Scanning results in error "memory exceeded a predefined limit"

Technote (troubleshooting)


Problem(Abstract)

Attempts to run IBM Security AppScan Standard results in the error "AppScan memory requirements have exceeded a predefined limit and the scan has been stopped".

Symptom

The full error message is:

AppScan memory requirements have exceeded a predefined limit and the scan has been stopped. It is recommended that you save the scan at this point. If problems persist, please contact your support provider.


Cause

AppScan Standard version 8.5 (and lower) has a predefined memory limit of 800 MB, and version 8.6 (and higher) has the limit set to 1,200 MB. If the AppScan.exe process reaches or exceeds this limit, you will see the "AppScan memory requirements have exceeded a predefined limit" message.

The limit is in place to make sure AppScan Standard stays within stable operating bounds.

While it is possible to increase the memory limit value, it is NOT recommended, as it may cause further issues.


Resolving the problem

Check and or perform these troubleshooting steps to diagnose and resolve the above error:

  1. Optimize the scan

    Use steps provided in the following technote, #1501218 - How to optimize large scans, to minimize your scan.

  2. Limit reached during Test Phase and Execute JavaScript code

    If AppScan Standard is hitting this limit when the Execute JavaScript to discover URLs and dynamic content is enabled (under Scan Configuration > Explore Settings), then perform the below steps:
    1. Disable it,
    2. Save the scan,
    3. Exit and reopen AppScan Standard
    4. Continue with the Test Phase

      Note: JavaScript Execute is memory intensive in nature. It is not only run in the explore stage, but if multiphase scanning is enabled (which is turned on by default), then it will execute the test responses in an effort to find more links, which in turn will cause AppScan Standard to consume more memory. Consumption is proportional to the amount of projected tests.

  3. Reduce number of Threads

    Reduce the number of testing threads to 1 (the value can be currently set from 1 to 10) under Scan Configuration > Connection > Number of Threads.

    Once modified, save the scan, then close and reopen AppScan Standard and continue with the scan. Restarting AppScan will ensure that the operating system flushes the virtual memory being used by AppScan Standard.

  4. Excessive memory usage

    If having AppScan Standard 8.5 or earlier, use the steps in technote AppScan Standard crashes due to excessive memory usage, to have AppScan Standard restart automatically once it reaches the memory limit.

  5. Use CLI (AppScan Command Line Interface) instead of GUI

  6. Desktop Firewall or Anti-virus

    Check if there is a personal firewall or an anti-virus application running on the same machine as AppScan Standard.
    • Desktop firewall - Try disabling the firewall to see if it changes the behavior. If not, then you may want to try uninstalling it to see if that has any impact, if that is an option.
    • Anti-virus - Try disabling the Anti-virus software to see if it changes the behavior. if not, then view the Anti-virus causing performance issues with AppScan Standard for more information.

  7. Large number of automatic links

    If your application contains a large number of automatic links (such as <script src=...>) or automatic links that contain large responses, this could cause an out of memory issue.

    The option for automatic links is here:  Scan Configuration >  Advanced Configuration > Tests: Follow all automatic links

  8. Other possible solutions:
    • Run Scan from different Host - If possible, try running the scan from a different machine to see if the issue persists (on the other host also).
    • Create New Scan - Try creating a new scan to see if the memory limit can be reproduced with the new scan.
    • Enable Auto-Save - If the error persists, try re-scanning after enabling the auto-save feature to 90 minutes for a longer scan or 30 minutes for a shorter scan. To do so, go to Tools > Options > Scan Options and select Automatically save during scan.

      Note: This option may help in cleaning up temporary files in memory.

    Rate this page:

    (0 users)Average rating

    Add comments

    Document information


    More support for:

    Security AppScan Standard
    Performance

    Software version:

    8.0, 8.5, 8.6.0.0, 8.7, 8.8

    Operating system(s):

    Windows

    Reference #:

    1283301

    Modified date:

    2014-03-10

    Translate my page

    Machine Translation

    Content navigation