Why do you believe it’s a false-positive/false-negative? The rule detects a method to return the same value, while the method returns clearly different values for different code paths.
Are you using
SonarLint - which IDE/version? SonarLint 10.0.1.77000 for IntelliJ
How can we reproduce the problem? Give us a self-contained snippet of code (formatted text, no screenshots)
@Slf4j
class Foo {
private static void confuse() {
log.info("a message");
}
String bar() {
if (new Random().nextInt() > 1) {
return null; // FP
}
confuse(); // this is necessary to raise the FP
return "something"; // FP
}
}
Thank you @bduderstadt for reporting this false positive.
The SONARJAVA-4699 has been created to investigate the issue and, eventually fix it.
The rule S3516 is implemented on top of the symbolic execution engine which is not actively maintained and soon may be replaced by the dataflow bug detection engine. This means that the investigation and fix may never happen in the sonar-java plugin, but it may be available in the future from a different plugin. The reference to the rule will not change, so it will be transparent to the users.