DivisionByZeroCheck error with += and switch expression


I see the error below when analyzing a Java 17 project with SonarQube 9.8:

[ERROR] Unable to run check class org.sonar.java.se.SymbolicExecutionVisitor -  on file '***', To help improve the SonarSource Java Analyzer, please report this problem to SonarSource: see https://community.sonarsource.com/
java.lang.IndexOutOfBoundsException: Index 1 out of bounds for length 1
	at java.base/jdk.internal.util.Preconditions.outOfBounds(Preconditions.java:64)
	at java.base/jdk.internal.util.Preconditions.outOfBoundsCheckIndex(Preconditions.java:70)
	at java.base/jdk.internal.util.Preconditions.checkIndex(Preconditions.java:266)
	at java.base/java.util.Objects.checkIndex(Objects.java:359)
	at java.base/java.util.ArrayList.get(ArrayList.java:427)
	at org.sonar.java.se.checks.DivisionByZeroCheck$PreStatementVisitor.visitAssignmentExpression(DivisionByZeroCheck.java:178)
	at org.sonar.java.model.expression.AssignmentExpressionTreeImpl.accept(AssignmentExpressionTreeImpl.java:70)
	at org.sonar.java.se.checks.DivisionByZeroCheck.checkPreStatement(DivisionByZeroCheck.java:153)
	at org.sonar.java.se.CheckerDispatcher.executeCheckPreStatement(CheckerDispatcher.java:62)
	at org.sonar.java.se.ExplodedGraphWalker.visit(ExplodedGraphWalker.java:633)

I suspect that this issue is with this bit of (abridged) code; maybe the unary += / switch expression combo should be detected as a “simple expression”?

String info = "";
// ...
info += switch (x) {
  case FIRST_NAME -> "";
  case COMPANY -> "";
  default -> "";

return info;

As a side note (not sure where to post) I tried running the sonar-java project to submit a reproducer unit test but always seem to run into this error:
Caused by: java.lang.SecurityException: class "org.eclipse.jdt.core.dom.IAnnotationBinding"'s signer information does not match signer information of other classes in the same package
The project page mentions it and says that it might happen when running tests from Eclipse but I have the error when running maven from the command line.

Hello Guillaume,

Thanks for the report and please excuse the delay!

I’ve found a little time to look into it and at least with the code snippet you provided I haven’t yet been able to reproduce it locally. Since this is a symbolic execution based rule, it may require quite specific conditions to reproduce.

If you could provide a unit test, that would be amazing of course. Have you tried running mvn clean install with Java 17 and ideally Eclipse not running at the same time? To me, the error message reads as though part of the files may have been compiled with Eclipse and part of them with maven, causing a signature mismatch.

No problem, I suppose you were busy with 9.9 LTS :slight_smile:
Thank you for looking into it, I assumed the issue was with the += but what’s inside the case also seems to matter.
I have submitted a PR with a code sample reproducing the problem:

For the build I was indeed missing the install so it can use the repackaged jdt module, thanks!

1 Like

Perfect, thanks for the reproducer test case! I’ve created a ticket to address this during the next SonarJava hardening.

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.