block scope.
• V3549. AUTOSAR. The global namespace should only contain 'main', namespace declarations and 'extern "C"' declarations.
• V3550. AUTOSAR. The identifier 'main' should not be used for a function other than the global function 'main'.
• V3551. AUTOSAR. An identifier with array type passed as a function argument should not decay to a pointer.
• V3552. AUTOSAR. Cast should not convert a pointer to a function to any other pointer type, including a pointer to function type.
• V3553. AUTOSAR. The standard signal handling functions should not be used.
• V3554. AUTOSAR. The standard input/output functions should not be used.
• V3555. AUTOSAR. The 'static' storage class specifier should be used in all declarations of functions that have internal linkage.

Стандарт OWASP (C++)

• V5001. OWASP. It is highly probable that the semicolon ';' is missing after 'return' keyword.
• V5002. OWASP. An empty exception handler. Silent suppression of exceptions can hide the presence of bugs in source code during testing.
• V5003. OWASP. The object was created but it is not being used. The 'throw' keyword could be missing.
• V5004. OWASP. Consider inspecting the expression. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type.
• V5005. OWASP. A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the comparison operation can potentially behave unexpectedly.
• V5006. OWASP. More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits.
• V5007. OWASP. Consider inspecting the loop expression. It is possible that the 'i' variable should be incremented instead of the 'n' variable.
• V5008. OWASP. Classes should always be derived from std::exception (and alike) as 'public'.
• V5009. OWASP. Unchecked tainted data is used in expression.
• V5010. OWASP. The variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow.
• V5011. OWASP. Possible overflow. Consider casting operands, not the result.
• V5012. OWASP. Potentially unsafe double-checked locking.
• V5013. OWASP. Storing credentials inside source code can lead to security issues.
• V5014. OWASP. Cryptographic function is deprecated. Its use can lead to security issues. Consider switching to an equivalent newer function.

Стандарт OWASP (C#)

• V5601. OWASP. Storing credentials inside source code can lead to security issues.
• V5602. OWASP. The object was created but it is not being used. The 'throw' keyword could be missing.
• V5603. OWASP. The original exception object was swallowed. Stack of original exception could be lost.
• V5604. OWASP. Potentially unsafe double-checked locking. Use volatile variable(s) or synchronization primitives to avoid this.
• V5605. OWASP. Unsafe invocation of event, NullReferenceException is possible. Consider assigning event to a local variable before invoking it.
• V5606. OWASP. An exception handling block does not contain any code.
• V5607. OWASP. Exception classes should be publicly accessible.
• V5608. OWASP. Possible SQL injection. Potentially tainted data is used to create SQL command.
• V5609. OWASP. Possible path traversal vulnerability. Potentially tainted data is used as a path.
• V5610. OWASP. Possible XSS vulnerability. Potentially tainted data might be used to execute a malicious script.
• V5611. OWASP. Potential insecure deserialization vulnerability. Potentially tainted data is used to create an object using deserialization.
• V5612. OWASP. Do not use old versions of SSL/TLS protocols as it may cause security issues.
• V5613. OWASP. Use of outdated cryptographic algorithm is not recommended.
• V5614. OWASP. Potential XXE vulnerability. Insecure XML parser is used to process potentially tainted data.
• V5615. OWASP. Potential XEE vulnerability. Insecure XML parser is used to process potentially tainted data.
• V5616. OWASP. Possible command injection. Potentially tainted data is used to create OS command.
• V5617. OWASP. Assigning potentially negative or large value as timeout of HTTP session can lead to excessive session expiration time.
• V5618. OWASP. Possible server-side request forgery. Potentially tainted data is used in the URL.
• V5619. OWASP. Possible log injection. Potentially tainted data is written into logs.
• V5620. OWASP. Possible LDAP injection. Potentially tainted data is used in a search filter.
• V5621. OWASP. Error message contains potentially sensitive data that may be exposed.
• V5622. OWASP. Possible XPath injection. Potentially tainted data is used in the XPath expression.
• V5623. OWASP. Possible open redirect vulnerability. Potentially tainted data is used in the URL.
• V5624. OWASP. Use of potentially tainted data in configuration may lead to security issues.
• V5625. OWASP. Referenced package contains vulnerability.
• V5626. OWASP. Possible ReDoS vulnerability. Potentially tainted data is processed by regular expression that contains an unsafe pattern.
• V5627. OWASP. Possible NoSQL injection. Potentially tainted data is used to create query.
• V5628. OWASP. Possible Zip Slip vulnerability. Potentially tainted data is used in the path to extract the file.

Стандарт OWASP (Java)

• V5301. OWASP. An exception handling block does not contain any code.
• V5302. OWASP. Exception classes should be publicly accessible.
• V5303. OWASP. The object was created but it is not being used. The 'throw' keyword could be missing.
• V5304. OWASP. Unsafe double-checked locking.
• V5305. OWASP. Storing credentials inside source code can lead to security issues.
• V5306. OWASP. The original exception object was swallowed. Cause of original exception could be lost.
• V5307. OWASP. Potentially predictable seed is used in pseudo-random number generator.
• V5308. OWASP. Possible overflow. The expression will be evaluated before casting. Consider casting one of the operands instead.

Проблемы при работе анализатора кода

• V001. A code fragment from 'file' cannot be analyzed.
• V002. Some diagnostic messages may contain incorrect line number.
• V003. Unrecognized error found...
• V004. Diagnostics from the 64-bit rule set are not entirely accurate without the appropriate 64-bit compiler. Consider utilizing 64-bit compiler if possible.
• V005. Cannot determine active configuration for project. Please check projects and solution configurations.
• V006. File cannot be processed. Analysis aborted by timeout.
• V007. Deprecated CLR switch was detected. Incorrect diagnostics are possible.
• V008. Unable to start the analysis on this file.
• V010. Analysis of 'Makefile/Utility' type projects is not supported in this tool. Use direct analyzer integration or compiler monitoring instead.
• V011. Presence of #line directives may cause some diagnostic messages to have incorrect file name and line number.
• V012. Some warnings could have been disabled.
• V013. Intermodular analysis may be incomplete, as it is not run on all source files.
• V014. The version of your suppress file is outdated. Appending new suppressed messages to it is not possible. Consider re-generating your suppress file to continue updating it.
• V015. All analyzer messages were filtered out or marked as false positive. Use filter buttons or 'Don't Check Files' settings to enable message display.
• V016. User annotation was not applied to a virtual function. To force the annotation, use the 'enable_on_virtual' flag.
• V017. The analyzer terminated abnormally due to lack of memory.
• V018. False Alarm marks without hash codes were ignored because the 'V_HASH_ONLY' option is enabled.
• V019. Error occurred while working with the user annotation mechanism.
• V020. Error occurred while working with rules configuration files.
• V051. Some of the references in project are missing or incorrect. The analysis results could be incomplete. Consider making the project fully compilable and building it before analysis.
• V052. A critical error had occurred.
• V061. An error has occurred.
• V062. Failed to run analyzer core. Make sure the correct 64-bit Java 11 or higher executable is used, or specify it manually.
• V063. Analysis aborted by timeout.