我对使用SonarQube分析代码很陌生。自从我安装它以来,我在"Java.OutOfMemoryError"错误中运行了两次。我尝试了一些东西,这是这个网站上的其他人建议的。
我在SonarQube中的配置:
# WEB SERVER
# Web server is executed in a dedicated Java process. By default heap size is 512Mb.
# Use the following property to customize JVM options.
# Recommendations:
#
# The HotSpot Server VM is recommended. The property -server should be added if server mode
# is not enabled by default on your environment:
# http://docs.oracle.com/javase/8/docs/technotes/guides/vm/server-class.html
#
sonar.web.javaOpts=-Xmx4G -Xms128m -XX:+HeapDumpOnOutOfMemoryError -Djava.net.preferIPv4Stack=true -server
# Same as previous property, but allows to not repeat all other settings like -Xmx
#sonar.web.javaAdditionalOpts=
# Binding IP address. For servers with more than one IP address, this property specifies which
# address will be used for listening on the specified ports.
# By default, ports will be used on all IP addresses associated with the server.
#sonar.web.host=0.0.0.0
# Web context. When set, it must start with forward slash (for example /sonarqube).
# The default value is root context (empty value).
#sonar.web.context=
# TCP port for incoming HTTP connections. Default value is 9000.
#sonar.web.port=9000
# The maximum number of connections that the server will accept and process at any given time.
# When this number has been reached, the server will not accept any more connections until
# the number of connections falls below this value. The operating system may still accept connections
# based on the sonar.web.connections.acceptCount property. The default value is 50.
#sonar.web.http.maxThreads=50
# The minimum number of threads always kept running. The default value is 5.
#sonar.web.http.minThreads=5
# The maximum queue length for incoming connection requests when all possible request processing
# threads are in use. Any requests received when the queue is full will be refused.
# The default value is 25.
#sonar.web.http.acceptCount=25
# TCP port for incoming AJP connections. Disabled if value is -1. Disabled by default.
#sonar.ajp.port=-1
#--------------------------------------------------------------------------------------------------
# COMPUTE ENGINE
# The Compute Engine is responsible for processing background tasks.
# Compute Engine is executed in a dedicated Java process. Default heap size is 512Mb.
# Use the following property to customize JVM options.
# Recommendations:
#
# The HotSpot Server VM is recommended. The property -server should be added if server mode
# is not enabled by default on your environment:
# http://docs.oracle.com/javase/8/docs/technotes/guides/vm/server-class.html
#
sonar.ce.javaOpts=-Xmx16G -Xms128m -XX:+HeapDumpOnOutOfMemoryError -XX:-UseGCOverheadLimit -Djava.net.preferIPv4Stack=true -server
# Same as previous property, but allows to not repeat all other settings like -Xmx
#sonar.ce.javaAdditionalOpts=
# The number of workers in the Compute Engine. Value must be greater than zero.
# By default the Compute Engine uses a single worker and therefore processes tasks one at a time.
# Recommendations:
#
# Using N workers will require N times as much Heap memory (see property
# sonar.ce.javaOpts to tune heap) and produce N times as much IOs on disk, database and
# Elasticsearch. The number of workers must suit your environment.
#sonar.ce.workerCount=1
#--------------------------------------------------------------------------------------------------
# ELASTICSEARCH
# Elasticsearch is used to facilitate fast and accurate information retrieval.
# It is executed in a dedicated Java process. Default heap size is 1Gb.
# JVM options of Elasticsearch process
# Recommendations:
#
# Use HotSpot Server VM. The property -server should be added if server mode
# is not enabled by default on your environment:
# http://docs.oracle.com/javase/8/docs/technotes/guides/vm/server-class.html
#
sonar.search.javaOpts=-Xmx2G -Xms256m -Xss256k -Djava.net.preferIPv4Stack=true
-XX:+UseParNewGC -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75
-XX:+UseCMSInitiatingOccupancyOnly -XX:+HeapDumpOnOutOfMemoryError -XX:-UseGCOverheadLimit
# Same as previous property, but allows to not repeat all other settings like -Xmx
#sonar.search.javaAdditionalOpts=
# Elasticsearch port. Default is 9001. Use 0 to get a free port.
# As a security precaution, should be blocked by a firewall and not exposed to the Internet.
#sonar.search.port=9001
# Elasticsearch host. The search server will bind this address and the search client will connect to it.
# Default is 127.0.0.1.
# As a security precaution, should NOT be set to a publicly available address.
#sonar.search.host=127.0.0.1
#--------------------------------------------------------------------------------------------------
错误消息:
ERROR: Error during SonarQube Scanner execution
INFO: Final Memory: 41M/910M
INFO: ------------------------------------------------------------------------
java.lang.OutOfMemoryError: GC overhead limit exceeded
at java.util.Arrays.copyOf(Unknown Source)
at java.util.ArrayList.grow(Unknown Source)
at java.util.ArrayList.ensureExplicitCapacity(Unknown Source)
at java.util.ArrayList.ensureCapacityInternal(Unknown Source)
at java.util.ArrayList.add(Unknown Source)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.convertChildren(SyntaxTreeCreator.java:143)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visitNonTerminal(SyntaxTreeCreator.java:119)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visit(SyntaxTreeCreator.java:72)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visitNonTerminal(SyntaxTreeCreator.java:89)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visit(SyntaxTreeCreator.java:72)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.convertChildren(SyntaxTreeCreator.java:129)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visitNonTerminal(SyntaxTreeCreator.java:119)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visit(SyntaxTreeCreator.java:72)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visitNonTerminal(SyntaxTreeCreator.java:89)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visit(SyntaxTreeCreator.java:72)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.convertChildren(SyntaxTreeCreator.java:129)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visitNonTerminal(SyntaxTreeCreator.java:119)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visit(SyntaxTreeCreator.java:72)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visitNonTerminal(SyntaxTreeCreator.java:89)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visit(SyntaxTreeCreator.java:72)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.convertChildren(SyntaxTreeCreator.java:129)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visitNonTerminal(SyntaxTreeCreator.java:119)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visit(SyntaxTreeCreator.java:72)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visitNonTerminal(SyntaxTreeCreator.java:89)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visit(SyntaxTreeCreator.java:72)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.convertChildren(SyntaxTreeCreator.java:129)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visitNonTerminal(SyntaxTreeCreator.java:119)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visit(SyntaxTreeCreator.java:72)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visitNonTerminal(SyntaxTreeCreator.java:89)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visit(SyntaxTreeCreator.java:72)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.convertChildren(SyntaxTreeCreator.java:129)
at com.sonar.sslr.impl.typed.SyntaxTreeCreator.visitNonTerminal(SyntaxTreeCreator.java:119)
ERROR:
ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging.
System.Exception: Unexpected exit code received from batch file: 1
at Microsoft.TeamFoundation.DistributedTask.Task.Internal.PowerShell.InvokeBatchScriptCmdlet.ProcessRecord()
at System.Management.Automation.CommandProcessor.ProcessRecord()
我已经尝试过的事情:
给SonarQube更多的内存 - 正如你可能在我的配置中看到的那样,我更改了变量"sonar.web.javaOpts","sonar.ce.javaOpts"和"sonar.search.javaOpts"
SonarQube在分析~1MB数组时遇到错误。由于它只是测试数据,我删除了该文件并尝试再次运行分析。耶!至少是一个不同的错误....
错误:SonarQube 扫描程序执行期间出错
org.sonar.squidbridge.api.AnalysisException: Unable to analyse file: C:/B/B01/15/s/src/org.scn.community.geovis/script/node_modules/grunt-contrib-uglify/node_modules/uglify-js/lib/compress.js at org.sonar.plugins.javascript.JavaScriptSquidSensor.analyse(JavaScriptSquidSensor.java:195) at org.sonar.plugins.javascript.JavaScriptSquidSensor.analyseFiles(JavaScriptSquidSensor.java:161) at org.sonar.plugins.javascript.JavaScriptSquidSensor.analyse(JavaScriptSquidSensor.java:152) at org.sonar.batch.phases.SensorsExecutor.executeSensor(SensorsExecutor.java:58) at org.sonar.batch.phases.SensorsExecutor.execute(SensorsExecutor.java:50) at org.sonar.batch.phases.AbstractPhaseExecutor.execute(AbstractPhaseExecutor.java:83) at org.sonar.batch.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:192) at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142) at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:127) at org.sonar.batch.scan.ProjectScanContainer.scan(ProjectScanContainer.java:241) at org.sonar.batch.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:236) at org.sonar.batch.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:226) at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142) at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:127) at org.sonar.batch.task.ScanTask.execute(ScanTask.java:47) at org.sonar.batch.task.TaskContainer.doAfterStart(TaskContainer.java:86) at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142) at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:127) at org.sonar.batch.bootstrap.GlobalContainer.executeTask(GlobalContainer.java:106) at org.sonar.batch.bootstrapper.Batch.executeTask(Batch.java:119) at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:63) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60) at com.sun.proxy.$Proxy0.execute(Unknown Source) at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:233) at org.sonarsource.scanner.api.EmbeddedScanner.runAnalysis(EmbeddedScanner.java:151) at org.sonarsource.scanner.cli.Main.runAnalysis(Main.java:123) at org.sonarsource.scanner.cli.Main.execute(Main.java:77) at org.sonarsource.scanner.cli.Main.main(Main.java:61) Caused by: java.lang.IllegalStateException: No break target can be found for label out at com.google.common.base.Preconditions.checkState(Preconditions.java:145) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.visitBreakStatement(ControlFlowGraphBuilder.java:446) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.build(ControlFlowGraphBuilder.java:223) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.buildSubFlow(ControlFlowGraphBuilder.java:641) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.visitIfStatement(ControlFlowGraphBuilder.java:458) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.build(ControlFlowGraphBuilder.java:211) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.build(ControlFlowGraphBuilder.java:199) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.visitBlock(ControlFlowGraphBuilder.java:393) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.build(ControlFlowGraphBuilder.java:227) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.visitTryStatement(ControlFlowGraphBuilder.java:575) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.build(ControlFlowGraphBuilder.java:231) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.buildSubFlow(ControlFlowGraphBuilder.java:641) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.visitIfStatement(ControlFlowGraphBuilder.java:458) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.build(ControlFlowGraphBuilder.java:211) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.visitLabelledStatement(ControlFlowGraphBuilder.java:535) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.build(ControlFlowGraphBuilder.java:229) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.build(ControlFlowGraphBuilder.java:199) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.createGraph(ControlFlowGraphBuilder.java:161) at org.sonar.javascript.cfg.ControlFlowGraphBuilder.createGraph(ControlFlowGraphBuilder.java:156) at org.sonar.javascript.cfg.ControlFlowGraph.build(ControlFlowGraph.java:107) at org.sonar.javascript.checks.DeadStoreCheck.checkFunction(DeadStoreCheck.java:98) at org.sonar.javascript.checks.DeadStoreCheck.visitFunctionExpression(DeadStoreCheck.java:77) at org.sonar.javascript.tree.impl.expression.FunctionExpressionTreeImpl.accept(FunctionExpressionTreeImpl.java:174) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:114) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:125) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.visitParameterList(DoubleDispatchVisitor.java:222) at org.sonar.javascript.tree.impl.declaration.ParameterListTreeImpl.accept(ParameterListTreeImpl.java:98) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:114) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.visitCallExpression(DoubleDispatchVisitor.java:438) at org.sonar.javascript.tree.impl.expression.CallExpressionTreeImpl.accept(CallExpressionTreeImpl.java:68) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:114) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.visitExpressionStatement(DoubleDispatchVisitor.java:250) at org.sonar.javascript.tree.impl.statement.ExpressionStatementTreeImpl.accept(ExpressionStatementTreeImpl.java:66) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:114) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:125) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.visitBlock(DoubleDispatchVisitor.java:234) at org.sonar.javascript.tree.impl.statement.BlockTreeImpl.accept(BlockTreeImpl.java:83) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:114) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.visitFunctionExpression(DoubleDispatchVisitor.java:483) at org.sonar.javascript.checks.DeadStoreCheck.visitFunctionExpression(DeadStoreCheck.java:78) at org.sonar.javascript.tree.impl.expression.FunctionExpressionTreeImpl.accept(FunctionExpressionTreeImpl.java:174) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:114) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.visitParenthesisedExpression(DoubleDispatchVisitor.java:459) at org.sonar.javascript.tree.impl.expression.ParenthesisedExpressionTreeImpl.accept(ParenthesisedExpressionTreeImpl.java:80) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:114) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.visitCallExpression(DoubleDispatchVisitor.java:437) at org.sonar.javascript.tree.impl.expression.CallExpressionTreeImpl.accept(CallExpressionTreeImpl.java:68) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:114) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.visitExpressionStatement(DoubleDispatchVisitor.java:250) at org.sonar.javascript.tree.impl.statement.ExpressionStatementTreeImpl.accept(ExpressionStatementTreeImpl.java:66) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:114) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:125) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.visitModule(DoubleDispatchVisitor.java:146) at org.sonar.javascript.tree.impl.declaration.ModuleTreeImpl.accept(ModuleTreeImpl.java:56) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:114) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.visitScript(DoubleDispatchVisitor.java:141) at org.sonar.javascript.tree.impl.declaration.ScriptTreeImpl.accept(ScriptTreeImpl.java:73) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scan(DoubleDispatchVisitor.java:114) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitor.scanTree(DoubleDispatchVisitor.java:109) at org.sonar.plugins.javascript.api.visitors.DoubleDispatchVisitorCheck.scanFile(DoubleDispatchVisitorCheck.java:34) at org.sonar.plugins.javascript.JavaScriptSquidSensor.scanFile(JavaScriptSquidSensor.java:232) at org.sonar.plugins.javascript.JavaScriptSquidSensor.analyse(JavaScriptSquidSensor.java:185) ... 31 more ERROR: ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging. System.Exception: Unexpected exit code received from batch file: 1 at Microsoft.TeamFoundation.DistributedTask.Task.Internal.PowerShell.InvokeBatchScriptCmdlet.ProcessRecord() at System.Management.Automation.CommandProcessor.ProcessRecord()
我试图分析的代码:https://github.com/org-scn-design-studio-community/sdkpackage
所以是的,我在这里,困惑,不知道如何进行。有人能帮助我吗?
如果你不能排除依赖关系,我建议你去你的SonarQube的更新中心(管理/系统/更新中心(并安装最新版本的SonarJS。我已经测试过您的问题不会出现在 SonarJS 3.0 及更高版本中。
但一般来说,分析依赖项不是一个好主意。如果您的公司想要解决依赖项的安全问题,最好自行分析依赖项,而不是作为更大项目的一部分。
分析在以下文件上失败:
C:/B/B01/15/s/src/org.scn.community.geovis/script/node_modules/grunt-contrib-uglify/node_modules/uglify-js/lib/compress.js
这是项目的依赖关系,你不应该分析它:你应该只分析你的项目代码。将以下行添加到您的 sonar-project.properties:
sonar.exclusions=**/node_modules/**/*