-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Internal Execution Errors in Apex Classes while running Graph Scan #1171
Comments
@AnkitBhatnagar123 , are |
Deleted the previous logs. This is the new log. I have also updated the issue description with the new class names |
@AnkitBhatnagar123 , that's actually the results file. I need the logs, which will live in |
@AnkitBhatnagar123 , please provide the following information:
|
Josh- I'll wait for my colleague to respond to your Ques #1. Though for Ques. #2, I can provide some insights. Under that class at line 50- we're returning a ternary operator based statement that either returns a New instance of Custom metadata (when called under Apex Testing context) OR return Custom Metadata record via SOQL. Format of that line 50 statement looks like this:
|
@AnkitBhatnagar123 , @vc4u , I've done some local testing, and I believe I've isolated the problem to the
After adjusting it to the following, I stopped seeing the error:
Please let me know if making a similar adjustment in your code resolves the error. |
Hi @jfeingold35 |
Recommendations:
|
This issue has been linked to a new work item: W-14080002 |
@AnkitBhatnagar123 , @vc4u , let me know if the recommendations I provided work. |
After Using : sfdx scanner:run:dfa --format=csv --outfile=CodeAnalyzerDFA.csv --target="./" --projectdir="./" --category="Security" --rule-thread-timeout=1800000 "Graph Engine reached the path expansion upper limit (743). The analysis preemptively stopped running on this path to prevent an OutOfMemory error. Rerun Graph Engine and target this entry method with a larger heap space." comes back. |
@AnkitBhatnagar123 , our documentation has some information about this.
|
Hi @jfeingold35 |
Hey @jfeingold35 |
@AnkitBhatnagar123 , if you've maxed out your heap size and you're still seeing errors about path expansion limit, I recommend either using |
@jfeingold35 We tried with targeted approach to scan just the said Latest error we just received is this (log file attached):
We've tested by raising the Heap memory max Limit to 80G, which seems to be a lot in our opinion. Is there any way we can understand why a single method would consume this much memory. How could be structure our method or code to maybe not to generate that many paths or may be something is causing a loop in graph paths? My CLI command was: Log: SFDX Scanner v3.16.0 |
@vc4u , a few things. Second, the logs have tons of references to |
And yes, that is understood :-), we're not allocating resources more than what we presently have as hardware. We're using a dedicated machine with 128GB RAM and a 10 Core CPU with hyperthreading support so we are just trying various combination as and when the error occurs. Sometimes it's a Timeout so we increase timeout but then it ends up sometimes with OutOfMemory so we increase the Heap memory a bump, but not more than what our machine have. We'll try your suggestions, probably need some time to change the core code, but will get back to you soon, at the end of the day, this tool is really helpful, it's just we're kind of stuck in this singular error and would really like our code to be clean without any violations so any guidance is appreciated and helpful. |
@vc4u , dang, that's a powerful machine! |
Yes, and thus our assumption that either our code is really in bad shape that scanner not able to work it out or some other factors like Java version might be incompatible. We noticed this Info/Warning a lot repeatedly in logs but did not think it was coming from 3-level deep class structure. So we’ll work something on this and see if some traction is removed from logs and hopefully function scans completes. the underlying method we re getting issues with is hardly 20-30 lines deep but yes it does call different class methods based on certain input params. |
@jfeingold35 Here are our findings with variables converted from length-3 to length-2. The command we ran this time was this:
With this the log generated is this: After taking a look at it, it seems the scanner is still somehow stuck in a loop of sort? Because the log keeps repeating following statement:
There are two Line Numbers mentioned in this statement from two classes - (NDAPI.cls) Line 16 & (NDUtility.cls) Line 336. So somehow the scanner is on a loop, where first NDUtility's method is called, which at Line 16 calls the NDUtility method (provided below) and in this method at line 336 is this
|
@johnbelosf New update: We updated our method the method to not call
Then ran following command: Still the OutOfMemory limit error generated. And this time the Log file seems too clean, no Error or warning for any method, just one line repeated infinitely till the execution error:
Error generated in console output:
Log File: |
@vc4u , I can't reproduce from just the one method you sent, so my suspicion is that the problem isn't with this specific method, but rather with how the method is being invoked. I recommend using the following code snippet for this:
Since this code snippet always throws a NullPointerException (which prevents further expansion of the current path), if placing this code snippet somewhere in your codebase causes you to get a bunch of |
@jfeingold35 We tried by putting this statement in two different positions inside the method we're trying to scan here.
|
@vc4u , questions:
|
@jfeingold35 So we tried, and tried hard. So many different combinations tried to work out limit. The worst is, we have to wait this long like hours for a try to finish things properly or with an error to find where the bottleneck is. Ultimately, we decided to re-write the method completely, and we broken down the method to multiple small subs. With this change, ultimately we're able to get past the errors and generate report. We succeeded only with The current situation of our report preparation is that we're blocked due to following 1 bugs - #1175 & #1180 - Can you plz take a look at these and suggest workaround for them? |
@vc4u Glad you could at least resolve the timeout! |
@jfeingold35 Yes, I agree, with the There was one more thing that came out in our course of discussion on this bug. We had modified some return parameter data types to not use inner-class structures so that we don't get Warnings in scanner output for 2-length structures to be enforced while we had some inner class variables that made our programming a bit clean, as the scanner seems to not like the variables that generate a JSON structure which may contain variables that makes overall variable data types to evaluate with more than 2-length structures say 3 or 4-length structures. Do you think, it should have allowed us to sue that kind of programming structure without us having to actually modify and make all variables limit to 2-length/level structures and that made us not to use inner classes. Thoughts? (I'm thinking may be that should either be an idea or a bug to support for many ISVs like us) And thank you so much for assistance on this, from your end. Really appreciated your responses and timely workarounds. |
@vc4u , in the fullness of time, we intend to add support for reference chains longer than 2. For now, it's a known limitation. |
Marking this as a duplicate of #1497 |
Describe the bug
We are getting error in different apex classes :
Graph Engine identified your source and sink, but you must manually verify that you have a sanitizer in this path. Then, add an engine directive to skip the path. Next, create a Github issue for the Code Analyzer team that includes the error and stack trace. After we fix this issue, check the Code Analyzer release notes for more info. Error and stacktrace: UnexpectedException: null: com.salesforce.graph.vertex.SFVertexFactory.load(SFVertexFactory.java:245);com.salesforce.graph.vertex.SFVertexFactory.access$000(SFVertexFactory.java:56);com.salesforce.graph.vertex.SFVertexFactory$1.apply(SFVertexFactory.java:186);com.salesforce.graph.vertex.SFVertexFactory$1.apply(SFVertexFactory.java:183);com.salesforce.graph.cache.AbstractVertexCacheImpl.get(AbstractVertexCacheImpl.java:101);com.salesforce.graph.vertex.SFVertexFactory.loadVertices(SFVertexFactory.java:180)
To Reproduce
Getting these errors on the first line of method Definitions. Eg: Getting the error on public static void revokeUserAccess(String userId) in code :
public static void revokeUserAccess(String userId) {
String access_token = NDAuthController.getAccessToken(userId);
"Urgency": We have to resolve this issues for our package's security review.
The text was updated successfully, but these errors were encountered: