SonarSource Rules
  • Products

    In-IDE

    Code Quality and Security in your IDE with SonarQube Ide

    IDE extension that lets you fix coding issues before they exist!

    Discover SonarQube for IDE

    SaaS

    Code Quality and Security in the cloud with SonarQube Cloud

    Setup is effortless and analysis is automatic for most languages

    Discover SonarQube Cloud

    Self-Hosted

    Code Quality and Security Self-Hosted with SonarQube Server

    Fast, accurate analysis; enterprise scalability

    Discover SonarQube Server
  • SecretsSecrets
  • ABAPABAP
  • AnsibleAnsible
  • ApexApex
  • AzureResourceManagerAzureResourceManager
  • CC
  • C#C#
  • C++C++
  • CloudFormationCloudFormation
  • COBOLCOBOL
  • CSSCSS
  • DartDart
  • DockerDocker
  • FlexFlex
  • GitHub ActionsGitHub Actions
  • GoGo
  • HTMLHTML
  • JavaJava
  • JavaScriptJavaScript
  • JSONJSON
  • JCLJCL
  • KotlinKotlin
  • KubernetesKubernetes
  • Objective CObjective C
  • PHPPHP
  • PL/IPL/I
  • PL/SQLPL/SQL
  • PythonPython
  • RPGRPG
  • RubyRuby
  • RustRust
  • ScalaScala
  • SwiftSwift
  • TerraformTerraform
  • TextText
  • TypeScriptTypeScript
  • T-SQLT-SQL
  • VB.NETVB.NET
  • VB6VB6
  • XMLXML
  • YAMLYAML
C#

C# static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C# code

  • All rules 493
  • Vulnerability46
  • Bug88
  • Security Hotspot24
  • Code Smell335

  • Quick Fix 61
Filtered: 8 rules found
async-await
    Impact
      Clean code attribute
        1. Awaitable method should be used

           Code Smell
        2. Calls to "async" methods should not be blocking in Azure Functions

           Code Smell
        3. "ValueTask" should be consumed correctly

           Code Smell
        4. Non-async "Task/Task<T>" methods should not return null

           Bug
        5. Calls to "async" methods should not be blocking

           Code Smell
        6. Parameter validation in "async"/"await" methods should be wrapped

           Code Smell
        7. "ConfigureAwait(false)" should be used

           Code Smell
        8. "async" methods should not return "void"

           Bug

        Calls to "async" methods should not be blocking

        intentionality - logical
        maintainability
        Code Smell
        • async-await
        • deadlock

        Why is this an issue?

        More Info

        Making blocking calls to async methods transforms code that was intended to be asynchronous into a blocking operation. Doing so can cause deadlocks and unexpected blocking of context threads.

        According to the MSDN documentation:

        The root cause of this deadlock is due to the way await handles contexts. By default, when an incomplete Task is awaited, the current “context” is captured and used to resume the method when the Task completes. This “context” is the current SynchronizationContext unless it’s null, in which case it’s the current TaskScheduler. GUI and ASP.NET applications have a SynchronizationContext that permits only one chunk of code to run at a time. When the await completes, it attempts to execute the remainder of the async method within the captured context. But that context already has a thread in it, which is (synchronously) waiting for the async method to complete. They’re each waiting for the other, causing a deadlock.

        To Do This … Instead of This … Use This

        Retrieve the result of a background task

        Task.Wait, Task.Result or Task.GetAwaiter.GetResult

        await

        Wait for any task to complete

        Task.WaitAny

        await Task.WhenAny

        Retrieve the results of multiple tasks

        Task.WaitAll

        await Task.WhenAll

        Wait a period of time

        Thread.Sleep

        await Task.Delay

        Noncompliant code example

        public static class DeadlockDemo
        {
            private static async Task DelayAsync()
            {
                await Task.Delay(1000);
            }
        
            // This method causes a deadlock when called in a GUI or ASP.NET context.
            public static void Test()
            {
                // Start the delay.
                var delayTask = DelayAsync();
                // Wait for the delay to complete.
                delayTask.Wait(); // Noncompliant
            }
        }
        

        Compliant solution

        public static class DeadlockDemo
        {
            private static async Task DelayAsync()
            {
                await Task.Delay(1000);
            }
        
            public static async Task TestAsync()
            {
                // Start the delay.
                var delayTask = DelayAsync();
                // Wait for the delay to complete.
                await delayTask;
            }
        }
        

        Exceptions

        • Main methods of Console Applications are not subject to this deadlock issue and so are ignored by this rule.
        • Thread.Sleep is also ignored when it is used in a non-async method.
        • Calls chained after Task.Run or Task.Factory.StartNew are ignored because they don’t suffer from this deadlock issue
          Available In:
        • SonarQube IdeCatch issues on the fly,
          in your IDE
        • SonarQube CloudDetect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories
        • SonarQube Community BuildAnalyze code in your
          on-premise CI
          Available Since
          9.1
        • SonarQube ServerAnalyze code in your
          on-premise CI
          Developer Edition
          Available Since
          9.1

        © 2008-2025 SonarSource SA. All rights reserved.

        Privacy Policy | Cookie Policy | Terms of Use