Sonar-java: java.lang.IndexOutOfBoundsException: Index 0 out of bounds for length 0

mthidell · September 22, 2022, 9:00am

Summary:
We experience some errors in the SonarScanner while using it in Azure DevOps against a java based project. Let us know if you need any further details to debug this.

We get multiply IndexOutOfBoundsException errors

java.lang.IndexOutOfBoundsException: Index 0 out of bounds for length 0
java.lang.IndexOutOfBoundsException: Index 3 out of bounds for length 0

CI system: Azure DevOps
Languages of the repository: Java

SonarCloud Backgroud task.

https://sonarcloud.io/api/ce/task?id=AYNgCKzWA6lSNq4mWx2U

Additional Info + Error.

Starting: Run SonarCloud Analysis
==============================================================================
Task         : Run Code Analysis
Description  : Run scanner and upload the results to the SonarCloud server.
Version      : 1.33.0
Author       : sonarsource
Help         : Version: 1.33.0. This task is not needed for Maven and Gradle projects since the scanner should be run as part of the build.

[More Information](https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/sonarscanner-for-azure-devops/)
==============================================================================
/home/vsts/work/_tasks/SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1/1.33.0/sonar-scanner/bin/sonar-scanner
INFO: Scanner configuration file: /home/vsts/work/_tasks/SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1/1.33.0/sonar-scanner/conf/sonar-scanner.properties
INFO: Project root configuration file: /home/vsts/work/1/s/sonar-project.properties
INFO: SonarScanner 4.7.0.2747
INFO: Java 11.0.16.1 Eclipse Adoptium (64-bit)
INFO: Linux 5.15.0-1019-azure amd64

[REDACTED]
java.lang.IndexOutOfBoundsException: Index 0 out of bounds for length 0
    at java.base/jdk.internal.util.Preconditions.outOfBounds(Preconditions.java:64)
    at java.base/jdk.internal.util.Preconditions.outOfBoundsCheckIndex(Preconditions.java:70)
    at java.base/jdk.internal.util.Preconditions.checkIndex(Preconditions.java:248)
    at java.base/java.util.Objects.checkIndex(Objects.java:372)
    at java.base/java.util.ArrayList.get(ArrayList.java:459)
    at org.sonar.java.se.checks.NonNullSetToNullCheck$PreStatementVisitor.checkNullArgument(NonNullSetToNullCheck.java:251)
    at org.sonar.java.se.checks.NonNullSetToNullCheck$PreStatementVisitor.checkNullArguments(NonNullSetToNullCheck.java:244)
    at org.sonar.java.se.checks.NonNullSetToNullCheck$PreStatementVisitor.visitNewClass(NonNullSetToNullCheck.java:218)
    at org.sonar.java.model.expression.NewClassTreeImpl.accept(NewClassTreeImpl.java:116)
    at org.sonar.java.se.checks.NonNullSetToNullCheck.checkPreStatement(NonNullSetToNullCheck.java:91)
    at org.sonar.java.se.CheckerDispatcher.executeCheckPreStatement(CheckerDispatcher.java:62)
    at org.sonar.java.se.ExplodedGraphWalker.visit(ExplodedGraphWalker.java:631)
    at org.sonar.java.se.ExplodedGraphWalker.execute(ExplodedGraphWalker.java:260)
    at org.sonar.java.se.ExplodedGraphWalker.visitMethod(ExplodedGraphWalker.java:216)
    at org.sonar.java.se.SymbolicExecutionVisitor.execute(SymbolicExecutionVisitor.java:75)
    at org.sonar.java.se.SymbolicExecutionVisitor.visitNode(SymbolicExecutionVisitor.java:65)
    at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:100)
    at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:125)
    at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:102)
    at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:125)
    at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:102)
    at org.sonar.java.ast.visitors.SubscriptionVisitor.scanTree(SubscriptionVisitor.java:83)
    at org.sonar.java.ast.visitors.SubscriptionVisitor.scanFile(SubscriptionVisitor.java:69)
    at org.sonar.java.se.SymbolicExecutionVisitor.scanFile(SymbolicExecutionVisitor.java:55)
    at org.sonar.java.model.VisitorsBridge.lambda$runScanner$1(VisitorsBridge.java:260)
    at org.sonar.java.model.VisitorsBridge.runScanner(VisitorsBridge.java:265)
    at org.sonar.java.model.VisitorsBridge.runScanner(VisitorsBridge.java:260)

Colin · September 22, 2022, 9:30am

Hey there.

If you’re analyzing Java, we recommend using the Scanner for Maven / Gradle rather than using the Scanner CLI. Can you adjust your build and see if this prevents the error?

mthidell · September 22, 2022, 10:07am

Hi Colin,

Can you adjust your build and see if this prevents the error?

Nothing I can address quickly in our Azure Devops Environment.

The files that fails are just couple of lines (40) with no dependency attached to it.
Possible same issue as stated following thread but can’t find any resolution on it.

But unsure how we test/isolate the issue. I assume the CLI scanner using the following GitHub - SonarSource/sonar-java: ☕ SonarSource Static Analyzer for Java Code Quality and Security component to scan java projects?

Edit: Fixed markdown

Colin · September 22, 2022, 11:44am

Hey there.

Thanks for the follow-up.

Can you provide the contents of the file that is causing this error?

mthidell · September 22, 2022, 1:07pm

Reproduce/example that causes same error/stacktrace.
Same environment/CI as initial post.

public record TestSonar(String arg1, String arg2, String arg3, String arg4, long arg5, String arg6) {
    public TestSonar {
        if (isBlank(arg1)) {
            throw new IllegalArgumentException("can not be blank.");
        }
    }
    public static TestSonar of(final String arg1, final String arg2, final String arg3, final String arg4,
            final long arg5, final String arg6) {
        return arg1 != null || arg2 != null || arg3 != null || arg4 != null
                ? new TestSonar(arg1, arg2, arg3, arg4, arg5, arg6)
                : null;
    }

    static boolean isBlank(final String value) {
        return value == null || value.isBlank();
    }

}

##[error]ERROR: Unable to run check class org.sonar.java.se.SymbolicExecutionVisitor -  on file '.....TestSonar.java', To help improve the SonarSource Java Analyzer, please report this problem to SonarSource: see https://community.sonarsource.com/
java.lang.IndexOutOfBoundsException: Index 0 out of bounds for length 0
	at java.base/jdk.internal.util.Preconditions.outOfBounds(Preconditions.java:64)
	at java.base/jdk.internal.util.Preconditions.outOfBoundsCheckIndex(Preconditions.java:70)
	at java.base/jdk.internal.util.Preconditions.checkIndex(Preconditions.java:248)
	at java.base/java.util.Objects.checkIndex(Objects.java:372)
	at java.base/java.util.ArrayList.get(ArrayList.java:459)
	at org.sonar.java.se.checks.NonNullSetToNullCheck$PreStatementVisitor.checkNullArgument(NonNullSetToNullCheck.java:251)
	at org.sonar.java.se.checks.NonNullSetToNullCheck$PreStatementVisitor.checkNullArguments(NonNullSetToNullCheck.java:244)
	at org.sonar.java.se.checks.NonNullSetToNullCheck$PreStatementVisitor.visitNewClass(NonNullSetToNullCheck.java:218)
	at org.sonar.java.model.expression.NewClassTreeImpl.accept(NewClassTreeImpl.java:116)
	at org.sonar.java.se.checks.NonNullSetToNullCheck.checkPreStatement(NonNullSetToNullCheck.java:91)
	at org.sonar.java.se.CheckerDispatcher.executeCheckPreStatement(CheckerDispatcher.java:62)
	at org.sonar.java.se.ExplodedGraphWalker.visit(ExplodedGraphWalker.java:631)
	at org.sonar.java.se.ExplodedGraphWalker.execute(ExplodedGraphWalker.java:260)
	at org.sonar.java.se.ExplodedGraphWalker.visitMethod(ExplodedGraphWalker.java:216)
	at org.sonar.java.se.SymbolicExecutionVisitor.execute(SymbolicExecutionVisitor.java:75)
	at org.sonar.java.se.SymbolicExecutionVisitor.visitNode(SymbolicExecutionVisitor.java:65)
	at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:100)

Colin · September 22, 2022, 1:30pm

Thanks. I’ve flagged this thread for some expert attention.

mthidell · September 27, 2022, 7:32am

Hi @Colin Any update on this topic?

Colin · September 27, 2022, 8:30am

Not yet. If only one file is causing an issue, you can adjust the analysis scope to exclude it, or disable java:S2637 in your Quality Profile.

mthidell · October 3, 2022, 8:54am

you can adjust the analysis scope to exclude it.

Exclude the rule java:S2637 did not work. As a workaround we excluded the files until fixed as you suggested. Based on the error I assume it’s an lexical-analysis issue thereby disable the rule won’t help in this case.

Any update on this issue?

Margarita_Nedzelska · October 12, 2022, 12:08pm

Hey @mthidell,

Thanks for your feedback and sorry for the late reply. I’m currently looking into this issue. I’ll try to get back to you with some updates by the end of the week.

Regards,
Margarita

Margarita_Nedzelska · October 14, 2022, 12:53pm

Hello, again @mthidell,
Thanks for your patience. After some investigations, I figured out where the issue is. It’s happening because of the Records and the way we process them.

So I created a ticket to fix it. Meanwhile, it would be easier for you to exclude these files from the analysis, and once the fix is on the SonarCloud you can add them again.

Thanks again for your input.

Regards,
Margarita

system · October 21, 2022, 1:01pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.