SonarQube Version 6.7.1
Java 1.8
For below Code sonar raise bug:
A “NullPointerException” could be thrown; “testObject” is nullable here.
But we are checking non null condition in if clause.
if (Objects.nonNull(testObject)) {
testObject.getId();
}
If we change if clause
if(testObject != null)
then sonarqube will not show this issue.
Hello @Deepak_Gusain,
I did not manage to reproduce your false positive with the current version of SonarJava.
Since your version is probably quite old (this test is 4 years old!), you should consider updating SonarJava!
Best,
Quentin
Hi this happens also with the latest version of SonarQube 7.9.1
In order to help you, can you provide a complete reproducer causing the issue?
I still don’t see any wrong behavior with the example given.
here with the same problem. And Env info as following:
# scanner
INFO: SonarQube Scanner 4.2.0.1873
INFO: Java 1.8.0_231 Oracle Corporation (64-bit)
INFO: Linux 4.19.2-1.el7.elrepo.x86_64 amd64
#sonarQube:
Community EditionVersion 7.6 (build 21501)
the complaint one:
If use executionChain != null method, there isn’t any complaint anymore.
this is the demo code snippets:
public Object doServiceImplPointAround(ProceedingJoinPoint joinPoint) throws Throwable {
Throwable t = null;
Object object = null;
Object[] paramValues = null;
MethodSignature methodSignature = null;
AdviceHandlerExecutionChain executionChain = null;
try {
object = joinPoint.getTarget();
methodSignature = (MethodSignature) joinPoint.getSignature();
Method method = methodSignature.getMethod();
paramValues = joinPoint.getArgs();
RequestAdvice requestAdvice = method.getAnnotation(RequestAdvice.class);
executionChain = buildAdviceHandlerExecutionChain(requestAdvice);
boolean res = executionChain.applyPreHandle(object, paramValues);
if (res) {
Object result = joinPoint.proceed();
executionChain.applyPostHandle(joinPoint.getTarget(), paramValues);
return result;
}
return null;
} catch (Throwable t1) {
t = t1;
throw t1;
} finally {
if (executionChain != null) {
executionChain.triggerAfterCompletion(object, paramValues, t);
}
}
}
with the same environment, the following code snippets didn’t raise any complaint.
public class NonNull {
public void testObjectsMethods(Object b) {
if(Objects.nonNull(b)) {
b.toString();
}else {
System.out.println("b is null");
}
}
public void testObjectsMethod2(Object b) {
if(b != null) {
b.toString();
}else {
System.out.println("b is null");
}
}
public Object testWithTryCatch(Object o) throws Exception{
Object some = null;
try {
if(Objects.nonNull(o)) {
some = o;
}
}catch (Exception e) {
throw e;
}finally {
if(Objects.nonNull(some)) {
some.toString();
}
}
return some;
}
}
Why the first code snippets raise a complaint?
Hello,
Thanks for taking the time to report this issue and provide a reproducer.
However, I’m afraid I don’t see any quick explanation to your problem, the answer is the same as the one from the original post, SonarQube 7.6 is already past EOL. You might try upgrading to 7.9.3, the current LTS, or 8.3, the most recent version.
The Java analyzer has been heavily changed between 7.6 and 8.3, and could definitely resolve the problem you are facing here.
Best,
Quentin