Warnings during taint analysis for Java

We are testing SonarQube 2025.1, and in a couple of projects we get some warnings like '6' appears to be a predecessor of '8' but this has already been handled during the “Taint analysis for Java” phase of the analysis:

11:23:42  [INFO] Taint analysis for java: Starting
11:23:42  [INFO] 0 / 38209 UCFGs simulated, memory usage: 3748 MB
11:23:42  [INFO] 438 / 38209 UCFGs simulated, memory usage: 3914 MB
11:23:43  [INFO] 1305 / 38209 UCFGs simulated, memory usage: 4064 MB
11:23:45  [INFO] 1968 / 38209 UCFGs simulated, memory usage: 3438 MB
11:23:46  [INFO] 2452 / 38209 UCFGs simulated, memory usage: 3824 MB
11:23:46  [INFO] 3033 / 38209 UCFGs simulated, memory usage: 4000 MB
11:23:47  [INFO] 3543 / 38209 UCFGs simulated, memory usage: 3445 MB
11:23:47  [INFO] 3885 / 38209 UCFGs simulated, memory usage: 3735 MB
11:23:49  [INFO] 4267 / 38209 UCFGs simulated, memory usage: 3379 MB
11:23:49  [INFO] 4741 / 38209 UCFGs simulated, memory usage: 3747 MB
11:23:50  [INFO] 5317 / 38209 UCFGs simulated, memory usage: 4007 MB
11:23:52  [INFO] 5783 / 38209 UCFGs simulated, memory usage: 3648 MB
11:23:53  [INFO] 6120 / 38209 UCFGs simulated, memory usage: 3983 MB
11:23:55  [INFO] 6397 / 38209 UCFGs simulated, memory usage: 3634 MB
11:23:55  [INFO] 6854 / 38209 UCFGs simulated, memory usage: 3712 MB
11:23:56  [INFO] 7942 / 38209 UCFGs simulated, memory usage: 3664 MB
11:23:57  [INFO] 8446 / 38209 UCFGs simulated, memory usage: 3490 MB
11:23:58  [INFO] 8905 / 38209 UCFGs simulated, memory usage: 4100 MB
11:23:58  [INFO] 9278 / 38209 UCFGs simulated, memory usage: 4050 MB
11:23:58  [INFO] Too high simulation costs for sink in /services/jenkins_home/workspace/n-nextgen_feature_check-encoding/src/main/java/com/logister/silicon/model/commons/utils/SiliconLoggerWrapper.java:68. This sink will not be analyzed any further.
11:23:59  [INFO] 9648 / 38209 UCFGs simulated, memory usage: 3873 MB
11:24:00  [INFO] 10378 / 38209 UCFGs simulated, memory usage: 3866 MB
11:24:01  [INFO] 10697 / 38209 UCFGs simulated, memory usage: 3970 MB
11:24:02  [INFO] 11107 / 38209 UCFGs simulated, memory usage: 4078 MB
11:24:03  [INFO] 11378 / 38209 UCFGs simulated, memory usage: 3568 MB
11:24:04  [INFO] 11807 / 38209 UCFGs simulated, memory usage: 3605 MB
11:24:05  [INFO] 12097 / 38209 UCFGs simulated, memory usage: 3819 MB
11:24:06  [INFO] 12543 / 38209 UCFGs simulated, memory usage: 3916 MB
11:24:07  [INFO] 12855 / 38209 UCFGs simulated, memory usage: 3408 MB
11:24:08  [INFO] 13260 / 38209 UCFGs simulated, memory usage: 3636 MB
11:24:09  [INFO] 13646 / 38209 UCFGs simulated, memory usage: 3656 MB
11:24:09  [INFO] 14118 / 38209 UCFGs simulated, memory usage: 3457 MB
11:24:10  [INFO] 14846 / 38209 UCFGs simulated, memory usage: 3793 MB
11:24:11  [INFO] 15258 / 38209 UCFGs simulated, memory usage: 3542 MB
11:24:12  [INFO] 15814 / 38209 UCFGs simulated, memory usage: 3964 MB
11:24:12  [INFO] Too high simulation costs for sink in /services/jenkins_home/workspace/n-nextgen_feature_check-encoding/src/main/java/com/logister/silicon/model/commons/utils/SiliconLoggerWrapper.java:125. This sink will not be analyzed any further.
11:24:12  [INFO] 16272 / 38209 UCFGs simulated, memory usage: 3987 MB
11:24:13  [INFO] 16775 / 38209 UCFGs simulated, memory usage: 3483 MB
11:24:15  [INFO] 17091 / 38209 UCFGs simulated, memory usage: 3685 MB
11:24:17  [INFO] 17386 / 38209 UCFGs simulated, memory usage: 3677 MB
11:24:19  [INFO] 17624 / 38209 UCFGs simulated, memory usage: 3885 MB
11:24:21  [INFO] 17993 / 38209 UCFGs simulated, memory usage: 3752 MB
11:24:23  [INFO] Too high simulation costs for sink in /services/jenkins_home/workspace/n-nextgen_feature_check-encoding/src/main/java/com/logister/silicon/model/seguridad/SiliconWSSecurityHelper.java:57. This sink will not be analyzed any further.
11:24:23  [INFO] 18402 / 38209 UCFGs simulated, memory usage: 3599 MB
11:24:25  [INFO] 19091 / 38209 UCFGs simulated, memory usage: 3830 MB
11:24:28  [INFO] 19341 / 38209 UCFGs simulated, memory usage: 3760 MB
11:24:29  [INFO] 19709 / 38209 UCFGs simulated, memory usage: 3964 MB
11:24:32  [INFO] 20007 / 38209 UCFGs simulated, memory usage: 4053 MB
11:24:32  [INFO] 20519 / 38209 UCFGs simulated, memory usage: 4012 MB
11:24:34  [INFO] 20971 / 38209 UCFGs simulated, memory usage: 3644 MB
11:24:34  [INFO] 21613 / 38209 UCFGs simulated, memory usage: 3578 MB
11:24:35  [INFO] 22398 / 38209 UCFGs simulated, memory usage: 3541 MB
11:24:37  [INFO] 23084 / 38209 UCFGs simulated, memory usage: 4019 MB
11:24:39  [INFO] 23381 / 38209 UCFGs simulated, memory usage: 3989 MB
11:24:41  [INFO] 23515 / 38209 UCFGs simulated, memory usage: 3923 MB
11:24:44  [INFO] 23843 / 38209 UCFGs simulated, memory usage: 3739 MB
11:24:47  [INFO] 24013 / 38209 UCFGs simulated, memory usage: 3775 MB
11:24:49  [INFO] 24301 / 38209 UCFGs simulated, memory usage: 3516 MB
11:24:50  [INFO] 24660 / 38209 UCFGs simulated, memory usage: 3566 MB
11:24:50  [INFO] 25012 / 38209 UCFGs simulated, memory usage: 3827 MB
11:24:51  [INFO] 25350 / 38209 UCFGs simulated, memory usage: 3569 MB
11:24:53  [INFO] 25710 / 38209 UCFGs simulated, memory usage: 3761 MB
11:24:54  [INFO] 26115 / 38209 UCFGs simulated, memory usage: 3833 MB
11:24:55  [INFO] 26340 / 38209 UCFGs simulated, memory usage: 3586 MB
11:24:56  [INFO] 26654 / 38209 UCFGs simulated, memory usage: 3974 MB
11:24:57  [INFO] 27079 / 38209 UCFGs simulated, memory usage: 3925 MB
11:24:59  [INFO] 27399 / 38209 UCFGs simulated, memory usage: 3816 MB
11:25:02  [INFO] 27673 / 38209 UCFGs simulated, memory usage: 3630 MB
11:25:04  [INFO] 28058 / 38209 UCFGs simulated, memory usage: 3964 MB
11:25:06  [INFO] 28307 / 38209 UCFGs simulated, memory usage: 3523 MB
11:25:07  [INFO] 28664 / 38209 UCFGs simulated, memory usage: 3592 MB
11:25:08  [INFO] 28926 / 38209 UCFGs simulated, memory usage: 3871 MB
11:25:09  [INFO] 29149 / 38209 UCFGs simulated, memory usage: 3836 MB
11:25:11  [INFO] 29437 / 38209 UCFGs simulated, memory usage: 3666 MB
11:25:13  [INFO] 29741 / 38209 UCFGs simulated, memory usage: 4105 MB
11:25:13  [INFO] 29962 / 38209 UCFGs simulated, memory usage: 3781 MB
11:25:15  [INFO] 30140 / 38209 UCFGs simulated, memory usage: 3637 MB
11:25:17  [INFO] 30568 / 38209 UCFGs simulated, memory usage: 3937 MB
11:25:18  [INFO] 30832 / 38209 UCFGs simulated, memory usage: 3619 MB
11:25:18  [INFO] 31263 / 38209 UCFGs simulated, memory usage: 3665 MB
11:25:18  [INFO] 31620 / 38209 UCFGs simulated, memory usage: 3729 MB
11:25:18  [INFO] 31977 / 38209 UCFGs simulated, memory usage: 3785 MB
11:25:19  [INFO] 32337 / 38209 UCFGs simulated, memory usage: 3839 MB
11:25:19  [INFO] 32717 / 38209 UCFGs simulated, memory usage: 3901 MB
11:25:19  [WARNING] '6' appears to be a predecessor of '8' but this has already been handled.
11:25:19  [WARNING] '8' appears to be a predecessor of '6' but this has already been handled.
11:25:19  [INFO] 33079 / 38209 UCFGs simulated, memory usage: 3951 MB
11:25:19  [INFO] 33416 / 38209 UCFGs simulated, memory usage: 3993 MB
11:25:19  [INFO] 33764 / 38209 UCFGs simulated, memory usage: 4045 MB
11:25:19  [INFO] 34160 / 38209 UCFGs simulated, memory usage: 4093 MB
11:25:19  [INFO] 34490 / 38209 UCFGs simulated, memory usage: 3536 MB
11:25:19  [INFO] 34849 / 38209 UCFGs simulated, memory usage: 3582 MB
11:25:19  [INFO] 35213 / 38209 UCFGs simulated, memory usage: 3632 MB
11:25:19  [INFO] 35537 / 38209 UCFGs simulated, memory usage: 3678 MB
11:25:19  [INFO] 35911 / 38209 UCFGs simulated, memory usage: 3722 MB
11:25:19  [INFO] 36243 / 38209 UCFGs simulated, memory usage: 3778 MB
11:25:19  [INFO] 36611 / 38209 UCFGs simulated, memory usage: 3822 MB
11:25:19  [INFO] 36899 / 38209 UCFGs simulated, memory usage: 3870 MB
11:25:19  [WARNING] '6' appears to be a predecessor of '8' but this has already been handled.
11:25:19  [WARNING] '8' appears to be a predecessor of '6' but this has already been handled.
11:25:19  [INFO] 37254 / 38209 UCFGs simulated, memory usage: 3924 MB
11:25:20  [INFO] 37601 / 38209 UCFGs simulated, memory usage: 3994 MB
11:25:20  [INFO] 37907 / 38209 UCFGs simulated, memory usage: 4070 MB
11:25:20  [WARNING] '6' appears to be a predecessor of '8' but this has already been handled.
11:25:20  [WARNING] '8' appears to be a predecessor of '6' but this has already been handled.
11:25:20  [INFO] 38185 / 38209 UCFGs simulated, memory usage: 4114 MB
11:25:20  [INFO] Taint analysis for java: Time spent was 00:01:38.939

• Versions we are using:
  • SonarQube 2025.1.1 Enterprise Edition
  • SonarQube Scanner for Maven 5.1.0.4751
• How is SonarQube deployed: zip

Should we worry about these warnings? Or can we ignore them?

Thanks

Hi,

I think you can safely ignore these since they’re just WARNings.

Nonetheless, I’m going to flag this for the experts, who may want to dig into this with you if you’re willing to go down that road.

 
Ann

Ok, let’s try digging into this. In the log I’ve provided before there’s only six warnings, but in another project we get +500 of them. Even if they are safe to ignore, that’s a bit too much…

Thank you

Hey @jordip ,

I would be happy to dig into this with you.

Could you share with me the debug logs of your other project, where you get +500 of these issues?

You can activate debug logs using the switch -Dsonar.verbose=true.