java:S5778 detects false runtime exception

reitzmichnicht · March 19, 2021, 9:19am

We are using Sonarqube 8.7.

The following code detects runtime exceptions in Collections.emptyList()

The match in the constructor itself is correct as it throws a runtime exception, but the 2 matches with Collections.emptyList() are wrong, because also the cast inside can not fail in my oppinion.

Kind regards,
Michael

Colin · March 23, 2021, 10:38am

Hey @reitzmichnicht

Your report is a bit light in information. Can I suggest you look at the following post, and add more details?

reitzmichnicht · March 23, 2021, 12:14pm

I hope its obvious, here is some code example:

  // given
  public FooService(List<String> a, List<String> b) {
    Objects.requireNonNull(a, "a must not be null");
    Objects.requireNonNull(b, "b must not be null");
    if (a.isEmpty() && b.isEmpty()) {
      throw new IllegalArgumentException();
    }
  }

  // then this should not fail in java:S5778
  assertThatThrownBy(() -> new FooService(Collections.emptyList(), Collections.emptyList())).isInstanceOf(IllegalArgumentException.class);

So from my understanding Sonar thinks that Collections.emptyList() can throw an exception, I think it can not.

Kind regards,
Michael

Quentin · April 12, 2021, 10:00am

Hello @reitzmichnicht

The problem with this assertion is that it is not clear at first glance which method call/new class is supposed to throw the expected Runtime Exception. Even if I can guess that Collections.emptyList() is not throwing any Exception and that it should be the class creation, I had to manually check emptyList() code to be 100% sure about it.

That’s exactly the spirit of the rule: we want to avoid guesses and manual verifications in tests.

That being said, I understand your concern, there are indeed situations where it could seem superfluous. If you strongly believe the code is fine as it is, you can mark it as “Won’t fix”.

Hope it clarifies the situation.
Quentin

reitzmichnicht · April 12, 2021, 12:53pm

That clarifies it.
I had the assumption that the rule really analyzes if multiple exceptions can occur, but then it’s more related to readability.
Maybe it makes sense to whitelist some methods that can be used safely.

Kind regardsm
Michael

system · April 19, 2021, 12:53pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
[java:S1450] Assigned in one method, read on the other Report False-positive / False-negative... java , sonarqube , sonarqube-ide	3	860	June 9, 2022
When it comes to cross-file method invocation, false positives may occur Report False-positive / False-negative... java	3	27	September 6, 2024
NullPointerException could be thrown false positive Report False-positive / False-negative...	2	457	July 10, 2023
java:S3516 Error detection Report False-positive / False-negative...	4	1830	February 27, 2023
False positive java:S2259: NullpointerException Report False-positive / False-negative... sonarqube , false-positive	1	852	September 20, 2022

java:S5778 detects false runtime exception

Related topics