Bug not detected RSPEC-2183

engmscyorku · July 18, 2025, 7:03am

Hi Sonarqube Team,

The code below seems to contain the bug described in RSPEC-2183, however, the bug was not being detected during the scan. Any thoughts?

class BitShiftExample {
    public int showBugInt(int value, int shiftBy) {
        int result = value << shiftBy;more than their number of bits-1
        return result;
    }
    public long showBugLong(long value, int shiftBy) {
        long result = value << shiftBy; 
        return result;
    }
    public static void main(String[] args) {
        BitShiftExample example = new BitShiftExample();
        
        int intResult = example.showBugInt(1, 32); 
        System.out.println("Int shift result (1 << 32): " + intResult);
        long longResult = example.showBugLong(1L, 64); 
        System.out.println("Long shift result (1 << 64): " + longResult);
    }
}

Sonarqube version 25.5
Lang: Java
SonarScanner version: 5.0.1.3006

Screenshot of code scan results

Leonardo_Pilastri · October 27, 2025, 1:47pm

Hello, thanks for the multiple reports.

I have created this ticket to group them up and keep track of them. We will investigate them as soon as we have the capacity for it!

Have a good day

Topic		Replies	Views
csharpsquid:S2183 - Bit shifting - False positive and wrong explanation SonarQube Server / Community Build csharp , sonarqube	1	564	October 22, 2018
java:S2127 "Double.longBitsToDouble" should not be used for "int" Report False-positive / False-negative... java	2	415	August 2, 2021
Incorrect bug help link Report False-positive / False-negative... sonarqube , cfamily , rules	2	433	April 19, 2022
Sonar interprets fine condition as gratuitous Eclipse java , eclipse	1	411	November 21, 2019
A false negative for RSPEC-2164 document case Report False-positive / False-negative... java , sonarqube , scanner	3	536	April 28, 2022

Bug not detected RSPEC-2183

Related topics