Findbugs reports missing class that isn't referenced anywhere & "class could not be matched to original source file"
1,715 views
Skip to first unread message
David Karr
Jan 3, 2018, 11:47:15 AM1/3/18
to SonarQube
Using SonarQube 5.6.5 and SonarQube Scanner 2.8.
When our scan runs, I see two kinds of warnings that appear to be from the Findbugs plugin. There is only one occurrence of the first kind, and 198 of the second kind.
The first warning looks like this:
This is odd, because this class does exist, and there are references to it, but the package it's in is different from what's specified here. It USED to be in this package, but it was moved to a different package about 1.5 months ago. I've searched the entire source tree, and I can't find any references to this fqcn.
My SonarQube scan is setting both the "sonar.java.binaries" and "sonar.java.libraries" properties, listing all our "classes" directories and artifact jar files, respectively.
I don't know what else I can do to debug this?
The second kind of warning is like this:
Our codebase has many classes that are scanned (>1000). There are 198 of these warnings. None of the classes in these warnings are dynamically generated. I don't know what distinguishes the classes cited in these warnings from other classes in our codebase.
When we run our scan, it is from a "<root>" directory, which is the parent (technically the parent parent) of a set of subprojects, all of which have conventional "src/main/java" directories (some people thought this warning might happen if you didn't have a "conventional" source directory name, which is not the case here). We set the "sonar.sources" property to the list of "src/main/java" directories. Most of the information we get from the SonarQube scan appears to be valid, so this list of source directories appears to be mostly correct. I don't know what might be causing this set of warnings.
When our scan runs, I see two kinds of warnings that appear to be from the Findbugs plugin. There is only one occurrence of the first kind, and 198 of the second kind.
The first warning looks like this:
The following classes needed for analysis were missing:
com.stuff.csi.cpcdb.impl.processor.CsiInquireDeviceDetailsProcessor
This is odd, because this class does exist, and there are references to it, but the package it's in is different from what's specified here. It USED to be in this package, but it was moved to a different package about 1.5 months ago. I've searched the entire source tree, and I can't find any references to this fqcn.
My SonarQube scan is setting both the "sonar.java.binaries" and "sonar.java.libraries" properties, listing all our "classes" directories and artifact jar files, respectively.
I don't know what else I can do to debug this?
The second kind of warning is like this:
WARN: The class 'com.att.det.usl.account.api.to.InquireAccountProfileResponseTO' could not be matched to its original source file. It might be a dynamically generated class.
Our codebase has many classes that are scanned (>1000). There are 198 of these warnings. None of the classes in these warnings are dynamically generated. I don't know what distinguishes the classes cited in these warnings from other classes in our codebase.
When we run our scan, it is from a "<root>" directory, which is the parent (technically the parent parent) of a set of subprojects, all of which have conventional "src/main/java" directories (some people thought this warning might happen if you didn't have a "conventional" source directory name, which is not the case here). We set the "sonar.sources" property to the list of "src/main/java" directories. Most of the information we get from the SonarQube scan appears to be valid, so this list of source directories appears to be mostly correct. I don't know what might be causing this set of warnings.
courtn...@gmail.com
Jan 17, 2018, 4:50:19 PM1/17/18
to SonarQube
We are experiencing similar warnings with our Java project. Almost all of our test classes result in this error during FindBugs.
Looking around for the answer, came upon this (somewhat recent post)
David Karr
Jan 17, 2018, 6:32:38 PM1/17/18
to courtn...@gmail.com, SonarQube
On Wed, Jan 17, 2018 at 1:50 PM, <courtn...@gmail.com> wrote:
> We are experiencing similar warnings with our Java project. Almost all of
> our test classes result in this error during FindBugs.
>
> Looking around for the answer, came upon this (somewhat recent post)
This "somewhat recent post" is what you're replying to.
> We are experiencing similar warnings with our Java project. Almost all of
> our test classes result in this error during FindBugs.
>
> Looking around for the answer, came upon this (somewhat recent post)
Are you seeing the first warning or the second warning?
> You received this message because you are subscribed to a topic in the
> Google Groups "SonarQube" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/sonarqube/2LrdjejXWhw/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> sonarqube+...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/sonarqube/27d29cb9-2cdd-44c9-a4c8-cb3ec7071a5c%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.
Courtney Klos
Jan 17, 2018, 6:48:59 PM1/17/18
to David Karr, SonarQube
We are seeing the warning class could not be matched to original source file.
Nicolas Peru
Feb 2, 2018, 8:32:17 AM2/2/18
to Courtney Klos, David Karr, SonarQube
Hi,
You might have a better chance of answer asking this on sonar-findbugs project : https://github.com/spotbugs/sonar-findbugs/issues
Nevertheless : one possibility to explain this behavior could be that the source file is actually not indexed by the analysis and not visited by SonarJava which will create the mapping between the classname and the source file. If source was not indexed, then plugin cannot report issue in sonarqube.
Cheers,
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/sonarqube/27d29cb9-2cdd-44c9-a4c8-cb3ec7071a5c%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "SonarQube" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/CADTWfTqpBywjcyDQvj%3Dc3odK5AzAuyDj84rAU_PyyV3XJAt_kA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
--
Nicolas Peru | SonarSource
Senior Developer
Reply all
Reply to author
Forward
0 new messages