Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scanner freezes when using ClearlyDefined as a scan storage provider #4540

Closed
martencassel opened this issue Oct 4, 2021 · 34 comments
Closed

Scanner freezes when using ClearlyDefined as a scan storage provider #4540

martencassel opened this issue Oct 4, 2021 · 34 comments
Assignees
@sschuberth
Labels
scanner About the scanner tool

Comments

@martencassel
Copy link
Contributor

martencassel commented Oct 4, 2021
edited
Loading

When i run the scanner using clearlydefined with a file based storage, the scanner seem to hang.

I don't know if its a problem using the clearlydefined api or if my configuration file is incorrect ?

Is there any flag to see more information from the scanner, like debug messages ?

The process doesn't seem to do much

sudo sudo strace -f -e trace=network -s 10000 -p `pidof java`
strace: Process 110620 attached with 91 threads
[pid 110770] recvfrom(295, 
 <unfinished ...>
[pid 110767] sendto(295, "\27\3\3\0#\315K\17\366~\3\365\5\37\r\327.N.\274\215y>\264\10\355u\244\277\35K^{9\69\233\305i\"", 40, 0, NULL, 0) = 40
[pid 110767] sendto(295, "\27\3\3\0#\326?|j\201\320\224\257I\316\261\207\333(\\\311>\10\2217x1\255\227\223J\271\377,R\224!>\236\301", 40, 0, NULL, 0) = 40
[pid 110767] shutdown(295, SHUT_WR)     = 0
[pid 110767] shutdown(295, SHUT_RD)     = 0
[pid 110770] <... recvfrom resumed>"", 5, 0, NULL, NULL) = 0
[pid 110770] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x7f231368e008} ---
[pid 110767] +++ exited with 0 +++
[pid 110770] +++ exited with 0 +++
[pid 110620] --- SIGWINCH {si_signo=SIGWINCH, si_code=SI_USER, si_pid=0, si_uid=0} ---
[pid 110620] --- SIGWINCH {si_signo=SIGWINCH, si_code=SI_USER, si_pid=0, si_uid=0} ---
[pid 110620] --- SIGWINCH {si_signo=SIGWINCH, si_code=SI_USER, si_pid=0, si_uid=0} ---
[pid 110620] --- SIGWINCH {si_signo=SIGWINCH, si_code=SI_USER, si_pid=0, si_uid=0} ---
[pid 110620] --- SIGWINCH {si_signo=SIGWINCH, si_code=SI_USER, si_pid=0, si_uid=0} ---
[pid 110620] --- SIGWINCH {si_signo=SIGWINCH, si_code=SI_USER, si_pid=0, si_uid=0} ---
[pid 110620] --- SIGWINCH {si_signo=SIGWINCH, si_code=SI_USER, si_pid=0, si_uid=0} ---
[pid 110620] --- SIGWINCH {si_signo=SIGWINCH, si_code=SI_USER, si_pid=0, si_uid=0} ---
~/scripts/scan.sh 
20:06:35.331 [main] INFO  org.ossreviewtoolkit.model.config.OrtConfiguration - Using ORT configuration file '/ort-home/.ort/ort.conf'.
20:06:35.638 [main] INFO  org.ossreviewtoolkit.model.config.LicenseFilenamePatterns - Configuring the license file patterns.
________ _____________________
\_____  \\______   \__    ___/ the OSS Review Toolkit, version DOCKER-SNAPSHOT.
 /   |   \|       _/ |    |
/    |    \    |   \ |    |    Running 'scan' under Java 11.0.8 on Linux with
\_______  /____|_  / |____|    8 CPUs and a maximum of 7942 MiB of memory.
        \/       \/
Environment variables:
ORT_CONFIG_DIR = /ort-home/.ort
ORT_DATA_DIR = /ort-home/.ort
JAVA_HOME = /opt/java/openjdk
ANDROID_HOME = /opt/android-sdk
GOPATH = /go

20:06:35.682 [main] INFO  org.ossreviewtoolkit.scanner.ScanResultsStorage - Using file based storage with local directory '/ort-home/.ort/scan-results'.
20:06:35.689 [main] INFO  org.ossreviewtoolkit.scanner.ScanResultsStorage - Using ClearlyDefined storage with URL 'https://api.clearlydefined.io'.
20:06:35.694 [main] INFO  org.ossreviewtoolkit.scanner.ScanResultsStorage - Using composite storage with readers FileBasedStorage with XZCompressedLocalFileStorage backend, ClearlyDefinedStorage and writers FileBasedStorage with XZCompressedLocalFileStorage backend.
20:06:35.695 [main] INFO  org.ossreviewtoolkit.scanner.ScanResultsStorage - ScanResultStorage has been configured to composite[readers:[FileBasedStorage with XZCompressedLocalFileStorage backend, ClearlyDefinedStorage], writers:[FileBasedStorage with XZCompressedLocalFileStorage backend]].
Using scan storage 'composite[readers:[FileBasedStorage with XZCompressedLocalFileStorage backend, ClearlyDefinedStorage], writers:[FileBasedStorage with XZCompressedLocalFileStorage backend]]'.
Using scanner 'ScanCode'.
20:06:36.733 [main] INFO  org.ossreviewtoolkit.scanner.scanners.scancode.ScanCode - Searching scan results for 1 packages.
20:06:36.739 [main] INFO  org.ossreviewtoolkit.scanner.scanners.scancode.ScanCode - Searching scan results for 380 packages.
20:06:37.199 [DefaultDispatcher-worker-34] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/cavaliercoder/badio:v0.0.0-20160213150051-ce5280129e9e'.
20:06:37.199 [DefaultDispatcher-worker-9] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/anmitsu/go-shlex:v0.0.0-20161002113705-648efa622239'.
20:06:37.199 [DefaultDispatcher-worker-63] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.62.0'.
20:06:37.200 [DefaultDispatcher-worker-7] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/asaskevich/govalidator:v0.0.0-20200907205600-7a23bdc65eef'.
20:06:37.200 [DefaultDispatcher-worker-37] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/Masterminds/squirrel:v1.4.0'.
20:06:37.200 [DefaultDispatcher-worker-61] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go/storage:v1.6.0'.
20:06:37.200 [DefaultDispatcher-worker-13] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.65.0'.
20:06:37.200 [DefaultDispatcher-worker-41] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/Masterminds/goutils:v1.1.0'.
20:06:37.200 [DefaultDispatcher-worker-45] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/cavaliercoder/go-rpm:v0.0.0-20200122174316-8cb9fd9c31a8'.
20:06:37.200 [DefaultDispatcher-worker-38] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/alecthomas/jsonschema:v0.0.0-20200530073317-71f438968921'.
20:06:37.200 [DefaultDispatcher-worker-10] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/BurntSushi/toml:v0.3.1'.
20:06:37.200 [DefaultDispatcher-worker-59] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go/storage:v1.5.0'.
20:06:37.200 [DefaultDispatcher-worker-46] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::code.gitea.io/sdk/gitea:v0.13.0'.
20:06:37.200 [DefaultDispatcher-worker-60] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.76.0'.
20:06:37.200 [DefaultDispatcher-worker-43] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/Masterminds/sprig:v2.22.0+incompatible'.
20:06:37.201 [DefaultDispatcher-worker-48] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.34.0'.
20:06:37.200 [DefaultDispatcher-worker-18] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/asaskevich/govalidator:v0.0.0-20200428143746-21a406dcc535'.
20:06:37.201 [DefaultDispatcher-worker-24] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go/storage:v1.0.0'.
20:06:37.201 [DefaultDispatcher-worker-50] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.72.0'.
20:06:37.201 [DefaultDispatcher-worker-30] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go/storage:v1.10.0'.
20:06:37.201 [DefaultDispatcher-worker-33] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.26.0'.
20:06:37.198 [DefaultDispatcher-worker-35] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/cavaliercoder/go-cpio:v0.0.0-20180626203310-925f9528c45e'.
20:06:37.198 [DefaultDispatcher-worker-36] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/Masterminds/semver:v1.5.0'.
20:06:37.198 [DefaultDispatcher-worker-64] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go/storage:v1.8.0'.
20:06:37.198 [DefaultDispatcher-worker-62] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.74.0'.
20:06:37.210 [DefaultDispatcher-worker-8] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.57.0'.
20:06:37.225 [DefaultDispatcher-worker-34] INFO  org.ossreviewtoolkit.utils.OrtAuthenticator - Authenticator was successfully installed.
20:06:37.240 [DefaultDispatcher-worker-34] INFO  org.ossreviewtoolkit.utils.OrtProxySelector - Proxy selector was successfully installed.
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by retrofit2.Platform (file:/opt/ort/lib/retrofit-2.9.0.jar) to constructor java.lang.invoke.MethodHandles$Lookup(java.lang.Class,int)
WARNING: Please consider reporting this to the maintainers of retrofit2.Platform
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
20:06:37.446 [DefaultDispatcher-worker-30] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.54.0'.
20:06:37.446 [DefaultDispatcher-worker-34] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.44.3'.
20:06:37.446 [DefaultDispatcher-worker-35] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.46.3'.
20:06:37.447 [DefaultDispatcher-worker-30] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.44.2'.
20:06:37.447 [DefaultDispatcher-worker-34] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.44.1'.
20:06:37.447 [DefaultDispatcher-worker-35] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.38.0'.
20:06:37.446 [DefaultDispatcher-worker-61] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.50.0'.
20:06:37.447 [DefaultDispatcher-worker-34] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::github.com/cespare/xxhash/v2:v2.1.1'.
20:06:37.446 [DefaultDispatcher-worker-41] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.52.0'.
20:06:37.447 [DefaultDispatcher-worker-30] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.45.1'.
20:06:37.446 [DefaultDispatcher-worker-50] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.56.0'.
20:06:37.446 [DefaultDispatcher-worker-60] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'GoMod::cloud.google.com/go:v0.53.0'.
cat ~/scripts/scan.sh 
#!/bin/bash

export CURRENT_DIRNAME=$(basename "$PWD")

sudo rm -rf ~/.ort/project/packaged/ort/scanner/native-scan-results

docker run -e ORT_CONFIG_DIR=/ort-home/.ort \
           -e ORT_DATA_DIR=/ort-home/.ort \
           -v $HOME:/ort-home \
           -v $(pwd):/project \
	   -v ~/.gitconfig:/root/.gitconfig \
           ort:latest --info scan -i /ort-home/.ort/project/$CURRENT_DIRNAME/ort/analyzer/analyzer-result.json -o /ort-home/.ort/project/$CURRENT_DIRNAME/ort/scanner
 cat ~/.ort/ort.conf
ort {
  scanner {
    storages {
      clearlyDefined {
        serverUrl = "https://api.clearlydefined.io"
      }
      fileBasedStorage {
        backend {
          localFileStorage {
            directory = "/ort-home/.ort/scan-results"
            compression = true
          }
        }
      }
    }

    storageReaders: [
       "fileBasedStorage", "clearlyDefined"
    ]

    storageWriters: [
      "fileBasedStorage"
    ]
  }
}
@martencassel martencassel changed the title scanner seems to hang when using ClearlyDefined scanner freezes when using ClearlyDefined Oct 4, 2021
@sschuberth
Copy link
Member

We're also facing timeout issues with ClearlyDefined recently. My hope is that working on #3905 will address this.

@schvvarzekatze

This comment was marked as off-topic.

Sign in to view
@sschuberth

This comment was marked as off-topic.

Sign in to view
@schvvarzekatze
Copy link

If I configure to read and write the scan result only on postgres it seems to stop due to a timeout:

3:13:43.225 [main] INFO  org.ossreviewtoolkit.utils.common.ProcessCapture - Running '/usr/local/bin/scancode --copyright --license --info --strip-root --timeout 300 --processes 7 /tmp/ort-ScanCode<id>/Maven/com.azure/azure-core-http-netty/1.5.0 --json-pp /sample-project/build/oss-review-toolkit/gradle/scan/native-scan-results/Maven/com.azure/azure-core-http-netty/1.5.0/scan-results_ScanCode.json' in '/'...

Would it help to configure the timeout of ScanCode

@sschuberth
Copy link
Member

Hmm, I don't see ScanCode running into a timeout in the logs you posted (you should see a message like "Timeout ... while scanning file ..." then).

As Netty is a rather big package IIRC, the scan could simply take long. A ScanCode scan can easily take several hours depending on the code size. PS: The timeout is per file, not per total scan duration.

@schvvarzekatze
Copy link

It does not even continue after more than one hour from this package only on postgres. But also with clearlyDefined it stops after some minutes scanning - not at the same package when I want to reproduce it. It does not continue even after several hours. I have never seen the timeout message in the logs so a longer timeout probably won't be a solution.

ort {
  analyzer {
  }

  scanner {
    storages {

      postgres {
        url = ${POSTGRES_URL}
        schema = "public"
        username = "ort"
        password = ${POSTGRES_PASSWORD}
        sslmode = "disable"
      }

    }

    storageReaders: [
      "postgres"
    ]

    storageWriters: [
      "postgres"
    ]
  }
}

ort {
  analyzer {
  }

  scanner {
    storages {
      clearlyDefined {
       serverUrl = "https://api.clearlydefined.io"
     }

      postgres {
        url = ${POSTGRES_URL}
        schema = "public"
        username = "ort"
        password = ${POSTGRES_PASSWORD}
        sslmode = "disable"
      }

      fileBasedStorage {
              backend {
                localFileStorage {
                  directory = "/ort/analyzer"
                  compression = true
                }
              }
            }
    }

    storageReaders: [
      "fileBasedStorage", "postgres", "clearlyDefined"
    ]

    storageWriters: [
      "fileBasedStorage", "postgres"
    ]
  }
}

@schvvarzekatze
Copy link

schvvarzekatze commented Dec 15, 2021
edited
Loading

The scan passed azure-core-http-nettythis time after 1.5 hours. So it really takes very long. ;)
Finally the scan with postgres was successful and took about 5 h.

@software-testing-professional
Copy link

software-testing-professional commented Feb 9, 2022
edited
Loading

I'm also facing this freeze issue when using clearlyDefined as storageReader.

...
storageReaders = [
  fileBasedStorage, clearlyDefined
]

storageWriters = [
  fileBasedStorage 
]
...

root@2af0304336d8:/# ps aux
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root           1  0.0  0.0   7244  4104 pts/0    Ss   06:45   0:00 /bin/bash
root        1089  0.8  1.1 14265044 379328 pts/0 Sl+  06:53   0:11 /opt/java/openjdk/bin/java -classpath /opt/ort/lib/*:/opt/ort/plugin/* org.ossreviewtoolkit.cli.OrtMainKt --info scan -i /project/ort/analyzer/analyzer-result.json -o /pro
root        1242  0.0  0.0   7244  3892 pts/1    Ss   07:15   0:00 /bin/bash
root        1252  0.0  0.0   8900  3252 pts/1    R+   07:16   0:00 ps aux

ORT is in Sl+ (interruptible sleep).

Any news on this?

@sschuberth
Copy link
Member

Any news on this?

I guess no one is currently working on this because AFAIK ClearlyDefined uses a very old version of ScanCode by now, and thus it's quite unattractive to use ClearlyDefined as a scan storage reader currently...

@sschuberth
Copy link
Member

I accidentally came across this issue that I fixed, which likely also fixes this issue. Can anyone confirm?

@martencassel
Copy link
Contributor Author

martencassel commented Feb 25, 2022
edited
Loading

I would like to test this. Any particular projects that i can use as test cases ?

Apart from the scanning not freezing or anything like that, how do i know that this works ?

@martencassel
Copy link
Contributor Author

martencassel commented Feb 25, 2022
edited
Loading

I just ran the scanner (main/73af92a4b86cb5e01c0b867e6eb64115ed692bf0) of ort with a https://github.com/tornadoweb/tornado/tree/master with no issues running the scanner.

@martencassel
Copy link
Contributor Author

Just curios, do you perform any e2e tests of clearlydefined in a pipline or such ?

@sschuberth
Copy link
Member

Just curios, do you perform any e2e tests of clearlydefined in a pipline or such ?

No, currently not.

@sschuberth
Copy link
Member

I just ran the scanner (main/73af92a4b86cb5e01c0b867e6eb64115ed692bf0) of ort with a https://github.com/tornadoweb/tornado/tree/master with no issues running the scanner.

That's good news. We should probably wait for other affected users to confirm the fix before closing this issue.

@software-testing-professional
Copy link

software-testing-professional commented Feb 28, 2022
edited
Loading

I'll give it a try within the next days. With this configuration:

storageReaders = [
  fileBasedStorage, clearlyDefined
]

storageWriters = [
  fileBasedStorage 
]

@schvvarzekatze
Copy link

In our case there no timeout anymore with this configuration using the recent docker image of ORT:

ort {
  analyzer {
  }

  scanner {
    storages {
      clearlyDefined {
        serverUrl = "https://api.clearlydefined.io"
      }

      postgres {
        url = ${POSTGRES_URL}
        schema = "public"
        username = "ort"
        password = ${POSTGRES_PASSWORD}
        sslmode = "disable"
      }
    }

    storageReaders: [
      "postgres", "clearlyDefined"
    ]

    storageWriters: [
      "postgres"
    ]
  }
}

@sschuberth
Copy link
Member

Thanks for these confirmations, I'm closing this then.

@software-testing-professional
Copy link

Hmm.
It's still freezing.

I'm on commit main/ddfbf6289b4aef2b5acaf29dee6dd0718b27b52a and running the scanner locally (after ./gradlew installDist).

Config is

storageReaders = [
  clearlyDefined, fileBasedStorage
]

So clearlyDefined is used first.

@sschuberth sschuberth reopened this Feb 28, 2022
@sschuberth sschuberth mentioned this issue Mar 1, 2022
Closed
@sschuberth sschuberth added bug scanner About the scanner tool labels Mar 1, 2022
@borisbaldassari
Copy link

borisbaldassari commented Mar 1, 2022
edited
Loading

As mentioned in issue #5116 I also have the issue on latest dev. Commit ID is 98616cc52da42fbe9cfd2b317e90fd4cc2925d04.
Storage readers is defined as [ fileBasedStorage, clearlyDefined ].

Caveat: it actually works on some projects (e.g. Eclipse JGit) but freezes on others (e.g. Eclipse Tycho).

@martencassel
Copy link
Contributor Author

I tested with https://github.com/tornadoweb/tornado (python project) and it worked fine.

@janderssonse
Copy link
Contributor

janderssonse commented Mar 16, 2022
edited
Loading

Confirm freeze after a few minutes with latest dev and clearlyDefined
Storage readers is defined as [ fileBasedStorage, clearlyDefined ].

@mawl
Copy link

mawl commented Apr 29, 2022

Confirm freeze on a dotnetcore project:

ort {
  analyzer {
    ignoreToolVersions = true
    allowDynamicVersions = true
  }

  scanner {
    skipConcluded = false
    
    storages {
      artifactoryStorage {
        backend {
          httpFileStorage {
            url = "https://repo.mycompany.local/artifactory/scan-results/license-scanner"
            headers {
              X-JFrog-Art-Api = "${ARTIFACTORY_API_TOKEN}"
            }
          }
        }
      }

      clearlyDefined {
        serverUrl = "https://api.clearlydefined.io"
      }      
    }

    storageReaders: [
      "artifactoryStorage", "clearlyDefined"
    ]

    storageWriters: [
      "artifactoryStorage"
    ]
  }
}

WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by retrofit2.Platform (file:/opt/ort/lib/retrofit-2.9.0.jar) to constructor java.lang.invoke.MethodHandles$Lookup(java.lang.Class,int)
WARNING: Please consider reporting this to the maintainers of retrofit2.Platform
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
07:00:07.015 [DefaultDispatcher-worker-48] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'NuGet::System.Diagnostics.Contracts:4.3.0'.
07:00:07.015 [DefaultDispatcher-worker-47] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'NuGet::Microsoft.NETCore.Targets:1.0.1'.
07:00:07.015 [DefaultDispatcher-worker-38] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'NuGet::System.Data.Common:4.1.0'.
07:00:07.027 [DefaultDispatcher-worker-1] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'NuGet::System.Diagnostics.DiagnosticSource:4.0.0'.
07:00:07.053 [DefaultDispatcher-worker-69] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'NuGet::System.Diagnostics.DiagnosticSource:4.3.0'.
07:00:07.053 [DefaultDispatcher-worker-47] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'NuGet::System.Diagnostics.Process:4.1.0'.
ERROR: Job failed: execution took longer than 1h0m0s seconds

@sschuberth sschuberth changed the title scanner freezes when using ClearlyDefined Scanner freezes when using ClearlyDefined as a scan storage provider May 3, 2022
@sschuberth sschuberth mentioned this issue Jul 19, 2022
Closed
@sschuberth sschuberth pinned this issue Aug 18, 2022
@sschuberth sschuberth mentioned this issue Aug 26, 2022
Open
@sschuberth
Copy link
Member

For anyone who's still affected by this, can you please share your ORT analyzer result for a public (and as small as possible) project where you can reproduce the scanner freeze?

@schvvarzekatze
Copy link

I still have the freeze for the following package:

11:29:43.338 [DefaultDispatcher-worker-15] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'Maven:com.github.junrar:junrar:7.5.2'.

@sschuberth
Copy link
Member

Looking up results for 'Maven:com.github.junrar:junrar:7.5.2'.

Just using that single artifact in ClearlyDefinedStorageFunTest still passes. So it's not a matter of a specific artifact being used, but a sum of artifacts that probably triggers some race condition. I'd really need a full analyzer result file for which the hanging in the scanner reproducibly happens.

@sschuberth sschuberth moved this to Q3 2022 – Jul-Sep in Roadmap Aug 31, 2022
@sschuberth sschuberth moved this from Q3 2022 – Jul-Sep to Q4 2022 - Oct-Dec in Roadmap Nov 2, 2022
@schvvarzekatze

This comment was marked as off-topic.

Sign in to view
@sschuberth

This comment was marked as off-topic.

Sign in to view
@schvvarzekatze

This comment was marked as off-topic.

Sign in to view
@sschuberth

This comment was marked as off-topic.

Sign in to view
@sschuberth sschuberth moved this from Q4 2022 - Oct-Dec to Q1 2023 - Jan-Mar in Roadmap Jan 11, 2023
@sschuberth
Copy link
Member

Can anyone still reproduce the hanging with today's version of ORT?

@schvvarzekatze
Copy link

I still have the freeze for the following package:

11:29:43.338 [DefaultDispatcher-worker-15] INFO  org.ossreviewtoolkit.scanner.storages.ClearlyDefinedStorage - Looking up results for 'Maven:com.github.junrar:junrar:7.5.2'.

Now the freeze does not occur anymore for gradle packages. I used 32 GB and 32 CPUs because this also solved the Freeze of the ORT scan without ClearlyDefined as Read Only storage.

@sschuberth
Copy link
Member

Thanks for confirming. With the recent fixes for ORT's calls to the ClearlyDefined API (esp. for packages without namespaces) I indeed believe this to be fixed. If anyone still sees this, we can reopen the issue.

@sschuberth sschuberth unpinned this issue Feb 8, 2023
@sschuberth sschuberth mentioned this issue Feb 23, 2023
Closed
@software-testing-professional
Copy link

I can confirm that the scanner does not freeze anymore, if ClearlyDefined is defined as storageReader (together with artifactoryStorage).

storageReaders: [
  "clearlyDefined",
  "artifactoryStorage"
]

...
08:30:57.397 [main] INFO org.ossreviewtoolkit.scanner.ScanResultsStorage - Read 0 scan result(s) for 'Maven:io.swagger.core.v3:swagger-core:2.2.7' from ClearlyDefinedStorage in 694.389us.
08:30:57.979 [main] INFO org.ossreviewtoolkit.scanner.ScanResultsStorage - Read 1 scan result(s) for 'Maven:org.apache.tomcat.embed:tomcat-embed-el:10.1.4' from ClearlyDefinedStorage in 582.341739ms.
08:30:57.981 [main] INFO org.ossreviewtoolkit.scanner.ScanResultsStorage - Read 0 scan result(s) for 'Maven:net.logstash.logback:logstash-logback-encoder:7.2' from ClearlyDefinedStorage in 1.274609ms.
08:30:57.982 [main] INFO org.ossreviewtoolkit.scanner.ScanResultsStorage - Read 0 scan result(s) for 'Maven:org.springframework:spring-test:6.0.3' from ClearlyDefinedStorage in 890.483us.
...
Tested with Docker-based ORT, built from commit 19c89ff.

Thank you for fixing it!!! smiley

@sschuberth sschuberth self-assigned this Feb 28, 2023
@sschuberth sschuberth removed this from Roadmap Nov 20, 2023
@sschuberth sschuberth marked this as a duplicate of #5116 Feb 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sschuberth sschuberth

Labels
scanner About the scanner tool
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@sschuberth @martencassel @mawl @borisbaldassari @janderssonse @software-testing-professional @schvvarzekatze