We are using find sec bugs via the maven/sonar plugin and we have the problem described in spotbugs/sonar-findbugs#78.

As explained in my comment there:
In our logs we have the following lines (filtered on the keyword iteration) :
too many iterations TaintAnalysis on XXXXX com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 98, timestamp: 3573 com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 99, timestamp: 3606 com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 100, timestamp: 3639 com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 101, timestamp: 3672 com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 102, timestamp: 3705 com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 103, timestamp: 3738 com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 104, timestamp: 3771 com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 105, timestamp: 3804 com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 106, timestamp: 3837 com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 1, timestamp: 0 com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 1, timestamp: 0 com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 1, timestamp: 0 com.h3xstream.findsecbugs.taintanalysis.TaintDataflow iteration: 1, timestamp: 0

After reading the code in https://github.com/spotbugs/spotbugs/blob/release-3.1/spotbugs/src/main/java/edu/umd/cs/findbugs/ba/Dataflow.java
I think the log problem is due to the throw on line 188, the debugWas is not reset to previous value (false) before throwing the exception. As a result, in every following calls, DEBUG is set to true and we have more than 350Mo of output logs.

There may be another bug concerning the 'too many iterations', but I cannot give the code.

Is it possible to fix at least the log problem ?

Thanks in advance