Must-share information (formatted with Markdown):

which versions are you using

I am using Sonarqube * Enterprise Edition * Version 8.9.3 (build 48735)

what are you trying to achieve

I am trying to setup Sonar to check our source code

what have you tried so far to achieve this

I added some code that break some rule of C Sonar default profile.
I tried to build wrapper with “arm-none-eabi-gcc-10.2.1” toolchain it it run normally, generated error log on the console as below picture

image977×510 19.7 KB

After that I used latest sonar scanner to scan and see the output on the Sonar project dashboard

I saw some issues but not for some other issue such as:

• “goto” statement should not be used and so on

    void test2(){
	int i =0;
	int i = 0;
	loop:
	printf("i = %d\n", i);
	i++;
	if (i < 10){
		goto loop; // Noncompliant
	}
	switch (i) {
	  case 0:
		//...
		break;
	  case 1 ... 2:
		//...
		break;
	  case 5 ... 3: // Noncompliant
		//...
		break;
	}
	
}

I attached log for both log for checking in here
scanner_log.txt (40.7 KB)
build_wrapper_log.txt (14.1 KB)

I already check Project rule settings and the missing rules already enable

Can anyone help to solve this issue.
I dont know if we need to add additional gcc flag to make it out
@sonarsourcers could you have a look at my issue
Because I am in urgent case, please help me to solve this problem

Hello @thanhngo91,

Welcome to the community!

Your build is failing. Please fix it before running the analysis. The command provided to build-wrapper should be able to build your project successfully.

if you still face an issue after fixing your build:

* “goto” statement should not be used and so on.

Please clarify which rule you are referring to and check if it is enabled in your quality profile. There are multiple rules related to goto.

Thanks,

Thank you @Abbas_Sabra for your feedback
This is very first time I configure Sonar on our system so I dont really understand how Sonar works.

I tried to remove all source code and used below source code for checking rule

image963×87 4.57 KB

int f() {
	int j = 0;
	L1:
	  ++j;
	  if (10 == j) {
		goto L2;         // forward jump ignored
	  }
	  // ...
	  goto L1;           // Noncompliant
	L2:
	  return ++j;
}

Now no error but still not issue on the dashboard

I have one more question about requirement for building successfully , because with my past building fail Sonar still can find out some code-smell

All the rule I checked is active on Sonar C default profile
I also tried to test some other rules but some worked and some other didnot work
For example “Unused local variable work well”

I am afraid I am missing something

@Abbas

I attach reproducer in here in case you need

Highly appreciate your help !

sonar-cfamily-reproducer_thanhngo91.zip (24.3 KB)

@thanhngo91,

Thanks for the report. It seems to be an issue in the configuration not in the analyzer. Running the same code locally raises the expected issues. I believe it is related to your network driver “M:”. can you try to run the same thing locally and see if the issues are detected.

After confirming that this solves the problem, we can discuss possible workarounds.

Thanks,

Many thank @Abbas
It works perfectly.

But do you think we should improve Sonar to make it deal with this case.
At least it should throw a warning to user or something similar like that

@thanhngo91, Thanks for the confirmation. Yes, we definitely should/will fix it!
Let me know if you face other issues.

Thanks,

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.