Failed to instantiate SLF4J LoggerFactory

Neil_Phillips · December 21, 2021, 11:57am

SonarQube Version: 8.6

Post Log4j vulnerability we began looking at moving to a supported version of sonarqube. No changes were made as far as we know, only viewing of config files and a snapshot of the VM. However, now the SQ instance returns a 503, restarting the instance fails and we have restarted all the services.

The Bitnami diagnostic tool was used and they extracted the following from the logs:

SLF4J: Found binding in [jar:file:/opt/bitnami/apps/sonarqube/sonarqube/lib/common/logback-classic-1.2.3.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
Failed to instantiate SLF4J LoggerFactory
Reported exception:
java.lang.NoClassDefFoundError: org/apache/logging/log4j/spi/AbstractLoggerAdapter
    at java.base/java.lang.ClassLoader.defineClass1(Native Method)
    at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1017)
    at java.base/java.security.SecureClassLoader.defineClass(SecureClassLoader.java:174)
    at java.base/jdk.internal.loader.BuiltinClassLoader.defineClass(BuiltinClassLoader.java:800)
    at java.base/jdk.internal.loader.BuiltinClassLoader.findClassOnClassPathOrNull(BuiltinClassLoader.java:698)

It would appear that all other services are running but SonarQube cannot be restarted.

ganncamp · January 6, 2022, 4:35pm

Hi,

Welcome to the community!

It’s nearly impossible to know what happened to make your current SonarQube instance stop working. What I do know is that if you go ahead & upgrade to at least 8.9.6, your download will be a complete bundle with all the parts you need to spin up your instance.

Sorry to dodge the question, but we’re just not in a position to diagnose 8.6 anymore.

HTH,
Ann