Old bugs in "New Code"

Fabian · July 26, 2021, 8:20am

Must-share information (formatted with Markdown):

which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
Enterprise Edition Version 7.9.4
sonar-scanner-cli-4.3.0.2102-linux
what are you trying to achieve
I would like to have only completely new bugs in “New Code” section.
what have you tried so far to achieve this
I have a very large code base (mainly c/c++), some of the files are quite big and old. I run analysis daily, and it looks like bugs from code that wasn’t touched for 5+ years shows in “New Code” section, I found out only that those file were modified in last 30 days but in different place e.g. modified printed string, so It’s not like modified code affected some other code that now is a bug. My question is why those errors weren’t detected on the first scan, but now after half year, does it mean I have even more bugs in my code, but they aren’t detected only because I didn’t edit a file?

ganncamp · July 26, 2021, 6:29pm

Hi,

Your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:

7.9.4 → 8.9.1 LTS → 9.0 (last step optional)

Could you give an example of an old bug in new code?

Ann

Fabian · July 28, 2021, 11:59am

Hi,

I’m not able to change the version, as I’m only a user not an admin of this tool.
Example of the bug is following(I can’t provide real code):

static uint32 x = 1;

uint32 function_a(){
return x > 0;
}

if(x != some_func()){
function(enum_value, enum_value, (void*)(function_a()));
}

cast to ‘void *’ from smaller integer type ‘uint32’ (aka ‘unsigned int’)

I understand that this is a bug, but this code was present in repository for a long time, file wasn’t edited for at least half a year, why then it shows up in “New Code” section?

ganncamp · July 28, 2021, 5:24pm

Hi,

I was actually hoping for a screenshot. Like this:

Or even this:

But okay. Is it possible that the function_a signature changed recently? That’s generally the cause with this kind of complaint; a code change elsewhere caused a new issue to be raised (quite properly) on old code.

Ann

Fabian · August 2, 2021, 9:54am

Hi Ann,

I found a better example of this scenario where old code gets into “New Code section”:
I have a line of code that wasn’t edited since at least 5 years, and file itself wasn’t edited at least since 3 years.

function_foo1(int var_a){
    // initialization of local variables
    function_foo2(var_a);
    ...
}

Error says:
“code will never be executed” which applies to line with function_foo2(var_a);
My only concern is why this is showed on “new code” while it’s very old, and no changes around it were performed.

Fabian

ganncamp · August 2, 2021, 5:51pm

Hi Fabian,

Without actual code it’s impossible for me to tell. Is it possible that the code called during “initialization of local variables” has changed in the meantime to now throw an exception?

Ann