C++ Analyzer: “Unable to find file” for CMake-generated headers even though they exist (SonarScanner

SonarQube Server / Community Build
,
1

Versions used

  • SonarQube Server: Enterprise Edition v2025.1
  • SonarScanner CLI: 7.3
  • C++ / CFamily Analyzer: bundled with SonarQube Enterprise
  • Deployment method: Docker

Problem description

During analysis, the C++ analyzer reports warnings like:

WARN:
The analyzer was not able to find file
  <generated_header_directory>/GeneratedHeader.h
  included from file <source_directory>/SomeHeader.h

However:

  • The generated header exists on disk before running sonar-scanner.
  • The file path is correctly present in compile_commands.json.
  • The project compiles successfully with no missing includes.
  • Multiple generated headers trigger similar warnings.

Commands used

build-wrapper-linux-x86-64 --out-dir .sq \
    cmake --build <build-directory>  --target <target-name>

sonar-scanner \
    -Dsonar.pullrequest.key=$MR_IID \
    -Dsonar.pullrequest.branch=$SOURCE_BRANCH \
    -Dsonar.pullrequest.base=$DEST_BRANCH \
    -Dproject.settings=./sonar-project.properties

What I have tried so far

  • Confirmed that the generated files exist before the scanner runs.
  • Verified the paths appear correctly in compile_commands.json.
  • Checked that the include paths used during compilation are correct.
  • Rebuilt the project with/without parallel build flags.
  • Verified the build-wrapper output directory contains all compilation commands.
3

Hi @robin12, and welcome to the community!

Could you confirm that both the build and sonar-scanner run in the same environment, and that there is no form of containerization or sandboxing that applies to one without the other?

If you confirm that, I would need to take a closer look at the sonar-cfamily-reproducer.tar.xz file that is generated by the scanner after the analysis. The full path to this file is printed later in the same warning. It would be nice if you could also share the full path of the header file that was missed by the analyzer as it exists on your machine.

I am starting a private thread with you in case you would prefer to share this information privately.

Best regards,
Michael

4

Hi Michael,
Thanks for looking into this.

For now, they are running inside the same container, but we would like to separate them in the pipeline, meaning pass the buildwrapper output to the next container, produce the autogenerated source files and then run the scanner. If that’s possible.

Best Regards,
Robin Kendrick

5

A discussion is ongoing privately with the user to track down the problem. Thanks @robin12 for the feedback.