SonarQube gradle plugin v6 producing StackOverflowError

mmoayyed · November 19, 2024, 1:32pm

Running SonarQube gradle plugin version 6.0.0.5145 with Gradle 8.11 and JDK 21.

The Gradle task has started to produce the following errors:

[stderr] Exception in thread "main" java.lang.StackOverflowError
[stderr] 	at java.base/java.util.HashMap.putVal(Unknown Source)
[stderr] 	at java.base/java.util.HashMap.put(Unknown Source)
[stderr] 	at java.base/java.util.HashSet.add(Unknown Source)
[stderr] 	at com.sonarsource.A.A.W.A(na:2207)
[stderr] 	at com.sonarsource.A.A.W.A(na:1627)
[stderr] 	at com.sonarsource.A.A.W.A(na:1627)
[stderr] 	at com.sonarsource.A.A.W.A(na:1627)
[stderr] 	at com.sonarsource.A.A.W.A(na:1627)
[stderr] 	at com.sonarsource.A.A.W.A(na:1627)
[stderr] 	at com.sonarsource.A.A.W.A(na:1627)

The actual task that is running is:

./gradlew sonar --build-cache --configure-on-demand --no-daemon --parallel \
    -x javadoc -Dsonar.coverage.jacoco.xmlReportPaths=path/to/file.xml

The gradle configuration block is:

sonar {
        def exclusions = rootProject.excludedFilesFromTestCoverage.join(",")
        def token = providers.systemProperty("SONARCLOUD_TOKEN")
                .getOrElse(System.getenv("SONARCLOUD_TOKEN"))
        properties {
            property "sonar.host.url", "https://sonarcloud.io"
            property "sonar.projectName", "cas"
            property "sonar.sourceEncoding", "UTF-8"
            property "sonar.java.source", project.targetCompatibility
            property "sonar.organization", "apereo"
            property "sonar.token", token
            property "sonar.gradle.skipCompile", true
            property "sonar.coverage.exclusions", exclusions
            property "sonar.java.coveragePlugin", "jacoco"
        }
    }

ganncamp · November 20, 2024, 3:25pm

Hi,

Could you re-run analysis with the --info flag and post the resulting log starting from the analysis command, please?

Thx,
Ann

mmoayyed · November 20, 2024, 4:26pm

I wasn’t able to paste the logs here due to size limitations.

Here is the output here: https://gist.githubusercontent.com/mmoayyed/25ee1e458715b617d72ec46d3465626e/raw/2fbdb8ccaff7f3d3fe5d8a45727b4c8037b74e1c/gistfile1.txt

ganncamp · November 20, 2024, 4:35pm

Hi,

Thanks, that’s what I was looking for. And what version of SonarQube Server are you running? Or are you running on SonarQube Cloud?

Thx,
Ann

mmoayyed · November 21, 2024, 4:32am

If I understand your question correctly, based on the Gradle configuration above, https://sonarcloud.io is used.

anton.haubner · November 26, 2024, 1:53pm

Hi Misagh,

Thank you for reporting this issue!
We have identified the problem and are working on a fix.

In the meantime, to prevent the crash, you have the option to exclude the file that triggers the issue.
For your project, it should be sufficient to exclude the file
support/cas-server-support-gcp-logging/src/main/java/org/apereo/cas/logging/GoogleCloudAppender.java.

I.e. in your build.gradle file, you would have to adapt the sonar section as follows:

sonar {
  // ...
  properties {
    // ...

    property "sonar.exclusions", "support/cas-server-support-gcp-logging/src/main/java/org/apereo/cas/logging/GoogleCloudAppender.java"
  }
}

Alternatively, if you would like to make sure that the issue will not arise on any new files, you also have the option to completely disable the advanced bug detection analyzer until we release the fix.
You can do this with the following property configuration:

sonar {
  // ...
  properties {
    // ...

    property "sonar.internal.analysis.dbd", false
  }
}

If you are curious about the cause of the crash:
It is related to the use of Lombok, specifically lombok.val. In specific cases, lombok.val is accidentally modeled as a type that is a sub-type of itself.
This then leads to an infinite recursion.

mmoayyed · November 26, 2024, 3:13pm

Thank you very much, Anton. Appreciate you looking into the problem. I’ll incorporate your suggestions for the time being and look forward to the fix when it’s available.

ZheSun88 · November 27, 2024, 10:09am

We have got the same error with sonar-maven-plugin:5.0.0.4389.
currently, we have also used the workaround to skip the bug detection analyzer to make the build pass. -Dsonar.internal.analysis.dbd=false

anton.haubner · November 28, 2024, 1:11pm

Hi Zhe Sun,

Unfortunately, in this case, exactly determining the file that triggers the crash of the analysis is not possible using just the log. However, I can confirm that this appears to be the same underlying problem.
If the source code for your project is available, I can try to pinpoint the file for exclusion as I did in the case above.

Otherwise, setting the sonar.internal.analysis.dbd property is the only solution for now, until the fix is released.
The fix has been implemented, but it is still under review and validation.

anton.haubner · December 4, 2024, 6:48pm

Hi again, @mmoayyed , @ZheSun88,

The hotfix should now be deployed to SonarQube Cloud and the issue should thus be resolved for SonarQube Cloud users.
(There will still be an error log line about oddities in the type information. However, the analysis will correct it, and safely continue)

Please let me know if you run into any other issues.

Best regards,

Anton

ZheSun88 · December 9, 2024, 10:46am

Hi, yes, thanks. I have tested with our project after removing the sonar.internal.analysis.dbd=false. The previous issue has been fixed now.