Sonar Cloud is failing on code analysis for .Net MVC project on Azure CI/CD pipeline

Code Analysis was working fine by 22nd Feb 2023 and without making any changes either to the CICD pipeline or to Sonar Project, it is continuously failing from 2nd March 2023. Some details are as follows and the error log file is also attached.

  • ALM used: Azure DevOps
  • CI system used: Azure DevOps
  • Languages of the repository: C#, .cshtml, CSS, HTML, TypeScript
  • Error: java.lang.StackOverflowError ##[error]at com.sonar.security.E.D.A.H.B(na:745) at com.sonar.security.E.D.D.Q.B(na:527) ##[debug]Processed: ##vso[task.logissue type=error;]at com.sonar.security.E.D.A.H.B(na:745)%0D%0A at com.sonar.security.E.D.D.Q.B(na:527) at com.sonar.security.E.D.A.H.B(na:745) at com.sonar.security.E.D.D.Q.B(na:527)

SonarClud_Logs.txt (290.6 KB)

1 Like

This is a critical issue for us. Is there any update on this, please?

Hello @vwelt !

We had a look at this and do not yet know why this is happening.

In order to help us help you, could you provide us with the scannerwork files generated during analysis? These are the files that, according to your logs, are in the folder D:\a\1\.sonarqube\out.

Hey @vwelt , we would like to look into your issue. :slight_smile: In order for us to be able to investigate, the files that I mentioned in the previous post would be extremely helpful! If you have any issues retrieving those files, please let us know and we are happy to provide help and assistance.

You may also want to share the files in a private message so that you do not have to share them publicly. I will reach out to you privately on this forum.

1 Like

Hey Malte ,
Thanks for looking into it.
I am struggling to find this log file as I am not sure where this location exists. I am running a build on Azure DevOps so not sure where is this D: drive. Please help me to find this.

1 Like

Hey @vwelt ,

indeed, this can be tricky if you are running in an Azure pipeline. I recently shared a possible workaround with you in a private message about how you can run that scan locally rather than in an Azure pipeline to circumvent this problem. Did you try to do that? Just in case, I will copy&paste the relevant part of that private message. :slight_smile:

If this is an Azure pipeline, I assume that this build runs on a virtual machine somewhere in your organization’s own infrastructure. You may have to contact your Release Engineering / Infrastructure Team so that they can help you access files on this virtual machine.

A simpler alternative might be to run the analysis locally rather than in a CI pipeline. I assume you can also build your project locally, and then you are almost there. You can invoke the scanner at build time on your local machine as explained here: SonarScanner for .NET

As a consequence of running the scanner locally, the scannerwork files will also be dumped into a local directory on your filesystem.

Let me know if you had troubles trying to run the scan locally. If yes, can you share where you got stuck so we can help with that?