My colleague is trying to scan her code base in VS2008 using SCA v4.10.(previously, she installed sca 3.8 and has the plugin for VS2008.)
The LOC is more than 1.5M, and failed to be scanned several times(took more than 24 hours) due to the memory problem.
And now she set the parallel mode in fortify_sca.properties as following:
But on the resource monitor, it still shows using only 1 thread.
Does anyone know what could be the problem here?
Please verify the value set for com.fortify.sca.ThreadCount found in <install_dir>\core\config. By default SCA will use all available threads, but this setting permits you to throttle that as needed. (see Appendix B of the SCA User Guide v4.21)
From earlier conversations, I believe they would do better when the master heap is double that of the worker heap, i.e. Xmx = 2(RmiWorkerMaxHeap).
Despite them setting com.fortify.sca.RmiWorkers to 6, the prescribed method is to use the -j option on the SCA CLI to set that value. To figure out the maximum number of workers for your installation: (Total Physical Memory) / [ (Physical Memory per Java Process) * (Number of Process) ]
Also, are they running this analysis via the command line or inside of Visual Studio? The CLI might offer better performance?
-- Habeas Data
Micro Focus Fortify Customers-Only Forums – https://community.softwaregrp.com/t5/Fortify/ct-p/fortify
Thank you for your feedback.
We just found the warning message : Unable to parse value of property "com.fortify.sca.RmiWorkerMaxHeap": "1024MB" so we removed this property and are running SCA again.
If it goes wrong again, I will try to run via CLI as you advised.