Getting error while running sonar scanner with Spotbugs rules for monolithic project?

Question

Findbugs Plugin have around 449 rules. Applying all those rules into my existing sonarqube quality profile and started sonar scanning which is taking lots of memory to scan the whole project and also it is throwing error after some time.

I am using Sonarqube version: 7.5 and Spotbugs jar version: 3.9.4

Set SONAR_SCANNER_OPTS=-Xmx10G for Temporary Command Prompt session but facing the issue with Java Heap Space (GC overhead limit exceed)

ERROR: Error during SonarQube Scanner execution
ERROR: Can not execute Findbugs
ERROR: Caused by: java.lang.OutOfMemoryError: GC overhead limit exceeded
ERROR: Caused by: GC overhead limit exceeded
ERROR:
ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging.

I expect sonar scanner to work successfully with some selected Spotbugs(Findbugs) rule like vulnerabilities and Malicious rule but its didn't work for limited rule also.

Answer 1

This seems like a memory resource starvation issue. According to: Oracle's Troubleshooting Guide on Memory Leaks, this message is the result of the garbage collector running low on heap memory which causes this exception to be thrown. The link indicates that you can turn this exception off with the '-XX:-UseGCOverheadLimit' switch (and the process will continue to execute with a potential performance penalty).

Also, the type of garbage collection may be an issue. Try changing the garbage collector policy with '-XX:+UseConcMarkSweepGC' or '-XX:+UseParallelGC' and running it again.