Nullpointer on SonarJava in version >= 5.9


(Ruben Ruiz) #1


SonarJava fails with a Nullpointer after trying to analyze the next class:

public class SomeClass {

    private SomeClass() {
        throw new IllegalAccessError("Utility class");

    public static <T> OtherClass<Optional<T>> doSomething() {
        return (oldValue, newValue) -> newValue.isPresent() ? newValue : oldValue;

OtherClass is:

public interface OtherClass<T> {
    T combine(T oldValue, T newValue);

We get a Nullpointer when we try to run Sonar Analysis using Maven

[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin: (default-cli) on project some-project: SonarQube is unable to analyze file : '/path/': NullPointerException -> [Help 1]

Sonar Version: 6.7.5

Plugin Version: 3.5.0

We reproduced the error with SonarJava plugin on version 5.9 and 5.9.1

It doesn’t happen with SonarJava 5.8.0, so we downgraded the plugin to that version.

Thank you

(Michael Gumowski) #2


Thanks for the feedback. Unfortunately, your reproducer does not compile. Can you fix it?

In particular, SomeClass is not parameterized in the class declaration (and does not extends/implements anything), while its obviously a parameterized class, looking at doSomething() method signature.

Thanks in advance,

Sorry, forgot to add something:
  • Could you also provide the full log of the analysis (maybe in debug mode), so we will be able to see which rule/component raise the NPE?
  • The Nonnull annotation which you use is also not defined, please provide the fully qualified name.

(Ruben Ruiz) #3


You’re right. I updated the previous post with something that should compile in JDK 8

Best regards

(Michael Gumowski) #4

Thanks for the update.

Unfortunately, I have not been able to reproduce it on my side. Note that I assumed the annotation to be @javax.annotation.Nonnull. On my machine, your example compiles, and passes the analysis without failing, with absolutely all the rules from SonarJava enabled (version

Could you share the logs of your analysis? It would help to know the full stacktrace associated to the NPE. You may want to run your analysis with debug mode.

(Michael Gumowski) #5

Hello @Ruben_Ruiz,

Sorry, I forgot to answer you earlier. Thanks to your edit, I reproduced the issue. This is the same case as the following:

So the conclusion is going to be the same: This is a bug in rule S4738, which will be handled by SONARJAVA-2967.

If you need a workaround, you can temporarily disable rule squid:S4738, or exclude the file which is causing the analysis to fail.


(Ruben Ruiz) #6

Hello @Michael,

We have excluded the file until the issue is fixed.

Thank you very much for your answer and your efforts in reproducing the issue.