search

wttech / AEM-Rules-for-SonarQube

SonarQube plugin with set of rules detecting possible bugs and bad smells specific for AEM development.
Apache License 2.0
116 stars 50 forks source link

AEM-16 compatibility with Sonarqube LTS 8.9.9 #231

Open josephrignanese opened 2 years ago

josephrignanese commented 2 years ago

When using v16 of the AEM Rules for Sonarqube plugin with Sonarqube LTS 8.9.9 there seems to be an API incompatibility:

[ERROR] Unable to run check class com.cognifide.aemrules.java.checks.slingmodels.DefaultInjectionStrategyAnnotationCheck - AEM-16 on file 'core/src/main/java/com/example/core/models/Image.java', To help improve the SonarSource Java Analyzer, please report this problem to SonarSource: see https://community.sonarsource.com/
java.lang.ClassCastException: class org.sonar.java.model.expression.IdentifierTreeImpl cannot be cast to class org.sonar.plugins.java.api.tree.MemberSelectExpressionTree (org.sonar.java.model.expression.IdentifierTreeImpl and org.sonar.plugins.java.api.tree.MemberSelectExpressionTree are in unnamed module of loader org.sonar.classloader.ClassRealm @2eae0ec)
    at com.cognifide.aemrules.java.checks.slingmodels.DefaultInjectionStrategyAnnotationCheck.isOptionalStrategyValue(DefaultInjectionStrategyAnnotationCheck.java:102)
    at com.cognifide.aemrules.java.checks.slingmodels.DefaultInjectionStrategyAnnotationCheck.isOptionalDefaultValue(DefaultInjectionStrategyAnnotationCheck.java:94)
    at com.cognifide.aemrules.java.checks.slingmodels.DefaultInjectionStrategyAnnotationCheck.visitClass(DefaultInjectionStrategyAnnotationCheck.java:79)
    at org.sonar.java.model.declaration.ClassTreeImpl.accept(ClassTreeImpl.java:220)
    at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:40)
    at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:34)
    at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitCompilationUnit(BaseTreeVisitor.java:52)
    at org.sonar.java.model.JavaTree$CompilationUnitTreeImpl.accept(JavaTree.java:185)
    at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:40)
    at com.cognifide.aemrules.java.checks.slingmodels.DefaultInjectionStrategyAnnotationCheck.scanFile(DefaultInjectionStrategyAnnotationCheck.java:71)
    at org.sonar.java.model.VisitorsBridge.lambda$runScanner$0(VisitorsBridge.java:154)
    at org.sonar.java.model.VisitorsBridge.runScanner(VisitorsBridge.java:159)
    at org.sonar.java.model.VisitorsBridge.runScanner(VisitorsBridge.java:154)
    at org.sonar.java.model.VisitorsBridge.visitFile(VisitorsBridge.java:128)
    at org.sonar.java.ast.JavaAstScanner.simpleScan(JavaAstScanner.java:127)
    at org.sonar.java.ast.JavaAstScanner.scan(JavaAstScanner.java:79)
    at org.sonar.java.JavaSquid.scanSources(JavaSquid.java:130)
    at org.sonar.java.JavaSquid.scan(JavaSquid.java:116)
    at org.sonar.plugins.java.JavaSquidSensor.execute(JavaSquidSensor.java:105)
    at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:48)
    at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:85)
    at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:59)
    at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:77)
    at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:59)
    at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:82)
    at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:137)
    at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:123)
    at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:392)
    at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:388)
    at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:385)
    at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:357)
    at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:137)
    at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:123)
    at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:150)
    at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:137)
    at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:123)
    at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:72)
    at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:66)
    at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
    at com.sun.proxy.$Proxy55.execute(Unknown Source)
    at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
    at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
    at org.sonarsource.scanner.maven.bootstrap.ScannerBootstrapper.execute(ScannerBootstrapper.java:65)
    at org.sonarsource.scanner.maven.SonarQubeMojo.execute(SonarQubeMojo.java:108)
    at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:137)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:210)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:156)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:148)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:117)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:81)
    at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:56)
    at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:305)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:192)
    at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:105)
    at org.jvnet.hudson.maven3.launcher.Maven35Launcher.main(Maven35Launcher.java:130)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:282)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:225)
    at jenkins.maven3.agent.Maven35Main.launch(Maven35Main.java:178)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at hudson.maven.Maven3Builder.call(Maven3Builder.java:139)
    at hudson.maven.Maven3Builder.call(Maven3Builder.java:70)
    at hudson.remoting.UserRequest.perform(UserRequest.java:211)
    at hudson.remoting.UserRequest.perform(UserRequest.java:54)
    at hudson.remoting.Request$2.run(Request.java:376)
    at hudson.remoting.InterceptingExecutorService.lambda$wrap$0(InterceptingExecutorService.java:78)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at java.base/java.lang.Thread.run(Thread.java:834)
toniedzwiedz commented 2 years ago

Thanks for the report @josephrignanese We'll have a look at this.

AK-WTT commented 2 years ago

Hi, @josephrignanese! Could you please provide us with anonymized code with the tracking method? It appears that you are using IdentifierTreeImpl which probably won’t be part of the classloader at runtime for the custom plugin. We have found similar problem here: https://community.sonarsource.com/t/classcastexception-on-custom-java-rule-when-using-variabletreeimpl/3858 Unfortunately without any further details about the code we cannot be sure - so far we were unable to reproduce the error using v16 of the AEM Rules for Sonarqube plugin with Sonarqube LTS 8.9.9 on our projects.

toniedzwiedz commented 2 years ago

I don't think @josephrignanese is using IdentifierTreeImpl but it's possible that the issue only happens when a particular branch in our code is reached. We haven't been able to reproduce it with our example projects, but we may be missing a test case. This can be related to the structure of a class being analysed.

scotty6435 commented 1 year ago

This has been idle for some time - I'm just confirming that we get the same issue with 9.9LTS still:

 [ERROR] Unable to run check class com.cognifide.aemrules.java.checks.slingmodels.DefaultInjectionStrategyAnnotationCheck - AEM-16 on file 'COMPANY-public/COMPANY-public-bundle/src/main/java/com/COMPANY/aem/COMPANYpublic/models/DynamicListOfLinksModel.java', To help improve the SonarSource Java Analyzer, please report this problem to SonarSource: see https://community.sonarsource.com/
 java.lang.ClassCastException: class org.sonar.java.model.expression.IdentifierTreeImpl cannot be cast to class org.sonar.plugins.java.api.tree.MemberSelectExpressionTree (org.sonar.java.model.expression.IdentifierTreeImpl and org.sonar.plugins.java.api.tree.MemberSelectExpressionTree are in unnamed module of loader org.sonar.classloader.ClassRealm @1cc3dbfe)
    at com.cognifide.aemrules.java.checks.slingmodels.DefaultInjectionStrategyAnnotationCheck.isOptionalStrategyValue(DefaultInjectionStrategyAnnotationCheck.java:102)
    at com.cognifide.aemrules.java.checks.slingmodels.DefaultInjectionStrategyAnnotationCheck.isOptionalDefaultValue(DefaultInjectionStrategyAnnotationCheck.java:94)
    at com.cognifide.aemrules.java.checks.slingmodels.DefaultInjectionStrategyAnnotationCheck.visitClass(DefaultInjectionStrategyAnnotationCheck.java:79)
    at org.sonar.java.model.declaration.ClassTreeImpl.accept(ClassTreeImpl.java:220)
    at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:40)
    at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:34)
    at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitCompilationUnit(BaseTreeVisitor.java:52)
    at org.sonar.java.model.JavaTree$CompilationUnitTreeImpl.accept(JavaTree.java:196)
    at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:40)
    at com.cognifide.aemrules.java.checks.slingmodels.DefaultInjectionStrategyAnnotationCheck.scanFile(DefaultInjectionStrategyAnnotationCheck.java:71)
    at org.sonar.java.model.VisitorsBridge.lambda$runScanner$1(VisitorsBridge.java:260)
    at org.sonar.java.model.VisitorsBridge.runScanner(VisitorsBridge.java:265)
    at org.sonar.java.model.VisitorsBridge.runScanner(VisitorsBridge.java:260)
    at org.sonar.java.model.VisitorsBridge.visitFile(VisitorsBridge.java:243)
    at org.sonar.java.ast.JavaAstScanner.simpleScan(JavaAstScanner.java:132)
    at org.sonar.java.JavaFrontend.scanAsBatchCallback(JavaFrontend.java:247)
    at org.sonar.java.JavaFrontend.lambda$scanBatch$0(JavaFrontend.java:238)
    at org.sonar.java.model.JParserConfig$Batch$1.acceptAST(JParserConfig.java:181)
    at org.eclipse.jdt.core.dom.CompilationUnitResolver.resolve(CompilationUnitResolver.java:1143)
    at org.eclipse.jdt.core.dom.CompilationUnitResolver.resolve(CompilationUnitResolver.java:739)
    at org.eclipse.jdt.core.dom.ASTParser.createASTs(ASTParser.java:1049)
    at org.sonar.java.model.JParserConfig$Batch.parse(JParserConfig.java:165)
    at org.sonar.java.JavaFrontend.scanBatch(JavaFrontend.java:238)
    at org.sonar.java.JavaFrontend.scanInBatches(JavaFrontend.java:228)
    at org.sonar.java.JavaFrontend.scanAsBatch(JavaFrontend.java:195)
    at org.sonar.java.JavaFrontend.scan(JavaFrontend.java:170)
    at org.sonar.plugins.java.JavaSensor.execute(JavaSensor.java:113)
    at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:64)
    at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:88)
    at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:61)
    at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:79)
    at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:61)
    at org.sonar.scanner.scan.SpringModuleScanContainer.doAfterStart(SpringModuleScanContainer.java:82)
    at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
    at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
    at org.sonar.scanner.scan.SpringProjectScanContainer.scan(SpringProjectScanContainer.java:403)
    at org.sonar.scanner.scan.SpringProjectScanContainer.scanRecursively(SpringProjectScanContainer.java:399)
    at org.sonar.scanner.scan.SpringProjectScanContainer.scanRecursively(SpringProjectScanContainer.java:396)
    at org.sonar.scanner.scan.SpringProjectScanContainer.scanRecursively(SpringProjectScanContainer.java:396)
    at org.sonar.scanner.scan.SpringProjectScanContainer.doAfterStart(SpringProjectScanContainer.java:368)
    at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
    at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
    at org.sonar.scanner.bootstrap.SpringGlobalContainer.doAfterStart(SpringGlobalContainer.java:137)
    at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
    at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
    at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:72)
    at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:66)
    at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
    at com.sun.proxy.$Proxy159.execute(Unknown Source)
    at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
    at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
    at org.sonarsource.scanner.maven.bootstrap.ScannerBootstrapper.execute(ScannerBootstrapper.java:65)
    at org.sonarsource.scanner.maven.SonarQubeMojo.execute(SonarQubeMojo.java:108)
    at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:137)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:210)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:156)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:148)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:117)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:81)
    at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:56)
    at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:305)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:192)
    at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:105)
    at org.jvnet.hudson.maven3.launcher.Maven35Launcher.main(Maven35Launcher.java:138)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:282)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:225)
    at jenkins.maven3.agent.Maven35Main.launch(Maven35Main.java:179)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at hudson.maven.Maven3Builder.call(Maven3Builder.java:139)
    at hudson.maven.Maven3Builder.call(Maven3Builder.java:70)
    at hudson.remoting.UserRequest.perform(UserRequest.java:211)
    at hudson.remoting.UserRequest.perform(UserRequest.java:54)
    at hudson.remoting.Request$2.run(Request.java:377)
    at hudson.remoting.InterceptingExecutorService.lambda$wrap$0(InterceptingExecutorService.java:78)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at java.base/java.lang.Thread.run(Thread.java:834)
toniedzwiedz commented 1 year ago

Thanks @scotty6435, could you share an anonimised snippet of code from DynamicListOfLinksModel that's causing this when being analysed?

BTW, the stack trace you posted contains the name of your employer/customer, which may or may not be intended. I know some organisations view this kind of thing as a security incident, so it may be a good idea to clean it up.

scotty6435 commented 1 year ago

Thanks @toniedzwiedz. I'm afraid I can't really provide a sample but I will say that it seems to affect every single class and we have some very simple classes with just a few injected fields with Lombok-generated getters.