4

UPDATE: I am running it on Fedora 21. SonarQube - 5.0. SonarQube Runner - 2.4

UPDATE2: Findbugs v3.1, Java Plugin v2.8

UPDATE3: Analyzer fails on the following file:

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

public class MyManager extends ParentManager {
    public MyManager(int id, int var1, int var2, int var3) {
        super(id, var1, var2, var3);
    }

    public void load() {
        Connection con = null;
        Statement st;
        ResultSet res;

        try {

            con = DatabaseManager.getDataSource().getConnection();
            st = con.createStatement();

            int currentId = 0;
            CurrentData currentData= null;

            res = st.executeQuery("SELECT subjects.subjectname" + " AS name, " +
                    " subjects.subjectcode AS code, " +
                    " groups.groupname AS gname, " +
                    " groups.groupID AS gID , " +
                    " subjects.sID AS sID, " +
                    " groups.isMain AS ismain   " +
                    " FROM joinGroup LEFT JOIN groups ON joinGroup.groupID=groups.groupID " +
                    " LEFT JOIN subjects ON subjects.sID=groups.sID " +
                    " WHERE joinGroup.sID=" + id + "  " +
                    " AND groups.var1" + var1 + " AND groups.var2=" + var2 + " " +
                    " ORDER BY name, subjects.subjectcode, subjects.sID ");
            while (res.next()) {
                if (currentId != res.getInt("sID")) {
                    currentData = new CurrentData();
                    data.subjects.add(currentData);
                    currentData.subjectName = res.getString("name");
                    currentData.subjectID = res.getInt("sID");
                }
                CurrentGroupData groupData = new CurrentGroupData();
                groupData.name = res.getString("gname");
                groupData.id = res.getInt("gID");
                currentId = res.getInt("sID");
                if (res.getBoolean("ismain")) {
                    assert currentData != null;
                    currentData.groupID = res.getInt("gID");
                }
                if (currentData != null) {
                    currentData.groups.add(groupData);
                }
            }

            loadSubjectsData(st, res);

        } catch (Exception exc) {
            Log.writeLog(ex);
        } finally {
            try {
                con.close();
            } catch (SQLException e) {
                Log.writeLog(e);
            }
        }
    }
}

I have installed SonarQube following the tutorials on sonar website. I am able to browse to localhost:9000 and it shows start page. Then I try to analyze the project via command: sonar-runner. It fails. Running sonar-runner -X displays the following:

> ERROR: Error during Sonar runner execution org.sonar.runner.impl.RunnerException: Unable to execute Sonar at org.sonar.runner.impl.BatchLauncher$1.delegateExecution(BatchLauncher.java:91) at org.sonar.runner.impl.BatchLauncher$1.run(BatchLauncher.java:75) at java.security.AccessController.doPrivileged(Native Method) at org.sonar.runner.impl.BatchLauncher.doExecute(BatchLauncher.java:69) at org.sonar.runner.impl.BatchLauncher.execute(BatchLauncher.java:50) at org.sonar.runner.api.EmbeddedRunner.doExecute(EmbeddedRunner.java:102) at org.sonar.runner.api.Runner.execute(Runner.java:100) at org.sonar.runner.Main.executeTask(Main.java:70) at org.sonar.runner.Main.execute(Main.java:59) at org.sonar.runner.Main.main(Main.java:53) Caused by: org.sonar.squidbridge.api.AnalysisException: SonarQube is unable to analyze file : '/path/to/my/file/MyFile.java' at org.sonar.java.ast.AstScanner.simpleScan(AstScanner.java:114) at org.sonar.java.ast.AstScanner.scan(AstScanner.java:75) at org.sonar.java.JavaSquid.scanSources(JavaSquid.java:122) at org.sonar.java.JavaSquid.scan(JavaSquid.java:115) at org.sonar.plugins.java.JavaSquidSensor.analyse(JavaSquidSensor.java:91) at org.sonar.batch.phases.SensorsExecutor.executeSensor(SensorsExecutor.java:79) at org.sonar.batch.phases.SensorsExecutor.execute(SensorsExecutor.java:70) at org.sonar.batch.phases.PhaseExecutor.execute(PhaseExecutor.java:122) at org.sonar.batch.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:222) at org.sonar.api.platform.ComponentContainer.startComponents(ComponentContainer.java:93) at org.sonar.api.platform.ComponentContainer.execute(ComponentContainer.java:78) at org.sonar.batch.scan.ProjectScanContainer.scan(ProjectScanContainer.java:235) at org.sonar.batch.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:230) at org.sonar.batch.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:223) at org.sonar.api.platform.ComponentContainer.startComponents(ComponentContainer.java:93) at org.sonar.api.platform.ComponentContainer.execute(ComponentContainer.java:78) at org.sonar.batch.scan.ScanTask.scan(ScanTask.java:65) at org.sonar.batch.scan.ScanTask.execute(ScanTask.java:52) at org.sonar.batch.bootstrap.TaskContainer.doAfterStart(TaskContainer.java:128) at org.sonar.api.platform.ComponentContainer.startComponents(ComponentContainer.java:93) at org.sonar.api.platform.ComponentContainer.execute(ComponentContainer.java:78) at org.sonar.batch.bootstrap.BootstrapContainer.executeTask(BootstrapContainer.java:171) at org.sonar.batch.bootstrapper.Batch.executeTask(Batch.java:95) at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:67) at org.sonar.runner.batch.IsolatedLauncher.execute(IsolatedLauncher.java:48) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.sonar.runner.impl.BatchLauncher$1.delegateExecution(BatchLauncher.java:87) ... 9 more Caused by: java.lang.NullPointerException at org.sonar.java.checks.AbstractInjectionChecker.isIdentifierDynamicString(AbstractInjectionChecker.java:67) at org.sonar.java.checks.AbstractInjectionChecker.isDynamicString(AbstractInjectionChecker.java:54) at org.sonar.java.checks.AbstractInjectionChecker.isDynamicString(AbstractInjectionChecker.java:49) at org.sonar.java.checks.AbstractInjectionChecker.isDynamicString(AbstractInjectionChecker.java:57) at org.sonar.java.checks.AbstractInjectionChecker.isDynamicString(AbstractInjectionChecker.java:49) at org.sonar.java.checks.AbstractInjectionChecker.isDynamicString(AbstractInjectionChecker.java:57) at org.sonar.java.checks.AbstractInjectionChecker.isDynamicString(AbstractInjectionChecker.java:49) at org.sonar.java.checks.AbstractInjectionChecker.isDynamicString(AbstractInjectionChecker.java:57) at org.sonar.java.checks.SQLInjectionCheck.visitNode(SQLInjectionCheck.java:48) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:95) at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) at org.sonar.java.ast.visitors.SubscriptionVisitor.scanTree(SubscriptionVisitor.java:73) at org.sonar.java.ast.visitors.SubscriptionVisitor.scanFile(SubscriptionVisitor.java:67) at org.sonar.java.model.VisitorsBridge.visitFile(VisitorsBridge.java:122) at com.sonar.sslr.impl.ast.AstWalker.walkAndVisit(AstWalker.java:67) at org.sonar.java.ast.AstScanner.simpleScan(AstScanner.java:107) ... 38 more >

Didn't do anything "exotic", just followed the official tutorials like this one: http://docs.sonarqube.org/display/SONAR/Analyzing+with+SonarQube+Runner

I am running it locally. Any ideas?

Thanks

Timson
  • 191
  • 1
  • 9
  • Which version of SonarQube and of the SonarQube Java plugin are you using? – Mithfindel Jan 29 '15 at 17:03
  • SonarQube - 5.0 SonarQube Runner - 2.4 On the website it says that SonarQube comes with Java Plugin already installed. So I assume Java Plugin version is 2.8, right? How do I lookup the Java Plugin version? – Timson Jan 30 '15 at 08:08
  • This will be in the server's settings section, category "Update Center". – Mithfindel Jan 30 '15 at 11:08
  • This seems to be an issue in the SQLInjectionCheck. Would you be able to share the code of the file the analysis is failing upon ? – benzonico Jan 30 '15 at 11:15
  • Not sure about sharing the code. Its one of the company projects that I started working on recently. Will look into that. But shouldn't sonar analyzing engine be INDEPENDENT of the code? – Timson Jan 30 '15 at 11:29
  • sonarqube java analyzer is analyzing the source code. The issue should indeed not happen but to be able to figure out what is happening and be able to fix it, I would need the source. – benzonico Jan 30 '15 at 12:12
  • I have updated the post with the "likes" of the file that the analyzer fails on. HTH :) – Timson Feb 02 '15 at 12:57
  • Help is still very much appreciated. – Timson Feb 19 '15 at 08:03
  • @Timson Were you able to solve this error? I am getting same issue for some of my files. – Kamal Mar 10 '15 at 10:29

2 Answers2

3

I got similar problem with ReturnEmptyArrayyNotNullCheck. As a workaround I disabled that rule in sonarqube web gui. Log in as an admin. Click Rules in the top menu. Search for SQL or Inject or whatever other word to find the rule you think is causing analysis failures. Then select the rule and disable it in the quality profile attached to your project. Of course this rule will be ignored totally in all attached projects.

vrudkovsk
  • 363
  • 3
  • 11
-1

I got no solution, but ran into the same problem and and found this reference on sonar website, could it be the same problem you have?

http://sonarqube.15.x6.nabble.com/NullPointerException-analysing-file-with-SQLInjectionCheck-td5032155.html (Scroll to the end)

Simon Berthiaume
  • 643
  • 4
  • 11
  • Welcome to Stack Overflow! While this may theoretically answer the question, [it would be preferable](http://meta.stackoverflow.com/q/8259) to include the essential parts of the answer here, and provide the link for reference. – ryanyuyu Mar 11 '15 at 21:46
  • I think it is the same or at least related issue. Don't see any solution though – Timson Mar 13 '15 at 02:31