Rule java:S1850 complains when an instanceOf always is true (or false). It’s called a bug presumably on the general principle that pointless code indicates buggy code (faulty copy-paste or making wrong assumptions).
One of our devs pointed out for some of the issues flagged that instanceOf can still be false if the left operand is null, even when its type nominally matches the right operator. (In these cases the left operand comes from calling a getter in another class, and he feels the field returned by the getter COULD be null.)
So I’m wondering: does SQ actually try to analyze the code for the class being called, to determine if a null is possible? Or is SQ merely saying, “just use a proper null check here, OK?”
No the code of the class being called is not analyzed by the rule S1850. This rule S1850 has been deprecated, then dropped. But the logic was here, just checking if the expression already has the given type.
Rule S1850 has been replaced with S2589 which uses symbolic execution analysis and better support of null check requirements.