Dead Code
Detects unreachable code paths and unused internal functions that increase bytecode size and may indicate logic errors.
Dead Code
Overview
The dead code detector identifies unreachable basic blocks, unused internal functions, and code paths that can never be executed due to constant conditions. Dead code inflates bytecode size, increases deployment gas costs, and may indicate copy-paste errors or incomplete refactoring where logic was intended to be active.
Why This Is an Issue
While dead code is not directly exploitable, it:
- Wastes deployment gas (each byte costs 200 gas to deploy)
- May indicate logic errors where the developer intended the code to execute
- Increases audit surface unnecessarily
- Can push contracts toward the 24KB bytecode size limit (EIP-170)
Examples
Sample Sigvex Output
{
"detector_id": "dead-code",
"severity": "low",
"confidence": 0.92,
"description": "Internal function at offset 0x4c2 is never called from any reachable code path. 156 bytes of unreachable bytecode can be removed.",
"location": { "function": "unused_internal_function", "offset": 1218 }
}Detection Methodology
- CFG reachability: Builds the control-flow graph from all external entry points and marks reachable blocks.
- Unreachable block identification: Reports blocks not reachable from any entry point.
- Constant condition analysis: Identifies
JUMPIinstructions where the condition is always true or always false.
Limitations
- Code reachable only via
DELEGATECALLfrom another contract appears dead but may be intentionally used. - Fallback/receive functions and selfdestruct targets may be reached through non-standard paths.
Related Detectors
- Unused Variables — unused state variables
- Bytecode Size Limit — size limit issues
- Gas Optimization — gas savings opportunities