在与Microsoft进行了两个月的调查之后,我请求您提供帮助,这是我们在.net中生成堆损坏最困难的例外之一。
运行3-4小时后,我们在.net 3.5应用程序中面临崩溃。
我们尝试调查转储,我们可以看到GC属于线程之一:
ID OSID ThreadOBJ State GC GC Alloc Context Domain Count APT Exception
0 1 160c 0000000000521270 6020 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 STA
2 2 1620 0000000000527960 b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA (Finalizer)
5 3 163c 000000001cc75280 200b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA
6 4 164c 000000001cc75850 180b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA (Threadpool Worker) System.Net.Sockets.SocketException (00000000039d7998)
7 5 1650 000000001cc763f0 80a220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA (Threadpool Completion Port)
8 6 1654 000000001cc769c0 200b020 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA
9 7 1658 000000001cc76f90 200b020 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA
10 8 165c 000000001cc77560 200b020 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA
12 9 1664 000000001cc79270 220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 Ukn
15 b 150c 000000001cc7a9b0 b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 1 MTA
XXXX f 0 000000001cc7c6c0 9820 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA
16 e 1530 000000001cc7c0f0 b220 Disabled 0000000000000000:0000000000000000 000000000050eaf0 4 MTA (GC)
17 c 1528 000000001cc7b550 b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA
18 10 1538 000000001cc7af80 b020 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA
19 11 153c 000000001f1d5ca0 b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA System.Net.Sockets.SocketException (0000000008534500)
20 12 1568 000000001f1d6270 b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA System.Configuration.ConfigurationErrorsException (00000000038e70a8)
21 13 1570 000000001f1d6840 b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA System.Configuration.ConfigurationErrorsException (00000000038e7be8)
22 14 1574 000000001f1d6e10 b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA
23 15 152c 000000001f1d73e0 b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA
24 17 148c 0000000028877250 180b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA (Threadpool Worker)
25 1a 13b0 00000000288783c0 b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA
26 16 16fc 0000000027978ca0 b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA
27 77 1038 000000001cc7bb20 8801220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 Ukn (Threadpool Completion Port) System.IO.FileNotFoundException (00000000062573a8)
28 71 14ac 000000002797b550 880b220 Enabled 0000000000000000:0000000000000000 000000000050eaf0 0 MTA (Threadpool Completion Port) System.ServiceModel.CommunicationObjectAbortedException (0000000007168c90)
调用堆栈通常是在字符串操作上,例如contact:
0:016> kpL
Child-SP RetAddr Call Site
00000000`2bbd9ad8 000007fe`fcd510dc ntdll!ZwWaitForSingleObject(void)+0xa
00000000`2bbd9ae0 000007fe`f24c3a69 KERNELBASE!WaitForSingleObjectEx(void * hHandle = 0x00000000`00004e20, unsigned long dwMilliseconds = 0xffffffff, int bAlertable = 0n0)+0x79
00000000`2bbd9b80 000007fe`f24c3c5e mscorwks!ClrWaitForSingleObject(void * handle = 0x00000000`00000000, unsigned long timeout = 0x1050)+0x2d
00000000`2bbd9bd0 000007fe`f24b6978 mscorwks!RunWatson(void * hWatsonSharedMemory = 0x05300000`0000018e, void * hEventAlive = 0x00000000`00000002, void * hEventDone = 0x00000000`1c810000, void * hMutex = 0x00000000`00001890)+0x1ca
00000000`2bbda160 000007fe`f28dbfcf mscorwks!DoFaultReportWorker(struct _EXCEPTION_POINTERS * pExceptionInfo = 0x00000000`2bbda9d8, class TypeOfReportedError tore = class TypeOfReportedError, class Thread * pThread = 0x00000000`2bbdb3f0, unsigned long dwThreadID = 0x19f8)+0x79c
00000000`2bbda9b0 000007fe`f24ea48b mscorwks!DoFaultReport(struct _EXCEPTION_POINTERS * pExceptionInfo = 0x000007fe`f22b0420, class TypeOfReportedError tore = class TypeOfReportedError)+0x9f
00000000`2bbdaa20 000007fe`f28fbda9 mscorwks!WatsonLastChance(class Thread * pThread = 0x00000000`2bbdb0b0, struct _EXCEPTION_POINTERS * pExceptionInfo = 0x00000000`2746afc0, class TypeOfReportedError tore = class TypeOfReportedError)+0x47
00000000`2bbdaa90 000007fe`f28fc0be mscorwks!EEPolicy::LogFatalError(unsigned int exitCode = 0, unsigned int64 address = 0, unsigned short * pszMessage = 0x00000000`1cc7c0f0, struct _EXCEPTION_POINTERS * pExceptionInfo = 0x000007fe`f24eb249)+0x2f9
00000000`2bbdb210 000007fe`f23423e9 mscorwks!EEPolicy::HandleFatalError(unsigned int exitCode = 0x1c, unsigned int64 address = 0xffffffff`ffffffff, unsigned short * pszMessage = 0xffffffff`000000f8, struct _EXCEPTION_POINTERS * pExceptionInfo = 0x00000000`00000000)+0x6e
00000000`2bbdb260 000007fe`f238b390 mscorwks!CLRVectoredExceptionHandlerPhase3(struct _EXCEPTION_POINTERS * pExceptionInfo = 0x00000000`2bbdcc60)+0xcd
00000000`2bbdb2a0 000007fe`f238b597 mscorwks!CLRVectoredExceptionHandlerPhase2(struct _EXCEPTION_POINTERS * pExceptionInfo = 0x00000000`00000000)+0x30
00000000`2bbdb310 000007fe`f23422ee mscorwks!CLRVectoredExceptionHandler(struct _EXCEPTION_POINTERS * pExceptionInfo = 0x00000000`000000cd)+0xff
00000000`2bbdb390 00000000`76d9a5db mscorwks!CLRVectoredExceptionHandlerShim(struct _EXCEPTION_POINTERS * pExceptionInfo = 0x00000000`1d870158)+0x42
00000000`2bbdb3d0 00000000`76d98e62 ntdll!RtlpCallVectoredHandlers(struct _EXCEPTION_RECORD * ExceptionRecord = 0x00000000`09d28298, struct _CONTEXT * ContextRecord = 0x000007fe`0000007f, unsigned long Index = 0x1d872fd0)+0xa8
00000000`2bbdb440 00000000`76dd1248 ntdll!RtlDispatchException(struct _EXCEPTION_RECORD * ExceptionRecord = 0x00000000`00000000, struct _CONTEXT * ContextRecord = 0x000007fe`f23bad43)+0x22
00000000`2bbdbb20 000007fe`f27890c8 ntdll!KiUserExceptionDispatch(void)+0x2e
00000000`2bbdc0e0 000007fe`f23ee762 mscorwks!WKS::gc_heap::mark_object_simple(unsigned char ** po = 0x00000000`2bbddfd0)+0x198
00000000`2bbdc150 000007fe`f23d91e1 mscorwks!WKS::GCHeap::Promote(class Object ** object = 0x00000000`09d28298, struct ScanContext * sc = 0x00000000`2bbdd380, unsigned long flags = 0x2bbdc2e4)+0x52
00000000`2bbdc1c0 000007fe`f23bb299 mscorwks!GcEnumObject(void * pData = 0x00000000`2bbdc6e0, class Object ** pObj = 0x000007fe`f23d9010, unsigned long flags = 0x2bbddfd0)+0x1d1
00000000`2bbdc220 000007fe`f23c1ab5 mscorwks!GcInfoDecoder::EnumerateLiveSlots(struct REGDISPLAY * pRD = 0x00000000`2bbdd380, bool reportScratchSlots = false, unsigned int inputFlags = 0x2c, <function> * pCallBack = 0x000007fe`f23d9010, void * hCallBack = 0x00000000`2bbddfd0)+0x5d9
00000000`2bbdc650 000007fe`f23c66e3 mscorwks!EECodeManager::EnumGcRefs(struct REGDISPLAY * pRD = 0x00000000`2c5ae5b8, class EECodeInfo * pCodeInfo = 0x000007fe`93408cb6, unsigned int flags = 0x2c5ae6f0, <function> * pCallBack = 0x000007fe`f23d9010, void * hCallBack = 0x00000000`2bbddfd0)+0xc5
00000000`2bbdc9d0 000007fe`f23c5665 mscorwks!GcStackCrawlCallBack(class CrawlFrame * pCF = 0x00000000`2f51e938, void * pData = 0x00000000`00000000)+0x1b3
00000000`2bbdca90 000007fe`f23b24e9 mscorwks!Thread::StackWalkFramesEx(struct REGDISPLAY * pRD = 0x00000000`00000000, <function> * pCallback = 0x00000000`27978100, void * pData = 0x00000000`00000500, unsigned int flags = 0x500, class Frame * pStartFrame = 0x00000000`00000000)+0x835
00000000`2bbdce80 000007fe`f23e847e mscorwks!Thread::StackWalkFrames(<function> * pCallback = 0x000007fe`f23d2d1e, void * pData = 0x00000000`00000000, unsigned int flags = 0xfcd518da, class Frame * pStartFrame = 0x00000000`00000000)+0xb9
00000000`2bbddf90 000007fe`f23914a4 mscorwks!CNameSpace::GcScanRoots(<function> * fn = 0x00000000`00080101, int condemned = 0n2857451, int max_gen = 0n-2, struct ScanContext * sc = 0x00000000`00000000, class GCHeap * Hp = 0x00000000`00000000)+0x1be
00000000`2bbde050 000007fe`f283d3b6 mscorwks!WKS::gc_heap::mark_phase(int condemned_gen_number = 0n733864200, int mark_only_p = 0n0)+0xd4
00000000`2bbde0e0 000007fe`f283dcb4 mscorwks!WKS::gc_heap::gc1(void)+0x86
00000000`2bbde130 000007fe`f268c056 mscorwks!WKS::gc_heap::garbage_collect(int n = 0n5260944, int concurrent_p = 0n0)+0x2a4
00000000`2bbde190 000007fe`f283dec0 mscorwks!WKS::GCHeap::GarbageCollectGeneration(unsigned int gen = 0xffffffff, WKS::gc_reason reason = reason_alloc_soh (0n0))+0x1e6
00000000`2bbde1e0 000007fe`f23c8b8d mscorwks!WKS::gc_heap::try_allocate_more_space(struct alloc_context * acontext = 0x00000000`1cc7c158, unsigned int64 size = 0xa0, int gen_number = 0n-113214793)+0x180
00000000`2bbde2c0 000007fe`f23cbb5e mscorwks!WKS::GCHeap::Alloc(struct alloc_context * acontext = 0x00000000`04f7f620, unsigned int64 size = 0x9a, unsigned long flags = 0x41)+0x6d
00000000`2bbde2f0 000007fe`f28984f3 mscorwks!SlowAllocateString(unsigned long cchArrayLength = 0x2bbde3c8)+0x7e
00000000`2bbde370 000007fe`dc7a2ff2 mscorwks!FramedAllocateString(unsigned long stringLength = 0x40)+0xd3
00000000`2bbde530 000007fe`935852ca mscorlib_ni!System.String.Concat(<HRESULT 0x80004001>)+0x42
00000000`2bbde580 000007fe`92caadf8 Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Helper.PathHelper.IsSubFolderOf(<HRESULT 0x80004001>)+0x4a
00000000`2bbde5c0 000007fe`93720691 System_Core!System.Linq.Enumerable.FirstOrDefault[[System.__Canon, mscorlib]](<HRESULT 0x80004001>)+0xb8
00000000`2bbde640 000007fe`93720562 Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Changes.ChangedItemsTree.a(<HRESULT 0x80004001>)+0x81
00000000`2bbde690 000007fe`93720341 Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Changes.ChangedItemsTree.a(<HRESULT 0x80004001>)+0x42
00000000`2bbde6e0 000007fe`9371fe1d Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Changes.ChangedItemsTree.c(<HRESULT 0x80004001>)+0x31
00000000`2bbde760 000007fe`9371fbea Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Changes.ChangedItemsTree.Insert(<HRESULT 0x80004001>)+0xad
00000000`2bbde840 000007fe`9371f125 Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Manager.ChangeQueue.Enqueue(<HRESULT 0x80004001>)+0x1fa
00000000`2bbde8d0 000007fe`9371ebc4 Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Entities.WildcardFilteringChangeQueue.Enqueue(<HRESULT 0x80004001>)+0x55
00000000`2bbde910 000007fe`9371eadf Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Entities.SelectiveSyncingChangeQueue.Enqueue(<HRESULT 0x80004001>)+0x64
00000000`2bbde960 000007fe`9371e82c Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Entities.ChangeQueueDecorators.PausePathChangeQueue.Enqueue(<HRESULT 0x80004001>)+0x7f
00000000`2bbde9b0 000007fe`9371e70a Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Entities.MergeBreakingChangeQueue.Enqueue(<HRESULT 0x80004001>)+0xfc
00000000`2bbdea40 000007fe`9371c701 Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Entities.ChangeQueueDecorators.UnavailableResourceChangeQueue.Enqueue(<HRESULT 0x80004001>)+0x1a
00000000`2bbdea70 000007fe`9371a0c8 Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Workers.ServerChangesPoller.a(<HRESULT 0x80004001>)+0x291
00000000`2bbdeb70 000007fe`93408592 Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Workers.ServerChangesPoller.a(<HRESULT 0x80004001>)+0x6b8
00000000`2bbdec00 000007fe`93407ba4 Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Workers.ServerChangesPoller.b(<HRESULT 0x80004001>)+0x2e2
00000000`2bbdec90 000007fe`dc7a2bcb Varonis_Scf_Client_Sync!Varonis.Scf.Client.Sync.Workers.ServerChangesPoller.ThreadRoutine(<HRESULT 0x80004001>)+0xa4
00000000`2bbded20 000007fe`dc83aaad mscorlib_ni!System.Threading.ExecutionContext.Run(<HRESULT 0x80004001>)+0x9b
00000000`2bbded70 000007fe`f24fabd2 mscorlib_ni!System.Threading.ThreadHelper.ThreadStart(<HRESULT 0x80004001>)+0x4d
00000000`2bbdedc0 000007fe`f2397343 mscorwks!CallDescrWorker(void)+0x82
00000000`2bbdee10 000007fe`f28d9c91 mscorwks!CallDescrWorkerWithHandler(void * pSrcEnd = 0x00000000`2bbdef48, unsigned int numStackSlots = 0, unsigned int64 dwRegTypeMap = 0, unsigned int fpReturnSize = 1, void * pTarget = 0x000007fe`dc7538b8, int fCriticalCall = 0n0)+0xd3
00000000`2bbdeeb0 000007fe`f2490071 mscorwks!MethodDesc::CallDescr(unsigned char * pTarget = 0x00000000`2bbdfe50 "\k???", class MetaSig * pMetaSigOrig = 0x00000000`2bbdf630, unsigned int64 * pArguments = 0x000007fe`dc8f3680, int fIsStatic = 0n0, int fCriticalCall = 0n0)+0x2b1
00000000`2bbdf0f0 000007fe`f233a988 mscorwks!ThreadNative::KickOffThread_Worker(void * ptr = 0x00000000`00000001)+0x191
00000000`2bbdf410 000007fe`f236c355 mscorwks!ManagedThreadBase_DispatchInner(struct ManagedThreadCallState * pCallState = 0x00000000`00000000)+0x2c
00000000`2bbdf460 000007fe`f2455955 mscorwks!ManagedThreadBase_DispatchMiddle(struct ManagedThreadCallState * pCallState = 0x00000000`00000000)+0x9d
00000000`2bbdf530 000007fe`f24b941d mscorwks!ManagedThreadBase_DispatchOuter(struct ManagedThreadCallState * pCallState = 0x00000000`2bbdf590)+0x31
00000000`2bbdf570 000007fe`f232f72f mscorwks!ManagedThreadBase_FullTransitionWithAD(struct ADID pAppDomain = struct ADID, <function> * pTarget = 0x00000000`00000000, void * args = 0x00000005`0000003e, UnhandledExceptionLocation filterType = 0n22 (No matching enumerant))+0x35
00000000`2bbdf5d0 000007fe`f2338128 mscorwks!ThreadNative::KickOffThread(void * pass = 0x00000002`00000000)+0xd3
00000000`2bbdf6b0 00000000`76c7652d mscorwks!Thread::intermediateThreadProc(void * arg = 0x00000000`00000000)+0x78
00000000`2bbdfe80 00000000`76dac541 kernel32!BaseThreadInitThunk(unsigned long RunProcessInit = 0, <function> * StartAddress = 0x00000000`00000000, void * Argument = 0x00000000`00000000)+0xd
00000000`2bbdfeb0 00000000`00000000 ntdll!RtlUserThreadStart(<function> * StartAddress = 0x00000000`00000000, void * Argument = 0x00000000`00000000)+0x1d
在乞求中,我们正在考虑Gc的已知问题:
How to: Disable Concurrent Garbage Collection
但是该解决方案没有帮助。
我们经历了所有的非管理调用(我们一直认为这是不安全调用导致的堆损坏),但这也没有帮助。同样,在每次调用不安全代码之后,我们都调用GC collect来解决问题,但是该解决方案似乎也不起作用。
在过去的几天里,我们注意到崩溃仅发生在混淆代码上,我试图寻找与混淆和堆卷曲有关的类似问题,但是我没有找到任何问题。您能建议导致这种问题的原因吗?
我们的某些dll是强信号,但其中的一个都不是混淆。
最佳答案
我已经看到一些混淆器不仅重命名符号名称,而且“优化”代码并进行实际的逻辑更改和重构。
例如,有些使某些类“密封”以提高速度,有些则通过添加/删除方法来重构代码以便混淆更多,另一些则将文字存储在其他地方,有些则通过添加依赖项注入(inject)来重构代码,从而使符号不紧密耦合,并且它使阅读起来更加困难,其他人则用“动态实时编译的代码例程”替换了一些静态代码,等等。
因此,可能最终会出现一堆您未编写代码的代码逻辑。
请谨慎处理混淆器设置,其中一些设置可能会给您带来麻烦。
关于c# - 混淆后崩溃.net 3.5堆损坏,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/23039413/