Out Of Memory error on run SonarCloudAnalyze@3

I’m trying to run code analysis:

• Version: SonarScanner CLI 7.1.0.4889
• The SonarQube analysis is being run from AzureDevOps Pipeline

I use tasks SonarCloudPrepare@3 and SonarCloudAnalyze@3:

- task: SonarCloudAnalyze@3
   inputs:
      jdkversion: 'JAVA_HOME_17_X64'

I get the following error on code analysis:

ERROR Error during SonarScanner Engine execution
 java.lang.OutOfMemoryError: Java heap space
	at org.sonar.api.internal.apachecommons.io.FilenameUtils.doNormalize(FilenameUtils.java:379)
 	at org.sonar.api.internal.apachecommons.io.FilenameUtils.normalize(FilenameUtils.java:1345)
	at org.sonar.api.utils.PathUtils.sanitize(PathUtils.java:42)
 	at org.sonar.api.batch.fs.internal.PathPattern$RelativePathPattern.match(PathPattern.java:102)
 	at org.sonar.api.batch.fs.internal.PathPattern$RelativePathPattern.match(PathPattern.java:97)
 	at org.sonar.scanner.scan.filesystem.AbstractExclusionFilters.isIncluded(AbstractExclusionFilters.java:118)
 	at org.sonar.scanner.scan.filesystem.FilePreprocessor.isFileIncluded(FilePreprocessor.java:121)
 	at org.sonar.scanner.scan.filesystem.FilePreprocessor.processFile(FilePreprocessor.java:63)
 	at org.sonar.scanner.scan.filesystem.ProjectFilePreprocessor.lambda$processDirectory$3(ProjectFilePreprocessor.java:170)
 	at org.sonar.scanner.scan.filesystem.ProjectFilePreprocessor$$Lambda$356/0x00007f81d838c000.execute(Unknown Source)
 	at org.sonar.scanner.scan.filesystem.DirectoryFileVisitor.visitFile(DirectoryFileVisitor.java:42)
 	at org.sonar.scanner.scan.filesystem.DirectoryFileVisitor.visitFile(DirectoryFileVisitor.java:19)
 	at java.base/java.nio.file.Files.walkFileTree(Unknown Source)
 	at org.sonar.scanner.scan.filesystem.ProjectFilePreprocessor.processDirectory(ProjectFilePreprocessor.java:169)
 	at org.sonar.scanner.scan.filesystem.ProjectFilePreprocessor.processModuleSources(ProjectFilePreprocessor.java:154)
 	at org.sonar.scanner.scan.filesystem.ProjectFilePreprocessor.processModule(ProjectFilePreprocessor.java:137)
 	at org.sonar.scanner.scan.filesystem.ProjectFilePreprocessor.processModulesRecursively(ProjectFilePreprocessor.java:125)
 	at org.sonar.scanner.scan.filesystem.ProjectFilePreprocessor.execute(ProjectFilePreprocessor.java:90)
 	at org.sonar.scanner.bootstrap.ScannerContainer.doAfterStart(ScannerContainer.java:411)
 	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
 	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
 	at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:128)
 	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
 	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
 	at org.sonar.scanner.bootstrap.ScannerMain.runScannerEngine(ScannerMain.java:136)
 	at org.sonar.scanner.bootstrap.ScannerMain.run(ScannerMain.java:53)
 	at org.sonar.scanner.bootstrap.ScannerMain.main(ScannerMain.java:39)

I tried to set SONAR_SCANNER_OPTS setting by increasing memory limits and made sure that new values have applied.

variables:
      - name: SONAR_SCANNER_OPTS
        value: -Xmx12g -Xms10g

Value by default was:

INFO SONAR_SCANNER_OPTS=-Xmx8g -Xms512m -XX:+HeapDumpOnOutOfMemoryError

Now I see that new values are applied:

INFO SONAR_SCANNER_OPTS=-Xmx12g -Xms10g

But I still get the same error. I’m stucked.
Can you tell please how to fix this OOM issue?

Hey there.

What’s going on in the pipeline right before the OOM? Logs please.

Sorry, here they are
oom-logs.txt (13.9 KB)

Weird place to get an OOM error.

Can you try SONAR_SCANNER_JAVA_OPTS instead of SONAR_SCANNER_OPTS? The latter only increases memory for the JVM that spins off the real scanner (where the OOM is taking place.

Tried SONAR_SCANNER_JAVA_OPTS=-Xmx14g and now we get another error:

java.lang.IllegalStateException: Unable to load component class org.sonar.scanner.report.ActiveRulesPublisher

See logs
SONAR_SCANNER_JAVA_OPTS.txt (39.6 KB)

Tried change value for SONAR_SCANNER_JAVA_OPTS (both decreasing and increasing) and all pipelines are failed due to timeout.

Is this still the case? There was a brief incident earlier today which should have been resolved.

Now it’s failed due to timeout as yesterday. So, any value for setting SONAR_SCANNER_JAVA_OPTS leads to pipeline timeout.

See logs:
sonar_logs.txt (6.2 KB)

Thanks.

This is reminding me a bit of this thread.

Can you try setting sonar.scm.exclusions.disabled=true, and if it’s working after that, provide your .gitignore so we can try to get of the bottom of the issue?

I removed SONAR_SCANNER_OPTS and SONAR_SCANNER_JAVA_OPTS settings for SonarCloudAnalyze@3 task and I added sonar.scm.exclusions.disabled=true setting for SonarCloudPrepare@3 task. So I have this:

- task: SonarCloudPrepare@3
    displayName: Sonarcloud prepare
    inputs:
      SonarCloud: 'SonarCloud'
      organization: '*****'
      scannerMode: '${{ parameters.scannerMode }}'
      projectKey: '${{ parameters.projectKey }}'
      configMode: 'file'
      configFile: '${{parameters.sonarProjectBaseDir}}/sonar-project.properties'
      extraProperties: |
        sonar.scm.exclusions.disabled=true

It’s failed due to OutOfMemory error.

Judging by line
INFO Exclusions based on SCM info is disabled by configuration
logs, setting sonar.scm.exclusions.disabled has been applied. See logs here:
sonar.scm.exclusions.disabled.txt (14.7 KB)

Any other ideas?

Thanks for trying. I’m calling in reinforcements.

Hello @Rus1an ,

Please, could you run the analysis enabling the scanner debug mode? (GitHub - SonarSource/sonarqube-scan-action)
Adding -Dsonar.verbose=true, so we can get more information about the issue.

Thanks a lot.
Cheers,
Javier

Hello, Javier

Thank you for stepping in investigation of this issue.

I added sonar.verbose=true parameter.
See logs here:
oom_verbose_logs.txt (57.1 KB)

Hi @javier.garcia
Can you tell please if you have any updates?

Hi @Rus1an ,

I couldn’t take a deep look at it yet. It seems the logs are not providing much more information of the cause of the OOM.
I’ll keep investigating.

Cheers,
Javier

Hi @Rus1an ,

Let’s try a combination of the previous suggestions. Could you try again using SONAR_SCANNER_OPTS=-Xmx12g -Xms10g and sonar.scm.exclusions.disabled=true at the same time?

Cheers,
Javier

Hi @javier.garcia

I tried with both settings at the same time but unfortunately result is the same. See logs here:
oom_logs_new.txt (54.3 KB)

Judging by exception and trace, looks like something wrong with one of the processing file:

at java.base/sun.nio.fs.UnixPath.getName(Unknown Source)
	at java.base/sun.nio.fs.UnixPath.hasDotOrDotDot(Unknown Source)
	at java.base/sun.nio.fs.UnixPath.relativize(Unknown Source)
	at java.base/sun.nio.fs.UnixPath.relativize(Unknown Source)
	at org.sonar.scanner.scan.filesystem.FilePreprocessor.processFile(FilePreprocessor.java:62)
	at org.sonar.scanner.scan.filesystem.ProjectFilePreprocessor.lambda$processDirectory$3(ProjectFilePreprocessor.java:170)
	at org.sonar.scanner.scan.filesystem.ProjectFilePreprocessor$$Lambda$352/0x00007f6d9032d700.execute(Unknown Source)
	at org.sonar.scanner.scan.filesystem.DirectoryFileVisitor.visitFile(DirectoryFileVisitor.java:42)
	at org.sonar.scanner.scan.filesystem.DirectoryFileVisitor.visitFile(DirectoryFileVisitor.java:19)
	at java.base/java.nio.file.Files.walkFileTree(Unknown Source)

Can you identify what file name caused exception?

@javier.garcia What I noticed in the logs. In lines 17-18 we see:

2025-07-02T08:00:55.8946604Z 08:00:55.894 INFO  SONAR_SCANNER_OPTS=-Xmx12g -Xms10g
2025-07-02T08:00:55.9168121Z 08:00:55.914 DEBUG Scanner max available memory: 12 GB

But below in line 48:

2025-07-02T08:01:01.7096110Z 08:01:01.708 DEBUG JVM max available memory: 1 GB

Why it’s only 1GB? Do you know how to increase JVM max available memory?

Hi @Rus1an ,

It seems that two JVM processes are being started:

• The SonarScanner CLI

2025-07-02T08:00:55.8870318Z 08:00:55.886 INFO  SonarScanner CLI 7.1.0.4889
2025-07-02T08:00:55.8882119Z 08:00:55.887 INFO  Java 17.0.15 Eclipse Adoptium (64-bit)
2025-07-02T08:00:55.8890853Z 08:00:55.888 INFO  Linux 6.11.0-1015-azure amd64
2025-07-02T08:00:55.8946604Z 08:00:55.894 INFO  SONAR_SCANNER_OPTS=-Xmx12g -Xms10g
2025-07-02T08:00:55.9168121Z 08:00:55.914 DEBUG Scanner max available memory: 12 GB

• The SonarScanner Engine

2025-07-02T08:01:01.6604596Z 08:01:01.659 INFO  Starting SonarScanner Engine...
2025-07-02T08:01:01.6618991Z 08:01:01.661 INFO  Java 17.0.11 Eclipse Adoptium (64-bit)
2025-07-02T08:01:01.7096110Z 08:01:01.708 DEBUG JVM max available memory: 1 GB

And it seems the second one is complaining about the lack of memory.
Let’s try to provide the memory to the SonarScanner instead of the CLI. Please, might you change the configuration for SONAR_SCANNER_OPTS to SONAR_SCANNER_JAVA_OPTS? Keep the sonar.scm.exclusions.disabled=true.

Cheers,
Javier

I tried, but pipeline is failed due to timeout. And there are warnings in the logs like this:
[warning]Free memory is lower than 5%; Currently used: 95.34%

Logs are here:
oom_logs_jvm.txt (41.6 KB)

@javier.garcia @Colin can you please investigate on your side what is the reason of the issue? Which file caused OOM error? We’re beating around the bush more than a week.

Hello @Rus1an ,

I’m sorry for the inconvenience but I’m doing my best to find a solution.
Sadly, I’m afraid it is not possible to know what is the file that causes de OOM. You already enabled the debug mode and it is not shown in the logs.
Let me try to get more help and I will come to you ASAP.

Cheers,
Javier