IBM Support

PI48833: JAVA.LANG.OUTOFMEMORY: GC OVERHEAD LIMIT EXCEEDED OCCURS DURING SCANNING

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • In IBM Security AppScan Source for Analysis 9.0.2.1, attempting
to scan some sample IBM Worklight javascript code results in the
following exception:
 java.lang.OutOfMemory: GC overhead limit exceeded
during a JavaScript scan of an IBM Worklight sample application.
This results in an abnormal termination of the scan with no
results being saved.

Currently there is no workaround to the issue.

Local fix

  • 



Problem summary


    

  • ****************************************************************
* USERS AFFECTED:                                              *
* Users get OutOfMemory errors when they scan JavaScript files *
* either in AppScan Source or Analysis or using MofileFirst    *
* through Eclipse Plugin.                                      *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* Scanning JavaScript code (JSONStore.app) throws OutOfMemory  *
* exceptions while scanning large applications and scan will   *
* be terminated without giving any findings.                   *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************

    



Problem conclusion


    

  • We identified an issue with one of our custom scanners and fixed
that problem so scanning JSONStore app no longer terminates with
OOM errors.

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    PI48833
    • 

  • Reported component name
    SEC APPSCAN SRC
    • 

  • Reported component ID
    5724Z3400
    • 

  • Reported release
    902
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2015-09-16
    • 

  • Closed date
    2015-11-17
    • 

  • Last modified date
    2015-12-21
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Modules/Macros


    

  • Scanner

    



Fix information


    

  • Fixed component name
    SEC APPSCAN SRC
    • 

  • Fixed component ID
    5724Z3400
    • 



Applicable component levels


    

  • R901  PSY
       UP
    • 

  • R902  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSS9LM","label":"IBM Security AppScan Source for Automation"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"902","Line of Business":{"code":"LOB24","label":"Security Software"}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            21 December 2021
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback