The last analysis failed - would cause server-wide lines of code total to exceed your limit

Versions:

• SonarQube: Developer Edition - Version 10.1 (build 73491)
• Scanner Starup Logs:

  INFO: SonarScanner 4.7.0.2747
  INFO: Java 11.0.22 Debian (64-bit)
  INFO: Linux 5.14.0-362.8.1.el9_3.x86_64 amd64
  ...
  INFO: Analyzing on SonarQube server 10.1.0.73491
  

• SonarQube deployed: Docker
• Plugins & Extensions: None

Issue:
We have a rather large project in SQ.
SonarCube stopped analysing the project with the above issue shown on the project page, as well as all branches.

Our server is currently at 672'263 lines of our License (of 1M).

If I query the project for the lines of code through the WebAPI I get:

// api/measures/component?
"metric": "ncloc",
"value": "214040"

The current PR that I am looking at that fails shows the following on the code page

folder | Lines
-------------------
src/   |   465 |
test/  | 1 359 |

(I am not sure how to query the PR through the API, the PR number does not work as-is)

ps: Our project is configured to correctly disregard test/ but this PR touches a lot of test files.

My assumption is that even if the changes gets added on top of the current LOC of the project, we should still be far below the number of lines as per the License.
Technically there is still space to duplicate the full project on the server and it should still not go over the 1M lines limit.

At the end of the analysis this is found in the logs:

INFO: PCH: unique=0 use=0 (forceInclude=0,throughHeader=0,firstInclude=0) out of 338 (forceInclude=0,throughHeader=0)
INFO: Z3 refutation rate: 14 out of 394
INFO: SE: 338 out of 338
INFO: Subprocess(es) done in 151460ms
INFO: 7/700 files marked as unchanged
INFO: 8/144 test files marked as unchanged
INFO: Cache: 0/338 hits, 3486410 bytes
INFO: 338 compilation units analyzed
INFO: Sensor CFamily [cpp] (done) | time=158082ms
...
INFO: SCM Publisher SCM provider for this project is: git
INFO: SCM Publisher 820 source files to be analyzed
INFO: SCM Publisher 820/820 source files have been analyzed (done) | time=3903ms
INFO: CPD Executor 42 files had no CPD blocks
INFO: CPD Executor Calculating CPD for 659 files
INFO: CPD Executor CPD calculation finished (done) | time=383ms
INFO: SCM writing changed lines
INFO: Merge base sha1: 40bc012c6514b074872d9801cd9ae5e8afe49dcd
...
INFO: ANALYSIS SUCCESSFUL, you can find the results at: https://<....>/dashboard?id=<project>&pullRequest=770
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at https://<...>/api/ce/task?id=AY7v9wsrLvmoOL-igLBH
INFO: Analysis total time: 6:34.148 s

The result of the report from the API is

{
    "task": {
        "id": "AY7v9wsrLvmoOL-igLBH",
        "type": "REPORT",
        "componentId": "AY7l7ICoLvmoOL-igK4y",
        "componentKey": "<key>,
        "componentName": "<name>",
        "componentQualifier": "TRK",
        "status": "FAILED",
        "submittedAt": "2024-04-18T08:48:49+0200",
        "submitterLogin": "<User>",
        "startedAt": "2024-04-18T08:48:51+0200",
        "executedAt": "2024-04-18T08:48:55+0200",
        "executionTimeMs": 4026,
        "errorMessage": "The last analysis failed because it would have caused your server-wide lines of code total to exceed your 1000000 limit.",
        "hasScannerContext": true,
        "errorType": "LICENSING_LOC",
        "pullRequest": "770",
        "warningCount": 2,
        "warnings": [
            "The property 'sonar.login' is deprecated and will be removed in the future. Please use the 'sonar.token' property instead when passing a token.",
            "There are problems with file encoding in the source code. Please check the scanner logs for more details."
        ]
    }
}

The above is just for the PR.
The MAIN branch development also shows the error, except for the PR part

{
    "task": {
        "id": "AY6i8el_LvmoOL-igKOm",
        "type": "REPORT",
        "componentId": "AYJEZFoBYpCNgbZcu9n9",
        "componentKey": "<key>,
        "componentName": "<name>",
        "componentQualifier": "TRK",
        "status": "FAILED",
        "submittedAt": "2024-04-03T09:52:27+0200",
        "submitterLogin": "<user>",
        "startedAt": "2024-04-03T09:52:28+0200",
        "executedAt": "2024-04-03T09:52:32+0200",
        "executionTimeMs": 3562,
        "errorMessage": "The last analysis failed because it would have caused your server-wide lines of code total to exceed your 1000000 limit.",
        "hasScannerContext": true,
        "branch": "development",
        "branchType": "BRANCH",
        "errorType": "LICENSING_LOC",
        "warningCount": 2,
        "warnings": [
            "The property 'sonar.login' is deprecated and will be removed in the future. Please use the 'sonar.token' property instead when passing a token.",
            "There are problems with file encoding in the source code. Please check the scanner logs for more details."
        ]
    }
}

What could be the problem and how can we get our project to analyse again?

Please let me know if there is any information that I can supply to assist with this

Hi,

At a guess, some libraries have inadvertently been added into analysis.

You may be able to figure out what extra files are included by turning on verbose logging (-Dsonar.verbose=true on the analysis command line). Alternately, you could add -Dsonar.scanner.dumpToFile=[path to file] and seeing the properties the scanner is running with may help.

 
HTH,
Ann

@ganncamp

Than you for the response.

I have done both, but still does not get any clue for what might cause this. Do you perhaps have something in particular that I can search for in the logs?

I do not see anything new or unexpected in the config nor the logs.
The logs however does not show me the total lines of code for the current run, which might have been helpful in this case.

Output from the dumpToFile:

## Generated by a SonarScanner
#Mon Apr 22 06:59:06 UTC 2024
awt.toolkit=sun.awt.X11.XToolkit
sonar.projectName=<key>
java.specification.version=11
sun.cpu.isalist=
sun.jnu.encoding=ANSI_X3.4-1968
sonar.host.url=<url>
sun.arch.data.model=64
sonar.verbose=true
java.vendor.url=https\://tracker.debian.org/openjdk-11
sun.boot.library.path=/usr/lib/jvm/java-11-openjdk-amd64/lib
sun.java.command=org.sonarsource.scanner.cli.Main --define sonar.cfamily.build-wrapper-output\=build/bw-output --define sonar.verbose\=true --define sonar.scanner.dumpToFile\=sq_dump.txt --define sonar.projectName\=<key> --define sonar.projectVersion\=0.40.0-pre.3
sonar.sourceEncoding=US-ASCII
jdk.debug=release
java.specification.vendor=Oracle Corporation
java.version.date=2024-01-16
java.home=/usr/lib/jvm/java-11-openjdk-amd64
file.separator=/
java.vm.compressedOopsMode=Zero based
line.separator=\n
java.vm.specification.vendor=Oracle Corporation
java.specification.name=Java Platform API Specification
sun.management.compiler=HotSpot 64-Bit Tiered Compilers
java.runtime.version=11.0.22+7-post-Debian-1deb11u1
sonar.projectVersion=0.40.0-pre.3
user.name=Buildit
sonar.scanner.dumpToFile=sq_dump.txt
sonar.scanner.appVersion=4.7.0.2747
sonar.tests=test/
file.encoding=ANSI_X3.4-1968
sonar.projectBaseDir=/home/Buildit/workspace/<folder>
java.io.tmpdir=/tmp
java.version=11.0.22
sonar.cfamily.build-wrapper-output=build/bw-output
sonar.sources=src/
java.vm.specification.name=Java Virtual Machine Specification
java.awt.printerjob=sun.print.PSPrinterJob
sun.os.patch.level=unknown
sonar.projectKey=<key>
java.library.path=/usr/java/packages/lib\:/usr/lib/x86_64-linux-gnu/jni\:/lib/x86_64-linux-gnu\:/usr/lib/x86_64-linux-gnu\:/usr/lib/jni\:/lib\:/usr/lib
java.vendor=Debian
java.specification.maintenance.version=2
sun.io.unicode.encoding=UnicodeLittle
sonar.login=<login>
java.class.path=/opt/sonar-scanner/lib/sonar-scanner-cli-4.7.0.2747.jar
java.vm.vendor=Debian
user.timezone=
os.name=Linux
java.vm.specification.version=11
scanner.home=/opt/sonar-scanner
sun.java.launcher=SUN_STANDARD
user.country=US
sonar.scanner.app=ScannerCLI
sonar.coverage.exclusions=src/github.com/**/*, src/ib/**/*
sun.cpu.endian=little
user.home=/home/Buildit
user.language=en
java.awt.graphicsenv=sun.awt.X11GraphicsEnvironment
java.awt.headless=true
path.separator=\:
sonar.exclusions=src/**/*.go
os.version=5.14.0-362.8.1.el9_3.x86_64
java.runtime.name=OpenJDK Runtime Environment
java.vm.name=OpenJDK 64-Bit Server VM
sonar.python.version=3.9
java.vendor.url.bug=https\://bugs.debian.org/openjdk-11
user.dir=/home/Buildit/workspace/<dir>
os.arch=amd64
sonar.working.directory=/home/Buildit/workspace/<dir>/.scannerwork
java.vm.info=mixed mode, sharing
java.vm.version=11.0.22+7-post-Debian-1deb11u1
java.class.version=55.0

Snippets from the debug output

...
08:19:35.741 INFO: Indexing files...
08:19:35.741 INFO: Project configuration:
08:19:35.741 INFO:   Excluded sources: src/**/*.go
08:19:35.741 INFO:   Excluded sources for coverage: src/github.com/**/*, src/ib/**/*
...
08:19:35.765 DEBUG: loading config FileBasedConfig[/home/Buildit/.gitconfig]
08:19:35.899 DEBUG: 3726 non excluded files in this Git repository
08:19:35.906 DEBUG: 'src/CMakeLists.txt' indexed with no language
08:19:35.911 DEBUG: 'src/admin/admin.hpp' indexed with language 'cpp'
08:19:35.912 DEBUG: 'src/admin/alarms.cpp' indexed with language 'cpp'
08:19:35.913 DEBUG: 'src/admin/alarms.hpp' indexed with language 'cpp'
08:19:35.914 DEBUG: 'src/admin/analysis_results.cpp' indexed with language 'cpp'
08:19:35.915 DEBUG: 'src/admin/analysis_results.hpp' indexed with language 'cpp'
...
08:19:35.977 DEBUG: 'src/github.com/<dir>/LICENSE' indexed with no language
08:19:35.977 DEBUG: File src/github.com/<dir>/LICENSE excluded for coverage
08:19:35.978 DEBUG: 'src/github.com/<dir>/Makefile' indexed with no language
08:19:35.978 DEBUG: File src/github.com/<dir>/Makefile excluded for coverage
08:19:35.978 DEBUG: 'src/github.com/<dir>/README.md' indexed with no language
08:19:35.978 DEBUG: File src/github.com/<dir>/README.md excluded for coverage
...
08:19:35.989 DEBUG: 'src/ib/ib_conn.c' indexed with language 'c'
08:19:35.989 DEBUG: File src/ib/ib_conn.c excluded for coverage
08:19:35.989 DEBUG: 'src/ib/ib_conn.h' indexed with language 'c'
08:19:35.989 DEBUG: File src/ib/ib_conn.h excluded for coverage
08:19:35.989 DEBUG: 'src/ib/ib_qp.c' indexed with language 'c'
08:19:35.989 DEBUG: File src/ib/ib_qp.c excluded for coverage
...
08:19:36.041 DEBUG: 'test/data/<file>.bin' indexed as test with no language
08:19:36.041 DEBUG: 'test/data/<file>.dat' indexed as test with no language
08:19:36.041 DEBUG: 'test/<file1>.cpp' indexed as test with language 'cpp'
08:19:36.042 DEBUG: 'test/<file2>.hpp' indexed as test with language 'cpp'
08:19:36.042 DEBUG: 'test/<file3>.hpp' indexed as test with language 'cpp'
08:19:36.042 DEBUG: 'test/<file4>.cpp' indexed as test with language 'cpp'
08:19:36.042 DEBUG: 'test/<file5>.cpp' indexed as test with language 'cpp'
08:19:36.042 DEBUG: 'test/<file6>.cpp' indexed as test with language 'cpp'
08:19:36.042 DEBUG: 'test/<file7>.cpp' indexed as test with language 'cpp'
...
08:19:36.054 INFO: 915 files indexed
08:19:36.055 INFO: 232 files ignored because of inclusion/exclusion patterns
08:19:36.055 INFO: 0 files ignored because of scm ignore settings
08:19:36.055 INFO: Quality profile for c: Sonar way
08:19:36.055 INFO: Quality profile for cpp: Sonar way
08:19:36.055 INFO: Quality profile for py: Sonar way
08:19:36.055 INFO: ------------- Run sensors on module <key>
...
08:19:37.315 INFO: 845 source files to be analyzed
08:19:37.316 DEBUG: 'src/utility/configuration.hpp' generated metadata with charset 'US-ASCII'
08:19:37.319 DEBUG: 'src/<dir>/<file>.hpp' generated metadata with charset 'US-ASCII'
...
08:19:39.760 WARN: Invalid character encountered in file /home/Buildit/workspace/<dir>/src/modules/<file>.cpp at line 187 for encoding US-ASCII. Please fix file content or configure the encoding to be used using property 'sonar.sourceEncoding'.
...
08:19:45.496 INFO: 845/845 source files have been analyzed
08:19:45.496 INFO: Sensor TextAndSecretsSensor [text] (done) | time=8188ms
08:19:45.496 INFO: Sensor VB.NET Project Type Information [vbnet]
08:19:45.497 INFO: Sensor VB.NET Project Type Information [vbnet] (done) | time=1ms
08:19:45.497 INFO: Sensor VB.NET Analysis Log [vbnet]
08:19:45.504 INFO: Sensor VB.NET Analysis Log [vbnet] (done) | time=7ms
08:19:45.504 INFO: Sensor VB.NET Properties [vbnet]
08:19:45.504 DEBUG: Project '<key>': No Roslyn issues reports have been found.
08:19:45.505 INFO: Sensor VB.NET Properties [vbnet] (done) | time=1ms
08:19:45.505 INFO: Sensor Python Sensor [python]
08:19:45.513 DEBUG: Input files for indexing: [src/tools/<dir>/<dir>/top_block.py]
08:19:45.513 INFO: Starting global symbols computation
08:19:45.515 INFO: 1 source file to be analyzed
08:19:45.708 INFO: 1/1 source file has been analyzed
08:19:45.725 INFO: Starting rules execution
08:19:45.726 INFO: 1 source file to be analyzed
...
08:19:46.286 INFO: 1/1 source file has been analyzed
08:19:46.286 INFO: The Python analyzer was able to leverage cached data from previous analyses for 0 out of 1 files. These files were not parsed.
08:19:46.286 INFO: Sensor Python Sensor [python] (done) | time=781ms
...
08:19:46.452 INFO: Sensor CFamily [cpp]
08:19:46.470 INFO: CFamily plugin version: 6.45.0.62016
08:19:46.470 INFO: Using build-wrapper output: /home/Buildit/workspace/<dir>/build/bw-output/build-wrapper-dump.json
08:19:46.471 INFO: Available processors: 16
08:19:46.474 INFO: Using 16 threads for analysis.
08:19:46.480 DEBUG: Total system memory: 17179869184
08:19:46.480 DEBUG: Unpacking analyzer to: /home/Buildit/workspace/<dir>/.scannerwork/.sonartmp/12398552414625666920
08:19:48.050 DEBUG: Not enough content in 'src/utility/configuration.hpp' to have CPD blocks, it will not be part of the duplication detection
...
08:19:52.802 INFO: Found empty cache on server
08:19:52.814 DEBUG: Probing compiler: [/usr/bin/x86_64-linux-gnu-g++-10, -x, c++, --std, c++2a, -v, -dM, -E, -]
08:19:52.824 DEBUG: stdout:
#define __DBL_MIN_EXP__ (-1021)
...
08:19:52.831 DEBUG: Cache miss for /home/Buildit/workspace/<dir>/src/modules/<file>.cpp: cache is empty
08:19:52.833 INFO: [pool-4-thread-1] /home/Buildit/workspace/<dir>/src/modules/<file>.cpp
...
08:22:24.205 INFO: PCH: unique=0 use=0 (forceInclude=0,throughHeader=0,firstInclude=0) out of 338 (forceInclude=0,throughHeader=0)
08:22:24.205 INFO: Z3 refutation rate: 14 out of 394
08:22:24.205 INFO: SE: 338 out of 338
08:22:24.261 INFO: Subprocess(es) done in 151459ms
08:22:24.351 DEBUG: /home/Buildit/workspace/<dir>/src/<dir>/<file>.cpp not marked as unchanged: file added
08:22:24.351 DEBUG: /home/Buildit/workspace/<dir>/src/<dir>/<dir>/cmd.cpp not marked as unchanged: file added
...
08:22:24.355 INFO: 0/700 files marked as unchanged
08:22:24.355 INFO: 0/144 test files marked as unchanged
08:22:24.355 INFO: Cache: 0/338 hits, 3542088 bytes
08:22:24.355 INFO: 338 compilation units analyzed
08:22:24.356 INFO: Sensor CFamily [cpp] (done) | time=157904ms
...
08:22:29.003 DEBUG: 10635 Processing commit Commit[ @ e30044]
08:22:29.132 INFO: SCM Publisher 845/845 source files have been analyzed (done) | time=4305ms
08:22:29.520 INFO: CPD Executor 42 files had no CPD blocks
08:22:29.521 INFO: CPD Executor Calculating CPD for 659 files
08:22:29.521 DEBUG: Detection of duplications for /home/Buildit/workspace/<dir>/src/modules/module_factory.cpp
08:22:29.525 DEBUG: Detection of duplications for /home/Buildit/workspace/<dir>/src/modules/module_factory.hpp
...
08:22:29.879 INFO: CPD Executor CPD calculation finished (done) | time=358ms
08:22:29.884 DEBUG: loading config FileBasedConfig[/home/Buildit/.config/jgit/config]
08:22:29.885 DEBUG: loading config FileBasedConfig[/home/Buildit/.config/jgit/config]
08:22:29.885 DEBUG: loading config FileBasedConfig[/home/Buildit/.config/jgit/config]
08:22:29.885 DEBUG: loading config FileBasedConfig[/home/Buildit/.config/jgit/config]
08:22:29.885 DEBUG: SCM revision ID 'f271f2d36b5180912c78e73474a73c3448b010ff'
08:22:30.087 INFO: Load New Code definition
08:22:30.141 DEBUG: GET 200 https://<url>/api/new_code_periods/show.protobuf?project=<key>&branch=carel%2Fcleanup_includes | time=54ms
08:22:30.143 INFO: Load New Code definition (done) | time=55ms
08:22:30.185 INFO: Analysis report generated in 263ms, dir size=180.1 MB
08:22:37.613 INFO: Analysis report compressed in 7428ms, zip size=44.8 MB
08:22:37.613 INFO: Analysis report generated in /home/Buildit/workspace/<dir>/.scannerwork/scanner-report
08:22:37.613 DEBUG: Upload report
08:22:40.222 DEBUG: POST 200 https://<url>/api/ce/submit?projectKey=<key>&projectName=<name>&characteristic=branch%3Dcarel%2Fcleanup_includes&characteristic=branchType%3DBRANCH | time=2608ms
08:22:40.224 INFO: Analysis report uploaded in 2611ms
08:22:40.225 DEBUG: Report metadata written to /home/Buildit/workspace/<dir>/.scannerwork/report-task.txt
08:22:40.225 INFO: ANALYSIS SUCCESSFUL, you can find the results at: https://<url>/dashboard?id=<id>&branch=carel%2Fcleanup_includes
08:22:40.225 INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
08:22:40.225 INFO: More about the report processing at https://<url>/api/ce/task?id=AY8E5mYYLvmoOL-igLIC
08:22:40.227 DEBUG: Post-jobs : 
08:22:40.241 INFO: Analysis total time: 3:05.798 s
08:22:40.242 INFO: ------------------------------------------------------------------------
08:22:40.242 INFO: EXECUTION SUCCESS
08:22:40.242 INFO: ------------------------------------------------------------------------
08:22:40.242 INFO: Total time: 3:19.226s
08:22:40.294 INFO: Final Memory: 71M/267M
08:22:40.294 INFO: ------------------------------------------------------------------------

And still get "errorType": "LICENSING_LOC", for the report

Hi,

When you look at the analysis report, do you see any files you don’t expect in the indexing list? When you look at analysis logs from before this problem started, do you see 915 files indexed?

Personally, I find this a little startling:

But I don’t know your project.

 
Ann

No, I do not see anything that does not pop out to not belong there.

Unfortunately we have only recently realised that this project is not analysing (some configuration issue on the merge check for the specific project) and it has been failing for so long we don’t have the history of the previous build logs any more.

Is there a way to:

1. Get the LOC count for the current analysis (before it goes to the server)
   • It is really hard to work with the general message stating we would exceed the license without an indication of by how many lines. And we can’t even use the free version (due to C++) to see how bad it is before we can even try motivating to up the license.
2. Get the number of files from the server for a given branch? To try and see how many files were part of the analysis?
   • I really don’t want to click through the UI and add up all the files to see how far the last scan is from 900 files…

If there is nothing obvious or something that can help, perhaps I should just delete the project from the server and re-analyse and see if that allows us to make progress again.
If we get to the same answer it would probably be a dead end unless we can get a number from SQ.

PS:

Sins of the past using submodules to pull in external dependencies. We have since moved over to a proper package manager (conan) and have one submodule left in that folder…

Hi,

Unfortunately, there is not. I lobbied for this internally & it just wasn’t seen as compelling.

Yes, this is pretty easy. Just look at the measures tab for each branch.

Selection_1706647×550 31.6 KB

All that’s going to do is lose your project history. This license error isn’t about what’s already on the server, but what you’re trying to add with the new analysis.

What you might do is look at the directories under src and narrow sonar.sources to them one by one (or maybe do a binary-search-type approach and analyze one half at a time). That will give you an understanding of where the biggest LOC use is coming from.

 
HTH,
Ann

On the Measures tab for the last successful scan of this repo I have the following:
Lines of Code: 214 040
Files: 623

Thank you @ganncamp, this was the clue to get to the root of the issue.

After some more digging and going back in time when the analysis stopped working and digging through commits I see that one commit added files that pushes us over the line limit. By how much I am not sure (which brings us back to the issue of not being able to see by how many lines we would go over).

(some configuration issue on the merge check for the specific project)

As mentioned, the misconfigured integration on this project between Bitbucket and SQ allowed the PR through, which should not have been the case.

PS: I am still of the opinion that Bitbucket and SQ integration, on the setup, is not great and can probably be done better, but that is a discussion for another day, probably on the Bitbucket side.

Thank you very much for the help.

Hi,

I’m glad you were able to track this down.

Just to be clear, PR analysis only looks at the files/lines changed in the PR. So unless the PR additions all by themselves (rather than in combination with the rest of the project) would have pushed you over your license limit, PR analysis is never going to catch this.

 
Ann

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.