Type Description

This checker finds many instances where a code was copied and pasted. However, because of incomplete change, it unintentionally left some portions of the copy unchanged.


This checker finds situations of attempting a cast to the wrong type.


This checker finds many cases where the indentation structure of the code does not match the syntactic nesting. The cases detected are the code with indentation of if/else/for/while scope, however it is actually out of the scope.


This checker finds situations where a disposable object is lost without disposal, because local variables that held their value went out of scope or were re-assigned.


A loop may never terminate if its control variable is not properly updated by mistake. Such mistake may lead to system hang. In order to prevent such a mistake, INFINITE_LOOP checker finds a loop whose control variable is not updated.


This checker reports a suspicious expression where the result of operation is always a constant regardless of the value of its variable operands.


This checker finds situations where a method is overriden and the overriding method should call the superclass.
The checker relies on fuction for which all overriders should call the superclass.(whitelist)


This checker finds code with an unexpected loss of arithmetic precision due to the use of integer division.


This checker finds situation where the value of an arithmetic expression might overflow before the result is widened to a larger data type.


This checker tries to detect inconsistent usage of concurrent access locks to protect variables across each translation unit. It throws warnings when access to a certain memory region is protected by a mutex in some but not all cases - which most likely indicates a forgotten lock that may cause race condition bugs. This checker relies on statistical analysis to find some suspicious cases.


This checker finds many instances where a non-static field is locked to guard a static field.


This checker finds situations where first, a pointer is compared to NULL (which indicates that it could have a NULL value), and then it is dereferenced (unconditionally).


This checker finds situations where a pointer is dereferenced, but can only have NULL value, and so the operation of dereference can never be run without causing a runtime error. A special case where the NULL value is explicitly assigned is categorized as DEREF_OF_NULL.CONST. More generally, checkers in the DEREF_OF_NULL group find situations where a dereferenced pointer can be assigned NULL value on one of the possible execution paths. Subtype .PROC may apply to the warnings of this group.


Checking against NULL before dereference is recommended to avoid system crash due to NULL pointer dereference (NPD). However, a pointer is sometimes checked against NULL after it is already dereferenced.


This checker finds conditional statements and expressions that execute identical code in different condition. Detected cases are in following categories:

  1. true and false branches are identical
  2. expression is identical to previous condition
  3. identical expressions on both sides of ':' in conditional expression, bitwise operator, logical operator

This checker finds source code that can't be executed, because the program is terminated on all paths leading to that code.


If the return value of a function is assigned to a variable, it is an evidence that this value will be used later. Therefore, it may indicate a typographical or copy-and-paste error if this varaible is never accessed after assigned.


This checker finds cases where the arguments to a function are provided in an incorrect order.


Check for instances where an extraneous semicolon alters the logic of the code.