Scanner crashes with IllegalStateException on use of bit_cast

Bug report:

Versions used: SonarCloud with SonarScanner 4.6.1.2450
ALM used: GitHub
CI system used: GitHub Actions
Error observed:
Scanner crashes with IllegalStateException on use of bit_cast.
Link: https://github.com/SerenityOS/serenity/runs/3637880876?check_suite_focus=true#step:14:1472

The code that the exception points to (link):

    template<typename T>
    T* get_pointer() requires(can_contain<T>())
    {
        if (index_of<T>() == m_index)
            return bit_cast<T*>(&m_data);
        return nullptr;
    }

The exception that kills scanning:

ERROR: Exception in thread pool-4-thread-2
java.lang.IllegalStateException: /home/runner/work/serenity/serenity/AK/Variant.h 314:13 314:41 S946
	at com.sonar.cpp.plugin.CFamilySensor.reportIssue(CFamilySensor.java:964)
	at com.sonar.cpp.plugin.CFamilySensor.save(CFamilySensor.java:903)
	at com.sonar.cpp.plugin.CFamilySensor.lambda$process$14(CFamilySensor.java:758)
	at com.sonar.cpp.analyzer.AnalysisExecutor.lambda$submit$0(AnalysisExecutor.java:59)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
	at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
	at java.base/java.lang.Thread.run(Unknown Source)
Caused by: java.lang.IllegalArgumentException: Start pointer [line=1228, lineOffset=25] should be before end pointer [line=1228, lineOffset=24]
	at org.sonar.api.utils.Preconditions.checkArgument(Preconditions.java:43)
	at org.sonar.api.batch.fs.internal.DefaultInputFile.newRangeValidPointers(DefaultInputFile.java:334)
	at org.sonar.api.batch.fs.internal.DefaultInputFile.newRange(DefaultInputFile.java:275)
	at com.sonar.cpp.plugin.CFamilySensor.rangeOrLine(CFamilySensor.java:1078)
	at com.sonar.cpp.plugin.CFamilySensor.lambda$reportIssueImpl$19(CFamilySensor.java:1012)
	at java.base/java.util.stream.ReferencePipeline$3$1.accept(Unknown Source)
	at java.base/java.util.Spliterators$ArraySpliterator.tryAdvance(Unknown Source)
	at java.base/java.util.stream.StreamSpliterators$WrappingSpliterator.lambda$initPartialTraversalState$0(Unknown Source)
	at java.base/java.util.stream.StreamSpliterators$AbstractWrappingSpliterator.fillBuffer(Unknown Source)
	at java.base/java.util.stream.StreamSpliterators$AbstractWrappingSpliterator.doAdvance(Unknown Source)
	at java.base/java.util.stream.StreamSpliterators$WrappingSpliterator.tryAdvance(Unknown Source)
	at java.base/java.util.Spliterators$1Adapter.hasNext(Unknown Source)
	at org.sonar.api.batch.sensor.issue.internal.AbstractDefaultIssue.addFlow(AbstractDefaultIssue.java:74)
	at org.sonar.api.batch.sensor.issue.internal.DefaultIssue.addFlow(DefaultIssue.java:22)
	at com.sonar.cpp.plugin.CFamilySensor.reportIssueImpl(CFamilySensor.java:1016)
	at com.sonar.cpp.plugin.CFamilySensor.reportIssueImpl(CFamilySensor.java:974)
	at com.sonar.cpp.plugin.CFamilySensor.reportIssue(CFamilySensor.java:962)
	... 8 common frames omitted

Reproduciton Steps:
The pipeline is open soruce and documented here: https://github.com/SerenityOS/serenity/blob/master/.github/workflows/sonar-cloud-static-analysis.yml

Hello @bgianfo,

Welcome to the community!

We are not simulating correctly the behavior of the used compiler i686-pc-serenity-g++ which is leading to this crash and some obvious false-positive in flow-sensitive rules.

To unblock the current analysis you can exclude the culprit file(Parser.cpp) by adding it to the scanner exclusion:
sonar.exclusions=Userland/Libraries/LibWasm/Parser/Parser.cpp
This should make the analysis pass until we improve our support of the compiler.
more about exclusions.

Is the project compilable by other compilers(vanilla GCC, Clang)?

Also, I noticed from the shared pipeline that you are trying to use the CFamily cache without preserving it between runs(you can use other actions like this to achieve that). That is why the cache is never hit in the previous successful analysis. You can see at the end of the analysis:

INFO: Cache: 0/1802 hits, 118437496 bytes

Thanks,

1 Like

This work around got the pipeline working again, thanks!

This is a bit complicated but the short answer is yes, we build every commit with clang and gcc.
The gcc version we are using is “vanillia” it’s just cross compiled to target the operating system we are building (SerenityOS) so we can compile for it on the host operating system (Linux / MacOS / etc).

Yes that was left over from prototyping, we actually don’t have enough github action cache available for us to store the sonar-runner cache, so I’ve disabled it.

Thanks for the help!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.