What is the best source to learn about symbolic / data flow capabilities

Hi everyone.

I’m new to SonarQube and very thankful for the great tool and helpful community.
I’m interested in learning more about the data flow capabilities of SonarQube, which from my understanding are referred to as Symbols in SQ. I couldn’t find any in depth tutorial on this topic so I’ll put a few usecase examples and it would be great to have a pointer to some material which cover that.

In a high level, I want to be able to write rules and infer the exact parameter values which were relevant to Method Invocation. i.e. given a function with a signature: public String someFunc(String caller, String key), and a method invocation someFunc(username, userkey), I want to track the exact values of username and userkey.

I saw in one of the core team’s answers that this is Symbolic execution and that SQ doesn’t expose this, but this answer is quite old so any updates on that would be great.

Partial coverage would also be useful, i.e.

  1. Identify when the value was changed
  2. Identify only constant value definition
  3. Identify the relations w/o value, i.e. username is set using another Method Invocation

Thanks, and I would appreciate some guidance on that topic,

Hi Anton,

Welcome to the community, and thanks for the kind words!

We don’t have any in-depth tutorials, only the rule implementations themselves, which are open source for many languages. What language are we talking about?


my main focus is Java, can you point me to some rules which take advantage of the Symbolic capabilities of SonarQube?


It’s not clear to me that all the APIs for symbolic execution will be visible to you. The best thing to do is identify one or more rules that do something in the direction of what you want to accomplish and then check in the SonarQube Rules page to see if they’re part of the “SonarQube” repository (and thus open source) or one of the others.


Thanks for the answer, can you please point me to the list of possible rules and the rules available in SonarQube?


The easiest thing to do is go to your own SonarQube instance’s Rules page. There’s also https://rules.sonarsource.com/.


Thanks! I’m using SQ as a library (w/o actually running it as a server), are those rules also available in GitHub?


Ehm… This is a totally unsupported use. Sorry, but you’re on your own.



maybe a deep dive in sonar-java/java-checks/src/main/java/org/sonar/java/checks at master · SonarSource/sonar-java · GitHub will be helpful ?