Python Code Quality and Security: 2.13 (build 7236)
Vulnerability Rules for Python: 8.4 (build 2759)
The Problem
We are attempting to use the SonarScanner in Jenkins to scan the Python code we have checked into one of our branches. Everything seems to run fine until we get to the very end. There are no errors or anything even with Debug logging. The final lines of the log before the error are below:
12:35:04 19:35:04.001 DEBUG: stylelint-bridge server will shutdown
12:35:04 19:35:04.004 INFO: ------------------------------------------------------------------------
12:35:04 19:35:04.004 INFO: EXECUTION FAILURE
12:35:04 19:35:04.004 INFO: ------------------------------------------------------------------------
12:35:04 19:35:04.004 INFO: Total time: 35.115s
12:35:04 19:35:04.464 INFO: Final Memory: 223M/1683M
12:35:04 19:35:04.465 INFO: ------------------------------------------------------------------------
12:35:04 19:35:04.465 ERROR: Error during SonarQube Scanner execution
12:35:04 java.lang.StackOverflowError
12:35:04 at org.sonar.python.semantic.Scope.copySymbol(Scope.java:126)
12:35:04 at org.sonar.python.semantic.Scope.copySymbol(Scope.java:137)
It then repeats the final line a ton of times. This used to work back in September but since then we’ve done a couple of upgrades including making sure our plugins are all up-to-date. Is there a bug that we might be running into with the Python plugin that could be blocking us from completing our job? Could it be something with our SonarScanner properties? I’m at a loss as to the next steps and would love any support that someone might have. Thank you in advance!
One additional note for context. Version 3.3 of the sonarScanner + version 7.9 of SonarQube this was working just fine. After upgrading to Sonar 8.4 we now see basically this massively recurisve exception that results in a stackOverflow issue.
Unfortunately the code isn’t public domain, and I am not sure which of the 641 files are causing this issue. Is there a way for us to determine that with debug logs or some other way? We tried using the -X option when running the sonarScanner to see if we can pinpoint where the recursive exception was happening, but nothing obvious jumped out.
Unfortunately it’s not that easy to isolate a single file, as this exception occurs when building the semantic model for the entire project.
Looking at the stacktrace you posted, it looks like this may happen when resolving superclasses of a class.
By any chance, do you have some loop in class inheritance?
For Example:
I don’t believe we have a loop in inheritance from my search through the code, although if there are tools that can help point this out, I will definitely run them! From what you posted, though, I would expect that to cause an exception or hang when one of those classes loads, right? I ran the entire project through pycycle (which is admittedly an old tool for detecting cycles) and didn’t find any, either.
Following up here. Is there anything else that we can try on our side to work around this issue? We would prefer not to need to downgrade back to 7.4 sonar if we can avoid it (since this is the only repo where we are seeing this issue).
Hi @begoldsm,
I contacted you privately in order to get more information. Could you please check your private messages?
In the meanwhile, could you please test with latest SonarQube version (8.5) and see if the errors is still there?
. I responded and will test out with sonar 8.5 and report back there!