HEAP CORRUPTION(0xc0000374,C:\ Windows \ System32 \ antdll.dll) [英] HEAP CORRUPTION (0xc0000374, C:\Windows\System32\ntdll.dll)
问题描述
美好的一天!
我是Heap腐败的新手,所以我想请求了解内存崩溃转储中的Full Call堆栈。
该功能用于将数据导出为CSV和PDF。导出到CSV成功,没有生成PDF,因此导出到PDF失败。请注意,这个问题很少发生,有时候每1个月一次,或者每个月每个
,这意味着。
这是Full转储文件中指定的调用堆栈
.NET Call Stack
$
完整的通话栈
| 功能 | Arg 1 | Arg 2 | Source | |
|---|---|---|---|---|
| ntdll!RtlReportCriticalFailure + 62 | 776e4736 | 00000000 | 00000002 | |
| ntdll!RtlpReportHeapFailure + 26 | 776e5942 | ; 08040000 | ntdll!RtlpHeapHandleError + 12 | 776e75f4 | 00000000 |
| NTDLL!RtlpLogHeapFailure + A4 | &NBSP ; 7768dc8f | ; 00000000 | 303cd810 | |
| NTDLL! ?? :: FNODOBFM ::`string'+ 10c54 | 7742307a | 00000000 | 00000000 | |
| kernel32!HeapFree + a | 6a226dfb | 00000000 | 08040298 | |
| msvcr80!free + 1b | f9aa17c7 | 000007fe | 07f5c1b0 | |
| clr!DoNDirectCall__PatchGetThreadCall + 7b | 00dd3bfe | 000007ff | 31041c40 | |
| 0x000007ff`00dd3bfe | < span style =""> 00ddcd81 | 000007ff | 00d0eea0 | ; |
| 0x000007ff`00ddcd81 | 00ddcd21 | 000007ff | 00000002 | |
| 0x000007ff`00ddcd21 | 00ddcc79 | 000007ff | fffffffe | |
| 0x000007ff`00ddcc79 | < span style =""> f9b7cae7 | 000007fe | 00002c50 | ; |
| clr!UMThunkStubAMD64 + 7 7 | 2c7b95e5 | 00000000 | 303cd9a0 | |
| crqe + 195e5 | &NBSP;&NBSP;&NBSP;&NBSP;的 2c872dea | 00000000 | 0d5e7d30 | |
| crqe + d2dea | < span style =""> 2ca3ffa5 | 00000000 | ec250650 | |
| crqe + 29ffa5 | ; 00000000 | 4b489960 | ||
| crqe + 298a84 | &NBSP;&NBSP;&NBSP;&NBSP;的 3a809f59 | 00000000 | < span style =""> 4b489998 | |
| crpe32!CRPEConnectionInit + 74239 | 3ad39351 | 00000000 | 303ce058 | |
| crpe32!PESetBackgroundThreadProc + 10531 | 3a85e595 | 00000000 | 303ce040 | |
| crpe32!CRPEConnectionInit + c8875 | 3a85feaa | 00000000 | 2ecd8ef0 | |
| crpe32!CRPEConnectionInit + ca18a | 3a8651a6 | 00000000 | 2ecd8ef0 | |
| crpe32!CRPEConnectionInit + cf486 | 3aec5b1f | 00000000 | 2ecd8ef0 | |
| crpe32!MWCleanupProcess + 15c8bf | 3ad259e1 | 00000000 | 0ee01120 | &NBSP;&NBSP; |
| crpe32 CRPEConnectionInit + 58fcc1 | 3ad2af59 | 00000000 | 10023260 | |
| 3ad2ae1e | 00000000 | 10023260 | ||
| crpe32!PESetBackgroundThreadProc + 1ffe | 3ad2a9af | 00000000 | 2ecbd920 | |
| crpe32!PESetBackgroundThreadProc + 1b8f | 3ad2a655 | 00000000 | 2ecbd920 | |
| crpe32 PESetBackgroundThreadProc + 1835 | &NBSP;!&NBSP;&NBSP ; 3b296ba7 | 00000000 | 2ecbda20 | |
| crpe32!SetDialogFont + b81c7 | 3b323557 | 00000000 | ; 1001c9e0 | |
| crpe32 SetDialogFont + 144b77 | &NBSP;!&NBSP;&NBSP;&NBSP; < span style =""> 3b32362f | 00000000 | 3b998aa0 | ; |
| crpe32!SetDialogFont + 144c4f | 7741652d | < span style =""> 00000000 | &nbs p; 00000000 | |
| kernel32!BaseThreadInitThunk + d | 7764c521 | 00000000 | 00000000 | |
| ntdll!RtlUserThreadStart + 1d | 00000000 | 00000000 | 00000000 |
异常信息
在PServer.exe中。 11520.dmp ntdll中的汇编指令!RtlReportCriticalFailure + 62 C:\ Windows \ System32 \ nddd.dll 已导致 <强>未知异常( 0xc0000374 ) on
thread 30
< p style ="font-size:12px">
请告诉我您缺少哪些信息进行分析。提前致谢。
不幸的是,调用堆栈是针对本机堆栈的,并没有真正告诉我们任何事情。看起来你正在覆盖内存,因此堆已经损坏了。这可能是由许多可能的事情引起的,包括滥用指针或释放从未分配过的
内存。但是这一切都超出了.NET允许你直接做的事情所以我打赌它会发生在对非托管代码的互操作调用中(可能与你的第三方库有关)。第三方图书馆的问题
将必须在他们的结尾报告。
我在您的代码中看到的一些问题/疑虑。
- 您使用单个StringBuilder生成整个文件。如果您的数据集很大,那么这将继续分配越来越多的低效内存。由于您正在编写文件,请使用编写器打开流,使用StringBuilder(如果需要
)创建单行,然后将其直接写入文件。在你完成之前,没有理由把它全部记在内存中。流式传输数据将降低内存使用率并避免潜在的内存问题。- ReportDocument和ReportUtility不是.NET类型。 Crystal Reports有一个ReportDocument。遗憾的是,我们无法为CR提供支持。您需要在论坛中发布与其相关的问题。对于你自己的代码,我们需要了解
ReportUtility的作用。- 既然你提到PDF没有生成,那听起来就像你的ExportPDF问题但是还不够用于诊断任何内容的信息。
- 托管代码可以生成有用的故障转储,以便深入了解出现的问题。不要捕获无法处理的异常,让您的应用程序崩溃。当它(在您关闭WER对话框之前)时,可以选择查看技术细节。
技术细节包括一个崩溃转储文件,您可以将其复制到具有构建的.PDB文件的计算机上。当您将.DMP文件加载到VS中时(假设PDB和源文件可用),您将更清楚地了解代码中的失败位置。
这将有助于快速缩小问题范围。
Michael Taylor
http://www.michaeltaylorp3.net
Hi,
Good Day!
I am new to Heap corruption so I would like to ask to understand the Full Call stack from memory crash dump.
The function is for exporting data to CSV and PDF. Export to CSV was successful, there was no generated PDF so the export to PDF was unsuccessful. Please note that this problem rarely happens, sometime once per 1 month or every other month, meaning.
Here is the Full Call stack stated in the Dump file
.NET Call Stack
Full Call Stack
Function Arg 1 Arg 2 Arg 3 Source ntdll!RtlReportCriticalFailure+62 776e4736 00000000 00000002 ntdll!RtlpReportHeapFailure+26 776e5942 00000000 08040000 ntdll!RtlpHeapHandleError+12 776e75f4 00000000 08040000 ntdll!RtlpLogHeapFailure+a4 7768dc8f 00000000 303cd810 ntdll! ?? ::FNODOBFM::`string'+10c54 7742307a 00000000 00000000 kernel32!HeapFree+a 6a226dfb 00000000 08040298 msvcr80!free+1b f9aa17c7 000007fe 07f5c1b0 clr!DoNDirectCall__PatchGetThreadCall+7b 00dd3bfe 000007ff 31041c40 0x000007ff`00dd3bfe 00ddcd81 000007ff 00d0eea0 0x000007ff`00ddcd81 00ddcd21 000007ff 00000002 0x000007ff`00ddcd21 00ddcc79 000007ff fffffffe 0x000007ff`00ddcc79 f9b7cae7 000007fe 00002c50 clr!UMThunkStubAMD64+77 2c7b95e5 00000000 303cd9a0 crqe+195e5 2c872dea 00000000 0d5e7d30 crqe+d2dea 2ca3ffa5 00000000 ec250650 crqe+29ffa5 2ca38a84 00000000 4b489960 crqe+298a84 3a809f59 00000000 4b489998 crpe32!CRPEConnectionInit+74239 3ad39351 00000000 303ce058 crpe32!PESetBackgroundThreadProc+10531 3a85e595 00000000 303ce040 crpe32!CRPEConnectionInit+c8875 3a85feaa 00000000 2ecd8ef0 crpe32!CRPEConnectionInit+ca18a 3a8651a6 00000000 2ecd8ef0 crpe32!CRPEConnectionInit+cf486 3aec5b1f 00000000 2ecd8ef0 crpe32!MWCleanupProcess+15c8bf 3ad259e1 00000000 0ee01120 crpe32!CRPEConnectionInit+58fcc1 3ad2af59 00000000 10023260 crpe32!PESetBackgroundThreadProc+2139 3ad2ae1e 00000000 10023260 crpe32!PESetBackgroundThreadProc+1ffe 3ad2a9af 00000000 2ecbd920 crpe32!PESetBackgroundThreadProc+1b8f 3ad2a655 00000000 2ecbd920 crpe32!PESetBackgroundThreadProc+1835 3b296ba7 00000000 2ecbda20 crpe32!SetDialogFont+b81c7 3b323557 00000000 1001c9e0 crpe32!SetDialogFont+144b77 3b32362f 00000000 3b998aa0 crpe32!SetDialogFont+144c4f 7741652d 00000000 00000000 kernel32!BaseThreadInitThunk+d 7764c521 00000000 00000000 ntdll!RtlUserThreadStart+1d 00000000 00000000 00000000 Exception Information
In PServer.exe.11520.dmp the assembly instruction at ntdll!RtlReportCriticalFailure+62 inC:\Windows\System32\ntdll.dll has caused an unknown exception (0xc0000374) on thread 30
Kindly let me know what's missing information for you to analyze it. Thanks in advance.
--Some codes (sorry I am not allowed to attach any file)解决方案Unfortunately the call stack is for the native stack and doesn't really tell us anything. It appears that you're overwriting memory and therefore the heap is getting corrupted. This can be caused by many possible things including misusing pointers or freeing memory that was never allocated. But all this is outside what .NET would allow you to do directly so I'd wager it is happening inside one of the interop calls to unmanaged code (likely related to your third party libraries). Issues with third party libraries are going to have to be reported on their end.
Some problems/concerns I see with your code.
- You're using a single StringBuilder to generate an entire file. If your dataset is large then this is going to keep allocating more and more memory which is inefficient. Since you're writing a file, open the stream with a writer, use a StringBuilder (if necessary) to create a single line and then write it directly to the file. There is no reason to keep it all in memory until you're done. Streaming the data will keep memory usage low and avoid potential memory issues.
- ReportDocument and ReportUtility are not .NET types. There is a ReportDocument for Crystal Reports. Unfortunately we cannot provide support for CR. You'd need to post questions related to it in their forums. For your own code we'd need to understand what ReportUtility does.
- Since you mentioned the PDF isn't generated it would sound like the problem is with your ExportPDF but there isn't enough information to diagnose anything.
- Managed code can generate useful crash dumps that will provide insight into what is going wrong. Don't capture exceptions you cannot handle, let your app crash. When it does (before you dismiss the WER dialog) there is an option to view the tech details. The tech details include a crash dump file that you can copy to a machine with the .PDB files for your build. When you load the .DMP file into VS (assuming the PDB and source files are available) you'll get a more clear picture of where in your code it failed. This will help narrow down the issue quickly.
Michael Taylor
http://www.michaeltaylorp3.net
这篇关于HEAP CORRUPTION(0xc0000374,C:\ Windows \ System32 \ antdll.dll)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
登录 关闭
