V3056. Consider reviewing the correctness of 'X' item's usage.


The analyzer detected a possible typo in the code. This diagnostic relies on a heuristic algorithm to detect errors of the following pattern:

int x = GetX() * n;
int y = GetX() * n;

In the second line, function GetX() is used instead of GetY(). The fixed version:

int x = GetX() * n;
int y = GetY() * n;

To detect this error, the analyzer uses the following logic. There is a line with a name containing fragment "X". Nearby is a line with an antipode name containing fragment "Y". But the second line also contains the name with "X". If this and a few other conditions are true, this construct is treated as dangerous and the analyzer suggests reviewing it. If, for example, there were no variables "x" and "y" in the left part, the warning wouldn't be triggered. Here is an example that the analyzer would ignore:

array[0] = GetX() / 2;
array[1] = GetX() / 2;

Unfortunately, this diagnostic produces false positives since the analyzer doesn't know the program structure and the purpose of the code. Consider, for example, the following test code:

var t1 = new Thread { Name = "Thread 1" };
var t2 = new Thread { Name = "Thread 2" };
var m1 = new Message { Name = "Thread 1: Message 1", Thread = t1};
var m2 = new Message { Name = "Thread 1: Message 2", Thread = t1};
var m3 = new Message { Name = "Thread 2: Message 1", Thread = t2};

The analyzer assumes that variable 'm2' was declared using copy-paste and it led to an error: variable 't1' is used instead of 't2'. But there is no error actually. As the messages suggest, this code tests the printing of messages 'm1' and 'm2' from thread 't1' and of message 'm3' from thread 't2'. For cases like this, the analyzer allows you to suppress the warning by adding the comment "//-V3056" or through other false-positive suppression mechanisms.

According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-682.

You can look at examples of errors detected by the V3056 diagnostic.


Bugs Found

Checked Projects
367
Collected Errors
13 552