Why does squid: S1166 not accept exception messages only when excepted exceptions are logged?

Question

Why does squid: S1166 not accept exception messages only when excepted exceptions are logged?

Quote from the rule description (SonarQube 4.5.5):

// Noncompliant - exception is lost (only message is preserved) try { /* ... */ } catch (Exception e) { LOGGER.info(e.getMessage()); }

By providing an exception class to the log, the stack trace is written to the logs.

The problem in our code base is this: Following Tell me, don’t ask for a principle, we use checked exceptions as part of what we are looking at, ordinary execution paths and don’t hope that they want them to lead to unreasonably large log messages.

A few examples: servers that respond with error codes are executed when querying the database with optimistic locking (concurrent users) ...

My suggestion: divide this case into two.

 // Noncompliant - exception is lost (only message is preserved) try { /* ... */ } catch (Exception e) { LOGGER.info(e.getMessage()); }

and

 // Compliant - exception is lost (only message is preserved) but there is business logic handling the situation try { /* ... */ } catch (Exception e) { LOGGER.info(e.getMessage()); */ exception handling */ }

Squid rule: S00108 (code blocks must not be empty) will not catch the problem, since there is a registration operator.

Isn't that wise? Did I miss something important?

Note. I rewrote the question to clarify my use case

+4

java sonarqube sonarqube-4.5

Alix Oct 9 '15 at 7:16

source share

3 answers

If this causes hundreds of what you think FP is, then you should consider disabling this rule or excluding it from project files .

But to answer your question:

The point of registration of exceptions is to leave enough information for researchers to find out the cause of the problem.

If your messages are detailed, for example

x in method y broke because frabjous was not enough for the day

then perhaps they fulfill this goal. But what about messages like

Something went wrong

?

In addition, you know exactly what each message means for exclusion, but someday you will probably move on to larger and better things. Will the next guy supporting the system have the same depth of knowledge? He may be grateful for the stacks and line numbers that tell him where to start ...

But finally, I have to ask: why do you get and register so many exceptions that you flood the registrar?

+2

G. Ann - SonarSource Team Oct 9 '15 at 13:05

source share

(adding another answer to answer the question as rewritten :)

Why are you both handling the exception and reporting it? If it is processed, there is no reason to register.

0

G. Ann - SonarSource Team Oct 12 '15 at 11:18

source share

Novaterata · Accepted Answer · 2017-03-08T13:33:02+0000

I understand the arguments for supporting stack tracing and all that, but I think it will inflate your logs for <ERROR level event. One solution is to write the message as WARN and write the exception object as DEBUG or TRACE. Thus, a typical user log configuration would not populate the business as regular stack traces, but if necessary, a stack trace could be obtained.

Why does squid: S1166 not accept exception messages only when excepted exceptions are logged?

More articles: