java.lang.IndexOutOfBoundsException: Index: -1

SonarQube Server / Community Build
1

Hi. I am running a scan on some repos that I cloned from GitHub, and I am getting this error. My code works fine for some other repos, but for this specific organization, I keep on getting an error. I am running my scanner on a Linux machine.

Must-share information (formatted with Markdown):

  • I am using sonar-scanner-4.7.0.2747-linux

Here are the logs. Note, the organization repos contain files which are written in Go or Solidity.

INFO: Scanner configuration file: path/sonarqube/sonar-scanner-4.7.0.2747-linux/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarScanner 4.7.0.2747
INFO: Java 11.0.14.1 Eclipse Adoptium (64-bit)
INFO: Linux 5.4.0-1057-aws amd64
INFO: User cache: path/.sonar/cache
INFO: Scanner configuration file: path/sonarqube/sonar-scanner-4.7.0.2747-linux/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: Analyzing on SonarQube server 8.5.1
INFO: Default locale: "en", source code encoding: "UTF-8"
INFO: Load global settings
INFO: Load global settings (done) | time=60ms
INFO: Server id: 86E1FA4D-AXmfxL3CE6ErMdiF_6fT
INFO: User cache: path/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=30ms
INFO: Load/download plugins (done) | time=84ms
INFO: Process project properties
INFO: Process project properties (done) | time=7ms
INFO: Execute project builders
INFO: Execute project builders (done) | time=1ms
INFO: Project key: 0xProject
INFO: Base dir: path/crypto_repos
INFO: Working dir: path/crypto_repos/.scannerwork
INFO: Load project settings for component key: '0xProject'
INFO: Load project settings for component key: '0xProject' (done) | time=14ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=43ms
INFO: Load active rules
INFO: Load active rules (done) | time=446ms
WARN: SCM provider autodetection failed. Please use "sonar.scm.provider" to define SCM of your project, or disable the SCM Sensor in the project settings.
INFO: Indexing files...
INFO: Project configuration:
INFO:   Excluded sources: **/*.java
INFO: Load project repositories
INFO: Load project repositories (done) | time=14ms
INFO: 59732 files indexed
INFO: 5 files ignored because of inclusion/exclusion patterns
INFO: Quality profile for css: Sonar way
INFO: Quality profile for go: Sonar way
INFO: Quality profile for js: Sonar way
INFO: Quality profile for py: Sonar way
INFO: Quality profile for ruby: Sonar way
INFO: Quality profile for solidity: Sonar way
INFO: Quality profile for ts: Sonar way
INFO: Quality profile for web: Sonar way
INFO: Quality profile for xml: Sonar way
INFO: ------------- Run sensors on module 0xProject
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=36ms
INFO: Sensor Python Sensor [python]
INFO: Starting global symbols computation
INFO: 485 source files to be analyzed
INFO: Starting rules execution
INFO: 485/485 source files have been analyzed
INFO: 485 source files to be analyzed
INFO: Sensor Python Sensor [python] (done) | time=14320ms
INFO: 485/485 source files have been analyzed
INFO: Sensor Cobertura Sensor for Python coverage [python]
INFO: Sensor Cobertura Sensor for Python coverage [python] (done) | time=365ms
INFO: Sensor PythonXUnitSensor [python]
INFO: Sensor PythonXUnitSensor [python] (done) | time=359ms
INFO: Sensor CSS Metrics [cssfamily]
INFO: Sensor CSS Metrics [cssfamily] (done) | time=146ms
INFO: Sensor CSS Rules [cssfamily]
INFO: 351 source files to be analyzed
INFO: 351/351 source files have been analyzed
INFO: Sensor CSS Rules [cssfamily] (done) | time=2728ms
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: 'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
INFO: No report imported, no coverage information will be imported by JaCoCo XML Report Importer
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=70ms
INFO: Sensor SonarGo [go]
INFO: 2758 source files to be analyzed
ERROR: Unable to parse file: file:///path/crypto_repos/karpenter/test/pkg/environment/aws/setup.go. 
ERROR: Parser returned non-zero exit value: 2
ERROR: Unable to parse file: file:///path/crypto_repos/karpenter/pkg/cloudprovider/launchtemplate_test.go. 
ERROR: Parser returned non-zero exit value: 2
ERROR: Unable to parse file: file:///path/crypto_repos/go-ethereum/dashboard/assets.go. 
ERROR: The file size is too big and should be excluded, its size is 5183780 (maximum allowed is 700000 bytes)
ERROR: Unable to parse file: file:///path/crypto_repos/karpenter/pkg/apis/config/settings/settings.go. 
ERROR: Parser returned non-zero exit value: 2
INFO: 565/2758 files analyzed, current file: go-ethereum/common/bytes_test.go
ERROR: Unable to parse file: file:///path/crypto_repos/karpenter/pkg/cloudprovider/amifamily/bootstrap/eksbootstrap.go. 
ERROR: Parser returned non-zero exit value: 2
ERROR: Unable to parse file: file:///path/crypto_repos/karpenter/pkg/fake/ec2api.go. 
ERROR: Parser returned non-zero exit value: 2
ERROR: Unable to parse file: file:///path/crypto_repos/karpenter/test/pkg/environment/common/setup.go. 
ERROR: Parser returned non-zero exit value: 2
INFO: Sensor SonarGo [go] (done) | time=54848ms
INFO: Sensor SonarSolidity [SolidityPlugin]
INFO: 2758/2758 source files have been analyzed
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 1:23.739s
INFO: Final Memory: 259M/900M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarScanner execution
java.lang.IndexOutOfBoundsException: Index: -1
        at java.base/java.util.Collections$EmptyList.get(Unknown Source)
        at org.sonarsource.solidity.checks.CurlyBraceCheck.visitForStatement(CurlyBraceCheck.java:81)
        at org.sonarsource.solidity.checks.CurlyBraceCheck.visitForStatement(CurlyBraceCheck.java:21)
        at org.sonarsource.solidity.frontend.SolidityParser$ForStatementContext.accept(SolidityParser.java:4020)
        at org.antlr.v4.runtime.tree.AbstractParseTreeVisitor.visitChildren(AbstractParseTreeVisitor.java:46)
        at org.sonarsource.solidity.frontend.SolidityBaseVisitor.visitStatement(SolidityBaseVisitor.java:300)
        at org.sonarsource.solidity.frontend.SolidityParser$StatementContext.accept(SolidityParser.java:3452)
        at org.antlr.v4.runtime.tree.AbstractParseTreeVisitor.visitChildren(AbstractParseTreeVisitor.java:46)
        at org.sonarsource.solidity.frontend.SolidityBaseVisitor.visitBlock(SolidityBaseVisitor.java:293)
        at org.sonarsource.solidity.frontend.SolidityParser$BlockContext.accept(SolidityParser.java:3355)
        at org.antlr.v4.runtime.tree.AbstractParseTreeVisitor.visitChildren(AbstractParseTreeVisitor.java:46)
        at org.sonarsource.solidity.frontend.SolidityBaseVisitor.visitFunctionDefinition(SolidityBaseVisitor.java:153)
        at org.sonarsource.solidity.checks.CurlyBraceCheck.visitFunctionDefinition(CurlyBraceCheck.java:72)
        at org.sonarsource.solidity.checks.CurlyBraceCheck.visitFunctionDefinition(CurlyBraceCheck.java:21)
        at org.sonarsource.solidity.frontend.SolidityParser$FunctionDefinitionContext.accept(SolidityParser.java:1812)
        at org.antlr.v4.runtime.tree.AbstractParseTreeVisitor.visitChildren(AbstractParseTreeVisitor.java:46)
        at org.sonarsource.solidity.frontend.SolidityBaseVisitor.visitContractPart(SolidityBaseVisitor.java:97)
        at org.sonarsource.solidity.frontend.SolidityParser$ContractPartContext.accept(SolidityParser.java:1060)
        at org.antlr.v4.runtime.tree.AbstractParseTreeVisitor.visitChildren(AbstractParseTreeVisitor.java:46)
        at org.sonarsource.solidity.frontend.SolidityBaseVisitor.visitContractDefinition(SolidityBaseVisitor.java:83)
        at org.sonarsource.solidity.checks.CurlyBraceCheck.visitContractDefinition(CurlyBraceCheck.java:32)
        at org.sonarsource.solidity.checks.CurlyBraceCheck.visitContractDefinition(CurlyBraceCheck.java:21)
        at org.sonarsource.solidity.frontend.SolidityParser$ContractDefinitionContext.accept(SolidityParser.java:847)
        at org.antlr.v4.runtime.tree.AbstractParseTreeVisitor.visitChildren(AbstractParseTreeVisitor.java:46)
        at org.sonarsource.solidity.frontend.SolidityBaseVisitor.visitSourceUnit(SolidityBaseVisitor.java:20)
        at org.sonarsource.solidity.frontend.SolidityParser$SourceUnitContext.accept(SolidityParser.java:214)
        at org.antlr.v4.runtime.tree.AbstractParseTreeVisitor.visit(AbstractParseTreeVisitor.java:18)
        at org.sonarsource.solidity.SoliditySensor.saveIssues(SoliditySensor.java:102)
        at org.sonarsource.solidity.SoliditySensor.analyzeFiles(SoliditySensor.java:88)
        at org.sonarsource.solidity.SoliditySensor.execute(SoliditySensor.java:73)
        at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:48)
        at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:85)
        at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:59)
        at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:77)
        at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:59)
        at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:82)
        at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:137)
        at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:123)
        at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:393)
        at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:389)
        at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:358)
        at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:137)
        at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:123)
        at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:144)
        at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:137)
        at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:123)
        at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:72)
        at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:66)
        at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
        at com.sun.proxy.$Proxy0.execute(Unknown Source)
        at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
        at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
        at org.sonarsource.scanner.cli.Main.execute(Main.java:112)
        at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
        at org.sonarsource.scanner.cli.Main.main(Main.java:61)
ERROR: 
ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.

The 'java.lang.IndexOutOfBoundsException: Index: -1' error is what’s really confusing me here.

Any leads would be appreciated. Thanks!

2

Hi,

Your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:

8.5.1-> 8.9.10 → 9.7.1 (last step optional)

You may find the Upgrade Guide and the LTS-to-LTS Upgrade Notes helpful. If you have questions about upgrading, feel free to open a new thread for that here.

If your error persists after upgrade, reach out to the maintainer of the plugin that is throwing the error (GitHub - sagap/sonar-solidity: SonarQube Analyzer for Solidity)

3

Thank you.

Just one question, is this for Sonarqube or Sonarscanner?

My sonar scanner version is 4.7.0.2747, my sonarqube version is 9.4.054424

4

SonarQube.

Based on the logs you shared, it looks like you’re SonarQube version is v8.5.1, not v9.4

5

Ah I guess I am not still following the upgrade procedure correctly.

I will create a new thread for that. Thanks