Scanner for MSBUILD Failed to publish results when no errors are raised after analysis

sonarsecurity

(Dibbdob) #1

I’m running sonar scanner for msbuild (4.5.0.1761) and the analysis step is showing no errors (with verbose logging), but at the end it fails for some reason.

Below shows the output of the failure.

16:42:39.479 ERROR: Error during SonarQube Scanner execution
java.lang.NullPointerException
16:42:39.479 INFO: Final Memory: 22M/741M
        at org.A.D.get(Unknown Source)
        at java.util.Map.getOrDefault(Map.java:588)
        at com.sonar.security.analysis.taint.A.A.F(Unknown Source)
        at com.sonar.security.analysis.taint.A.A.D(Unknown Source)
16:42:39.479 INFO: ------------------------------------------------------------------------
        at com.sonar.security.analysis.taint.A.A.B(Unknown Source)
        at com.sonar.security.analysis.taint.A.A.C(Unknown Source)
        at com.sonar.security.analysis.taint.A.D.A(Unknown Source)
        at com.sonar.security.analysis.taint.A.D.A(Unknown Source)
        at com.sonar.security.analysis.taint.A.E.A(Unknown Source)
        at java.lang.Iterable.forEach(Iterable.java:75)
        at com.sonar.security.analysis.taint.A.B.A(Unknown Source)
        at com.sonar.security.analysis.taint.A.E.A(Unknown Source)
        at com.sonar.security.analysis.taint.A.E.B(Unknown Source)
        at com.sonar.security.analysis.taint.A.E.A(Unknown Source)
        at com.sonar.security.analysis.H.A(Unknown Source)
        at com.sonar.security.analysis.D.A(Unknown Source)
        at com.sonar.security.analysis.D.A(Unknown Source)
        at com.sonar.security.A.B.A(Unknown Source)
        at com.sonar.security.E.A(Unknown Source)
        at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:184)
        at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:175)
        at java.util.Spliterators$ArraySpliterator.forEachRemaining(Spliterators.java:948)
        at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481)
        at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471)
        at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:151)
        at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:174)
        at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
        at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:418)
        at com.sonar.security.E.execute(Unknown Source)
        at org.sonar.scanner.sensor.SensorWrapper.analyse(SensorWrapper.java:45)
        at org.sonar.scanner.phases.SensorsExecutor.execute(SensorsExecutor.java:88)
        at org.sonar.scanner.phases.SensorsExecutor.lambda$execute$1(SensorsExecutor.java:65)
        at org.sonar.scanner.phases.SensorsExecutor.withGlobalStrategy(SensorsExecutor.java:80)
        at org.sonar.scanner.phases.SensorsExecutor.execute(SensorsExecutor.java:65)
        at org.sonar.scanner.phases.AbstractPhaseExecutor.execute(AbstractPhaseExecutor.java:74)
        at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:164)
        at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
        at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:122)
        at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:319)
        at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:314)
        at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:288)
        at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
        at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:122)
        at org.sonar.scanner.task.ScanTask.execute(ScanTask.java:48)
        at org.sonar.scanner.task.TaskContainer.doAfterStart(TaskContainer.java:82)
        at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
        at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:122)
        at org.sonar.scanner.bootstrap.GlobalContainer.executeTask(GlobalContainer.java:131)
        at org.sonar.batch.bootstrapper.Batch.doExecuteTask(Batch.java:116)
        at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:71)
        at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
        at com.sun.proxy.$Proxy0.execute(Unknown Source)
        at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:171)
        at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:128)
        at org.sonarsource.scanner.cli.Main.execute(Main.java:111)
        at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
        at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Process returned exit code 1
The SonarQube Scanner did not complete successfully
16:42:39.762  Creating a summary markdown file...
16:42:39.777  Post-processing failed. Exit code: 1

Can anyone provide some direction on what the cause may be?


(Dibbdob) #2

Still having problems resolving this. Is there any more information I could provide that could help getting some assistance on our issue?

As I’ve previously said there are no errors reported, but is it possible that analysis warnings could also lead to this error?

Here are the warning messages:

[16:12:49]W: [Step 8/8] 16:12:49.739 WARN: Property ‘sonar.abap.file.suffixes’ is not declared as multi-values/property set but was read using ‘getStringArray’ method. The SonarQube plugin declaring this property should be updated.
[16:12:56]W: [Step 8/8] 16:12:56.214 WARN: Property ‘sonar.abap.file.suffixes’ is not declared as multi-values/property set but was read using ‘getStringArray’ method. The SonarQube plugin declaring this property should be updated.
[16:12:56]W: [Step 8/8] 16:12:56.759 WARN: Metric ‘comment_lines_data’ is deprecated. Provided value is ignored.
[16:13:05]W: [Step 8/8] 16:13:05.152 WARN: Property ‘sonar.abap.file.suffixes’ is not declared as multi-values/property set but was read using ‘getStringArray’ method. The SonarQube plugin declaring this property should be updated.
[16:13:05]W: [Step 8/8] 16:13:05.705 WARN: Metric ‘comment_lines_data’ is deprecated. Provided value is ignored.
[16:13:13]W: [Step 8/8] 16:13:13.547 WARN: Property ‘sonar.abap.file.suffixes’ is not declared as multi-values/property set but was read using ‘getStringArray’ method. The SonarQube plugin declaring this property should be updated.
[16:13:25]W: [Step 8/8] 16:13:25.091 WARN: Property ‘sonar.abap.file.suffixes’ is not declared as multi-values/property set but was read using ‘getStringArray’ method. The SonarQube plugin declaring this property should be updated.
[16:13:26]W: [Step 8/8] 16:13:26.744 WARN: Property ‘sonar.abap.file.suffixes’ is not declared as multi-values/property set but was read using ‘getStringArray’ method. The SonarQube plugin declaring this property should be updated.
[16:14:07]W: [Step 8/8] 16:14:07.225 WARN: Metric ‘comment_lines_data’ is deprecated. Provided value is ignored.
[16:21:40]W: [Step 8/8] 16:21:40.132 WARN: Property ‘sonar.abap.file.suffixes’ is not declared as multi-values/property set but was read using ‘getStringArray’ method. The SonarQube plugin declaring this property should be updated.
[16:21:53]W: [Step 8/8] 16:21:53.129 WARN: Property ‘sonar.abap.file.suffixes’ is not declared as multi-values/property set but was read using ‘getStringArray’ method. The SonarQube plugin declaring this property should be updated.
[16:22:00]W: [Step 8/8] 16:22:00.928 WARN: Property ‘sonar.abap.file.suffixes’ is not declared as multi-values/property set but was read using ‘getStringArray’ method. The SonarQube plugin declaring this property should be updated.
[16:22:02]W: [Step 8/8] 16:22:02.280 WARN: Metric ‘comment_lines_data’ is deprecated. Provided value is ignored.
[16:22:08]W: [Step 8/8] 16:22:08.172 WARN: Property ‘sonar.abap.file.suffixes’ is not declared as multi-values/property set but was read using ‘getStringArray’ method. The SonarQube plugin declaring this property should be updated.

and the end of the analysis shows:

[16:22:38] : [Step 8/8] Process returned exit code 1
[16:22:38]W: [Step 8/8] The SonarQube Scanner did not complete successfully
[16:22:38] : [Step 8/8] 16:22:38.297 Creating a summary markdown file…
[16:22:38]W: [Step 8/8] 16:22:38.298 Post-processing failed. Exit code: 1
[16:22:38]W: [Step 8/8] Process exited with code 1

What we can say is that when we run the build on a different branch we can get the analysis to pass. This leads me to think that it’s something in our code that’s causing the reported error. But due to the size of the project it will be extremely difficult to reduce the code base down on the problem branch to try and locate the problem.

We’d welcome any suggestions as are currently at a loss on how to go forward with this.

Thanks.


(Duncan Pocklington) #3

FYI the Java log output in S2631 crashes analyzer looks very similar to what you have above. You might want to try the workaround mentioned in that thread of disabling S2631.


(Dibbdob) #4

Thanks for the suggestion, I have been able to publish successfully by disabling S3649.