Our website uses cookies to enhance your browsing experience.
Accept
to the top
close form

Fill out the form in 2 simple steps below:

Your contact information:

Step 1
Congratulations! This is your promo code!

Desired license type:

Step 2
Team license
Enterprise license
** By clicking this button you agree to our Privacy Policy statement
close form
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
* By clicking this button you agree to our Privacy Policy statement

close form
Free PVS‑Studio license for Microsoft MVP specialists
* By clicking this button you agree to our Privacy Policy statement

close form
To get the licence for your open-source project, please fill out this form
* By clicking this button you agree to our Privacy Policy statement

close form
I am interested to try it on the platforms:
* By clicking this button you agree to our Privacy Policy statement

close form
check circle
Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
Errors detected in Open Source projects…

Errors detected in Open Source projects by the PVS-Studio developers through static analysis

We regularly check various open-source projects with PVS-Studio and send analysis results to developers and usually describe them in our posts as well. Besides, we add them into our bug database. This database is posted below on this page.

The bugs are grouped according to the number of the diagnostic rule that is used to detect them. The right column contains a link to the corresponding error samples.

We have deliberately refused to implement an option to view all the bugs found in a particular project: this might lead to an incorrect impression regarding the number of errors in the project and the analyzer's capabilities. You see, the tool is rapidly developing. While it found 10 bugs in a project one year ago, it doesn't mean at all that it will find the same amount now. Compare, for instance, the reports of ReactOS checks: first report, second report (a year and a half later).

You can offer us other open-source projects for analysis. The project types supported by PVS-Studio are given in the tool description.

This database may serve a unique resource for reflection on coding standards development, concepts of articles on programming rules, and help you in other researches regarding enhancing software reliability. We wish you interesting researches.


Error CodeError DescriptionProject List
V501Identical sub-expressions to the left and to the right of 'foo' operator.
TheXTech, FlipperZero, Ogre3D, DAW JSON Link, Captain Blood, VCMI, CodeLite, Microsoft PowerToys, YTsaurus, Qt Creator, ...
V502The '?:' operator may not work as expected. The '?:' operator has a lower priority than the 'foo' operator.
OpenJDK, CryEngine V, GCC, Linux Kernel, Scilab, Amazon Lumberyard, Perl 5, NCBI Genome Workbench, LLVM/Clang, Heawei Ark Compiler, ...
V503Nonsensical comparison: pointer < 0.
OGDF, Asterisk, .NET CoreCLR, Haiku Operation System, GINV, FreeBSD Kernel, OpenToonz, Far2l, Tizen, LLVM/Clang, ...
V504Semicolon ';' is probably missing after the 'return' keyword.
Inkscape, Kodi, LLVM/Clang.
V505The 'alloca' function is used inside the loop. This can quickly overflow stack.
Crystal Space 3D SDK, Multi-threaded Dynamic Queue, Pixie, DeSmuME, Synergy, Tizen, EFL Core Libraries.
V506Pointer to local variable 'X' is stored outside the scope of this variable. Such a pointer will become invalid.
WinSCP, Miranda NG, Unreal Engine 4, PHP:Hypertext Preprocessor, RT-Thread, Haiku Operation System, MuseScore, Ogre3D.
V507Pointer to local array 'X' is stored outside the scope of this array. Such a pointer will become invalid.
Scilab, Miranda NG, MAME, GNU Octave, Inkscape, GCC, Tizen, Android, Doom 1, Command & Conquer, ...
V509Exceptions raised inside noexcept functions must be wrapped in a try..catch block.
Geant4 software, Protocol Buffers, Source Engine SDK, Data Distribution Service, FlightGear, TortoiseGit, WebRTC, LibreOffice, 7-Zip, MuditaOS, ...
V510The 'Foo' function receives class-type variable as Nth actual argument. This is unexpected behavior.
Quake-III-Arena, Wild Magic 5, Scilab, Unreal Engine 4, Chromium, Apple II emulator, Telegram, Computational Network Toolkit, CryEngine V, libusbx, ...
V511The sizeof() operator returns pointer size instead of array size.
Shareaza, Wolfenstein 3D, Chromium, MySQL, Intel AMT SDK, ReactOS, Samba, Source Engine SDK, Oracle VM Virtual Box.
V512Call of the 'Foo' function will lead to buffer overflow.
FreeBSD Kernel, Stickies, Tizen, EFL Core Libraries, XNU kernel, rdesktop, VVVVVV, Zephyr, Command & Conquer, GPCS4, ...
V513Use _beginthreadex/_endthreadex functions instead of CreateThread/ExitThread functions.
Multi Theft Auto, Trans-Proteomic Pipeline, SeqAn, Snes9x, PostgreSQL Database Management System, Source Engine SDK, Tesseract.
V514Potential logical error. Size of a pointer is divided by another value.
Miranda IM, ReactOS, Notepad++, OpenMS, OpenCOLLADA, Scilab, Miranda NG.
V516Non-null function pointer is compared to null. Consider inspecting the expression.
Audacity, Micro-Manager.
V517Potential logical error. The 'if (A) {...} else if (A) {...}' pattern was detected.
Krita, FreeRDP, Haiku Operation System, Bullet Physics SDK, ROOT, Qemu, TheXTech, MuditaOS, GPCS4, Microsoft PowerToys, ...
V518The 'malloc' function allocates suspicious amount of memory calculated by 'strlen(expr)'. Perhaps the correct expression is strlen(expr) + 1.
FCEUX.
V519The 'x' variable is assigned values twice successively. Perhaps this is a mistake.
Snort, Darwin-XNU, Storm Engine, LFortran, libtorrent, RPCS3, GPCS4, VCMI, GZDoom, iSulad, ...
V520Comma operator ',' in array index expression.
G3D Content Pak.
V521Expressions that use comma operator ',' are dangerous. Make sure the expression is correct.
Grassroots DICOM library (GDCM), Oracle VM Virtual Box, Unreal Engine 4, ReactOS, CryEngine V, Steinberg SDKs, Amazon Lumberyard, Azure Service Fabric, Godot Engine, Dlib, ...
V522Possible null pointer dereference.
SystemC, Storm Engine, LFortran, CARLA, MuditaOS, VCMI, GCC, FreeCAD, GZDoom, Dagor Engine, ...
V523The 'then' statement is equivalent to the 'else' statement.
Command & Conquer, Qemu, PPrint, Espressif IoT Development Framework, TheXTech, Blend2D, Overgrowth, Captain Blood, CodeLite, Qt Creator, ...
V524It is suspicious that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function.
MuseScore, FreeRDP, EAStdC, Heawei Ark Compiler, Newton Game Dynamics, Command & Conquer, Indicators, Qt, FaCT++, Blend2D, ...
V525Code contains collection of similar blocks. Check items X, Y, Z, ... in lines N1, N2, N3, ...
MySQL, Trans-Proteomic Pipeline, SeqAn, Source Engine SDK, Scilab, SlimDX, Android, xrdp, Newton Game Dynamics, FreeCAD, ...
V526The 'strcmp' function returns 0 if corresponding strings are equal. Consider inspecting the condition for mistakes.
wxWidgets, Network Security Services (NSS), PostgreSQL Database Management System, Micro-Manager.
V527The 'zero' value is assigned to pointer. Probably meant: *ptr = zero.
PNG library, Apache HTTP Server, ReactOS, Trans-Proteomic Pipeline, Scilab, Haiku Operation System, Tizen.
V528Pointer is compared with 'zero' value. Probably meant: *ptr != zero.
Apache HTTP Server, Scilab, TortoiseGit, Miranda NG, The GTK+ Project, GCC, ReOpenLDAP, GDB, Partio, Aspell, ...
V529Suspicious semicolon ';' after 'if/for/while' operator.
ReactOS, CamStudio, Windows 8 Driver Samples, QuickThread, VirtualDub, Oracle VM Virtual Box, Haiku Operation System, MAME, CryEngine V, GuiLite, ...
V530Return value of 'Foo' function is required to be used.
CryEngine V, Scilab, Audacity, Ardour, Android, ANGLE, LibreOffice, Haiku Operation System, Blender, Ogre3D, ...
V531The sizeof() operator is multiplied by sizeof(). Consider inspecting the expression.
XUIFramework, NetDefender Firewall, ReactOS, CrashRpt library, Oracle VM Virtual Box, CMake, GPCS4.
V532Consider inspecting the statement of '*pointer++' pattern. Probably meant: '(*pointer)++'.
eMule Plus, FCEUX, IPP Samples, Apache HTTP Server, DeSmuME, OpenSSL, Miranda NG, Godot Engine, Open X-Ray Engine.
V533It is possible that a wrong variable is incremented inside the 'for' operator. Consider inspecting 'X'.
Doom 3, Simple DirectMedia Layer, Godot Engine, Unreal Engine 4, Open X-Ray Engine, LibreOffice, GTK, Chromium.
V534It is possible that a wrong variable is compared inside the 'for' operator. Consider inspecting 'X'.
Source Engine SDK, Coin3D, Oracle VM Virtual Box, .NET CoreCLR, Android, Azure Service Fabric, NCBI Genome Workbench, Qalculate!.
V535The 'X' variable is used for this loop and outer loops.
Wine Is Not an Emulator, Haiku Operation System, FreeBSD Kernel, The GTK+ Project, CryEngine V, Blender, Tizen, Android, NCBI Genome Workbench, libcurl, ...
V536Constant value is represented by an octal form.
eLynx Image Processing SDK and Lab, Miranda IM, PostgreSQL Database Management System, Micro-Manager, TortoiseGit, Chromium, Linux Kernel.
V537Potential incorrect use of item 'X'. Consider inspecting the expression.
IPP Samples, Miranda IM, ReactOS, Quake-III-Arena, Trinity Core, Blender, Source Engine SDK, Expat, FreeCAD.
V538The line contains control character 0x0B (vertical tabulation).
EA WebKit.
V539Iterators are passed as arguments to 'Foo' function. Consider inspecting the expression.
CryEngine V.
V540Member 'x' should point to string terminated by two 0 characters.
Fennec Media, Chromium, WinSCP.
V541String is printed into itself. Consider inspecting the expression.
PCSX2, CAMEL, Mozilla Firefox, UCSniff, TinyCAD, Scilab, FreeBSD Kernel, Serious Engine 1 v.1.10, Ardour.
V542Suspicious type cast: 'Type1' to ' Type2'. Consider inspecting the expression.
Miranda IM, Platinum.
V543It is suspicious that value 'X' is assigned to the variable 'Y' of HRESULT type.
WinMerge, Oracle VM Virtual Box, Unreal Engine 4, Mozilla Thunderbird.
V545Conditional expression of 'if' statement is incorrect for the HRESULT type value 'Foo'. The SUCCEEDED or FAILED macro should be used instead.
VirtualDub, Qt, LibreOffice, Apache HTTP Server, ANGLE.
V546The 'Foo(Foo)' class member is initialized with itself.
Boost (C++ libraries), OpenToonz, CryEngine V, ClickHouse, Amazon Lumberyard, Blender.
V547Expression is always true/false.
Blend2D, MuditaOS, Ogre3D, GPCS4, Overgrowth, VCMI, Microsoft PowerToys, YTsaurus, GZDoom, iSulad, ...
V548TYPE X[][] is not equivalent to TYPE **X. Consider inspecting type casting.
Haiku Operation System.
V549The 'first' argument of 'Foo' function is equal to the 'second' argument.
Micro-Manager, Miranda NG, The GTK+ Project, GDB, Linux Kernel, CryEngine V, Skia Graphics Engine, Android, Amazon Lumberyard, PMDK, ...
V550Suspicious precise comparison. Consider using a comparison with defined precision: fabs(A - B) < Epsilon or fabs(A - B) > Epsilon.
CAMEL, ffdshow, Windows Calculator, ArduPod.
V551Unreachable code under a 'case' label.
Command & Conquer.
V552A bool type variable is incremented. Perhaps another variable should be incremented instead.
7-Zip, Command & Conquer.
V554Incorrect use of smart pointer.
Haiku Operation System, OpenToonz, Casablanca, Nana, Skia Graphics Engine, Android, 0 A.D., LibreOffice, LLVM/Clang, CodeLite, ...
V555Expression of the 'A - B > 0' kind will work as 'A != B'.
Trans-Proteomic Pipeline, Scilab, OpenSSL, Wine Is Not an Emulator, PHP:Hypertext Preprocessor, OpenJPEG, K Desktop Environment, FreeSWITCH.
V556Values of different enum types are compared.
Linux Kernel, OpenToonz, Casablanca, Blender, SCIM, Tizen, EFL Core Libraries, Doom 1, Celestia, Command & Conquer, ...
V557Possible array overrun.
Espressif IoT Development Framework, Storm Engine, RPCS3, Blend2D, Ogre3D, GPCS4, GCC, FreeCAD, GTK, Qt Creator, ...
V558Function returns pointer/reference to temporary local object.
SeqAn, VirtualDub, Geant4 software, LLVM/Clang, EFL Core Libraries, Android.
V559Suspicious assignment inside the conditional expression of 'if/while/for' statement.
Miranda IM, Intel AMT SDK, Data Distribution Service, Scilab, Miranda NG, The GTK+ Project, Serious Engine 1 v.1.10.
V560Part of conditional expression is always true/false.
Amnesia: The Dark Descent, GTK, Snort, Darwin-XNU, Storm Engine, libtorrent, RPCS3, Ogre3D, VCMI, GZDoom, ...
V561Consider assigning value to 'foo' variable instead of declaring it anew.
Oracle VM Virtual Box, Godot Engine, Telegram, Firebird, OpenJDK, Chromium, Amazon Lumberyard, NCBI Genome Workbench, Qt, Overgrowth, ...
V562Bool type value is compared with value of N. Consider inspecting the expression.
Spvolren, ReactOS, Blender, Windows 8 Driver Samples, Haiku Operation System, NCBI Genome Workbench, TheXTech.
V563An 'else' branch may apply to the previous 'if' statement.
BCmenu, Squirrel, PeerBlock, Trans-Proteomic Pipeline, Cfront, Open X-Ray Engine, Amnesia: The Dark Descent.
V564The '&' or '|' operator is applied to bool type value. Check for missing parentheses or use the '&&' or '||' operator.
Battle for Wesnoth, Blender, FFmpeg, Unreal Engine 4, OpenMW, K Desktop Environment, Oracle VM Virtual Box, Amazon Lumberyard, Perl 5, Haiku Operation System, ...
V565Empty exception handler. Silent suppression of exceptions can hide errors in source code during testing.
G3D Content Pak.
V567Modification of variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior.
CryEngine V, CMaNGOS, Far2l, Steinberg SDKs, ofPennerEasing, LibreOffice, Doom 1, glTF library, LLVM/Clang, Darwin-XNU, ...
V568It is suspicious that the argument of sizeof() operator is the expression.
Haiku Operation System, Far2l, CryEngine V, EFL Core Libraries, XNU kernel, RT-Thread, Android, Azure Service Fabric, PMDK, Microsoft PowerToys, ...
V569Truncation of constant value.
FreeBSD Kernel, VCMI.
V570Variable is assigned to itself.
NCBI Genome Workbench, LLVM/Clang, Haiku Operation System, Heawei Ark Compiler, GCC, Command & Conquer, Storm Engine, TheXTech, Ogre3D, Captain Blood, ...
V571Recurring check. This condition was already verified in previous line.
Ardour, Steinberg SDKs, NCBI Genome Workbench, LibrePCB, Kodi, ROOT, jsoncons, LLVM/Clang, Darwin-XNU, MuditaOS, ...
V572Object created using 'new' operator is immediately cast to another type. Consider inspecting the expression.
wxWidgets, Cocos2d-x, Tizen.
V573Use of uninitialized variable 'Foo'. The variable was used to initialize itself.
Multi Theft Auto, Firebird, Word for Windows 1.1a, LLVM/Clang, Blend2D, Microsoft PowerToys.
V574Pointer is used both as an array and as a pointer to single object.
Amazon FreeRTOS.
V575Function receives suspicious argument.
SystemC, Snort, Transmission, LLVM/Clang, FlipperZero, Blender, GTK, GZDoom, Dagor Engine, iSulad, ...
V576Incorrect format. Consider checking the Nth actual argument of the 'Foo' function.
Open X-Ray Engine, ReOpenLDAP, ICQ, Far2l, EFL Core Libraries, Tizen, Enlightenment, 0 A.D., FreeRDP, FlipperZero, ...
V578Suspicious bitwise operation was detected. Consider inspecting it.
NetXMS, RT-Thread, Android.
V579The 'Foo' function receives the pointer and its size as arguments. This may be a potential error. Inspect the Nth argument.
OpenJDK, CryEngine V, GDB, GNU GRUB, MySQL, RT-Thread, Doom 1, PMDK, Captain Blood, Microsoft PowerToys, ...
V581Conditional expressions of 'if' statements located next to each other are identical.
Krita, FreeRDP, Celestia, TON, Universal, LLVM/Clang, Qt, Snort, RPCS3, GTK, ...
V583The '?:' operator, regardless of its conditional expression, always returns the same value.
Chromium, CMaNGOS, Audacity, V8 JavaScript Engine, TDLib, Krita, Vangers: One For The Road, Command & Conquer, DuckStation, Captain Blood, ...
V584Same value is present on both sides of the operator. The expression is incorrect or can be simplified.
Far2l, Asterisk, Ruby MRI, Command & Conquer.
V586The 'Foo' function is called twice to deallocate the same resource.
Blender, OpenMW, VNL, Miranda NG.
V587Suspicious sequence of assignments: A = B; B = A;.
Windows 8 Driver Samples, Mozilla Firefox, LibreOffice, Git, GNU GRUB, EFL Core Libraries, ORCT2, CodeLite.
V588Expression of the 'A =+ B' kind is used. Possibly meant: 'A += B'. Consider inspecting the expression.
Libxml2, Trans-Proteomic Pipeline.
V590Possible excessive expression or typo. Consider inspecting the expression.
Qt, NCBI Genome Workbench, Qalculate!, libarchive, ROOT, Command & Conquer, Darwin-XNU, CodeLite, GTK, GZDoom, ...
V591Non-void function must return value.
EFL Core Libraries, Android, NCBI Genome Workbench, ROOT, Command & Conquer, Strf, Chobo Single-Header Libraries, PpluX, Universal, manif, ...
V592Expression is enclosed by parentheses twice: ((expression)). One pair of parentheses is unnecessary or typo is present.
wxWidgets, Spring Engine, TensorFlow, CMake.
V593Expression 'A = B == C' is calculated as 'A = (B == C)'. Consider inspecting the expression.
Blender, ReOpenLDAP, OpenSubdiv, CMaNGOS, XNU kernel, Android, ROOT, PMDK, Espressif IoT Development Framework, Qt Creator, ...
V594Pointer to array is out of array bounds.
ReactOS.
V595Pointer was used before its check for nullptr. Check lines: N1, N2.
RPCS3, Blend2D, FlipperZero, MuditaOS, Ogre3D, GPCS4, Overgrowth, VCMI, GZDoom, iSulad, ...
V596Object was created but is not used. Check for missing 'throw' keyword.
OpenMW, FreeCAD, Computational Network Toolkit, OpenToonz, MySQL, Amazon Lumberyard, Haiku Operation System, ROOT, Hnswlib, tiny-dnn, ...
V597Compiler may delete 'memset' function call that is used to clear 'Foo' buffer. Use the RtlSecureZeroMemory() function to erase private data.
NCBI Genome Workbench, PPSSPP, ROOT, Qemu, Espressif IoT Development Framework, GTK, Snort, Transmission, RPCS3, iSulad, ...
V598Memory manipulation function is used to work with a class object containing a virtual table pointer. The result of such an operation may be unexpected.
IPP Samples, Coin3D, SlimDX, Miranda NG, .NET CoreCLR, GZDoom.
V599The virtual destructor is not present, although the 'Foo' class contains virtual functions.
Synergy, ANGLE, TortoiseGit, Miranda NG, FreeCAD, GINV, Unreal Engine 4, Computational Network Toolkit, OpenToonz, Notepad++, ...
V600The 'Foo' pointer is always not equal to NULL. Consider inspecting the condition.
Notepad++, OpenSSL, Multi Theft Auto, Firebird, ITK, FreeSWITCH.
V601Suspicious implicit type casting.
WebPagetest, Micro-Manager, Doxygen, Firebird, Notepad++, SCIM, Rosegarden, TON, VVVVVV, Dlib, ...
V602The '<' operator should probably be replaced with '<<'. Consider inspecting this expression.
RT-Thread.
V603Object was created but not used. If you wish to call constructor, use 'this->Foo::Foo(....)'.
ChakraCore, Open X-Ray Engine, CryEngine V, EA WebKit, Android, Azure Service Fabric, Etc2Comp, NCBI Genome Workbench, Stellarium, Haiku Operation System, ...
V604Number of iterations in loop equals size of a pointer. Consider inspecting the expression.
Windows 8 Driver Samples.
V605Unsigned value is compared to the NN number. Consider inspecting the expression.
VirtualDub, PHP:Hypertext Preprocessor, FreeSWITCH, The GTK+ Project.
V606Ownerless token 'Foo'.
RunAsAdmin Explorer Shim, Windows 8 Driver Samples, Oracle VM Virtual Box, Amazon Lumberyard, Azure Service Fabric.
V607Ownerless expression 'Foo'.
Unreal Engine 4, Miranda NG, Godot Engine, Serious Engine 1 v.1.10, System Shock, Azure Service Fabric, Captain Blood, Microsoft PowerToys, GZDoom, Qt Creator, ...
V609Possible division or mod by zero.
Mozilla Thunderbird, Inkscape, Chromium, EFL Core Libraries, SpeedCrunch, Haiku Operation System, ROOT, LLVM/Clang, MuditaOS, Ogre3D, ...
V610Undefined behavior. Check the shift operator.
Qt, SpeedCrunch, TON, Command & Conquer, PMDK, Qemu, Boost (C++ libraries), Overgrowth, GZDoom, Dagor Engine, ...
V611Memory allocation and deallocation methods are incompatible.
Amazon Lumberyard, Azure Service Fabric, Vangers: One For The Road, Qalculate!, Haiku Operation System, Command & Conquer, Storm Engine, Overgrowth, Captain Blood, GTK, ...
V612Unconditional 'break/continue/return/goto' within a loop.
Casablanca, Inkscape, CMaNGOS, Audacity, Rosegarden, XNU kernel, RT-Thread, MuseScore, CARLA, GCC, ...
V614Use of 'Foo' uninitialized variable.
Espressif IoT Development Framework, Darwin-XNU, LLVM/Clang, Protocol Buffers, DuckStation, Ogre3D, Captain Blood, CodeLite, GCC, Dagor Engine, ...
V615Suspicious explicit conversion from 'float *' type to 'double *' type.
OpenJDK.
V616Use of 'Foo' named constant with 0 value in bitwise operation.
Unreal Engine 4, Mozilla Thunderbird, ReactOS, LLVM/Clang, CMaNGOS, Qt, Minetest, Qemu, Dlib, Chromium, ...
V617Argument of the '|' bitwise operation always contains non-zero value. Consider inspecting the condition.
OpenSSL, Multi Theft Auto, Word for Windows 1.1a, WebRTC, FreeBSD Kernel, XNU kernel, Android, Command & Conquer, POCO C++ Libraries, MuditaOS, ...
V618Dangerous call of 'Foo' function. The passed line may contain format specification. Example of safe code: printf("%s", str);
TortoiseSVN, Source Engine SDK, CryEngine 3 SDK, WinSCP, Miranda NG, LibreOffice, Apple II emulator, Tizen.
V619Array is used as pointer to single object.
Amazon FreeRTOS.
V620Expression of sizeof(T)*N kind is summed up with pointer to T type. Consider inspecting the expression.
Apache Xerces Project, Snes9x, Miranda NG, Chromium.
V621Loop may execute incorrectly or may not execute at all. Consider inspecting the 'for' operator.
FreeBSD Kernel, EFL Core Libraries, Godot Engine, Windows Calculator, ROOT, Newton Game Dynamics, GTK, Free Heroes of Might and Magic II, Snort, GCC, ...
V622First 'case' operator may be missing. Consider inspecting the 'switch' statement.
K Desktop Environment, Miranda NG, CryEngine V, Tizen, Amazon Lumberyard, LLVM/Clang.
V623Temporary object is created and then destroyed. Consider inspecting the '?:' operator.
Far2l.
V624Use of constant NN. The resulting value may be inaccurate. Consider using the M_NN constant from <math.h>.
ffdshow, OpenMS, Geant4 software, Inkscape, Tizen, Bullet Physics SDK, Celestia.
V625Initial and final values of the iterator are the same. Consider inspecting the 'for' operator.
Synergy, LibreOffice, Oracle VM Virtual Box, GCC.
V626It's possible that ',' should be replaced by ';'. Consider checking for typos.
Oracle VM Virtual Box, LibreOffice.
V627Argument of sizeof() is a macro, which expands to a number. Consider inspecting the expression.
Samba, Network Security Services (NSS), Data Distribution Service, WebRTC, Haiku Operation System.
V628It is possible that a line was commented out improperly, thus altering the program's operation logic.
Trans-Proteomic Pipeline, Spring Engine, Inkscape.
V629Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type. Consider inspecting the expression.
Tesseract, Bitcoin, Alembic, TensorFlow, Android, Qemu, jsoncons, PGM-index, YTsaurus, iSulad, ...
V630The 'malloc' function is used to allocate memory for an array of objects that are classes containing constructors/destructors.
Cocos2d-x, Haiku Operation System, Computational Network Toolkit, CryEngine V, EFL Core Libraries, Newton Game Dynamics, MuseScore.
V631Defining absolute path to file or directory is considered a poor coding style. Consider inspecting the 'Foo' function call.
ffdshow, NetXMS, VirtualDub.
V634Priority of '+' operation is higher than priority of '<<' operation. Consider using parentheses in the expression.
Haiku Operation System, CryEngine V, System Shock, Stellarium, Qemu, Snort.
V635Length should be probably multiplied by sizeof(wchar_t). Consider inspecting the expression.
WinMerge, Miranda NG.
V636Expression was implicitly cast from integer type to real type. Consider using an explicit type cast to avoid overflow or loss of a fractional part.
Qt, Tesseract, Cocos2d-x, Miranda NG, Open X-Ray Engine, ICQ, EFL Core Libraries, Tizen, Minetest, GTK, ...
V637Use of two opposite conditions. The second condition is always false.
Unreal Engine 4, TortoiseGit, K Desktop Environment, .NET CoreCLR, ReactOS, Firebird, Blender, LibreOffice, MuseScore, RPCS3, ...
V638Terminal null is present inside a string. Use of '\0xNN' characters. Probably meant: '\xNN'.
Oracle VM Virtual Box, Linux Kernel.
V639One of closing ')' parentheses is probably positioned incorrectly. Consider inspecting the expression for function call.
CryEngine 3 SDK, Eigen, LibreOffice.
V640Code's operational logic does not correspond with its formatting.
Miranda NG, Spring Engine, Haiku Operation System, CryEngine V, CMaNGOS, GCC, FreeBSD Kernel, Augeas, Tizen, Android, ...
V641Buffer size is not a multiple of element size.
Miranda NG, GZDoom.
V642Function result is saved inside the 'byte' type variable. Significant bits may be lost. This may break the program's logic.
Xpdf, ReactOS, Firebird, Linux Kernel, OpenToonz, Tizen, Amazon FreeRTOS, Espressif IoT Development Framework.
V643Suspicious pointer arithmetic. Value of 'char' type is added to a string pointer.
Spring Engine, OpenToonz.
V645Function call may lead to buffer overflow. Bounds should not contain size of a buffer, but a number of characters it can hold.
ReactOS, ICU, Multi Theft Auto, Miranda NG, Enlightenment, Tizen, Haiku Operation System.
V646The 'else' keyword may be missing. Consider inspecting the program's logic.
Inkscape, Aspell, EFL Core Libraries, Tizen, XNU kernel, Krita, LLVM/Clang, ROOT, Minetest, Qemu, ...
V647Value of 'A' type is assigned to a pointer of 'B' type.
Tizen.
V648Priority of '&&' operation is higher than priority of '||' operation.
Wolfenstein 3D, Oracle VM Virtual Box, Command & Conquer.
V649Two 'if' statements with identical conditional expressions. The first 'if' statement contains function return. This means that the second 'if' statement is senseless.
Wolfenstein 3D, Coin3D, Micro-Manager, Blender, LLVM/Clang, EFL Core Libraries, Chromium, Skia Graphics Engine, LibreOffice, CodeLite, ...
V650Type casting is used 2 times in a row. The '+' operation is executed. Probably meant: (T1)((T2)a + b).
Wine Is Not an Emulator.
V652Operation is executed 3 or more times in a row.
FreeSWITCH.
V653Suspicious string consisting of two parts is used for initialization. Comma may be missing.
Asterisk, Linux Kernel.
V654Condition of a loop is always true/false.
Android, Stellarium, Haiku Operation System, Doom 1, Newton Game Dynamics, Free Heroes of Might and Magic II, Snort, TheXTech, FlipperZero, Captain Blood, ...
V655Strings were concatenated but not used. Consider inspecting the expression.
Scilab, K Desktop Environment, FreeCAD, OpenToonz, LLVM/Clang.
V656Variables are initialized through the call to the same function. It's probably an error or un-optimized code.
Doom 3, ReactOS, Qt, LibreOffice, Skia Graphics Engine, Krita, LLVM/Clang, FreeCAD.
V658Value is subtracted from unsigned variable. It can result in an overflow. In such a case, the comparison operation may behave unexpectedly.
VCMI.
V661Suspicious expression 'A[B < C]'. Probably meant 'A[B] < C'.
NCBI Genome Workbench.
V662Different containers are used to set up initial and final values of iterator. Consider inspecting the loop expression.
Rhino (JavaScript engine).
V663Infinite loop is possible. The 'cin.eof()' condition is insufficient to break from the loop. Consider adding the 'cin.fail()' function call to the conditional expression.
POCO C++ Libraries, OpenMW, Grassroots DICOM library (GDCM), ITK, SETI@home, GNU Octave, NCBI Genome Workbench, ROOT, FreeCAD.
V664Pointer is dereferenced on the initialization list before its check for null inside the body of a constructor function.
LLVM/Clang, FreeCAD, GZDoom.
V665Possible incorrect use of '#pragma warning(default: X)'. The '#pragma warning(push/pop)' should be used instead.
Newton Game Dynamics, FreeSWITCH, Dolphin Smalltalk 7, OpenToonz, Apache HTTP Server, usrsctp, tiny-dnn, PGM-index, Microsoft PowerToys, Qt Creator, ...
V666Value may not correspond with the length of a string passed with YY argument. Consider inspecting the NNth argument of the 'Foo' function.
ITK, Spring Engine, LibreOffice, OpenJDK, Inkscape, Linux Kernel, FreeBSD Kernel, Bind, Enlightenment, CARLA, ...
V668Possible meaningless check for null, as memory was allocated using 'new' operator. Memory allocation will lead to an exception.
Android, 0 A.D., SpeedCrunch, Celestia, TON, Newton Game Dynamics, Minetest, SystemC, RPCS3, MuditaOS, ...
V669Argument is a non-constant reference. The analyzer is unable to determine the position where this argument is modified. Consider checking the function for an error.
WinMerge, CryEngine 3 SDK, Micro-Manager, CMaNGOS.
V670Uninitialized class member is used to initialize another member. Remember that members are initialized in the order of their declarations inside a class.
Tesseract, .NET CoreCLR, Unreal Engine 4, Appleseed, Mozilla Thunderbird, Rosegarden, NCBI Genome Workbench, LibreOffice, Haiku Operation System, Qt Creator.
V671The 'swap' function may interchange a variable with itself.
Haiku Operation System.
V672It is possible that creating a new variable is unnecessary. One of the function's arguments has the same name and this argument is a reference.
Qalculate!, Haiku Operation System, Command & Conquer.
V673More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits.
.NET CoreCLR.
V674Expression contains a suspicious mix of integer and real types.
Unreal Engine 4, Open X-Ray Engine, ICQ, CMaNGOS, Tizen, EFL Core Libraries, MuseScore, Rosegarden, 0 A.D., Stellarium, ...
V675Writing into read-only memory.
Tizen.
V676Incorrect comparison of BOOL type variable with TRUE.
VirtualDub, Firebird, CryEngine 3 SDK, Apple II emulator, Amazon FreeRTOS.
V677Custom declaration of standard type. Consider using the declaration from system header files instead.
SlimDX, Miranda NG.
V678Object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' function.
Shareaza, Mozilla Thunderbird, ROOT.
V681The language standard does not define order in which 'Foo' functions are called during evaluation of arguments.
Wine Is Not an Emulator, Android.
V684Value of variable is not modified. It is possible that '1' should be present instead of '0'. Consider inspecting the expression.
V8 JavaScript Engine, Chromium.
V686Pattern A || (A && ...) was detected. The expression is excessive or contains a logical error.
Blender, Tor, EFL Core Libraries, Tizen.
V688The 'foo' local variable has the same name as one of class members. This can result in confusion.
Computational Network Toolkit, CryEngine V, NCBI Genome Workbench, VVVVVV.
V690The class implements a copy constructor/operator=, but lacks the operator=/copy constructor.
Bitcoin, Casablanca, OpenJDK, Tizen.
V691Empirical analysis. Possible typo inside the string literal. The 'foo' word is suspicious.
Chromium.
V692Inappropriate attempt to append a null character to a string. To determine the length of a string by 'strlen' function correctly, use a string ending with a null terminator in the first place.
Wine Is Not an Emulator, Linux Kernel, Haiku Operation System, Tizen.
V693It is possible that 'i < X.size()' should be used instead of 'X.size()'. Consider inspecting conditional expression of the loop.
Godot Engine.
V694The condition (ptr - const_value) is only false if the value of a pointer equals a magic constant.
Miranda NG, FreeSWITCH, EFL Core Libraries, Tizen, ICU.
V695Range intersections are possible within conditional expressions.
Linux Kernel, The GTK+ Project, CryEngine V, Scilab, Android.
V696The 'continue' operator will terminate 'do { ... } while (FALSE)' loop because the condition is always false.
Cocos2d-x, Linux Kernel, Haiku Operation System, LLVM/Clang, Tizen, Ardour, Android.
V698Functions of strcmp() kind can return any values, not only -1, 0, or 1.
.NET CoreCLR.
V700It is suspicious that variable is initialized through itself. Consider inspecting the 'T foo = foo = x;' expression.
.NET CoreCLR, Unreal Engine 4, Apple II emulator, Captain Blood.
V701Possible realloc() leak: when realloc() fails to allocate memory, original pointer is lost. Consider assigning realloc() to a temporary pointer.
EFL Core Libraries, Tizen, Aspell, Free Lossless Audio Codec, WebRTC, 0 A.D., Qt, Qalculate!, Espressif IoT Development Framework, Blender, ...
V702Classes should always be derived from std::exception (and alike) as 'public'.
Windows Calculator, Celestia.
V703It is suspicious that the 'foo' field in derived class overwrites field in base class.
ORCT2, DeepSpeech, Ogre3D.
V704The expression is always false on newer compilers. Avoid using 'this == 0' comparison.
Miranda NG, .NET CoreCLR, Serious Engine 1 v.1.10, Inkscape, CMaNGOS, Notepad++.
V705It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics.
K Desktop Environment, Miranda NG, Linux Kernel, FreeBSD Kernel, Valgrind, XNU kernel, Haiku Operation System, Command & Conquer.
V706Suspicious division: sizeof(X) / Value. Size of every element in X array is not equal to divisor.
Haiku Operation System.
V707Giving short names to global variables is considered to be bad practice.
Cfront, Yasm, PMDK.
V708Dangerous construction is used: 'm[x] = m.size()', where 'm' is of 'T' class. This may lead to undefined behavior.
Chromium, LLVM/Clang.
V709Suspicious comparison found: 'a == b == c'. Remember that 'a == b == c' is not equal to 'a == b && b == c'.
Unreal Engine 4, Amazon Lumberyard, Bullet Physics SDK.
V711It is dangerous to create a local variable within a loop with a same name as a variable controlling this loop.
Haiku Operation System, Telegram, Wine Is Not an Emulator, FreeBSD Kernel.
V712Compiler may optimize out this loop or make it infinite. Use volatile variable(s) or synchronization primitives to avoid this.
G3D Content Pak, IPP Samples, GINV, eMule Plus, FreeSWITCH, Shareaza, FCEUX, MPC-HC, ReactOS, Open X-Ray Engine.
V713Pointer was used in the logical expression before its check for nullptr in the same logical expression.
Mozilla Thunderbird, ChakraCore, FreeBSD Kernel, Firebird, CryEngine V, Notepad++, V8 JavaScript Engine, Celestia, Qt, Snort, ...
V714Variable is not passed into foreach loop by reference, but its value is changed inside of the loop.
Krita.
V715The 'while' operator has empty body. This pattern is suspicious.
Enlightenment.
V716Suspicious type conversion: HRESULT -> BOOL (BOOL -> HRESULT).
LibreOffice, Wine Is Not an Emulator, Dolphin Smalltalk 7, Command & Conquer.
V718The 'Foo' function should not be called from 'DllMain' function.
LibreOffice, Open X-Ray Engine.
V719The switch statement does not cover all values of the enum.
Appleseed, Firebird, Windows Calculator.
V721The VARIANT_BOOL type is used incorrectly. The true value (VARIANT_TRUE) is defined as -1.
MAME.
V724Converting integers or pointers to BOOL can lead to a loss of high-order bits. Non-zero value can become 'FALSE'.
Ruby MRI.
V726Attempt to free memory containing the 'int A[10]' array by using the 'free(A)' function.
CamStudio, Shareaza, DuckStation.
V728Excessive check can be simplified. The '||' operator is surrounded by opposite expressions 'x' and '!x'.
Krita, Vangers: One For The Road, LibreOffice, Windows Calculator, EAStdC, CMake, Heawei Ark Compiler, Overgrowth, VCMI, YTsaurus, ...
V729Function body contains the 'X' label that is not used by any 'goto' statements.
FreeBSD Kernel, CodeLite.
V730Not all members of a class are initialized inside the constructor.
Miranda IM, MuseScore, TDLib, ANGLE, LibrePCB, VVVVVV, DeepSpeech.
V732Unary minus operator does not modify a bool type value.
Miranda IM, Krita, GPCS4.
V733It is possible that macro expansion resulted in incorrect evaluation order.
FreeBSD Kernel, Linux Kernel.
V734Excessive expression. Examine the substrings "abc" and "abcd".
CryEngine V, Linux Kernel.
V735Possibly an incorrect HTML. The "</XX>" closing tag was encountered, while the "</YY>" tag was expected.
Qt.
V737It is possible that ',' comma is missing at the end of the string.
Inkscape.
V739EOF should not be compared with a value of the 'char' type. Consider using the 'int' type.
Computational Network Toolkit, Android, NCBI Genome Workbench, rdesktop.
V742Function receives an address of a 'char' type variable instead of pointer to a buffer.
LFortran.
V743The memory areas must not overlap. Use 'memmove' function.
Stickies.
V745A 'wchar_t *' type string is incorrectly converted to 'BSTR' type string.
Oracle VM Virtual Box.
V746Object slicing. An exception should be caught by reference rather than by value.
Oracle VM Virtual Box, OpenToonz, Open X-Ray Engine, Notepad++, Scilab, Tizen, Rosegarden, Ardour, NCBI Genome Workbench.
V749Destructor of the object will be invoked a second time after leaving the object's scope.
0 A.D..
V751Parameter is not used inside function's body.
Linux Kernel, Valgrind, Steinberg SDKs, HarfBuzz, System Shock, Godot Engine, Bullet Physics SDK, Overgrowth.
V756The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter.
LibreOffice.
V757It is possible that an incorrect variable is compared with null after type conversion using 'dynamic_cast'.
LibreOffice, Haiku Operation System, MuditaOS.
V760Two identical text blocks were detected. The second block starts with NN string.
CMaNGOS, TensorFlow, Bind, PDFium, Windows Calculator, FreeRDP, iSulad.
V762Consider inspecting virtual function arguments. See NN argument of function 'Foo' in derived class and base class.
Notepad++, MuseScore, Ardour, Command & Conquer, CodeLite.
V763Parameter is always rewritten in function body before being used.
Inkscape, ReOpenLDAP, Chromium, NCBI Genome Workbench, LibreOffice, Stellarium, Haiku Operation System, GCC, Command & Conquer, MuseScore.
V764Possible incorrect order of arguments passed to function.
Linux Kernel, CMaNGOS, LibreOffice, Espressif IoT Development Framework, GTK, Darwin-XNU.
V765Compound assignment expression 'X += X + N' is suspicious. Consider inspecting it for a possible error.
MuseScore, LibreOffice.
V766An item with the same key has already been added.
Chromium, MuseScore, Android, NCBI Genome Workbench, RPCS3, CodeLite.
V767Suspicious access to element by a constant index inside a loop.
Skia Graphics Engine, RT-Thread, Godot Engine, ROOT.
V768Variable is of enum type. It is suspicious that it is used as a variable of a Boolean-type.
SwiftShader, XNU kernel, RT-Thread, Krita, Android, Qt, Doom 1, ROOT, Command & Conquer, Amnesia: The Dark Descent, ...
V769The pointer in the expression equals nullptr. The resulting value is meaningless and should not be used.
Hunspell, Android, Qt, FreeRDP, Newton Game Dynamics, CSV Parser, DeepSpeech, Overgrowth, GTK, GZDoom, ...
V772Calling the 'delete' operator for a void pointer will cause undefined behavior.
Haiku Operation System, Command & Conquer, Overgrowth, Qt Creator.
V773Function exited without releasing the pointer/handle. A memory/resource leak is possible.
LLVM/Clang, Protocol Buffers, RPCS3, Overgrowth, VCMI, CodeLite, GCC, GTK, Microsoft PowerToys, Qt Creator, ...
V774Pointer was used after the memory was released.
Augeas, Bind, MuseScore, ICU, Qalculate!, Haiku Operation System.
V778Two similar code fragments. Perhaps, it is a typo and 'X' variable should be used instead of 'Y'.
EA WebKit, Android, Godot Engine, LibrePCB, GCC, Newton Game Dynamics, Amnesia: The Dark Descent, MuseScore, YTsaurus, GZDoom, ...
V779Unreachable code was detected. It is possible that an error is present.
NCBI Genome Workbench, Stellarium, rdesktop, LLVM/Clang, Doom 1, GTK, DuckStation, FlipperZero, VCMI, Qt Creator, ...
V780The object of non-passive (non-PDS) type cannot be used with the function.
Tizen, DeepSpeech.
V781Value of a variable is checked after it is used. Possible error in program's logic. Check lines: N1, N2.
Haiku Operation System, GCC, Minetest, Qemu, GTK, libtorrent, TheXTech, LLVM/Clang, Captain Blood, GZDoom, ...
V783Possible dereference of invalid iterator 'X'.
Rosegarden, 0 A.D..
V784The size of the bit mask is less than the size of the first operand. This will cause the loss of the higher bits.
Perl 5, LLVM/Clang, Qemu, iSulad.
V786Assigning the value C to the X variable looks suspicious. The value range of the variable: [A, B].
Tizen, iSulad.
V789Iterators for the container, used in the range-based for loop, become invalid upon a function call.
ClickHouse, WebRTC.
V791The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead.
Overgrowth.
V792The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead.
Stellarium, Haiku Operation System, TheXTech, Blend2D, GCC.
V793It is suspicious that the result of the statement is a part of the condition. Perhaps, this statement should have been compared with something else.
Android, ORCT2, Darwin-XNU.
V794The assignment operator should be protected from the case of 'this == &src'.
RE2, WebRTC, EA WebKit, TDLib, Android, LibreOffice, SpeedCrunch, CARLA, GPCS4, VCMI, ...
V796A 'break' statement is probably missing in a 'switch' statement.
Chromium, Android, System Shock, Godot Engine, GPCS4.
V797The function is used as if it returned a bool type. The return value of the function should probably be compared with std::string::npos.
Qalculate!.
V799Variable is not used after memory is allocated for it. Consider checking the use of this variable.
Krita.
V1001Variable is assigned but not used by the end of the function.
MuseScore, Skia Graphics Engine, XNU kernel, Android, LibreOffice, LLVM/Clang, TON, Zephyr, Universal, Snort, ...
V1002Class that contains pointers, constructor and destructor is copied by the automatically generated operator= or copy constructor.
Ardour, YTsaurus, Dagor Engine.
V1003Macro expression is dangerous or suspicious.
TON.
V1004Pointer was used unsafely after its check for nullptr.
Krita, Android, LLVM/Clang, Amazon FreeRTOS, VVVVVV, ORCT2, PMDK, DeepSpeech, Snort, VCMI, ...
V1005The resource was acquired using 'X' function but was released using incompatible 'Y' function.
FreeRDP.
V1007Value from the uninitialized optional is used. It may be an error.
YTsaurus.
V1008No more than one iteration of the loop will be performed. Consider inspecting the 'for' operator.
LibreOffice.
V1009Check the array initialization. Only the first element is initialized explicitly.
EAStdC, MuseScore.
V1013Suspicious subexpression in a sequence of similar comparisons.
LibreOffice.
V1020Function exited without performing epilogue actions. It is possible that there is an error.
Zephyr, iSulad.
V1022Exception was thrown by pointer. Consider throwing it by value instead.
LibrePCB, Haiku Operation System, FaCT++, Qt Creator.
V1023A pointer without owner is added to the container by the 'emplace_back' method. A memory leak will occur in case of an exception.
LLVM/Clang, Dlib, iutest, Protocol Buffers, VCMI, YTsaurus.
V1028Possible overflow. Consider casting operands, not the result.
FreeRDP, LLVM/Clang, PMDK, Qt, Snort, Darwin-XNU, libtorrent, Protocol Buffers, Dagor Engine.
V1032Pointer is cast to a more strictly aligned pointer type.
FreeCAD.
V1036Potentially unsafe double-checked locking.
Blender.
V1037Two or more case-branches perform the same actions.
TON.
V1040Possible typo in the spelling of a pre-defined macro name.
libuv, SimpleIni.
V1043A global object variable is declared in the header. Multiple copies of it will be created in all translation units that include this header file.
GZDoom.
V1044Loop break conditions do not depend on the number of iterations.
Mozilla Thunderbird, Blend2D.
V1046Unsafe usage of the 'bool' and integer types together in the operation '&='.
ROOT, Qemu.
V1048Variable 'foo' was assigned the same value.
ORCT2, Qt, Snort, libtorrent, Ogre3D, GPCS4.
V1051It is possible that an assigned variable should be checked in the next condition. Consider checking for typos.
FreeCAD, Dagor Engine.
V1061Extending 'std' or 'posix' namespace may result in undefined behavior.
DeepSpeech, RPCS3, CARLA, YTsaurus.
V1062Class defines a custom new or delete operator. The opposite operator must also be defined.
DeepSpeech.
V1063The modulo by 1 operation is meaningless. The result will always be zero.
LLVM/Clang, Qt, MuseScore, GZDoom.
V1064The left operand of integer division is less than the right one. The result will always be zero.
Ogre3D, RPCS3.
V1065Expression can be simplified: check similar operands.
DuckStation, Ogre3D, Captain Blood.
V1068Do not define an unnamed namespace in a header file.
iSulad.
V1075The function expects the file to be opened in one mode, but it was opened in different mode.
Captain Blood.
V1086Call of the 'Foo' function will lead to buffer underflow.
Haiku Operation System, Unreal Engine 4, CodeLite, FreeBSD Kernel, CryEngine V, Tizen, Ardour, WebRTC, Command & Conquer, Microsoft PowerToys, ...
V1089Waiting on condition variable without predicate. A thread can wait indefinitely or experience a spurious wake-up.
GZDoom.
V1094Conditional escape sequence in literal. Its representation is implementation-defined.
GTK.
V3001There are identical sub-expressions to the left and to the right of the 'foo' operator.
eShopOnContainers, Squidex, Barotrauma, AvalonStudio, Akka.NET, .NET 7, BTCPay Server, MassTransit, Entity Framework Core, .NET 8, ...
V3002The switch statement does not cover all values of the enum.
SharpDevelop, Microsoft Code Contracts, Orchard CMS, QuantConnect Lean.
V3003The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.
Old NASA World Wind (C#), Mono, Media Portal 2, PascalABC.NET, SubtitleEdit, Infer.NET, .NET Core Libraries (CoreFX), Azure PowerShell, Ryujinx, LINQ to DB, ...
V3004The 'then' statement is equivalent to the 'else' statement.
AvaloniaUI, Emby, RunUO, Nethermind, QuantConnect Lean, ONLYOFFICE Community Server, DotNetNuke, Barotrauma, Orleans, AvalonStudio, ...
V3005The 'x' variable is assigned to itself.
Azure PowerShell, OpenCvSharp, Emby, Chocolatey, QuantConnect Lean, DotNetNuke, Barotrauma, AvalonStudio, Discord.NET, GrandNode, ...
V3006The object was created but it is not being used. The 'throw' keyword could be missing.
Unity3D, Azure PowerShell.
V3008The 'x' variable is assigned values twice successively. Perhaps this is a mistake.
DotNetNuke, Umbraco, MonoGame, Eto.Forms, Bitwarden, MudBlazor, BTCPay Server, Entity Framework Core, SanAndreasUnity, .NET 8, ...
V3009It's odd that this method always returns one and the same value of NN.
AWS SDK for .NET, .NET Core Libraries (CoreFX), AvaloniaUI, osu!, Open XML SDK, ONLYOFFICE Community Server, Ryujinx, Eto.Forms, Barotrauma, .NET 7, ...
V3010The return value of function 'Foo' is required to be utilized.
ONLYOFFICE Community Server, PeachPie, LINQ to DB, DotNetNuke, BTCPay Server, Eto.Forms, Barotrauma, Akka.NET, Discord.NET, MudBlazor, ...
V3011Two opposite conditions were encountered. The second condition is always false.
MSBuild.
V3012The '?:' operator, regardless of its conditional expression, always returns one and the same value.
MonoDevelop, IronPython and IronRuby, .NET Compiler Platform ("Roslyn"), Mono, RunUO.
V3013It is odd that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function.
IronPython and IronRuby, .NET Compiler Platform ("Roslyn"), Samples by the Infragistics Company, FlashDevelop, Telerik UI for UWP, Emby, Ryujinx, PeachPie, AWS SDK for .NET.
V3014It is likely that a wrong variable is being incremented inside the 'for' operator. Consider reviewing 'X'.
Microsoft Code Contracts, .NET Core Libraries (CoreFX), Entity Framework.
V3015It is likely that a wrong variable is being compared inside the 'for' operator. Consider reviewing 'X'.
Accord.Net, Mono, Entity Framework.
V3017A pattern was detected: A || (A && ...). The expression is excessive or contains a logical error.
RunUO.
V3018Consider inspecting the application's logic. It's possible that 'else' keyword is missing.
PascalABC.NET.
V3019It is possible that an incorrect variable is compared with null after type conversion using 'as' keyword.
Mono, Microsoft Bot Builder, PowerShell, Media Portal 2, PascalABC.NET, Logify Alert Clients, Unity C# reference source code, Telerik UI for UWP, QuantConnect Lean, AWS SDK for .NET, ...
V3020An unconditional 'break/continue/return/goto' within a loop.
FlashDevelop, Mono, Media Portal 2, Unity C# reference source code, Infer.NET, FastReport, Telerik UI for UWP, LINQ to DB, Orleans, SanAndreasUnity, ...
V3021There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless.
Unity C# reference source code, .NET Core Libraries (CoreFX), OpenCvSharp, Emby, Nethermind, ONLYOFFICE Community Server, Umbraco, .NET 6 libraries, Barotrauma, GrandNode, ...
V3022Expression is always true/false.
Orleans, AvalonStudio, Discord.NET, .NET 7, BTCPay Server, MassTransit, Entity Framework Core, Microsoft PowerToys, Power-Fx, .NET 8, ...
V3023Consider inspecting this expression. The expression is excessive or contains a misprint.
SharpDevelop, MonoDevelop, IronPython and IronRuby, .NET Compiler Platform ("Roslyn"), Sony ATF, Xenko, Azure PowerShell.
V3024An odd precise comparison. Consider using a comparison with defined precision: Math.Abs(A - B) < Epsilon or Math.Abs(A - B) > Epsilon.
IronPython and IronRuby.
V3025Incorrect format. Consider checking the N format items of the 'Foo' function.
Umbraco, Unity C# reference source code, AWS SDK for .NET, Azure PowerShell, ILSpy, PeachPie, LINQ to DB, DotNetNuke, Barotrauma, .NET 8, ...
V3027The variable was utilized in the logical expression before it was verified against null in the same logical expression.
IronPython and IronRuby, .NET Compiler Platform ("Roslyn"), Space Engineers, Mono, PowerShell, Orchard CMS, Umbraco, PascalABC.NET, Cloudscribe, Barotrauma, ...
V3028Consider inspecting the 'for' operator. Initial and final values of the iterator are the same.
Space Engineers, Media Portal 2.
V3029The conditional expressions of the 'if' statements situated alongside each other are identical.
.NET Compiler Platform ("Roslyn"), Samples by the Infragistics Company, AWS SDK for .NET, Emby, Squidex, Unity C# reference source code, BTCPay Server.
V3030Recurring check. This condition was already verified in previous line.
SharpDevelop, Microsoft Code Contracts, .NET Core Libraries (CoreFX), IronPython and IronRuby, PascalABC.NET, Telerik UI for UWP, Nethermind, ONLYOFFICE Community Server, Ryujinx, DotNetNuke.
V3031An excessive check can be simplified. The operator '||' operator is surrounded by opposite expressions 'x' and '!x'.
SharpDevelop, Xamarin.Forms, FlashDevelop, Mono, Orchard CMS, Telerik UI for UWP, RunUO.
V3032Waiting on this expression is unreliable, as compiler may optimize some of the variables. Use volatile variable(s) or synchronization primitives to avoid this.
IronPython and IronRuby, Xenko, PascalABC.NET.
V3033It is possible that this 'else' branch must apply to the previous 'if' statement.
Old NASA World Wind (C#), Mono, PascalABC.NET.
V3035Consider inspecting the expression. Probably the '+=' should be used here.
Lucene.Net.
V3037An odd sequence of assignments of this kind: A = B; B = A;
Accord.Net, Old NASA World Wind (C#).
V3038The argument was passed to method several times. It is possible that another argument should be passed instead.
SharpDevelop, Xamarin.Forms, PascalABC.NET, OpenCvSharp, ONLYOFFICE Community Server, ILSpy, .NET 8.
V3040The expression contains a suspicious mix of integer and real types.
QuantConnect Lean.
V3041The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid the loss of a fractional part.
Sony ATF, Xenko, Accord.Net, MSBuild, Infer.NET, ShareX, Emby, RunUO, MonoGame.
V3042Possible NullReferenceException. The '?.' and '.' operators are used for accessing members of the same object.
Xamarin.Forms, .NET Core Libraries (CoreFX), Azure PowerShell, osu!, Ryujinx, LINQ to DB, DotNetNuke, Unity C# reference source code, Power-Fx.
V3043The code's operational logic does not correspond with its formatting.
Sony ATF, Mono, PascalABC.NET, RunUO.
V3045WPF: the names of the property registered for DependencyProperty, and of the property used to access it, do not correspond with each other.
Samples by the Infragistics Company, WPF samples by Microsoft.
V3046WPF: the type registered for DependencyProperty does not correspond with the type of the property used to access it.
Samples by the Infragistics Company, Xenko.
V3050Possibly an incorrect HTML. The </XX> closing tag was encountered, while the </YY> tag was expected.
Emby.
V3051An excessive type cast or check. The object is already of the same type.
Xamarin.Forms, Old NASA World Wind (C#), Mono, .NET Core Libraries (CoreFX), Emby, RunUO.
V3052The original exception object was swallowed. Stack of original exception could be lost.
Xamarin.Forms, FlashDevelop, SharpDevelop, PascalABC.NET, ONLYOFFICE Community Server.
V3053An excessive expression. Examine the substrings "abc" and "abcd".
GitExtensions, Orchard CMS, SharpDevelop, PascalABC.NET, Unity C# reference source code, Azure SDK for .NET.
V3054Potentially unsafe double-checked locking. Use volatile variable(s) or synchronization primitives to avoid this.
RunUO.
V3056Consider reviewing the correctness of 'X' item's usage.
FlashDevelop, Umbraco.
V3057Function receives an odd argument.
Unity3D, MSBuild, Orchard CMS, Umbraco, QuantConnect Lean, DotNetNuke.
V3061Parameter 'A' is always rewritten in method body before being used.
MSBuild, Mono, .NET Core Libraries (CoreFX), Telerik UI for UWP, RavenDB, QuantConnect Lean, Ryujinx, PeachPie, Unity C# reference source code, BTCPay Server, ...
V3062An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' method.
Accord.Net, AWS SDK for .NET, .NET 7.
V3063A part of conditional expression is always true/false if it is evaluated.
OpenCvSharp, RunUO, RavenDB, OpenRA, EFCore, Ryujinx, PeachPie, LINQ to DB, Bitwarden, Entity Framework Core, ...
V3064Division or mod division by zero.
Accord.Net, Umbraco, SharpDevelop, Unity C# reference source code, Ryujinx.
V3065Parameter is not utilized inside method's body.
Xenko, Old NASA World Wind (C#).
V3066Possible incorrect order of arguments passed to method.
AvaloniaUI, osu!, RunUO, RavenDB, DotNetNuke, Umbraco, .NET 6 libraries, Discord.NET, .NET 7, Ryujinx, ...
V3067It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics.
RunUO.
V3070Uninitialized variables are used when initializing the 'A' variable.
Mono, PascalABC.NET, RunUO, ILSpy, AvalonStudio, AWS SDK for .NET.
V3075The operation is executed 2 or more times in succession.
QuantConnect Lean.
V3076Comparison with 'double.NaN' is meaningless. Use 'double.IsNaN()' method instead.
Old NASA World Wind (C#).
V3077Property setter / event accessor does not utilize its 'value' parameter.
Azure PowerShell, DotNetNuke.
V3078Sorting keys priority will be reversed relative to the order of 'OrderBy' method calls. Perhaps, 'ThenBy' should be used instead.
SharpDevelop, Telerik UI for UWP, Ryujinx, GrandNode, IL2CPU.
V3079The 'ThreadStatic' attribute is applied to a non-static 'A' field and will be ignored.
.NET 6 libraries.
V3080Possible null dereference.
PeachPie, MonoGame, Cloudscribe, Orchard Core, Eto.Forms, Discord.NET, OrchardCore, GrandNode, protobuf-net, Microsoft PowerToys, ...
V3081The 'X' counter is not used inside a nested loop. Consider inspecting usage of 'Y' counter.
Entity Framework, Infer.NET.
V3083Unsafe invocation of event, NullReferenceException is possible. Consider assigning event to a local variable before invoking it.
AWS SDK for .NET, ShareX, Telerik UI for UWP, Azure SDK for .NET, osu!, Emby, RunUO, ILSpy, MonoGame, Eto.Forms, ...
V3085The name of 'X' field/property in a nested type is ambiguous. The outer type contains static field/property with identical name.
Emby, RunUO.
V3087Type of variable enumerated in 'foreach' is not guaranteed to be castable to the type of collection's elements.
FlashDevelop.
V3088The expression was enclosed by parentheses twice: ((expression)). One pair of parentheses is unnecessary or misprint is present.
.NET Core Libraries (CoreFX).
V3089Initializer of a field marked by [ThreadStatic] attribute will be called once on the first accessing thread. The field will have default value on different threads.
Mono.
V3090Unsafe locking on an object.
Old NASA World Wind (C#), Mono, Logify Alert Clients, Emby.
V3091Empirical analysis. It is possible that a typo is present inside the string literal. The 'foo' word is suspicious.
Azure PowerShell.
V3092Range intersections are possible within conditional expressions.
Mono, RunUO.
V3093The operator evaluates both operands. Perhaps a short-circuit operator should be used instead.
Accord.Net, Old NASA World Wind (C#), NUnit, Azure PowerShell, Chocolatey, Open XML SDK.
V3095The object was used before it was verified against null. Check lines: N1, N2.
Discord.NET, OrchardCore, .NET MAUI, protobuf-net, .NET 7, BTCPay Server, Microsoft PowerToys, SanAndreasUnity, Power-Fx, .NET 8, ...
V3097Possible exception: type marked by [Serializable] contains non-serializable members not marked by [NonSerialized].
Accord.Net, Open XML SDK.
V3102Suspicious access to element by a constant index inside a loop.
Accord.Net, Mono, SharpDevelop, .NET Core Libraries (CoreFX), Telerik UI for UWP, PascalABC.NET, Orleans, .NET 8.
V3105The 'a' variable was used after it was assigned through null-conditional operator. NullReferenceException is possible.
RavenDB, Ryujinx, PeachPie, Umbraco, Eto.Forms, Bitwarden, AvalonStudio, OrchardCore, .NET MAUI, Microsoft PowerToys, ...
V3106Possibly index is out of bound.
FastReport, .NET Core Libraries (CoreFX), AvaloniaUI, Nethermind, EFCore, Umbraco, MonoGame, Barotrauma, MassTransit.
V3107Identical expression to the left and to the right of compound assignment.
Barotrauma.
V3108It is not recommended to return null or throw exceptions from 'ToString()' method.
Orchard CMS, FastReport, .NET Core Libraries (CoreFX), ShareX, BTCPay Server.
V3110Possible infinite recursion.
Orchard CMS, Umbraco, PascalABC.NET, FastReport, AWS SDK for .NET, .NET Core Libraries (CoreFX).
V3112An abnormality within similar comparisons. It is possible that a typo is present inside the expression.
Mono, Azure SDK for .NET.
V3114IDisposable object is not disposed before method returns.
AWS SDK for .NET.
V3115It is not recommended to throw exceptions from 'Equals(object obj)' method.
GitExtensions, Media Portal 2, PascalABC.NET, Unity C# reference source code, .NET Core Libraries (CoreFX), ONLYOFFICE Community Server, .NET 6 libraries, MudBlazor.
V3116Consider inspecting the 'for' operator. It's possible that the loop will be executed incorrectly or won't be executed at all.
Orleans.
V3117Constructor parameter is not used.
PowerShell, Infer.NET, FastReport, .NET Core Libraries (CoreFX), AvaloniaUI, Ryujinx, .NET 6 libraries, Discord.NET, MassTransit.
V3118A component of TimeSpan is used, which does not represent full time interval. Possibly 'Total*' value was intended instead.
Orchard CMS, Media Portal 2, MSBuild, ONLYOFFICE Community Server.
V3119Calling a virtual (overridden) event may lead to unpredictable behavior. Consider implementing event accessors explicitly or use 'sealed' keyword.
osu!.
V3121An enumeration was declared with 'Flags' attribute, but does not set any initializers to override default values.
Azure SDK for .NET.
V3122Uppercase (lowercase) string is compared with a different lowercase (uppercase) string.
DotNetNuke.
V3123Perhaps the '??' operator works in a different way than it was expected. Its priority is lower than priority of other operators in its left part.
Telerik UI for UWP, osu!, Chocolatey, Nethermind, RavenDB, Bitwarden, Akka.NET.
V3125The object was used after it was verified against null. Check lines: N1, N2.
Ryujinx, PeachPie, Eto.Forms, Bitwarden, Orleans, AvalonStudio, Discord.NET, .NET MAUI, BTCPay Server, .NET 8, ...
V3127Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'.
Orchard CMS, OpenCvSharp, RavenDB, OpenRA, PeachPie, DotNetNuke, Piranha, Orchard Core, Discord.NET, GrandNode, ...
V3128The field (property) is used before it is initialized in constructor.
SharpDevelop, PascalABC.NET, .NET Core Libraries (CoreFX), OpenRA, Orleans.
V3130Priority of the '&&' operator is higher than that of the '||' operator. Possible missing parentheses.
Media Portal 2.
V3131The expression is checked for compatibility with the type 'A', but is casted to the 'B' type.
RunUO.
V3134Shift by N bits is greater than the size of type.
Orleans, Discord.NET, Microsoft PowerToys.
V3136Constant expression in switch statement.
Unity C# reference source code.
V3137The variable is assigned but is not used by the end of the function.
Roslyn Analyzers, Azure PowerShell, Telerik UI for UWP, LINQ to DB, Umbraco, MonoGame, Unity C# reference source code, AWS SDK for .NET, Power-Fx.
V3138String literal contains potential interpolated expression.
.NET Core Libraries (CoreFX), Ryujinx, .NET 6 libraries, Unity C# reference source code, Orleans, AWS SDK for .NET.
V3139Two or more case-branches perform the same actions.
.NET Core Libraries (CoreFX), Roslyn Analyzers, Orchard CMS, Open XML SDK, QuantConnect Lean, ILSpy, Ryujinx, PeachPie, DotNetNuke, Eto.Forms, ...
V3140Property accessors use different backing fields.
RunUO, Eto.Forms.
V3142Unreachable code detected. It is possible that an error is present.
osu!, Emby, MassTransit.
V3143The 'value' parameter is rewritten inside a property setter, and is not used after that.
Azure PowerShell.
V3145Unsafe dereference of a WeakReference target. The object could have been garbage collected before the 'Target' property was accessed.
Telerik UI for UWP.
V3146Possible null dereference. A method can return default null value.
osu!, RavenDB, OpenRA, ONLYOFFICE Community Server, ILSpy, PascalABC.NET, MonoGame, Eto.Forms, Discord.NET, OrchardCore, ...
V3148Casting potential 'null' value to a value type can lead to NullReferenceException.
RunUO.
V3153Dereferencing the result of null-conditional access operator can lead to NullReferenceException.
MSBuild, Nethermind, .NET Compiler Platform ("Roslyn"), Barotrauma, Orleans, AvalonStudio.
V3156The argument of the method is not expected to be null.
MonoGame, Cloudscribe.
V3157Suspicious division. Absolute value of the left operand is less than the right operand.
.NET 7.
V3159Modified value of the operand is not used after the increment/decrement operation.
Bitwarden.
V3168Awaiting on expression with potential null value can lead to throwing of 'NullReferenceException'.
BTCPay Server.
V3177Logical literal belongs to second operator with a higher priority. It is possible literal was intended to belong to '??' operator instead.
MudBlazor.
V3180The 'HasFlag' method always returns 'true' because the value '0' is passed as its argument.
RavenDB.
V3181The result of '&' operator is '0' because one of the operands is '0'.
.NET 8.
V3182The result of '&' operator is always '0'.
Ryujinx.
V5609OWASP. Possible path traversal vulnerability. Potentially tainted data is used as a path.
Power-Fx.
V5611OWASP. Potential insecure deserialization vulnerability. Potentially tainted data is used to create an object using deserialization.
Power-Fx.
V6001There are identical sub-expressions to the left and to the right of the 'foo' operator.
IntelliJ IDEA Community Edition, Elasticsearch, Apache Hadoop, Ghidra, Bouncy Castle, Apache Flink, ELKI, Rhino.
V6002The switch statement does not cover all values of the enum.
CUBA Platform.
V6003The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.
Elasticsearch, XMage, Bouncy Castle.
V6004The 'then' statement is equivalent to the 'else' statement.
SonarQube, XMage, WildFly, Bouncy Castle, NGB, IntelliJ IDEA Community Edition.
V6005The 'x' variable is assigned to itself.
Huawei Cloud.
V6006The object was created but it is not being used. The 'throw' keyword could be missing.
Elasticsearch, Ghidra.
V6007Expression is always true/false.
CUBA Platform, Apache Hive, Apache Dubbo, Huawei Cloud, Apache Hadoop, Ghidra, XMage, WildFly, Apache Flink, Rhino, ...
V6008Potential null dereference.
Elasticsearch, Apache Hive, Huawei Cloud, Ghidra, XMage, WildFly, Rhino.
V6009Function receives an odd argument.
Elasticsearch, CUBA Platform, Apache Hive, Apache Dubbo, Huawei Cloud, ELKI, NGB.
V6010The return value of function 'Foo' is required to be utilized.
Huawei Cloud, NGB, IntelliJ IDEA Community Edition.
V6011The expression contains a suspicious mix of integer and real types.
IntelliJ IDEA Community Edition.
V6012The '?:' operator, regardless of its conditional expression, always returns one and the same value.
XMage, ELKI.
V6013Comparison of arrays, strings, collections by reference. Possibly an equality comparison was intended.
Elasticsearch.
V6014It's odd that this method always returns one and the same value of NN.
CUBA Platform, Bouncy Castle.
V6016Suspicious access to element by a constant index inside a loop.
Bouncy Castle, Apache Dubbo.
V6019Unreachable code detected. It is possible that an error is present.
CUBA Platform, Apache Dubbo, Apache Hadoop, Ghidra, WildFly, Bouncy Castle, ELKI, Rhino, IntelliJ IDEA Community Edition.
V6020Division or mod division by zero.
Apache Hive, ELKI.
V6021The value is assigned to the 'x' variable but is not used.
SpotBugs, CUBA Platform, Huawei Cloud, Rhino.
V6022Parameter is not used inside method's body.
CUBA Platform, Huawei Cloud, WildFly, ELKI.
V6023Parameter 'A' is always rewritten in method body before being used.
CUBA Platform.
V6025Possibly index is out of bound.
Elasticsearch, Bouncy Castle, ELKI, Rhino.
V6026This value is already assigned to the 'b' variable.
CUBA Platform, XMage.
V6027Variables are initialized through the call to the same function. It's probably an error or un-optimized code.
Apache Hadoop.
V6028Identical expression to the left and to the right of compound assignment.
Rhino.
V6029Possible incorrect order of arguments passed to method.
Apache Flink, NGB.
V6030The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead.
Apache Hive.
V6032It is odd that the body of 'Foo_1' function is fully equivalent to the body of 'Foo_2' function.
SonarQube, CUBA Platform, Huawei Cloud, Apache Flink, Rhino.
V6033An item with the same key has already been added.
SonarJava, Bouncy Castle, Apache Hadoop, Ghidra, WildFly.
V6034Shift by N bits is inconsistent with the size of type.
Apache Hive.
V6036The value from the uninitialized optional is used.
XMage.
V6037An unconditional 'break/continue/return/goto' within a loop.
CUBA Platform.
V6039There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless.
Elasticsearch.
V6042The expression is checked for compatibility with type 'A', but is cast to type 'B'.
Apache Hive, XMage.
V6043Consider inspecting the 'for' operator. Initial and final values of the iterator are the same.
Apache Hadoop.
V6046Incorrect format. Consider checking the N format items of the 'Foo' function.
Apache Hive, Apache Hadoop, WildFly, Apache Flink.
V6048This expression can be simplified. One of the operands in the operation equals NN. Probably it is a mistake.
Ghidra, Apache Flink, Rhino.
V6050Class initialization cycle is present.
Huawei Cloud.
V6051Use of jump statements in 'finally' block can lead to the loss of unhandled exceptions.
Apache Hive.
V6053Collection is modified while iteration is in progress. ConcurrentModificationException may occur.
Ghidra.
V6058Comparing objects of incompatible types.
Elasticsearch, WildFly.
V6060The reference was used before it was verified against null.
Bouncy Castle, Elasticsearch, CUBA Platform, Huawei Cloud, XMage, WildFly.
V6062Possible infinite recursion.
CUBA Platform, ELKI.
V6066Passing objects of incompatible types to the method of collection.
Apache Flink, NGB.
V6067Two or more case-branches perform the same actions.
Apache Dubbo, Apache Hadoop.
V6072Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'.
Apache Hadoop, XMage.
V6074Non-atomic modification of volatile variable.
Apache Flink.
V6079Value of variable is checked after use. Potential logical error is present. Check lines: N1, N2.
ELKI.
V6082Unsafe double-checked locking.
WildFly.
V6086Suspicious code formatting. 'else' keyword is probably missing.
XMage.
V6094The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid the loss of a fractional part.
ELKI, IntelliJ IDEA Community Edition.
V6100An object is used as an argument to its own method. Consider checking the first actual argument of the 'Foo' method.
Rhino.