Java heap error during analysis

Hi,

I am trying to setup our main code repo for Sonar analysis but I am getting a Java heap space error:

INFO: Reading type hierarchy from: /home/vsts/work/1/s/.scannerwork/ucfg2/js
INFO: Read 0 type definitions
INFO: Reading UCFGs from: /home/vsts/work/1/s/.scannerwork/ucfg2/js
INFO: 17:50:48.137819 Building Runtime Type propagation graph
INFO: 17:50:51.525706 Running Tarjan on 560705 nodes
INFO: 17:50:52.437691 Tarjan found 560636 components
INFO: 17:50:54.218738 Variable type analysis: done
INFO: 17:50:54.222475 Building Runtime Type propagation graph
INFO: 17:50:58.5787 Running Tarjan on 560705 nodes
INFO: 17:50:59.25641 Tarjan found 560636 components
INFO: 17:51:02.911279 Variable type analysis: done
INFO: Analyzing 74752 ucfgs to detect vulnerabilities.
INFO: Taint analysis starting. Entrypoints: 250
INFO: Running symbolic analysis for 'JS'
INFO: Time spent writing ucfgs 33441ms
##[error]Exception in thread "HttpClient-1-Worker-13"
##[error]java.lang.OutOfMemoryError: Java heap space
at java.base/java.util.concurrent.CompletableFuture.completeExceptionally(CompletableFuture.java:2087)
at java.net.http/jdk.internal.net.http.PlainHttpConnection$ConnectEvent.lambda$handle$1(PlainHttpConnection.java:137)
at java.net.http/jdk.internal.net.http.PlainHttpConnection$ConnectEvent$$Lambda$1406/0x0000000100ccfc40.run(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:829)
java.lang.OutOfMemoryError: Java heap space
at java.base/java.util.concurrent.CompletableFuture.completeExceptionally(CompletableFuture.java:2087)
at java.net.http/jdk.internal.net.http.PlainHttpConnection$ConnectEvent.lambda$handle$1(PlainHttpConnection.java:137)
at java.net.http/jdk.internal.net.http.PlainHttpConnection$ConnectEvent$$Lambda$1406/0x0000000100ccfc40.run(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:829)

I have tried adding the java memory allocation but I am not convinced it is the correct parameter.

• task: SonarQubePrepare@5
  inputs:
  SonarQube: ‘SonarQube (Cloud)’
  scannerMode: ‘CLI’
  configMode: ‘manual’
  cliProjectKey: ‘abc’
  cliProjectName: ‘abc’
  cliSources: ‘.’
  extraProperties: |
  # Additional properties that will be passed to the scanner,
  # Put one key=value per line, example:
  # sonar.exclusions=**/*.bin
  sonar.organization=abc
  sonar.javascript.node.maxspace=4096

• task: SonarQubeAnalyze@5

Any help much appreciated.

Thanks

Hi,

By the time sonar.* properties are read, the JVM is already up & running; it’s too late to allocate more memory. Searching tells me you need to set an Application Setting for that. The post I just referenced advises setting JAVA_OPTS, but I suspect SONAR_SCANNER_OPTS is more likely to work since under the covers it looks like the SonarScanner CLI is being invoked.

Also, it’s worth noting that you appear to be using the SonarQube task but you’ve categorized this in SonarCloud. If SonarCloud is the correct category, then you probably want to switch to the SonarCloud task.

 
Ann