Menu
I'm not sure how to go about debugging this. I have a C# program consisting entirely of managed code, running in .NET 4.5. After running it for a while, at some seemingly random time, I get a an error "An unhandled exception of type 'System.AccessViolationException' occurred in mscorlib.dll". Since I'm running it from Visual Studio (2012) I click "break" and am presented with the following call stack:
mscorlib.dll!System.Threading._IOCompletionCallback.PerformIOCompletionCallback(uint errorCode, uint numBytes, System.Threading.NativeOverlapped* pOVERLAP) + 0x47 bytes [Native to Managed Transition] ntdll.dll!_NtRequestWaitReplyPort@12() + 0xc bytes kernel32.dll!_ConsoleClientCallServer@16() + 0x4f bytes kernel32.dll!_GetConsoleLangId@4() + 0x2b bytes kernel32.dll!_SetTEBLangID@0() + 0xf bytes KernelBase.dll!_GetModuleHandleForUnicodeString@4() + 0x22 bytes mdnsNSP.dll!7177aa48() [Frames below may be incorrect and/or missing, no symbols loaded for mdnsNSP.dll] mdnsNSP.dll!71775b06() mdnsNSP.dll!71774ded() mdnsNSP.dll!71774e8c() bcryptprimitives.dll!746d1159() bcryptprimitives.dll!746d1137() ntdll.dll!_LdrpCallInitRoutine@16() + 0x14 bytes ntdll.dll!_NtTestAlert@0() + 0xc bytes ntdll.dll!_NtContinue@8() + 0xc bytes ntdll.dll!_LdrInitializeThunk@8() + 0x1a bytes An interesting thing I notice is that nothing in the call stack is my code.
What strategy would you advise I use to find the route of the problem? Or have you seen a problem similar to this and have any tips?
Since the exception doesn't seem to include my code, I don't know what information to include that would be helpful in answering the question, but ask me if there is anything else that I should include.
Since the error may be IO related (since PerformIOCompletionCallback is at the top of the stack), this is a list of typical IO tasks that this application performs:
Other notes:
Edit:
Based on the suggestion by @Kevin that Mdnsnsp.dll is from Bonjour, I uninstalled Bonjour and tried again. The exception persists, but the call stack is much cleaner:
mscorlib.dll!System.Threading._IOCompletionCallback.PerformIOCompletionCallback(uint errorCode, uint numBytes, System.Threading.NativeOverlapped* pOVERLAP) + 0x47 bytes [Native to Managed Transition] kernel32.dll!@BaseThreadInitThunk@12() + 0x12 bytes ntdll.dll!___RtlUserThreadStart@8() + 0x27 bytes ntdll.dll!__RtlUserThreadStart@8() + 0x1b bytes I'm assuming the Bonjour installer installed some benign hook DLL for network traffic, but uninstalling it did not fix the problem.
Edit:
I have temporarily re-coded all my unsafe functions using slower "safe" equivalents to eliminate that as a suspect. Now none of the assemblies in the application are compiled using unsafe switch. The problem still persists. To reiterate, I now have no unsafe code, no native code and no P/Invoke calls (in user code) in this application, but I am still experiencing the AccessViolationException as described above.
203
An access violation occurs in unmanaged or unsafe code when the code attempts to read or write to memory that has not been allocated, or to which it does not have access. This usually occurs because a pointer has a bad value.
A 0xC0000005, or access violation, indicates that you are trying to access memory that doesn't belong to your process. This usually means you haven't allocated memory.
A Read or Write Access Violation occurs when the application attempts to read or write memory from a memory address that is invalid. To be valid, the memory page must have a valid state, protection and type. The memory must be in the MEM_COMMIT state.
As its name says, this error occurs whenever you try to access a location that you are not allowed to access in the first place. In other words, whenever you will try to violate the norms of accessing a writing location set up by the C++ programming language, you will always come across this error.
Since its PerformIOCompletionCallback that is causing the error I would look at your Asynchronous IO calls.
The error looks to be happening because the handle that was registered is no longer valid. Since it is happening in Managed code the cause is going to be from a Managed object and NOT from a 3rd party native DLL.
131
don't know if it can help you but looks like we faced a similar problem several years ago. As I remember our investigation pointed on dll in other program - we found that memory access violations can be caused by antiviruses (NOD32 in our case), firewalls or network sniffers/traffic controllers.
Try to check applications log (Control Panel -> System and Security -> Administrative Tools -> Event Viewer) for errors caused by above applications. If problem is with other program try to disable/uninstall it and check again if crash still appears in your programm.
UPD Have you tried to reproduce this issue on the clean test environment?
22
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
