doc/allBugDescriptions.html - Issue 1232833004: Update findbugs from 3.0.0 to 3.0.1.

Unified Diff: doc/allBugDescriptions.html

Issue 1232833004: Update findbugs from 3.0.0 to 3.0.1. (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/findbugs.git@master

Patch Set: Created 5 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: doc/allBugDescriptions.html

diff --git a/doc/allBugDescriptions.html b/doc/allBugDescriptions.html

index a9e94e00de72cfb7cc60a31a1c1d2915b5fb6421..e62485bdc5adb6744b41029c95eb65622992d8ee 100644

--- a/doc/allBugDescriptions.html

+++ b/doc/allBugDescriptions.html

@@ -1,5 +1,6 @@

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

-<html><head><title>FindBugs Bug Descriptions (Unabridged)</title>

+<html><head><META http-equiv="Content-Type" content="text/html; charset=UTF-8">

+<title>FindBugs Bug Descriptions (Unabridged)</title>

</head><body>

@@ -13,18 +14,20 @@

-<tr><td><font size="-1"><a class="sidebar" href="findbugs2.html">FindBugs 2.0</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="demo.html">Demo and data</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="users.html">Users and supporters</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="http://findbugs.blogspot.com/">FindBugs blog</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="factSheet.html">Fact sheet</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="manual/index.html">Manual</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="ja/manual/index.html">Manual(ja/日本語)</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="FAQ.html">FAQ</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="bugDescriptions.html">Bug descriptions</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="mailingLists.html">Mailing lists</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="publications.html">Documents and Publications</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="links.html">Links</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="findbugs2.html">FindBugs 2.0</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="demo.html">Demo and data</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="users.html">Users and supporters</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="http://findbugs.blogspot.com/">FindBugs blog</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="factSheet.html">Fact sheet</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="manual/index.html">Manual</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="ja/manual/index.html">Manual(ja/日本語)</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="FAQ.html">FAQ</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="bugDescriptions.html">Bug descriptions</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="bugDescriptions_ja.html">Bug descriptions(ja/日本語)</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="bugDescriptions_fr.html">Bug descriptions(fr)</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="mailingLists.html">Mailing lists</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="publications.html">Documents and Publications</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="links.html">Links</a></font></td></tr>

@@ -37,15 +40,15 @@

<tr><td><b>Development</b></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="http://sourceforge.net/tracker/?group_id=96405">Open bugs</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="reportingBugs.html">Reporting bugs</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="contributing.html">Contributing</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="team.html">Dev team</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="api/index.html">API</a> <a class="sidebar" href="api/overview-summary.html">[no frames]</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="Changes.html">Change log</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="http://sourceforge.net/projects/findbugs">SF project page</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="http://code.google.com/p/findbugs/source/browse/">Browse source</a></font></td></tr>

-<tr><td><font size="-1"><a class="sidebar" href="http://code.google.com/p/findbugs/source/list">Latest code changes</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="http://sourceforge.net/p/findbugs/bugs/">Open bugs</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="reportingBugs.html">Reporting bugs</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="contributing.html">Contributing</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="team.html">Dev team</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="api/index.html">API</a> <a class="sidebar" href="api/overview-summary.html">[no frames]</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="Changes.html">Change log</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="http://sourceforge.net/projects/findbugs">SF project page</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="http://code.google.com/p/findbugs/source/browse/">Browse source</a></font></td></tr>

+<tr><td><font size="-1"> <a class="sidebar" href="http://code.google.com/p/findbugs/source/list">Latest code changes</a></font></td></tr>

</table>

</td>

@@ -65,115 +68,121 @@ as well as bug patterns that are not enabled by default.

<tr bgcolor="#eeeeee"><td><a href="#CN_IDIOM">CN: Class implements Cloneable but does not define or use clone method</a></td><td>Bad practice</td></tr>

<tr bgcolor="#ffffff"><td><a href="#CN_IDIOM_NO_SUPER_CALL">CN: clone method does not call super.clone()</a></td><td>Bad practice</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#CN_IMPLEMENTS_CLONE_BUT_NOT_CLONEABLE">CN: Class defines clone() but doesn't implement Cloneable</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#CO_ABSTRACT_SELF">Co: Abstract class defines covariant compareTo() method</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#CO_SELF_NO_OBJECT">Co: Covariant compareTo() method defined</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DE_MIGHT_DROP">DE: Method might drop exception</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DE_MIGHT_IGNORE">DE: Method might ignore exception</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DMI_ENTRY_SETS_MAY_REUSE_ENTRY_OBJECTS">DMI: Adding elements of an entry set may fail due to reuse of Entry objects</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DMI_RANDOM_USED_ONLY_ONCE">DMI: Random object created and used only once</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DMI_USING_REMOVEALL_TO_CLEAR_COLLECTION">DMI: Don't use removeAll to clear a collection</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DM_EXIT">Dm: Method invokes System.exit(...)</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DM_RUN_FINALIZERS_ON_EXIT">Dm: Method invokes dangerous method runFinalizersOnExit</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#ES_COMPARING_PARAMETER_STRING_WITH_EQ">ES: Comparison of String parameter using == or !=</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#ES_COMPARING_STRINGS_WITH_EQ">ES: Comparison of String objects using == or !=</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#EQ_ABSTRACT_SELF">Eq: Abstract class defines covariant equals() method</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#EQ_CHECK_FOR_OPERAND_NOT_COMPATIBLE_WITH_THIS">Eq: Equals checks for incompatible operand</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#EQ_COMPARETO_USE_OBJECT_EQUALS">Eq: Class defines compareTo(...) and uses Object.equals()</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#EQ_GETCLASS_AND_CLASS_CONSTANT">Eq: equals method fails for subtypes</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#EQ_SELF_NO_OBJECT">Eq: Covariant equals() method defined</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#FI_EMPTY">FI: Empty finalizer should be deleted</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#FI_EXPLICIT_INVOCATION">FI: Explicit invocation of finalizer</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#FI_FINALIZER_NULLS_FIELDS">FI: Finalizer nulls fields</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#FI_FINALIZER_ONLY_NULLS_FIELDS">FI: Finalizer only nulls fields</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#FI_MISSING_SUPER_CALL">FI: Finalizer does not call superclass finalizer</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#FI_NULLIFY_SUPER">FI: Finalizer nullifies superclass finalizer</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#FI_USELESS">FI: Finalizer does nothing but call superclass finalizer</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_USES_NEWLINE">FS: Format string should use %n rather than \n</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#GC_UNCHECKED_TYPE_IN_GENERIC_CALL">GC: Unchecked type in generic call</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#HE_EQUALS_NO_HASHCODE">HE: Class defines equals() but not hashCode()</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#HE_EQUALS_USE_HASHCODE">HE: Class defines equals() and uses Object.hashCode()</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#HE_HASHCODE_NO_EQUALS">HE: Class defines hashCode() but not equals()</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#HE_HASHCODE_USE_OBJECT_EQUALS">HE: Class defines hashCode() and uses Object.equals()</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#HE_INHERITS_EQUALS_USE_HASHCODE">HE: Class inherits equals() and uses Object.hashCode()</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#IC_SUPERCLASS_USES_SUBCLASS_DURING_INITIALIZATION">IC: Superclass uses subclass during initialization</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#IMSE_DONT_CATCH_IMSE">IMSE: Dubious catching of IllegalMonitorStateException</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#ISC_INSTANTIATE_STATIC_CLASS">ISC: Needless instantiation of class that only supplies static methods</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#IT_NO_SUCH_ELEMENT">It: Iterator next() method can't throw NoSuchElementException</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#J2EE_STORE_OF_NON_SERIALIZABLE_OBJECT_INTO_SESSION">J2EE: Store of non serializable object into HttpSession</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#JCIP_FIELD_ISNT_FINAL_IN_IMMUTABLE_CLASS">JCIP: Fields of immutable classes should be final</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NP_BOOLEAN_RETURN_NULL">NP: Method with Boolean return type returns explicit null</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NP_CLONE_COULD_RETURN_NULL">NP: Clone method may return null</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT">NP: equals() method does not check for null argument</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NP_TOSTRING_COULD_RETURN_NULL">NP: toString method may return null</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NM_CLASS_NAMING_CONVENTION">Nm: Class names should start with an upper case letter</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NM_CLASS_NOT_EXCEPTION">Nm: Class is not derived from an Exception, even though it is named as such</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NM_CONFUSING">Nm: Confusing method names</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NM_FIELD_NAMING_CONVENTION">Nm: Field names should start with a lower case letter</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NM_FUTURE_KEYWORD_USED_AS_IDENTIFIER">Nm: Use of identifier that is a keyword in later versions of Java</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NM_FUTURE_KEYWORD_USED_AS_MEMBER_IDENTIFIER">Nm: Use of identifier that is a keyword in later versions of Java</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NM_METHOD_NAMING_CONVENTION">Nm: Method names should start with a lower case letter</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NM_SAME_SIMPLE_NAME_AS_INTERFACE">Nm: Class names shouldn't shadow simple name of implemented interface</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NM_SAME_SIMPLE_NAME_AS_SUPERCLASS">Nm: Class names shouldn't shadow simple name of superclass</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NM_VERY_CONFUSING_INTENTIONAL">Nm: Very confusing method names (but perhaps intentional)</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NM_WRONG_PACKAGE_INTENTIONAL">Nm: Method doesn't override method in superclass due to wrong package for parameter</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#ODR_OPEN_DATABASE_RESOURCE">ODR: Method may fail to close database resource</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH">ODR: Method may fail to close database resource on exception</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#OS_OPEN_STREAM">OS: Method may fail to close stream</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#OS_OPEN_STREAM_EXCEPTION_PATH">OS: Method may fail to close stream on exception</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#PZ_DONT_REUSE_ENTRY_OBJECTS_IN_ITERATORS">PZ: Don't reuse entry objects in iterators</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RC_REF_COMPARISON_BAD_PRACTICE">RC: Suspicious reference comparison to constant</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN">RC: Suspicious reference comparison of Boolean values</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RR_NOT_CHECKED">RR: Method ignores results of InputStream.read()</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SR_NOT_CHECKED">RR: Method ignores results of InputStream.skip()</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RV_NEGATING_RESULT_OF_COMPARETO">RV: Negating the result of compareTo()/compare()</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RV_RETURN_VALUE_IGNORED_BAD_PRACTICE">RV: Method ignores exceptional return value</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SI_INSTANCE_BEFORE_FINALS_ASSIGNED">SI: Static initializer creates instance before all static final fields assigned</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SW_SWING_METHODS_INVOKED_IN_SWING_THREAD">SW: Certain swing methods needs to be invoked in Swing thread</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SE_BAD_FIELD">Se: Non-transient non-serializable instance field in serializable class</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SE_BAD_FIELD_INNER_CLASS">Se: Non-serializable class has a serializable inner class</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SE_BAD_FIELD_STORE">Se: Non-serializable value stored into instance field of a serializable class</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SE_COMPARATOR_SHOULD_BE_SERIALIZABLE">Se: Comparator doesn't implement Serializable</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SE_INNER_CLASS">Se: Serializable inner class</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SE_NONFINAL_SERIALVERSIONID">Se: serialVersionUID isn't final</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SE_NONLONG_SERIALVERSIONID">Se: serialVersionUID isn't long</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SE_NONSTATIC_SERIALVERSIONID">Se: serialVersionUID isn't static</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SE_NO_SUITABLE_CONSTRUCTOR">Se: Class is Serializable but its superclass doesn't define a void constructor</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SE_NO_SUITABLE_CONSTRUCTOR_FOR_EXTERNALIZATION">Se: Class is Externalizable but doesn't define a void constructor</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SE_READ_RESOLVE_MUST_RETURN_OBJECT">Se: The readResolve method must be declared with a return type of Object. </a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SE_TRANSIENT_FIELD_NOT_RESTORED">Se: Transient field that isn't set by deserialization. </a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SE_NO_SERIALVERSIONID">SnVI: Class is Serializable, but doesn't define serialVersionUID</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#UI_INHERITANCE_UNSAFE_GETRESOURCE">UI: Usage of GetResource may be unsafe if class is extended</a></td><td>Bad practice</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#BAC_BAD_APPLET_CONSTRUCTOR">BAC: Bad Applet Constructor relies on uninitialized AppletStub</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#BC_IMPOSSIBLE_CAST">BC: Impossible cast</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#BC_IMPOSSIBLE_DOWNCAST">BC: Impossible downcast</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY">BC: Impossible downcast of toArray() result</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#BC_IMPOSSIBLE_INSTANCEOF">BC: instanceof will always return false</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#BIT_ADD_OF_SIGNED_BYTE">BIT: Bitwise add of signed byte value</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#BIT_AND">BIT: Incompatible bit masks</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#BIT_AND_ZZ">BIT: Check to see if ((...) & 0) == 0</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#BIT_IOR">BIT: Incompatible bit masks</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#BIT_IOR_OF_SIGNED_BYTE">BIT: Bitwise OR of signed byte value</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#BIT_SIGNED_CHECK_HIGH_BIT">BIT: Check for sign of bitwise operation</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#BOA_BADLY_OVERRIDDEN_ADAPTER">BOA: Class overrides a method implemented in super class Adapter wrongly</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#CNT_ROUGH_CONSTANT_VALUE">CNT: Rough value of known constant found</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#CO_ABSTRACT_SELF">Co: Abstract class defines covariant compareTo() method</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#CO_COMPARETO_INCORRECT_FLOATING">Co: compareTo()/compare() incorrectly handles float or double value</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#CO_COMPARETO_RESULTS_MIN_VALUE">Co: compareTo()/compare() returns Integer.MIN_VALUE</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#CO_SELF_NO_OBJECT">Co: Covariant compareTo() method defined</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DE_MIGHT_DROP">DE: Method might drop exception</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DE_MIGHT_IGNORE">DE: Method might ignore exception</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DMI_ENTRY_SETS_MAY_REUSE_ENTRY_OBJECTS">DMI: Adding elements of an entry set may fail due to reuse of Entry objects</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DMI_RANDOM_USED_ONLY_ONCE">DMI: Random object created and used only once</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DMI_USING_REMOVEALL_TO_CLEAR_COLLECTION">DMI: Don't use removeAll to clear a collection</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DM_EXIT">Dm: Method invokes System.exit(...)</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DM_RUN_FINALIZERS_ON_EXIT">Dm: Method invokes dangerous method runFinalizersOnExit</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#ES_COMPARING_PARAMETER_STRING_WITH_EQ">ES: Comparison of String parameter using == or !=</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#ES_COMPARING_STRINGS_WITH_EQ">ES: Comparison of String objects using == or !=</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#EQ_ABSTRACT_SELF">Eq: Abstract class defines covariant equals() method</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#EQ_CHECK_FOR_OPERAND_NOT_COMPATIBLE_WITH_THIS">Eq: Equals checks for incompatible operand</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#EQ_COMPARETO_USE_OBJECT_EQUALS">Eq: Class defines compareTo(...) and uses Object.equals()</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#EQ_GETCLASS_AND_CLASS_CONSTANT">Eq: equals method fails for subtypes</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#EQ_SELF_NO_OBJECT">Eq: Covariant equals() method defined</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#FI_EMPTY">FI: Empty finalizer should be deleted</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#FI_EXPLICIT_INVOCATION">FI: Explicit invocation of finalizer</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#FI_FINALIZER_NULLS_FIELDS">FI: Finalizer nulls fields</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#FI_FINALIZER_ONLY_NULLS_FIELDS">FI: Finalizer only nulls fields</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#FI_MISSING_SUPER_CALL">FI: Finalizer does not call superclass finalizer</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#FI_NULLIFY_SUPER">FI: Finalizer nullifies superclass finalizer</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#FI_USELESS">FI: Finalizer does nothing but call superclass finalizer</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_USES_NEWLINE">FS: Format string should use %n rather than \n</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#GC_UNCHECKED_TYPE_IN_GENERIC_CALL">GC: Unchecked type in generic call</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#HE_EQUALS_NO_HASHCODE">HE: Class defines equals() but not hashCode()</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#HE_EQUALS_USE_HASHCODE">HE: Class defines equals() and uses Object.hashCode()</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#HE_HASHCODE_NO_EQUALS">HE: Class defines hashCode() but not equals()</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#HE_HASHCODE_USE_OBJECT_EQUALS">HE: Class defines hashCode() and uses Object.equals()</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#HE_INHERITS_EQUALS_USE_HASHCODE">HE: Class inherits equals() and uses Object.hashCode()</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#IC_SUPERCLASS_USES_SUBCLASS_DURING_INITIALIZATION">IC: Superclass uses subclass during initialization</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#IMSE_DONT_CATCH_IMSE">IMSE: Dubious catching of IllegalMonitorStateException</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#ISC_INSTANTIATE_STATIC_CLASS">ISC: Needless instantiation of class that only supplies static methods</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#IT_NO_SUCH_ELEMENT">It: Iterator next() method can't throw NoSuchElementException</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#J2EE_STORE_OF_NON_SERIALIZABLE_OBJECT_INTO_SESSION">J2EE: Store of non serializable object into HttpSession</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#JCIP_FIELD_ISNT_FINAL_IN_IMMUTABLE_CLASS">JCIP: Fields of immutable classes should be final</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#ME_ENUM_FIELD_SETTER">ME: Public enum method unconditionally sets its field</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#ME_MUTABLE_ENUM_FIELD">ME: Enum field is public and mutable</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NP_BOOLEAN_RETURN_NULL">NP: Method with Boolean return type returns explicit null</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NP_CLONE_COULD_RETURN_NULL">NP: Clone method may return null</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NP_EQUALS_SHOULD_HANDLE_NULL_ARGUMENT">NP: equals() method does not check for null argument</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NP_TOSTRING_COULD_RETURN_NULL">NP: toString method may return null</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NM_CLASS_NAMING_CONVENTION">Nm: Class names should start with an upper case letter</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NM_CLASS_NOT_EXCEPTION">Nm: Class is not derived from an Exception, even though it is named as such</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NM_CONFUSING">Nm: Confusing method names</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NM_FIELD_NAMING_CONVENTION">Nm: Field names should start with a lower case letter</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NM_FUTURE_KEYWORD_USED_AS_IDENTIFIER">Nm: Use of identifier that is a keyword in later versions of Java</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NM_FUTURE_KEYWORD_USED_AS_MEMBER_IDENTIFIER">Nm: Use of identifier that is a keyword in later versions of Java</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NM_METHOD_NAMING_CONVENTION">Nm: Method names should start with a lower case letter</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NM_SAME_SIMPLE_NAME_AS_INTERFACE">Nm: Class names shouldn't shadow simple name of implemented interface</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NM_SAME_SIMPLE_NAME_AS_SUPERCLASS">Nm: Class names shouldn't shadow simple name of superclass</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NM_VERY_CONFUSING_INTENTIONAL">Nm: Very confusing method names (but perhaps intentional)</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NM_WRONG_PACKAGE_INTENTIONAL">Nm: Method doesn't override method in superclass due to wrong package for parameter</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#ODR_OPEN_DATABASE_RESOURCE">ODR: Method may fail to close database resource</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#ODR_OPEN_DATABASE_RESOURCE_EXCEPTION_PATH">ODR: Method may fail to close database resource on exception</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#OS_OPEN_STREAM">OS: Method may fail to close stream</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#OS_OPEN_STREAM_EXCEPTION_PATH">OS: Method may fail to close stream on exception</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#PZ_DONT_REUSE_ENTRY_OBJECTS_IN_ITERATORS">PZ: Don't reuse entry objects in iterators</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RC_REF_COMPARISON_BAD_PRACTICE">RC: Suspicious reference comparison to constant</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN">RC: Suspicious reference comparison of Boolean values</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RR_NOT_CHECKED">RR: Method ignores results of InputStream.read()</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SR_NOT_CHECKED">RR: Method ignores results of InputStream.skip()</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RV_NEGATING_RESULT_OF_COMPARETO">RV: Negating the result of compareTo()/compare()</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RV_RETURN_VALUE_IGNORED_BAD_PRACTICE">RV: Method ignores exceptional return value</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SI_INSTANCE_BEFORE_FINALS_ASSIGNED">SI: Static initializer creates instance before all static final fields assigned</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SW_SWING_METHODS_INVOKED_IN_SWING_THREAD">SW: Certain swing methods needs to be invoked in Swing thread</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SE_BAD_FIELD">Se: Non-transient non-serializable instance field in serializable class</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SE_BAD_FIELD_INNER_CLASS">Se: Non-serializable class has a serializable inner class</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SE_BAD_FIELD_STORE">Se: Non-serializable value stored into instance field of a serializable class</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SE_COMPARATOR_SHOULD_BE_SERIALIZABLE">Se: Comparator doesn't implement Serializable</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SE_INNER_CLASS">Se: Serializable inner class</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SE_NONFINAL_SERIALVERSIONID">Se: serialVersionUID isn't final</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SE_NONLONG_SERIALVERSIONID">Se: serialVersionUID isn't long</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SE_NONSTATIC_SERIALVERSIONID">Se: serialVersionUID isn't static</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SE_NO_SUITABLE_CONSTRUCTOR">Se: Class is Serializable but its superclass doesn't define a void constructor</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SE_NO_SUITABLE_CONSTRUCTOR_FOR_EXTERNALIZATION">Se: Class is Externalizable but doesn't define a void constructor</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SE_READ_RESOLVE_MUST_RETURN_OBJECT">Se: The readResolve method must be declared with a return type of Object. </a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SE_TRANSIENT_FIELD_NOT_RESTORED">Se: Transient field that isn't set by deserialization. </a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SE_NO_SERIALVERSIONID">SnVI: Class is Serializable, but doesn't define serialVersionUID</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#UI_INHERITANCE_UNSAFE_GETRESOURCE">UI: Usage of GetResource may be unsafe if class is extended</a></td><td>Bad practice</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#BAC_BAD_APPLET_CONSTRUCTOR">BAC: Bad Applet Constructor relies on uninitialized AppletStub</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#BC_IMPOSSIBLE_CAST">BC: Impossible cast</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#BC_IMPOSSIBLE_DOWNCAST">BC: Impossible downcast</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY">BC: Impossible downcast of toArray() result</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#BC_IMPOSSIBLE_INSTANCEOF">BC: instanceof will always return false</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#BIT_ADD_OF_SIGNED_BYTE">BIT: Bitwise add of signed byte value</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#BIT_AND">BIT: Incompatible bit masks</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#BIT_AND_ZZ">BIT: Check to see if ((...) & 0) == 0</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#BIT_IOR">BIT: Incompatible bit masks</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#BIT_IOR_OF_SIGNED_BYTE">BIT: Bitwise OR of signed byte value</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#BIT_SIGNED_CHECK_HIGH_BIT">BIT: Check for sign of bitwise operation</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#BOA_BADLY_OVERRIDDEN_ADAPTER">BOA: Class overrides a method implemented in super class Adapter wrongly</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#BSHIFT_WRONG_ADD_PRIORITY">BSHIFT: Possible bad parsing of shift operation</a></td><td>Correctness</td></tr>

<tr bgcolor="#ffffff"><td><a href="#ICAST_BAD_SHIFT_AMOUNT">BSHIFT: 32 bit int shifted by an amount not in the range -31..31</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#BX_UNBOXED_AND_COERCED_FOR_TERNARY_OPERATOR">Bx: Primitive value is unboxed and coerced for ternary operator</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#CO_COMPARETO_RESULTS_MIN_VALUE">Co: compareTo()/compare() returns Integer.MIN_VALUE</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_INCREMENT_IN_RETURN">DLS: Useless increment in return statement</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_STORE_OF_CLASS_LITERAL">DLS: Dead store of class literal</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DLS_OVERWRITTEN_INCREMENT">DLS: Overwritten increment</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DMI_ARGUMENTS_WRONG_ORDER">DMI: Reversed method arguments</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DMI_BAD_MONTH">DMI: Bad constant value for month</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DMI_BIGDECIMAL_CONSTRUCTED_FROM_DOUBLE">DMI: BigDecimal constructed from double that isn't represented precisely</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DMI_CALLING_NEXT_FROM_HASNEXT">DMI: hasNext method invokes next</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DMI_COLLECTIONS_SHOULD_NOT_CONTAIN_THEMSELVES">DMI: Collections should not contain themselves</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DMI_DOH">DMI: D'oh! A nonsensical method invocation</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DMI_INVOKING_HASHCODE_ON_ARRAY">DMI: Invocation of hashCode on an array</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DMI_LONG_BITS_TO_DOUBLE_INVOKED_ON_INT">DMI: Double.longBitsToDouble invoked on an int</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DMI_VACUOUS_SELF_COLLECTION_CALL">DMI: Vacuous call to collections</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DMI_ANNOTATION_IS_NOT_VISIBLE_TO_REFLECTION">Dm: Can't use reflection to check for presence of annotation without runtime retention</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DMI_FUTILE_ATTEMPT_TO_CHANGE_MAXPOOL_SIZE_OF_SCHEDULED_THREAD_POOL_EXECUTOR">Dm: Futile attempt to change max pool size of ScheduledThreadPoolExecutor</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DMI_SCHEDULED_THREAD_POOL_EXECUTOR_WITH_ZERO_CORE_THREADS">Dm: Creation of ScheduledThreadPoolExecutor with zero core threads</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DMI_VACUOUS_CALL_TO_EASYMOCK_METHOD">Dm: Useless/vacuous call to EasyMock method</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#CAA_COVARIANT_ARRAY_ELEMENT_STORE">CAA: Possibly incompatible element is stored in covariant array</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_INCREMENT_IN_RETURN">DLS: Useless increment in return statement</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_STORE_OF_CLASS_LITERAL">DLS: Dead store of class literal</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DLS_OVERWRITTEN_INCREMENT">DLS: Overwritten increment</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DMI_ARGUMENTS_WRONG_ORDER">DMI: Reversed method arguments</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DMI_BAD_MONTH">DMI: Bad constant value for month</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DMI_BIGDECIMAL_CONSTRUCTED_FROM_DOUBLE">DMI: BigDecimal constructed from double that isn't represented precisely</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DMI_CALLING_NEXT_FROM_HASNEXT">DMI: hasNext method invokes next</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DMI_COLLECTIONS_SHOULD_NOT_CONTAIN_THEMSELVES">DMI: Collections should not contain themselves</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DMI_DOH">DMI: D'oh! A nonsensical method invocation</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DMI_INVOKING_HASHCODE_ON_ARRAY">DMI: Invocation of hashCode on an array</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DMI_LONG_BITS_TO_DOUBLE_INVOKED_ON_INT">DMI: Double.longBitsToDouble invoked on an int</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DMI_VACUOUS_SELF_COLLECTION_CALL">DMI: Vacuous call to collections</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DMI_ANNOTATION_IS_NOT_VISIBLE_TO_REFLECTION">Dm: Can't use reflection to check for presence of annotation without runtime retention</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DMI_FUTILE_ATTEMPT_TO_CHANGE_MAXPOOL_SIZE_OF_SCHEDULED_THREAD_POOL_EXECUTOR">Dm: Futile attempt to change max pool size of ScheduledThreadPoolExecutor</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DMI_SCHEDULED_THREAD_POOL_EXECUTOR_WITH_ZERO_CORE_THREADS">Dm: Creation of ScheduledThreadPoolExecutor with zero core threads</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DMI_VACUOUS_CALL_TO_EASYMOCK_METHOD">Dm: Useless/vacuous call to EasyMock method</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DM_INVALID_MIN_MAX">Dm: Incorrect combination of Math.max and Math.min</a></td><td>Correctness</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#EC_ARRAY_AND_NONARRAY">EC: equals() used to compare array and nonarray</a></td><td>Correctness</td></tr>

<tr bgcolor="#ffffff"><td><a href="#EC_BAD_ARRAY_COMPARE">EC: Invocation of equals() on an array, which is equivalent to ==</a></td><td>Correctness</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#EC_INCOMPATIBLE_ARRAY_COMPARE">EC: equals(...) used to compare incompatible arrays</a></td><td>Correctness</td></tr>

@@ -218,7 +227,7 @@ as well as bug patterns that are not enabled by default.

<tr bgcolor="#ffffff"><td><a href="#IL_INFINITE_RECURSIVE_LOOP">IL: An apparent infinite recursive loop</a></td><td>Correctness</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#IM_MULTIPLYING_RESULT_OF_IREM">IM: Integer multiply of result of integer remainder</a></td><td>Correctness</td></tr>

<tr bgcolor="#ffffff"><td><a href="#INT_BAD_COMPARISON_WITH_INT_VALUE">INT: Bad comparison of int value with long constant</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE">INT: Bad comparison of nonnegative value with negative constant</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE">INT: Bad comparison of nonnegative value with negative constant or zero</a></td><td>Correctness</td></tr>

<tr bgcolor="#ffffff"><td><a href="#INT_BAD_COMPARISON_WITH_SIGNED_BYTE">INT: Bad comparison of signed byte</a></td><td>Correctness</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#IO_APPENDING_TO_OBJECT_OUTPUT_STREAM">IO: Doomed attempt to append to an object output stream</a></td><td>Correctness</td></tr>

<tr bgcolor="#ffffff"><td><a href="#IP_PARAMETER_IS_DEAD_BUT_OVERWRITTEN">IP: A parameter is dead upon entry to a method but overwritten</a></td><td>Correctness</td></tr>

@@ -230,91 +239,99 @@ as well as bug patterns that are not enabled by default.

<tr bgcolor="#ffffff"><td><a href="#NP_CLOSING_NULL">NP: close() invoked on a value that is always null</a></td><td>Correctness</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#NP_GUARANTEED_DEREF">NP: Null value is guaranteed to be dereferenced</a></td><td>Correctness</td></tr>

<tr bgcolor="#ffffff"><td><a href="#NP_GUARANTEED_DEREF_ON_EXCEPTION_PATH">NP: Value is null and guaranteed to be dereferenced on exception path</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">NP: Nonnull field is not initialized</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NP_NONNULL_PARAM_VIOLATION">NP: Method call passes null to a nonnull parameter </a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NP_NONNULL_RETURN_VIOLATION">NP: Method may return null, but is declared @NonNull</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">NP: Non-null field is not initialized</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NP_NONNULL_PARAM_VIOLATION">NP: Method call passes null to a non-null parameter </a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NP_NONNULL_RETURN_VIOLATION">NP: Method may return null, but is declared @Nonnull</a></td><td>Correctness</td></tr>

<tr bgcolor="#ffffff"><td><a href="#NP_NULL_INSTANCEOF">NP: A known null value is checked to see if it is an instance of a type</a></td><td>Correctness</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_ON_SOME_PATH">NP: Possible null pointer dereference</a></td><td>Correctness</td></tr>

<tr bgcolor="#ffffff"><td><a href="#NP_NULL_ON_SOME_PATH_EXCEPTION">NP: Possible null pointer dereference in method on exception path</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_PARAM_DEREF">NP: Method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS">NP: Method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_PARAM_DEREF_NONVIRTUAL">NP: Non-virtual method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NP_STORE_INTO_NONNULL_FIELD">NP: Store of null value into field annotated NonNull</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NP_UNWRITTEN_FIELD">NP: Read of unwritten field</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NM_BAD_EQUAL">Nm: Class defines equal(Object); should it be equals(Object)?</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NM_LCASE_HASHCODE">Nm: Class defines hashcode(); should it be hashCode()?</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NM_LCASE_TOSTRING">Nm: Class defines tostring(); should it be toString()?</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NM_METHOD_CONSTRUCTOR_CONFUSION">Nm: Apparent method/constructor confusion</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NM_VERY_CONFUSING">Nm: Very confusing method names</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NM_WRONG_PACKAGE">Nm: Method doesn't override method in superclass due to wrong package for parameter</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#QBA_QUESTIONABLE_BOOLEAN_ASSIGNMENT">QBA: Method assigns boolean literal in boolean expression</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RC_REF_COMPARISON">RC: Suspicious reference comparison</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE">RCN: Nullcheck of value previously dereferenced</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RE_BAD_SYNTAX_FOR_REGULAR_EXPRESSION">RE: Invalid syntax for regular expression</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RE_CANT_USE_FILE_SEPARATOR_AS_REGULAR_EXPRESSION">RE: File.separator used for regular expression</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RE_POSSIBLE_UNINTENDED_PATTERN">RE: "." or "|" used for regular expression</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RV_01_TO_INT">RV: Random value from 0 to 1 is coerced to the integer 0</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RV_ABSOLUTE_VALUE_OF_HASHCODE">RV: Bad attempt to compute absolute value of signed 32-bit hashcode </a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RV_ABSOLUTE_VALUE_OF_RANDOM_INT">RV: Bad attempt to compute absolute value of signed random integer</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RV_CHECK_COMPARETO_FOR_SPECIFIC_RETURN_VALUE">RV: Code checks for specific values returned by compareTo</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RV_EXCEPTION_NOT_THROWN">RV: Exception created and dropped rather than thrown</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RV_RETURN_VALUE_IGNORED">RV: Method ignores return value</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RpC_REPEATED_CONDITIONAL_TEST">RpC: Repeated conditional tests</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SA_FIELD_SELF_ASSIGNMENT">SA: Self assignment of field</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SA_FIELD_SELF_COMPARISON">SA: Self comparison of field with itself</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SA_FIELD_SELF_COMPUTATION">SA: Nonsensical self computation involving a field (e.g., x & x)</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_SELF_ASSIGNMENT_INSTEAD_OF_FIELD">SA: Self assignment of local rather than assignment to field</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_SELF_COMPARISON">SA: Self comparison of value with itself</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_SELF_COMPUTATION">SA: Nonsensical self computation involving a variable (e.g., x & x)</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH">SF: Dead store due to switch statement fall through</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH_TO_THROW">SF: Dead store due to switch statement fall through to throw</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SIC_THREADLOCAL_DEADLY_EMBRACE">SIC: Deadly embrace of non-static inner class and thread local</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SIO_SUPERFLUOUS_INSTANCEOF">SIO: Unnecessary type check done using instanceof operator</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SQL_BAD_PREPARED_STATEMENT_ACCESS">SQL: Method attempts to access a prepared statement parameter with index 0</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SQL_BAD_RESULTSET_ACCESS">SQL: Method attempts to access a result set field with index 0</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#STI_INTERRUPTED_ON_CURRENTTHREAD">STI: Unneeded use of currentThread() call, to call interrupted() </a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#STI_INTERRUPTED_ON_UNKNOWNTHREAD">STI: Static Thread.interrupted() method invoked on thread instance</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#SE_METHOD_MUST_BE_PRIVATE">Se: Method must be private in order for serialization to work</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SE_READ_RESOLVE_IS_STATIC">Se: The readResolve method must not be declared as a static method. </a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#TQ_ALWAYS_VALUE_USED_WHERE_NEVER_REQUIRED">TQ: Value annotated as carrying a type qualifier used where a value that must not carry that qualifier is required</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#TQ_COMPARING_VALUES_WITH_INCOMPATIBLE_TYPE_QUALIFIERS">TQ: Comparing values with incompatible type qualifiers</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#TQ_MAYBE_SOURCE_VALUE_REACHES_ALWAYS_SINK">TQ: Value that might not carry a type qualifier is always used in a way requires that type qualifier</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#TQ_MAYBE_SOURCE_VALUE_REACHES_NEVER_SINK">TQ: Value that might carry a type qualifier is always used in a way prohibits it from having that type qualifier</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#TQ_NEVER_VALUE_USED_WHERE_ALWAYS_REQUIRED">TQ: Value annotated as never carrying a type qualifier used where value carrying that qualifier is required</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED">TQ: Value without a type qualifier used where a value is required to have that qualifier</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS">UMAC: Uncallable method defined in anonymous class</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#UR_UNINIT_READ">UR: Uninitialized read of field in constructor</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR">UR: Uninitialized read of field method called from constructor of superclass</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY">USELESS_STRING: Invocation of toString on an unnamed array</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DMI_INVOKING_TOSTRING_ON_ARRAY">USELESS_STRING: Invocation of toString on an array</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION_FROM_ARRAY">USELESS_STRING: Array formatted in useless way using format string</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#UWF_NULL_FIELD">UwF: Field only ever set to null</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#UWF_UNWRITTEN_FIELD">UwF: Unwritten field</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#VA_PRIMITIVE_ARRAY_PASSED_TO_OBJECT_VARARG">VA: Primitive array passed to function expecting a variable number of object arguments</a></td><td>Correctness</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#VR_UNRESOLVABLE_REFERENCE">VR: Class makes reference to unresolvable class or method</a></td><td>Correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE">LG: Potential lost logger changes due to weak reference in OpenJDK</a></td><td>Experimental</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#OBL_UNSATISFIED_OBLIGATION">OBL: Method may fail to clean up stream or resource</a></td><td>Experimental</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE">OBL: Method may fail to clean up stream or resource on checked exception</a></td><td>Experimental</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#TESTING">TEST: Testing</a></td><td>Experimental</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DM_CONVERT_CASE">Dm: Consider using Locale parameterized version of invoked method</a></td><td>Internationalization</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DM_DEFAULT_ENCODING">Dm: Reliance on default encoding</a></td><td>Internationalization</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED">DP: Classloaders should only be created inside doPrivileged block</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DP_DO_INSIDE_DO_PRIVILEGED">DP: Method invoked that should be only be invoked inside a doPrivileged block</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#EI_EXPOSE_REP">EI: May expose internal representation by returning reference to mutable object</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#EI_EXPOSE_REP2">EI2: May expose internal representation by incorporating reference to mutable object</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#FI_PUBLIC_SHOULD_BE_PROTECTED">FI: Finalizer should be protected, not public</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#EI_EXPOSE_STATIC_REP2">MS: May expose internal static state by storing a mutable object into a static field</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#MS_CANNOT_BE_FINAL">MS: Field isn't final and can't be protected from malicious code</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#MS_EXPOSE_REP">MS: Public static method may expose internal representation by returning array</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#MS_FINAL_PKGPROTECT">MS: Field should be both final and package protected</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#MS_MUTABLE_ARRAY">MS: Field is a mutable array</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#MS_MUTABLE_HASHTABLE">MS: Field is a mutable Hashtable</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#MS_OOI_PKGPROTECT">MS: Field should be moved out of an interface and made package protected</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#MS_PKGPROTECT">MS: Field should be package protected</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#MS_SHOULD_BE_FINAL">MS: Field isn't final but should be</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#MS_SHOULD_BE_REFACTORED_TO_BE_FINAL">MS: Field isn't final but should be refactored to be so</a></td><td>Malicious code vulnerability</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#AT_OPERATION_SEQUENCE_ON_CONCURRENT_ABSTRACTION">AT: Sequence of calls to concurrent abstraction may not be atomic</a></td><td>Multithreaded correctness</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DC_DOUBLECHECK">DC: Possible double check of field</a></td><td>Multithreaded correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_PARAM_DEREF">NP: Method call passes null for non-null parameter</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS">NP: Method call passes null for non-null parameter</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_PARAM_DEREF_NONVIRTUAL">NP: Non-virtual method call passes null for non-null parameter</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NP_OPTIONAL_RETURN_NULL">NP: Method with Optional return type returns explicit null</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NP_STORE_INTO_NONNULL_FIELD">NP: Store of null value into field annotated @Nonnull</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NP_UNWRITTEN_FIELD">NP: Read of unwritten field</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NM_BAD_EQUAL">Nm: Class defines equal(Object); should it be equals(Object)?</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NM_LCASE_HASHCODE">Nm: Class defines hashcode(); should it be hashCode()?</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NM_LCASE_TOSTRING">Nm: Class defines tostring(); should it be toString()?</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NM_METHOD_CONSTRUCTOR_CONFUSION">Nm: Apparent method/constructor confusion</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NM_VERY_CONFUSING">Nm: Very confusing method names</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NM_WRONG_PACKAGE">Nm: Method doesn't override method in superclass due to wrong package for parameter</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#QBA_QUESTIONABLE_BOOLEAN_ASSIGNMENT">QBA: Method assigns boolean literal in boolean expression</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RANGE_ARRAY_INDEX">RANGE: Array index is out of bounds</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RANGE_ARRAY_LENGTH">RANGE: Array length is out of bounds</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RANGE_ARRAY_OFFSET">RANGE: Array offset is out of bounds</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RANGE_STRING_INDEX">RANGE: String index is out of bounds</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RC_REF_COMPARISON">RC: Suspicious reference comparison</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE">RCN: Nullcheck of value previously dereferenced</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RE_BAD_SYNTAX_FOR_REGULAR_EXPRESSION">RE: Invalid syntax for regular expression</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RE_CANT_USE_FILE_SEPARATOR_AS_REGULAR_EXPRESSION">RE: File.separator used for regular expression</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RE_POSSIBLE_UNINTENDED_PATTERN">RE: "." or "|" used for regular expression</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RV_01_TO_INT">RV: Random value from 0 to 1 is coerced to the integer 0</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RV_ABSOLUTE_VALUE_OF_HASHCODE">RV: Bad attempt to compute absolute value of signed 32-bit hashcode </a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RV_ABSOLUTE_VALUE_OF_RANDOM_INT">RV: Bad attempt to compute absolute value of signed random integer</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RV_CHECK_COMPARETO_FOR_SPECIFIC_RETURN_VALUE">RV: Code checks for specific values returned by compareTo</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RV_EXCEPTION_NOT_THROWN">RV: Exception created and dropped rather than thrown</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RV_RETURN_VALUE_IGNORED">RV: Method ignores return value</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RpC_REPEATED_CONDITIONAL_TEST">RpC: Repeated conditional tests</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SA_FIELD_SELF_ASSIGNMENT">SA: Self assignment of field</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SA_FIELD_SELF_COMPARISON">SA: Self comparison of field with itself</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SA_FIELD_SELF_COMPUTATION">SA: Nonsensical self computation involving a field (e.g., x & x)</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_SELF_ASSIGNMENT_INSTEAD_OF_FIELD">SA: Self assignment of local rather than assignment to field</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_SELF_COMPARISON">SA: Self comparison of value with itself</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_SELF_COMPUTATION">SA: Nonsensical self computation involving a variable (e.g., x & x)</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH">SF: Dead store due to switch statement fall through</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH_TO_THROW">SF: Dead store due to switch statement fall through to throw</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SIC_THREADLOCAL_DEADLY_EMBRACE">SIC: Deadly embrace of non-static inner class and thread local</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SIO_SUPERFLUOUS_INSTANCEOF">SIO: Unnecessary type check done using instanceof operator</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SQL_BAD_PREPARED_STATEMENT_ACCESS">SQL: Method attempts to access a prepared statement parameter with index 0</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SQL_BAD_RESULTSET_ACCESS">SQL: Method attempts to access a result set field with index 0</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#STI_INTERRUPTED_ON_CURRENTTHREAD">STI: Unneeded use of currentThread() call, to call interrupted() </a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#STI_INTERRUPTED_ON_UNKNOWNTHREAD">STI: Static Thread.interrupted() method invoked on thread instance</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SE_METHOD_MUST_BE_PRIVATE">Se: Method must be private in order for serialization to work</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#SE_READ_RESOLVE_IS_STATIC">Se: The readResolve method must not be declared as a static method. </a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#TQ_ALWAYS_VALUE_USED_WHERE_NEVER_REQUIRED">TQ: Value annotated as carrying a type qualifier used where a value that must not carry that qualifier is required</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#TQ_COMPARING_VALUES_WITH_INCOMPATIBLE_TYPE_QUALIFIERS">TQ: Comparing values with incompatible type qualifiers</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#TQ_MAYBE_SOURCE_VALUE_REACHES_ALWAYS_SINK">TQ: Value that might not carry a type qualifier is always used in a way requires that type qualifier</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#TQ_MAYBE_SOURCE_VALUE_REACHES_NEVER_SINK">TQ: Value that might carry a type qualifier is always used in a way prohibits it from having that type qualifier</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#TQ_NEVER_VALUE_USED_WHERE_ALWAYS_REQUIRED">TQ: Value annotated as never carrying a type qualifier used where value carrying that qualifier is required</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED">TQ: Value without a type qualifier used where a value is required to have that qualifier</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS">UMAC: Uncallable method defined in anonymous class</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#UR_UNINIT_READ">UR: Uninitialized read of field in constructor</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR">UR: Uninitialized read of field method called from constructor of superclass</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY">USELESS_STRING: Invocation of toString on an unnamed array</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DMI_INVOKING_TOSTRING_ON_ARRAY">USELESS_STRING: Invocation of toString on an array</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION_FROM_ARRAY">USELESS_STRING: Array formatted in useless way using format string</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#UWF_NULL_FIELD">UwF: Field only ever set to null</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#UWF_UNWRITTEN_FIELD">UwF: Unwritten field</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#VA_PRIMITIVE_ARRAY_PASSED_TO_OBJECT_VARARG">VA: Primitive array passed to function expecting a variable number of object arguments</a></td><td>Correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#VR_UNRESOLVABLE_REFERENCE">VR: Class makes reference to unresolvable class or method</a></td><td>Correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE">LG: Potential lost logger changes due to weak reference in OpenJDK</a></td><td>Experimental</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#OBL_UNSATISFIED_OBLIGATION">OBL: Method may fail to clean up stream or resource</a></td><td>Experimental</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE">OBL: Method may fail to clean up stream or resource on checked exception</a></td><td>Experimental</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#TESTING">TEST: Testing</a></td><td>Experimental</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DM_CONVERT_CASE">Dm: Consider using Locale parameterized version of invoked method</a></td><td>Internationalization</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DM_DEFAULT_ENCODING">Dm: Reliance on default encoding</a></td><td>Internationalization</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED">DP: Classloaders should only be created inside doPrivileged block</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DP_DO_INSIDE_DO_PRIVILEGED">DP: Method invoked that should be only be invoked inside a doPrivileged block</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#EI_EXPOSE_REP">EI: May expose internal representation by returning reference to mutable object</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#EI_EXPOSE_REP2">EI2: May expose internal representation by incorporating reference to mutable object</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#FI_PUBLIC_SHOULD_BE_PROTECTED">FI: Finalizer should be protected, not public</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#EI_EXPOSE_STATIC_REP2">MS: May expose internal static state by storing a mutable object into a static field</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#MS_CANNOT_BE_FINAL">MS: Field isn't final and can't be protected from malicious code</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#MS_EXPOSE_REP">MS: Public static method may expose internal representation by returning array</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#MS_FINAL_PKGPROTECT">MS: Field should be both final and package protected</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#MS_MUTABLE_ARRAY">MS: Field is a mutable array</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#MS_MUTABLE_COLLECTION">MS: Field is a mutable collection</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#MS_MUTABLE_COLLECTION_PKGPROTECT">MS: Field is a mutable collection which should be package protected</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#MS_MUTABLE_HASHTABLE">MS: Field is a mutable Hashtable</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#MS_OOI_PKGPROTECT">MS: Field should be moved out of an interface and made package protected</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#MS_PKGPROTECT">MS: Field should be package protected</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#MS_SHOULD_BE_FINAL">MS: Field isn't final but should be</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#MS_SHOULD_BE_REFACTORED_TO_BE_FINAL">MS: Field isn't final but should be refactored to be so</a></td><td>Malicious code vulnerability</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#AT_OPERATION_SEQUENCE_ON_CONCURRENT_ABSTRACTION">AT: Sequence of calls to concurrent abstraction may not be atomic</a></td><td>Multithreaded correctness</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DC_DOUBLECHECK">DC: Possible double check of field</a></td><td>Multithreaded correctness</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DC_PARTIALLY_CONSTRUCTED">DC: Possible exposure of partially initialized object</a></td><td>Multithreaded correctness</td></tr>

<tr bgcolor="#ffffff"><td><a href="#DL_SYNCHRONIZATION_ON_BOOLEAN">DL: Synchronization on Boolean</a></td><td>Multithreaded correctness</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#DL_SYNCHRONIZATION_ON_BOXED_PRIMITIVE">DL: Synchronization on boxed primitive</a></td><td>Multithreaded correctness</td></tr>

<tr bgcolor="#ffffff"><td><a href="#DL_SYNCHRONIZATION_ON_SHARED_CONSTANT">DL: Synchronization on interned String </a></td><td>Multithreaded correctness</td></tr>

@@ -364,7 +381,9 @@ as well as bug patterns that are not enabled by default.

<tr bgcolor="#ffffff"><td><a href="#NOISE_OPERATION">NOISE: Bogus warning about an operation</a></td><td>Bogus random noise</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#BX_BOXING_IMMEDIATELY_UNBOXED">Bx: Primitive value is boxed and then immediately unboxed</a></td><td>Performance</td></tr>

<tr bgcolor="#ffffff"><td><a href="#BX_BOXING_IMMEDIATELY_UNBOXED_TO_PERFORM_COERCION">Bx: Primitive value is boxed then unboxed to perform primitive coercion</a></td><td>Performance</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#BX_UNBOXING_IMMEDIATELY_REBOXED">Bx: Boxed value is unboxed and then immediately reboxed</a></td><td>Performance</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#BX_UNBOXED_AND_COERCED_FOR_TERNARY_OPERATOR">Bx: Primitive value is unboxed and coerced for ternary operator</a></td><td>Performance</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#BX_UNBOXING_IMMEDIATELY_REBOXED">Bx: Boxed value is unboxed and then immediately reboxed</a></td><td>Performance</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DM_BOXED_PRIMITIVE_FOR_COMPARE">Bx: Boxing a primitive to compare</a></td><td>Performance</td></tr>

<tr bgcolor="#ffffff"><td><a href="#DM_BOXED_PRIMITIVE_FOR_PARSING">Bx: Boxing/unboxing to parse a primitive</a></td><td>Performance</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#DM_BOXED_PRIMITIVE_TOSTRING">Bx: Method allocates a boxed primitive just to call toString</a></td><td>Performance</td></tr>

<tr bgcolor="#ffffff"><td><a href="#DM_FP_NUMBER_CTOR">Bx: Method invokes inefficient floating-point Number constructor; use static valueOf instead</a></td><td>Performance</td></tr>

@@ -379,6 +398,12 @@ as well as bug patterns that are not enabled by default.

<tr bgcolor="#eeeeee"><td><a href="#DM_STRING_TOSTRING">Dm: Method invokes toString() method on a String</a></td><td>Performance</td></tr>

<tr bgcolor="#ffffff"><td><a href="#DM_STRING_VOID_CTOR">Dm: Method invokes inefficient new String() constructor</a></td><td>Performance</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#HSC_HUGE_SHARED_STRING_CONSTANT">HSC: Huge string constants is duplicated across multiple class files</a></td><td>Performance</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#IIL_ELEMENTS_GET_LENGTH_IN_LOOP">IIL: NodeList.getLength() called in a loop</a></td><td>Performance</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#IIL_PATTERN_COMPILE_IN_LOOP">IIL: Method calls Pattern.compile in a loop</a></td><td>Performance</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#IIL_PATTERN_COMPILE_IN_LOOP_INDIRECT">IIL: Method compiles the regular expression in a loop</a></td><td>Performance</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#IIL_PREPARE_STATEMENT_IN_LOOP">IIL: Method calls prepareStatement in a loop</a></td><td>Performance</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#IIO_INEFFICIENT_INDEX_OF">IIO: Inefficient use of String.indexOf(String)</a></td><td>Performance</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#IIO_INEFFICIENT_LAST_INDEX_OF">IIO: Inefficient use of String.lastIndexOf(String)</a></td><td>Performance</td></tr>

<tr bgcolor="#ffffff"><td><a href="#IMA_INEFFICIENT_MEMBER_ACCESS">IMA: Method accesses a private member variable of owning class</a></td><td>Performance</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#ITA_INEFFICIENT_TO_ARRAY">ITA: Method uses toArray() with zero-length array argument</a></td><td>Performance</td></tr>

<tr bgcolor="#ffffff"><td><a href="#SBSC_USE_STRINGBUFFER_CONCATENATION">SBSC: Method concatenates strings using + in a loop</a></td><td>Performance</td></tr>

@@ -397,7 +422,7 @@ as well as bug patterns that are not enabled by default.

<tr bgcolor="#eeeeee"><td><a href="#HRS_REQUEST_PARAMETER_TO_HTTP_HEADER">HRS: HTTP Response splitting vulnerability</a></td><td>Security</td></tr>

<tr bgcolor="#ffffff"><td><a href="#PT_ABSOLUTE_PATH_TRAVERSAL">PT: Absolute path traversal in servlet</a></td><td>Security</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#PT_RELATIVE_PATH_TRAVERSAL">PT: Relative path traversal in servlet</a></td><td>Security</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE">SQL: Nonconstant string passed to execute method on an SQL statement</a></td><td>Security</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE">SQL: Nonconstant string passed to execute or addBatch method on an SQL statement</a></td><td>Security</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING">SQL: A prepared statement is generated from a nonconstant String</a></td><td>Security</td></tr>

<tr bgcolor="#ffffff"><td><a href="#XSS_REQUEST_PARAMETER_TO_JSP_WRITER">XSS: JSP reflected cross site scripting vulnerability</a></td><td>Security</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#XSS_REQUEST_PARAMETER_TO_SEND_ERROR">XSS: Servlet reflected cross site scripting vulnerability in error page</a></td><td>Security</td></tr>

@@ -408,59 +433,63 @@ as well as bug patterns that are not enabled by default.

<tr bgcolor="#ffffff"><td><a href="#BC_UNCONFIRMED_CAST_OF_RETURN_VALUE">BC: Unchecked/unconfirmed cast of return value from method</a></td><td>Dodgy code</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#BC_VACUOUS_INSTANCEOF">BC: instanceof will always return true</a></td><td>Dodgy code</td></tr>

<tr bgcolor="#ffffff"><td><a href="#ICAST_QUESTIONABLE_UNSIGNED_RIGHT_SHIFT">BSHIFT: Unsigned right shift cast to short/byte</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#CD_CIRCULAR_DEPENDENCY">CD: Test for circular dependencies among classes</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#CI_CONFUSED_INHERITANCE">CI: Class is final but declares protected field</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DB_DUPLICATE_BRANCHES">DB: Method uses the same code for two branches</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DB_DUPLICATE_SWITCH_CLAUSES">DB: Method uses the same code for two switch clauses</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_STORE">DLS: Dead store to local variable</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_STORE_IN_RETURN">DLS: Useless assignment in return statement</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_STORE_OF_NULL">DLS: Dead store of null to local variable</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_STORE_SHADOWS_FIELD">DLS: Dead store to local variable that shadows field</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DMI_HARDCODED_ABSOLUTE_FILENAME">DMI: Code contains a hard coded reference to an absolute pathname</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DMI_NONSERIALIZABLE_OBJECT_WRITTEN">DMI: Non serializable object written to ObjectOutput</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DMI_USELESS_SUBSTRING">DMI: Invocation of substring(0), which returns the original value</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#DMI_THREAD_PASSED_WHERE_RUNNABLE_EXPECTED">Dm: Thread passed where Runnable expected</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#DMI_UNSUPPORTED_METHOD">Dm: Call to unsupported method</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#EQ_DOESNT_OVERRIDE_EQUALS">Eq: Class doesn't override equals in superclass</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#EQ_UNUSUAL">Eq: Unusual equals method </a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#FE_FLOATING_POINT_EQUALITY">FE: Test for floating point equality</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION_TO_BOOLEAN">FS: Non-Boolean argument formatted using %b format specifier</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD">IA: Potentially ambiguous invocation of either an inherited or outer method</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#IC_INIT_CIRCULARITY">IC: Initialization circularity</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#ICAST_IDIV_CAST_TO_DOUBLE">ICAST: Integral division result cast to double or float</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#ICAST_INTEGER_MULTIPLY_CAST_TO_LONG">ICAST: Result of integer multiplication cast to long</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#IM_AVERAGE_COMPUTATION_COULD_OVERFLOW">IM: Computation of average could overflow</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#IM_BAD_CHECK_FOR_ODD">IM: Check for oddness that won't work for negative numbers </a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#INT_BAD_REM_BY_1">INT: Integer remainder modulo 1</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#INT_VACUOUS_BIT_OPERATION">INT: Vacuous bit mask operation on integer value</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#INT_VACUOUS_COMPARISON">INT: Vacuous comparison of integer value</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#MTIA_SUSPECT_SERVLET_INSTANCE_FIELD">MTIA: Class extends Servlet class and uses instance variables</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#MTIA_SUSPECT_STRUTS_INSTANCE_FIELD">MTIA: Class extends Struts Action class and uses instance variables</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NP_DEREFERENCE_OF_READLINE_VALUE">NP: Dereference of the result of readLine() without nullcheck</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NP_IMMEDIATE_DEREFERENCE_OF_READLINE">NP: Immediate dereference of the result of readLine()</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NP_LOAD_OF_KNOWN_NULL_VALUE">NP: Load of known null value</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NP_METHOD_PARAMETER_TIGHTENS_ANNOTATION">NP: Method tightens nullness annotation on parameter</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NP_METHOD_RETURN_RELAXING_ANNOTATION">NP: Method relaxes nullness annotation on return value</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE">NP: Possible null pointer dereference due to return value of called method</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE">NP: Possible null pointer dereference on branch that might be infeasible</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE">NP: Parameter must be nonnull but is marked as nullable</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NP_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD">NP: Read of unwritten public or protected field</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#NS_DANGEROUS_NON_SHORT_CIRCUIT">NS: Potentially dangerous use of non-short-circuit logic</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#NS_NON_SHORT_CIRCUIT">NS: Questionable use of non-short-circuit logic</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#PS_PUBLIC_SEMAPHORES">PS: Class exposes synchronization and semaphores in its public interface</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#PZLA_PREFER_ZERO_LENGTH_ARRAYS">PZLA: Consider returning a zero length array rather than null</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#QF_QUESTIONABLE_FOR_LOOP">QF: Complicated, subtle or wrong increment in for-loop </a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_COMPARISON_OF_NULL_AND_NONNULL_VALUE">RCN: Redundant comparison of non-null value to null</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_COMPARISON_TWO_NULL_VALUES">RCN: Redundant comparison of two null values</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE">RCN: Redundant nullcheck of value known to be non-null</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE">RCN: Redundant nullcheck of value known to be null</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#REC_CATCH_EXCEPTION">REC: Exception is caught when Exception is not thrown</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RI_REDUNDANT_INTERFACES">RI: Class implements same interface as superclass</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RV_CHECK_FOR_POSITIVE_INDEXOF">RV: Method checks to see if result of String.indexOf is positive</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RV_DONT_JUST_NULL_CHECK_READLINE">RV: Method discards result of readLine after checking if it is nonnull</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RV_REM_OF_HASHCODE">RV: Remainder of hashCode could be negative</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#RV_REM_OF_RANDOM_INT">RV: Remainder of 32-bit signed random integer</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#RV_RETURN_VALUE_IGNORED_INFERRED">RV: Method ignores return value, is this OK?</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#CAA_COVARIANT_ARRAY_FIELD">CAA: Covariant array assignment to a field</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#CAA_COVARIANT_ARRAY_LOCAL">CAA: Covariant array assignment to a local variable</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#CAA_COVARIANT_ARRAY_RETURN">CAA: Covariant array is returned from the method</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#CD_CIRCULAR_DEPENDENCY">CD: Test for circular dependencies among classes</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#CI_CONFUSED_INHERITANCE">CI: Class is final but declares protected field</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DB_DUPLICATE_BRANCHES">DB: Method uses the same code for two branches</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DB_DUPLICATE_SWITCH_CLAUSES">DB: Method uses the same code for two switch clauses</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_STORE">DLS: Dead store to local variable</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_STORE_IN_RETURN">DLS: Useless assignment in return statement</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_STORE_OF_NULL">DLS: Dead store of null to local variable</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_STORE_SHADOWS_FIELD">DLS: Dead store to local variable that shadows field</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DMI_HARDCODED_ABSOLUTE_FILENAME">DMI: Code contains a hard coded reference to an absolute pathname</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DMI_NONSERIALIZABLE_OBJECT_WRITTEN">DMI: Non serializable object written to ObjectOutput</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DMI_USELESS_SUBSTRING">DMI: Invocation of substring(0), which returns the original value</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#DMI_THREAD_PASSED_WHERE_RUNNABLE_EXPECTED">Dm: Thread passed where Runnable expected</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#DMI_UNSUPPORTED_METHOD">Dm: Call to unsupported method</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#EQ_DOESNT_OVERRIDE_EQUALS">Eq: Class doesn't override equals in superclass</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#EQ_UNUSUAL">Eq: Unusual equals method </a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#FE_FLOATING_POINT_EQUALITY">FE: Test for floating point equality</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION_TO_BOOLEAN">FS: Non-Boolean argument formatted using %b format specifier</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD">IA: Potentially ambiguous invocation of either an inherited or outer method</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#IC_INIT_CIRCULARITY">IC: Initialization circularity</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#ICAST_IDIV_CAST_TO_DOUBLE">ICAST: Integral division result cast to double or float</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#ICAST_INTEGER_MULTIPLY_CAST_TO_LONG">ICAST: Result of integer multiplication cast to long</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#IM_AVERAGE_COMPUTATION_COULD_OVERFLOW">IM: Computation of average could overflow</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#IM_BAD_CHECK_FOR_ODD">IM: Check for oddness that won't work for negative numbers </a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#INT_BAD_REM_BY_1">INT: Integer remainder modulo 1</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#INT_VACUOUS_BIT_OPERATION">INT: Vacuous bit mask operation on integer value</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#INT_VACUOUS_COMPARISON">INT: Vacuous comparison of integer value</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#MTIA_SUSPECT_SERVLET_INSTANCE_FIELD">MTIA: Class extends Servlet class and uses instance variables</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#MTIA_SUSPECT_STRUTS_INSTANCE_FIELD">MTIA: Class extends Struts Action class and uses instance variables</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NP_DEREFERENCE_OF_READLINE_VALUE">NP: Dereference of the result of readLine() without nullcheck</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NP_IMMEDIATE_DEREFERENCE_OF_READLINE">NP: Immediate dereference of the result of readLine()</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NP_LOAD_OF_KNOWN_NULL_VALUE">NP: Load of known null value</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NP_METHOD_PARAMETER_TIGHTENS_ANNOTATION">NP: Method tightens nullness annotation on parameter</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NP_METHOD_RETURN_RELAXING_ANNOTATION">NP: Method relaxes nullness annotation on return value</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE">NP: Possible null pointer dereference due to return value of called method</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE">NP: Possible null pointer dereference on branch that might be infeasible</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE">NP: Parameter must be non-null but is marked as nullable</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NP_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD">NP: Read of unwritten public or protected field</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#NS_DANGEROUS_NON_SHORT_CIRCUIT">NS: Potentially dangerous use of non-short-circuit logic</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#NS_NON_SHORT_CIRCUIT">NS: Questionable use of non-short-circuit logic</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#PS_PUBLIC_SEMAPHORES">PS: Class exposes synchronization and semaphores in its public interface</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#PZLA_PREFER_ZERO_LENGTH_ARRAYS">PZLA: Consider returning a zero length array rather than null</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#QF_QUESTIONABLE_FOR_LOOP">QF: Complicated, subtle or wrong increment in for-loop </a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_COMPARISON_OF_NULL_AND_NONNULL_VALUE">RCN: Redundant comparison of non-null value to null</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_COMPARISON_TWO_NULL_VALUES">RCN: Redundant comparison of two null values</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE">RCN: Redundant nullcheck of value known to be non-null</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE">RCN: Redundant nullcheck of value known to be null</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#REC_CATCH_EXCEPTION">REC: Exception is caught when Exception is not thrown</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RI_REDUNDANT_INTERFACES">RI: Class implements same interface as superclass</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RV_CHECK_FOR_POSITIVE_INDEXOF">RV: Method checks to see if result of String.indexOf is positive</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RV_DONT_JUST_NULL_CHECK_READLINE">RV: Method discards result of readLine after checking if it is non-null</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RV_REM_OF_HASHCODE">RV: Remainder of hashCode could be negative</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RV_REM_OF_RANDOM_INT">RV: Remainder of 32-bit signed random integer</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#RV_RETURN_VALUE_IGNORED_INFERRED">RV: Method ignores return value, is this OK?</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT">RV: Return value of method without side effect is ignored</a></td><td>Dodgy code</td></tr>

<tr bgcolor="#ffffff"><td><a href="#SA_FIELD_DOUBLE_ASSIGNMENT">SA: Double assignment of field</a></td><td>Dodgy code</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_DOUBLE_ASSIGNMENT">SA: Double assignment of local variable </a></td><td>Dodgy code</td></tr>

<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_SELF_ASSIGNMENT">SA: Self assignment of local variable</a></td><td>Dodgy code</td></tr>

@@ -471,15 +500,20 @@ as well as bug patterns that are not enabled by default.

<tr bgcolor="#eeeeee"><td><a href="#SE_TRANSIENT_FIELD_OF_NONSERIALIZABLE_CLASS">Se: Transient field of class that isn't Serializable. </a></td><td>Dodgy code</td></tr>

<tr bgcolor="#ffffff"><td><a href="#TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_ALWAYS_SINK">TQ: Value required to have type qualifier, but marked as unknown</a></td><td>Dodgy code</td></tr>

<tr bgcolor="#eeeeee"><td><a href="#TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_NEVER_SINK">TQ: Value required to not have type qualifier, but marked as unknown</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#UCF_USELESS_CONTROL_FLOW">UCF: Useless control flow</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#UCF_USELESS_CONTROL_FLOW_NEXT_LINE">UCF: Useless control flow to next line</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#USM_USELESS_ABSTRACT_METHOD">USM: Abstract Method is already defined in implemented interface</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#USM_USELESS_SUBCLASS_METHOD">USM: Method superfluously delegates to parent class method</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD">UrF: Unread public/protected field</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD">UuF: Unused public or protected field</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">UwF: Field not initialized in constructor but dereferenced without null check</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#eeeeee"><td><a href="#UWF_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD">UwF: Unwritten public or protected field</a></td><td>Dodgy code</td></tr>

-<tr bgcolor="#ffffff"><td><a href="#XFB_XML_FACTORY_BYPASS">XFB: Method directly allocates a specific implementation of xml interfaces</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#UC_USELESS_CONDITION">UC: Condition has no effect</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#UC_USELESS_CONDITION_TYPE">UC: Condition has no effect due to the variable type</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#UC_USELESS_OBJECT">UC: Useless object created</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#UC_USELESS_OBJECT_STACK">UC: Useless object created on stack</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#UC_USELESS_VOID_METHOD">UC: Useless non-empty void method</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#UCF_USELESS_CONTROL_FLOW">UCF: Useless control flow</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#UCF_USELESS_CONTROL_FLOW_NEXT_LINE">UCF: Useless control flow to next line</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#USM_USELESS_ABSTRACT_METHOD">USM: Abstract Method is already defined in implemented interface</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#USM_USELESS_SUBCLASS_METHOD">USM: Method superfluously delegates to parent class method</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD">UrF: Unread public/protected field</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD">UuF: Unused public or protected field</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">UwF: Field not initialized in constructor but dereferenced without null check</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#ffffff"><td><a href="#UWF_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD">UwF: Unwritten public or protected field</a></td><td>Dodgy code</td></tr>

+<tr bgcolor="#eeeeee"><td><a href="#XFB_XML_FACTORY_BYPASS">XFB: Method directly allocates a specific implementation of xml interfaces</a></td><td>Dodgy code</td></tr>

</table>

<h2>Descriptions</h2>

<h3><a name="AM_CREATES_EMPTY_JAR_FILE_ENTRY">AM: Creates an empty jar file entry (AM_CREATES_EMPTY_JAR_FILE_ENTRY)</a></h3>

@@ -560,6 +594,12 @@ can clone themselves), but just make sure that this is what you intended.

</p>

+<h3><a name="CNT_ROUGH_CONSTANT_VALUE">CNT: Rough value of known constant found (CNT_ROUGH_CONSTANT_VALUE)</a></h3>

+ <p>It's recommended to use the predefined library constant for code clarity and better precision.</p>

<h3><a name="CO_ABSTRACT_SELF">Co: Abstract class defines covariant compareTo() method (CO_ABSTRACT_SELF)</a></h3>

@@ -569,6 +609,26 @@ can clone themselves), but just make sure that this is what you intended.

must have type <code>java.lang.Object</code>.</p>

+<h3><a name="CO_COMPARETO_INCORRECT_FLOATING">Co: compareTo()/compare() incorrectly handles float or double value (CO_COMPARETO_INCORRECT_FLOATING)</a></h3>

+ <p>This method compares double or float values using pattern like this: val1 > val2 ? 1 : val1 < val2 ? -1 : 0.

+This pattern works incorrectly for -0.0 and NaN values which may result in incorrect sorting result or broken collection

+(if compared values are used as keys). Consider using Double.compare or Float.compare static methods which handle all

+the special cases correctly.</p>

+<h3><a name="CO_COMPARETO_RESULTS_MIN_VALUE">Co: compareTo()/compare() returns Integer.MIN_VALUE (CO_COMPARETO_RESULTS_MIN_VALUE)</a></h3>

+ <p> In some situation, this compareTo or compare method returns

+the constant Integer.MIN_VALUE, which is an exceptionally bad practice.

+ The only thing that matters about the return value of compareTo is the sign of the result.

+ But people will sometimes negate the return value of compareTo, expecting that this will negate

+ the sign of the result. And it will, except in the case where the value returned is Integer.MIN_VALUE.

+ So just return -1 rather than Integer.MIN_VALUE.

<h3><a name="CO_SELF_NO_OBJECT">Co: Covariant compareTo() method defined (CO_SELF_NO_OBJECT)</a></h3>

@@ -710,7 +770,7 @@ is symmetric and transitive. Without those properties, very unexpected behavoirs

equals returns true. If this is violated, weird and unpredictable

failures will occur in classes such as PriorityQueue.

In Java 5 the PriorityQueue.remove method uses the compareTo method,

- while in Java 6 it uses the equals method.

+ while in Java 6 it uses the equals method.</p>

<p>From the JavaDoc for the compareTo method in the Comparable interface:

@@ -718,7 +778,7 @@ It is strongly recommended, but not strictly required that <code>(x.compareTo(y)

Generally speaking, any class that implements the Comparable interface and violates this condition

should clearly indicate this fact. The recommended language

is "Note: this class has a natural ordering that is inconsistent with equals."

-</blockquote>

+</blockquote></p>

<h3><a name="EQ_GETCLASS_AND_CLASS_CONSTANT">Eq: equals method fails for subtypes (EQ_GETCLASS_AND_CLASS_CONSTANT)</a></h3>

@@ -756,14 +816,14 @@ It is better to check if <code>this.getClass() == o.getClass()</code>.

<p>If a connected set of objects beings finalizable, then the VM will invoke the

finalize method on all the finalizable object, possibly at the same time in different threads.

Thus, it is a particularly bad idea, in the finalize method for a class X, invoke finalize

-on objects referenced by X, because they may already be getting finalized in a separate thread.

+on objects referenced by X, because they may already be getting finalized in a separate thread.</p>

<h3><a name="FI_FINALIZER_NULLS_FIELDS">FI: Finalizer nulls fields (FI_FINALIZER_NULLS_FIELDS)</a></h3>

<p> This finalizer nulls out fields. This is usually an error, as it does not aid garbage collection,

- and the object is going to be garbage collected anyway.

+ and the object is going to be garbage collected anyway.</p>

<h3><a name="FI_FINALIZER_ONLY_NULLS_FIELDS">FI: Finalizer only nulls fields (FI_FINALIZER_ONLY_NULLS_FIELDS)</a></h3>

@@ -771,7 +831,7 @@ on objects referenced by X, because they may already be getting finalized in a s

<p> This finalizer does nothing except null out fields. This is completely pointless, and requires that

the object be garbage collected, finalized, and then garbage collected again. You should just remove the finalize

-method.

+method.</p>

<h3><a name="FI_MISSING_SUPER_CALL">FI: Finalizer does not call superclass finalizer (FI_MISSING_SUPER_CALL)</a></h3>

@@ -951,6 +1011,22 @@ If this session is passivated or migrated, an error will result.

.</p>

+<h3><a name="ME_ENUM_FIELD_SETTER">ME: Public enum method unconditionally sets its field (ME_ENUM_FIELD_SETTER)</a></h3>

+ <p>This public method declared in public enum unconditionally sets enum field, thus this field can be changed by malicious code

+ or by accident from another package. Though mutable enum fields may be used for lazy initialization, it's a bad practice to expose them to the outer world.

+ Consider removing this method or declaring it package-private.</p>

+<h3><a name="ME_MUTABLE_ENUM_FIELD">ME: Enum field is public and mutable (ME_MUTABLE_ENUM_FIELD)</a></h3>

+ <p>A mutable public field is defined inside a public enum, thus can be changed by malicious code or by accident from another package.

+ Though mutable enum fields may be used for lazy initialization, it's a bad practice to expose them to the outer world.

+ Consider declaring this field final and/or package-private.</p>

<h3><a name="NP_BOOLEAN_RETURN_NULL">NP: Method with Boolean return type returns explicit null (NP_BOOLEAN_RETURN_NULL)</a></h3>

@@ -1053,7 +1129,7 @@ Methods should be verbs, in mixed case with the first letter lowercase, with the

that the interface is in a different package (e.g., <code>alpha.Foo</code> extends <code>beta.Foo</code>).

This can be exceptionally confusing, create lots of situations in which you have to look at import statements

to resolve references and creates many

-opportunities to accidently define methods that do not override methods in their superclasses.

+opportunities to accidentally define methods that do not override methods in their superclasses.

</p>

@@ -1064,7 +1140,7 @@ opportunities to accidently define methods that do not override methods in their

that its superclass is in a different package (e.g., <code>alpha.Foo</code> extends <code>beta.Foo</code>).

This can be exceptionally confusing, create lots of situations in which you have to look at import statements

to resolve references and creates many

-opportunities to accidently define methods that do not override methods in their superclasses.

+opportunities to accidentally define methods that do not override methods in their superclasses.

</p>

@@ -1596,6 +1672,16 @@ a listener defined in the java.awt.event or javax.swing.event package. As a resu

get called when the event occurs.</p>

+<h3><a name="BSHIFT_WRONG_ADD_PRIORITY">BSHIFT: Possible bad parsing of shift operation (BSHIFT_WRONG_ADD_PRIORITY)</a></h3>

+<p>

+The code performs an operation like (x << 8 + y). Although this might be correct, probably it was meant

+to perform (x << 8) + y, but shift operation has

+a lower precedence, so it's actually parsed as x << (8 + y).

+</p>

<h3><a name="ICAST_BAD_SHIFT_AMOUNT">BSHIFT: 32 bit int shifted by an amount not in the range -31..31 (ICAST_BAD_SHIFT_AMOUNT)</a></h3>

@@ -1609,36 +1695,22 @@ and it is at least confusing.

</p>

-<h3><a name="BX_UNBOXED_AND_COERCED_FOR_TERNARY_OPERATOR">Bx: Primitive value is unboxed and coerced for ternary operator (BX_UNBOXED_AND_COERCED_FOR_TERNARY_OPERATOR)</a></h3>

+<h3><a name="CAA_COVARIANT_ARRAY_ELEMENT_STORE">CAA: Possibly incompatible element is stored in covariant array (CAA_COVARIANT_ARRAY_ELEMENT_STORE)</a></h3>

- <p>A wrapped primitive value is unboxed and converted to another primitive type as part of the

-evaluation of a conditional ternary operator (the <code> b ? e1 : e2</code> operator). The

-semantics of Java mandate that if <code>e1</code> and <code>e2</code> are wrapped

-numeric values, the values are unboxed and converted/coerced to their common type (e.g,

-if <code>e1</code> is of type <code>Integer</code>

-and <code>e2</code> is of type <code>Float</code>, then <code>e1</code> is unboxed,

-converted to a floating point value, and boxed. See JLS Section 15.25.

+<p>Value is stored into the array and the value type doesn't match the array type.

+It's known from the analysis that actual array type is narrower than the declared type of its variable or field

+and this assignment doesn't satisfy the original array type. This assignment may cause ArrayStoreException

+at runtime.

</p>

-<h3><a name="CO_COMPARETO_RESULTS_MIN_VALUE">Co: compareTo()/compare() returns Integer.MIN_VALUE (CO_COMPARETO_RESULTS_MIN_VALUE)</a></h3>

- <p> In some situation, this compareTo or compare method returns

-the constant Integer.MIN_VALUE, which is an exceptionally bad practice.

- The only thing that matters about the return value of compareTo is the sign of the result.

- But people will sometimes negate the return value of compareTo, expecting that this will negate

- the sign of the result. And it will, except in the case where the value returned is Integer.MIN_VALUE.

- So just return -1 rather than Integer.MIN_VALUE.

<h3><a name="DLS_DEAD_LOCAL_INCREMENT_IN_RETURN">DLS: Useless increment in return statement (DLS_DEAD_LOCAL_INCREMENT_IN_RETURN)</a></h3>

-<p>This statement has a return such as <code>return x++;</code>.

+<p>This statement has a return such as <code>return x++;</code>.

A postfix increment/decrement does not impact the value of the expression,

-so this increment/decrement has no effect.

+so this increment/decrement has no effect.

Please verify that this statement does the right thing.

</p>

@@ -1792,6 +1864,14 @@ A ScheduledThreadPoolExecutor with zero core threads will never execute anything

+<h3><a name="DM_INVALID_MIN_MAX">Dm: Incorrect combination of Math.max and Math.min (DM_INVALID_MIN_MAX)</a></h3>

+ <p>This code tries to limit the value bounds using the construct like Math.min(0, Math.max(100, value)). However the order of

+ the constants is incorrect: it should be Math.min(100, Math.max(0, value)). As the result this code always produces the same result

+ (or NaN if the value is NaN).</p>

<h3><a name="EC_ARRAY_AND_NONARRAY">EC: equals() used to compare array and nonarray (EC_ARRAY_AND_NONARRAY)</a></h3>

@@ -1877,16 +1957,11 @@ the result of this comparison will always be false at runtime.

<p> This method calls equals(Object) on two references of different

-class types with no common subclasses.

-Therefore, the objects being compared

-are unlikely to be members of the same class at runtime

-(unless some application classes were not analyzed, or dynamic class

-loading can occur at runtime).

-According to the contract of equals(),

-objects of different

-classes should always compare as unequal; therefore, according to the

-contract defined by java.lang.Object.equals(Object),

-the result of this comparison will always be false at runtime.

+class types and analysis suggests they will be to objects of different classes

+at runtime. Further, examination of the equals methods that would be invoked suggest that either

+this call will always return false, or else the equals method is not be symmetric (which is

+a property required by the contract

+for equals in class Object).

</p>

@@ -2163,7 +2238,7 @@ This code converts a 32-bit int value to a 64-bit long value, and then

passes that value for a method parameter that requires an absolute time value.

An absolute time value is the number

of milliseconds since the standard base time known as "the epoch", namely January 1, 1970, 00:00:00 GMT.

-For example, the following method, intended to convert seconds since the epoc into a Date, is badly

+For example, the following method, intended to convert seconds since the epoch into a Date, is badly

broken:</p>

<pre>

Date getDate(int seconds) { return new Date(seconds * 1000); }

@@ -2305,10 +2380,10 @@ This comparison is vacuous and possibily to be incorrect.

</p>

-<h3><a name="INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE">INT: Bad comparison of nonnegative value with negative constant (INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE)</a></h3>

+<h3><a name="INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE">INT: Bad comparison of nonnegative value with negative constant or zero (INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE)</a></h3>

-<p> This code compares a value that is guaranteed to be non-negative with a negative constant.

+<p> This code compares a value that is guaranteed to be non-negative with a negative constant or zero.

</p>

@@ -2417,7 +2492,7 @@ something that should be closed.

</p>

<p>Note that a check such as

<code>if (x == null) throw new NullPointerException();</code>

- is treated as a dereference of <code>x</code>.

+ is treated as a dereference of <code>x</code>.</p>

<h3><a name="NP_GUARANTEED_DEREF_ON_EXCEPTION_PATH">NP: Value is null and guaranteed to be dereferenced on exception path (NP_GUARANTEED_DEREF_ON_EXCEPTION_PATH)</a></h3>

@@ -2432,32 +2507,32 @@ something that should be closed.

</p>

-<h3><a name="NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">NP: Nonnull field is not initialized (NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR)</a></h3>

+<h3><a name="NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">NP: Non-null field is not initialized (NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR)</a></h3>

- <p> The field is marked as nonnull, but isn't written to by the constructor.

+ <p> The field is marked as non-null, but isn't written to by the constructor.

The field might be initialized elsewhere during constructor, or might always

be initialized before use.

</p>

-<h3><a name="NP_NONNULL_PARAM_VIOLATION">NP: Method call passes null to a nonnull parameter (NP_NONNULL_PARAM_VIOLATION)</a></h3>

+<h3><a name="NP_NONNULL_PARAM_VIOLATION">NP: Method call passes null to a non-null parameter (NP_NONNULL_PARAM_VIOLATION)</a></h3>

<p>

This method passes a null value as the parameter of a method which

- must be nonnull. Either this parameter has been explicitly marked

+ must be non-null. Either this parameter has been explicitly marked

as @Nonnull, or analysis has determined that this parameter is

always dereferenced.

</p>

-<h3><a name="NP_NONNULL_RETURN_VIOLATION">NP: Method may return null, but is declared @NonNull (NP_NONNULL_RETURN_VIOLATION)</a></h3>

+<h3><a name="NP_NONNULL_RETURN_VIOLATION">NP: Method may return null, but is declared @Nonnull (NP_NONNULL_RETURN_VIOLATION)</a></h3>

<p>

This method may return a null value, but the method (or a superclass method

- which it overrides) is declared to return @NonNull.

+ which it overrides) is declared to return @Nonnull.

</p>

@@ -2495,44 +2570,54 @@ this may be a false warning.</p>

be an exception path, since the default case is often infeasible.</p>

-<h3><a name="NP_NULL_PARAM_DEREF">NP: Method call passes null for nonnull parameter (NP_NULL_PARAM_DEREF)</a></h3>

+<h3><a name="NP_NULL_PARAM_DEREF">NP: Method call passes null for non-null parameter (NP_NULL_PARAM_DEREF)</a></h3>

<p>

- This method call passes a null value for a nonnull method parameter.

+ This method call passes a null value for a non-null method parameter.

Either the parameter is annotated as a parameter that should

- always be nonnull, or analysis has shown that it will always be

+ always be non-null, or analysis has shown that it will always be

dereferenced.

</p>

-<h3><a name="NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS">NP: Method call passes null for nonnull parameter (NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS)</a></h3>

+<h3><a name="NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS">NP: Method call passes null for non-null parameter (NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS)</a></h3>

<p>

A possibly-null value is passed at a call site where all known

- target methods require the parameter to be nonnull.

+ target methods require the parameter to be non-null.

Either the parameter is annotated as a parameter that should

- always be nonnull, or analysis has shown that it will always be

+ always be non-null, or analysis has shown that it will always be

dereferenced.

</p>

-<h3><a name="NP_NULL_PARAM_DEREF_NONVIRTUAL">NP: Non-virtual method call passes null for nonnull parameter (NP_NULL_PARAM_DEREF_NONVIRTUAL)</a></h3>

+<h3><a name="NP_NULL_PARAM_DEREF_NONVIRTUAL">NP: Non-virtual method call passes null for non-null parameter (NP_NULL_PARAM_DEREF_NONVIRTUAL)</a></h3>

<p>

- A possibly-null value is passed to a nonnull method parameter.

+ A possibly-null value is passed to a non-null method parameter.

Either the parameter is annotated as a parameter that should

- always be nonnull, or analysis has shown that it will always be

+ always be non-null, or analysis has shown that it will always be

dereferenced.

</p>

-<h3><a name="NP_STORE_INTO_NONNULL_FIELD">NP: Store of null value into field annotated NonNull (NP_STORE_INTO_NONNULL_FIELD)</a></h3>

+<h3><a name="NP_OPTIONAL_RETURN_NULL">NP: Method with Optional return type returns explicit null (NP_OPTIONAL_RETURN_NULL)</a></h3>

+ <p>

+ The usage of Optional return type (java.util.Optional or com.google.common.base.Optiona)

+ always mean that explicit null returns were not desired by design.

+ Returning a null value in such case is a contract violation and will most likely break clients code.

+ </p>

+<h3><a name="NP_STORE_INTO_NONNULL_FIELD">NP: Store of null value into field annotated @Nonnull (NP_STORE_INTO_NONNULL_FIELD)</a></h3>

-<p> A value that could be null is stored into a field that has been annotated as NonNull. </p>

+<p> A value that could be null is stored into a field that has been annotated as @Nonnull. </p>

<h3><a name="NP_UNWRITTEN_FIELD">NP: Read of unwritten field (NP_UNWRITTEN_FIELD)</a></h3>

@@ -2573,7 +2658,7 @@ which is probably what was intended.</p>

<p> This regular method has the same name as the class it is defined in. It is likely that this was intended to be a constructor.

If it was intended to be a constructor, remove the declaration of a void return value.

- If you had accidently defined this method, realized the mistake, defined a proper constructor

+ If you had accidentally defined this method, realized the mistake, defined a proper constructor

but can't get rid of this method due to backwards compatibility, deprecate the method.

</p>

@@ -2624,6 +2709,30 @@ types are <code>Foo</code>'s from different packages.

</p>

+<h3><a name="RANGE_ARRAY_INDEX">RANGE: Array index is out of bounds (RANGE_ARRAY_INDEX)</a></h3>

+ <p> Array operation is performed, but array index is out of bounds, which will result in ArrayIndexOutOfBoundsException at runtime.</p>

+<h3><a name="RANGE_ARRAY_LENGTH">RANGE: Array length is out of bounds (RANGE_ARRAY_LENGTH)</a></h3>

+ <p> Method is called with array parameter and length parameter, but the length is out of bounds. This will result in IndexOutOfBoundsException at runtime. </p>

+<h3><a name="RANGE_ARRAY_OFFSET">RANGE: Array offset is out of bounds (RANGE_ARRAY_OFFSET)</a></h3>

+ <p> Method is called with array parameter and offset parameter, but the offset is out of bounds. This will result in IndexOutOfBoundsException at runtime. </p>

+<h3><a name="RANGE_STRING_INDEX">RANGE: String index is out of bounds (RANGE_STRING_INDEX)</a></h3>

+ <p> String method is called and specified string index is out of bounds. This will result in StringIndexOutOfBoundsException at runtime. </p>

<h3><a name="RC_REF_COMPARISON">RC: Suspicious reference comparison (RC_REF_COMPARISON)</a></h3>

@@ -3402,6 +3511,25 @@ bug detectors.</p>

This code can freely modify the contents of the array.</p>

+<h3><a name="MS_MUTABLE_COLLECTION">MS: Field is a mutable collection (MS_MUTABLE_COLLECTION)</a></h3>

+ <p>A mutable collection instance is assigned to a final static field,

+ thus can be changed by malicious code or by accident from another package.

+ Consider wrapping this field into Collections.unmodifiableSet/List/Map/etc.

+ to avoid this vulnerability.</p>

+<h3><a name="MS_MUTABLE_COLLECTION_PKGPROTECT">MS: Field is a mutable collection which should be package protected (MS_MUTABLE_COLLECTION_PKGPROTECT)</a></h3>

+ <p>A mutable collection instance is assigned to a final static field,

+ thus can be changed by malicious code or by accident from another package.

+ The field could be made package protected to avoid this vulnerability.

+ Alternatively you may wrap this field into Collections.unmodifiableSet/List/Map/etc.

+ to avoid this vulnerability.</p>

<h3><a name="MS_MUTABLE_HASHTABLE">MS: Field is a mutable Hashtable (MS_MUTABLE_HASHTABLE)</a></h3>

@@ -3478,6 +3606,17 @@ to the field, so doing so will require some refactoring.

>http://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html</a>.</p>

+<h3><a name="DC_PARTIALLY_CONSTRUCTED">DC: Possible exposure of partially initialized object (DC_PARTIALLY_CONSTRUCTED)</a></h3>

+ <p>Looks like this method uses lazy field initialization with double-checked locking.

+ While the field is correctly declared as volatile, it's possible that the internal structure of

+ the object is changed after the field assignment, thus another thread may see the partially initialized object.</p>

+ <p>To fix this problem consider storing the object into the local variable first

+ and save it to the volatile field only after it's fully constructed.

+ </p>

<h3><a name="DL_SYNCHRONIZATION_ON_BOOLEAN">DL: Synchronization on Boolean (DL_SYNCHRONIZATION_ON_BOOLEAN)</a></h3>

@@ -4080,6 +4219,19 @@ to immediately undo the work of the boxing.

(e.g., <code>new Double(d).intValue()</code>). Just perform direct primitive coercion (e.g., <code>(int) d</code>).</p>

+<h3><a name="BX_UNBOXED_AND_COERCED_FOR_TERNARY_OPERATOR">Bx: Primitive value is unboxed and coerced for ternary operator (BX_UNBOXED_AND_COERCED_FOR_TERNARY_OPERATOR)</a></h3>

+ <p>A wrapped primitive value is unboxed and converted to another primitive type as part of the

+evaluation of a conditional ternary operator (the <code> b ? e1 : e2</code> operator). The

+semantics of Java mandate that if <code>e1</code> and <code>e2</code> are wrapped

+numeric values, the values are unboxed and converted/coerced to their common type (e.g,

+if <code>e1</code> is of type <code>Integer</code>

+and <code>e2</code> is of type <code>Float</code>, then <code>e1</code> is unboxed,

+converted to a floating point value, and boxed. See JLS Section 15.25.

+</p>

<h3><a name="BX_UNBOXING_IMMEDIATELY_REBOXED">Bx: Boxed value is unboxed and then immediately reboxed (BX_UNBOXING_IMMEDIATELY_REBOXED)</a></h3>

@@ -4087,6 +4239,14 @@ to immediately undo the work of the boxing.

</p>

+<h3><a name="DM_BOXED_PRIMITIVE_FOR_COMPARE">Bx: Boxing a primitive to compare (DM_BOXED_PRIMITIVE_FOR_COMPARE)</a></h3>

+ <p>A boxed primitive is created just to call compareTo method. It's more efficient to use static compare method

+ (for double and float since Java 1.4, for other primitive types since Java 1.7) which works on primitives directly.

+ </p>

<h3><a name="DM_BOXED_PRIMITIVE_FOR_PARSING">Bx: Boxing/unboxing to parse a primitive (DM_BOXED_PRIMITIVE_FOR_PARSING)</a></h3>

@@ -4244,6 +4404,54 @@ that classfile. See <a href="http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=

</p>

+<h3><a name="IIL_ELEMENTS_GET_LENGTH_IN_LOOP">IIL: NodeList.getLength() called in a loop (IIL_ELEMENTS_GET_LENGTH_IN_LOOP)</a></h3>

+<p> The method calls NodeList.getLength() inside the loop and NodeList was produced by getElementsByTagName call.

+This NodeList doesn't store its length, but computes it every time in not very optimal way.

+Consider storing the length to the variable before the loop.

+</p>

+<h3><a name="IIL_PATTERN_COMPILE_IN_LOOP">IIL: Method calls Pattern.compile in a loop (IIL_PATTERN_COMPILE_IN_LOOP)</a></h3>

+<p> The method calls Pattern.compile inside the loop passing the constant arguments.

+If the Pattern should be used several times there's no reason to compile it for each loop iteration.

+Move this call outside of the loop or even into static final field.</p>

+<h3><a name="IIL_PATTERN_COMPILE_IN_LOOP_INDIRECT">IIL: Method compiles the regular expression in a loop (IIL_PATTERN_COMPILE_IN_LOOP_INDIRECT)</a></h3>

+<p> The method creates the same regular expression inside the loop, so it will be compiled every iteration.

+It would be more optimal to precompile this regular expression using Pattern.compile outside of the loop.</p>

+<h3><a name="IIL_PREPARE_STATEMENT_IN_LOOP">IIL: Method calls prepareStatement in a loop (IIL_PREPARE_STATEMENT_IN_LOOP)</a></h3>

+<p> The method calls Connection.prepareStatement inside the loop passing the constant arguments.

+If the PreparedStatement should be executed several times there's no reason to recreate it for each loop iteration.

+Move this call outside of the loop.</p>

+<h3><a name="IIO_INEFFICIENT_INDEX_OF">IIO: Inefficient use of String.indexOf(String) (IIO_INEFFICIENT_INDEX_OF)</a></h3>

+<p> This code passes a constant string of length 1 to String.indexOf().

+It is more efficient to use the integer implementations of String.indexOf().

+f. e. call <code>myString.indexOf('.')</code> instead of <code>myString.indexOf(".")</code></p>

+<h3><a name="IIO_INEFFICIENT_LAST_INDEX_OF">IIO: Inefficient use of String.lastIndexOf(String) (IIO_INEFFICIENT_LAST_INDEX_OF)</a></h3>

+<p> This code passes a constant string of length 1 to String.lastIndexOf().

+It is more efficient to use the integer implementations of String.lastIndexOf().

+f. e. call <code>myString.lastIndexOf('.')</code> instead of <code>myString.lastIndexOf(".")</code></p>

<h3><a name="IMA_INEFFICIENT_MEMBER_ACCESS">IMA: Method accesses a private member variable of owning class (IMA_INEFFICIENT_MEMBER_ACCESS)</a></h3>

@@ -4531,10 +4739,10 @@ consider using a commercial static analysis or pen-testing tool.

-<h3><a name="SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE">SQL: Nonconstant string passed to execute method on an SQL statement (SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE)</a></h3>

+<h3><a name="SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE">SQL: Nonconstant string passed to execute or addBatch method on an SQL statement (SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE)</a></h3>

- <p>The method invokes the execute method on an SQL statement with a String that seems

+ <p>The method invokes the execute or addBatch method on an SQL statement with a String that seems

to be dynamically generated. Consider using

a prepared statement instead. It is more efficient and less vulnerable to

SQL injection attacks.

@@ -4661,6 +4869,39 @@ a signed and unsigned right shift (depending upon the size of the shift).

</p>

+<h3><a name="CAA_COVARIANT_ARRAY_FIELD">CAA: Covariant array assignment to a field (CAA_COVARIANT_ARRAY_FIELD)</a></h3>

+<p>Array of covariant type is assigned to a field. This is confusing and may lead to ArrayStoreException at runtime

+if the reference of some other type will be stored in this array later like in the following code:

+</p>

+<p><code>Number[] arr = new Integer[10];

+arr[0] = 1.0;

+</code></p>

+<p>Consider changing the type of created array or the field type.</p>

+<h3><a name="CAA_COVARIANT_ARRAY_LOCAL">CAA: Covariant array assignment to a local variable (CAA_COVARIANT_ARRAY_LOCAL)</a></h3>

+<p>Array of covariant type is assigned to a local variable. This is confusing and may lead to ArrayStoreException at runtime

+if the reference of some other type will be stored in this array later like in the following code:

+</p>

+<p><code>Number[] arr = new Integer[10];

+arr[0] = 1.0;

+</code></p>

+<p>Consider changing the type of created array or the local variable type.</p>

+<h3><a name="CAA_COVARIANT_ARRAY_RETURN">CAA: Covariant array is returned from the method (CAA_COVARIANT_ARRAY_RETURN)</a></h3>

+<p>Array of covariant type is returned from the method. This is confusing and may lead to ArrayStoreException at runtime

+if the calling code will try to store the reference of some other type in the returned array.

+</p>

+<p>Consider changing the type of created array or the method return type.</p>

<h3><a name="CD_CIRCULAR_DEPENDENCY">CD: Test for circular dependencies among classes (CD_CIRCULAR_DEPENDENCY)</a></h3>

@@ -4832,7 +5073,7 @@ this code, but it is worth reviewing.

<p>

An argument not of type Boolean is being formatted with a %b format specifier. This won't throw an

-exception; instead, it will print true for any nonnull value, and false for null.

+exception; instead, it will print true for any non-null value, and false for null.

This feature of format strings is strange, and may not be what you intended.

</p>

@@ -4840,12 +5081,12 @@ This feature of format strings is strange, and may not be what you intended.

<h3><a name="IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD">IA: Potentially ambiguous invocation of either an inherited or outer method (IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD)</a></h3>

- <p>

-An inner class is invoking a method that could be resolved to either a inherited method or a method defined in an outer class.

+ <p>

+An inner class is invoking a method that could be resolved to either a inherited method or a method defined in an outer class.

For example, you invoke <code>foo(17)</code>, which is defined in both a superclass and in an outer method.

By the Java semantics,

it will be resolved to invoke the inherited method, but this may not be want

-you intend.

+you intend.

</p>

<p>If you really intend to invoke the inherited method,

invoke it by invoking the method on super (e.g., invoke super.foo(17)), and

@@ -4853,7 +5094,7 @@ thus it will be clear to other readers of your code and to FindBugs

that you want to invoke the inherited method, not the method in the outer class.

</p>

<p>If you call <code>this.foo(17)</code>, then the inherited method will be invoked. However, since FindBugs only looks at

-classfiles, it

+classfiles, it

can't tell the difference between an invocation of <code>this.foo(17)</code> and <code>foo(17)</code>, it will still

complain about a potential ambiguous invocation.

</p>

@@ -5014,7 +5255,7 @@ to read, readLine() will return null and dereferencing that will generate a null

<p> The variable referenced at this point is known to be null due to an earlier

check against null. Although this is valid, it might be a mistake (perhaps you

intended to refer to a different variable, or perhaps the earlier check to see if the

-variable is null should have been a check to see if it was nonnull).

+variable is null should have been a check to see if it was non-null).

</p>

@@ -5022,17 +5263,17 @@ variable is null should have been a check to see if it was nonnull).

<p>

A method should always implement the contract of a method it overrides. Thus, if a method takes a parameter

- that is marked as @Nullable, you shouldn't override that method in a subclass with a method where that parameter is @Nonnull.

- Doing so violates the contract that the method should handle a null parameter.

+ that is marked as @Nullable, you shouldn't override that method in a subclass with a method where that parameter is @Nonnull.

+ Doing so violates the contract that the method should handle a null parameter.

</p>

<h3><a name="NP_METHOD_RETURN_RELAXING_ANNOTATION">NP: Method relaxes nullness annotation on return value (NP_METHOD_RETURN_RELAXING_ANNOTATION)</a></h3>

<p>

A method should always implement the contract of a method it overrides. Thus, if a method takes is annotated

- as returning a @Nonnull value,

- you shouldn't override that method in a subclass with a method annotated as returning a @Nullable or @CheckForNull value.

- Doing so violates the contract that the method shouldn't return null.

+ as returning a @Nonnull value,

+ you shouldn't override that method in a subclass with a method annotated as returning a @Nullable or @CheckForNull value.

+ Doing so violates the contract that the method shouldn't return null.

</p>

<h3><a name="NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE">NP: Possible null pointer dereference due to return value of called method (NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE)</a></h3>

@@ -5057,10 +5298,10 @@ this is a definite possibility.

</p>

-<h3><a name="NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE">NP: Parameter must be nonnull but is marked as nullable (NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE)</a></h3>

+<h3><a name="NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE">NP: Parameter must be non-null but is marked as nullable (NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE)</a></h3>

-<p> This parameter is always used in a way that requires it to be nonnull,

+<p> This parameter is always used in a way that requires it to be non-null,

but the parameter is explicitly annotated as being Nullable. Either the use

of the parameter or the annotation is wrong.

</p>

@@ -5224,7 +5465,7 @@ the constant null.</p>

the String.</p>

-<h3><a name="RV_DONT_JUST_NULL_CHECK_READLINE">RV: Method discards result of readLine after checking if it is nonnull (RV_DONT_JUST_NULL_CHECK_READLINE)</a></h3>

+<h3><a name="RV_DONT_JUST_NULL_CHECK_READLINE">RV: Method discards result of readLine after checking if it is non-null (RV_DONT_JUST_NULL_CHECK_READLINE)</a></h3>

<p> The value returned by readLine is discarded after checking to see if the return

@@ -5279,6 +5520,23 @@ is important or acceptable.

</p>

+<h3><a name="RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT">RV: Return value of method without side effect is ignored (RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT)</a></h3>

+<p>This code calls a method and ignores the return value. However our analysis shows that

+the method (including its implementations in subclasses if any) does not produce any effect

+other than return value. Thus this call can be removed.

+</p>

+<p>We are trying to reduce the false positives as much as possible, but in some cases this warning might be wrong.

+Common false-positive cases include:</p>

+<p>- The method is designed to be overridden and produce a side effect in other projects which are out of the scope of the analysis.</p>

+<p>- The method is called to trigger the class loading which may have a side effect.</p>

+<p>- The method is called just to get some exception.</p>

+<p>If you feel that our assumption is incorrect, you can use a @CheckReturnValue annotation

+to instruct FindBugs that ignoring the return value of this method is acceptable.

+</p>

<h3><a name="SA_FIELD_DOUBLE_ASSIGNMENT">SA: Double assignment of field (SA_FIELD_DOUBLE_ASSIGNMENT)</a></h3>

@@ -5335,7 +5593,8 @@ Such assignments are useless, and may indicate a logic error or typo.

<p> This method contains a switch statement where default case is missing.

Usually you need to provide a default case.</p>

<p>Because the analysis only looks at the generated bytecode, this warning can be incorrect triggered if

-the default case is at the end of the switch statement and doesn't end with a break statement.

+the default case is at the end of the switch statement and the switch statement doesn't contain break statements for other

+cases.

<h3><a name="ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD">ST: Write to static field from instance method (ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD)</a></h3>

@@ -5385,6 +5644,51 @@ it may indicate a misunderstanding of how serialization works.

</p>

+<h3><a name="UC_USELESS_CONDITION">UC: Condition has no effect (UC_USELESS_CONDITION)</a></h3>

+<p>This condition always produces the same result as the value of the involved variable was narrowed before.

+Probably something else was meant or condition can be removed.</p>

+<h3><a name="UC_USELESS_CONDITION_TYPE">UC: Condition has no effect due to the variable type (UC_USELESS_CONDITION_TYPE)</a></h3>

+<p>This condition always produces the same result due to the type range of the involved variable.

+Probably something else was meant or condition can be removed.</p>

+<h3><a name="UC_USELESS_OBJECT">UC: Useless object created (UC_USELESS_OBJECT)</a></h3>

+<p>Our analysis shows that this object is useless.

+It's created and modified, but its value never go outside of the method or produce any side-effect.

+Either there is a mistake and object was intended to be used or it can be removed.</p>

+<p>This analysis rarely produces false-positives. Common false-positive cases include:</p>

+<p>- This object used to implicitly throw some obscure exception.</p>

+<p>- This object used as a stub to generalize the code.</p>

+<p>- This object used to hold strong references to weak/soft-referenced objects.</p>

+<h3><a name="UC_USELESS_OBJECT_STACK">UC: Useless object created on stack (UC_USELESS_OBJECT_STACK)</a></h3>

+<p>This object is created just to perform some modifications which don't have any side-effect.

+Probably something else was meant or the object can be removed.</p>

+<h3><a name="UC_USELESS_VOID_METHOD">UC: Useless non-empty void method (UC_USELESS_VOID_METHOD)</a></h3>

+<p>Our analysis shows that this non-empty void method does not actually perform any useful work.

+Please check it: probably there's a mistake in its code or its body can be fully removed.

+</p>

+<p>We are trying to reduce the false positives as much as possible, but in some cases this warning might be wrong.

+Common false-positive cases include:</p>

+<p>- The method is intended to trigger loading of some class which may have a side effect.</p>

+<p>- The method is intended to implicitly throw some obscure exception.</p>

<h3><a name="UCF_USELESS_CONTROL_FLOW">UCF: Useless control flow (UCF_USELESS_CONTROL_FLOW)</a></h3>

@@ -5495,6 +5799,6 @@ document.write( "Last updated "+ document.lastModified + "." );

</script>

<p> Send comments to <a class="sidebar" href="mailto:findbugs@cs.umd.edu">findbugs@cs.umd.edu</a>

<p>

-<A href="http://sourceforge.net"><IMG src="http://sourceforge.net/sflogo.php?group_id=96405&type=5" width="210" height="62" border="0" alt="SourceForge.net Logo" /></A>

+<a href="http://sourceforge.net/projects/findbugs/"><img src="http://sourceforge.net/sflogo.php?group_id=96405&type=5" width="210" height="62" border="0" alt="FindBugs on SourceForge.net" /></a>

</td></tr></table>

</body></html>

« README.chromium ('K') | « doc/FAQ.html ('k') | doc/bugDescriptions.html » ('j') | no next file with comments »