FP java:S2259 Nullable & generic type parameters

oldboy70 · March 12, 2026, 4:06pm

Rule S2259 reports one false positive issue about potential NullPointerExceptions for the the following code:

import org.checkerframework.checker.nullness.qual.NonNull;
import org.checkerframework.checker.nullness.qual.Nullable;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.function.BiFunction;

public class S2259NullableGenericTypeParameters {

    public static <LE, RE, PE, L extends Collection<LE>, R extends Collection<RE>> List<PE> s2259(
        final @NonNull L left,
        final @NonNull R right,
        final @NonNull BiFunction<@Nullable LE, @Nullable RE, PE> combiner
    ) {
        final Iterator<LE> leftIterator = left.iterator();
        final Iterator<RE> rightIterator = right.iterator();
        final List<PE> results = new ArrayList<>();
        results.add(combiner.apply(leftIterator.next(), rightIterator.next())); // SonarQube: A "NullPointerException" could be thrown; "combiner" is nullable here.
        return results;
    }

}

Null pointers should not be dereferenced java:S2259
SonarQube Community Build v24.12.0.100206
Java Code

Since combiner is annotated with @NonNull, it will never be null. Based on this assumption, I removed the @Nullable annotations from the two generic type parameters LE and RE, and SonarQube no longer reports any issues.

Marino

ganncamp · March 13, 2026, 6:12pm

Hi Marino,

Welcome to the community!

In SonarQube Cloud and current versions of SonarQube Server, that rule has been moved to javabugs:S2259 and its performance improved. No further work is anticipated on the version of java:S2259 that remains in SonarQube Community Build.

Please let us know if you still see this once you upgrade.

Thx,
Ann

oldboy70 · March 16, 2026, 3:39pm

Hi Ann,

do you suggest we need to upgrade the Community Build to the Server version?

Thx,
Marino

ganncamp · March 16, 2026, 3:41pm

Hi Marino,

At the risk of sounding like a corporate shill, yes. You’ll get more/better rules including taint analysis, and extended functionality such as PR analysis and decoration.

Ann

oldboy70 · March 16, 2026, 3:56pm

Hi Ann,

Unfortunately, we don’t have widespread usage at the moment to justify an upgrade, but we hope for the near future.

Many thanks,
Marino

Topic		Replies	Views
False positive on java:S2259 with @Nullable generics parameter IntelliJ Platform java , sonarqube , intellij , sonarqube-ide , sonarqube-cloud	1	115	December 23, 2024
False positives for java:S2259 (NullPointerException) when nullness annotations are used SonarQube Cloud java , false-positive , bump	3	105	July 18, 2025
S2637 FP When using NonNull annotations in genrics (Java) Report False-positive / False-negative... java , bump	9	190	February 3, 2025
javabugs:S6555 gets confused by passing NonNull argument to Nullable function Report False-positive / False-negative... java , sonarqube	1	60	April 7, 2025
FP java:S2259 reports possible NPE for unboxing a Boolean that is not null Report False-positive / False-negative... java , false-positive	11	131	November 10, 2025

FP java:S2259 Nullable & generic type parameters

Related topics