cecil icon indicating copy to clipboard operation
cecil copied to clipboard

Published 20 hours ago verified publisher icon jbevain

Reading some assemblies take a lot of memory (> 100x more than System.Reflection.Metadata)

Open joelverhagen opened this issue 4 years ago • 1 comments

I was doing some analysis of all assemblies on NuGet.org using Azure Functions and I found some packages failed with OutOfMemoryException. Many assemblies load without a problem, but I found several that take more than 1 GB of memory to load. The assembly itself is not even 5 MB so I'm not sure what's going on. Perhaps the DLL is obfuscated? No clue.

Anyway, I am trying to get the assembly public key token. Here's some example code, showing both memory consumption and durations.

var path = "Oracle.ManagedDataAccess.dll";
var sw = Stopwatch.StartNew();
double mb = Math.Pow(1024, 2);
Console.WriteLine(Process.GetCurrentProcess().PrivateMemorySize64 / mb + " MB");

Console.WriteLine("== System.Reflection.Metadata ==");
using (var fileStream = File.OpenRead(path))
using (var peReader = new PEReader(fileStream))
{
    Console.WriteLine(peReader.GetMetadataReader().GetAssemblyDefinition().GetAssemblyName());
    Console.WriteLine(Process.GetCurrentProcess().PrivateMemorySize64 / mb + " MB");
    Console.WriteLine(sw.Elapsed);
}

Console.WriteLine("== Mono.Cecil ==");
using (var cecilModule = Mono.Cecil.ModuleDefinition.ReadModule(path))
{
    Console.WriteLine(cecilModule.Assembly.FullName);
    Console.WriteLine(Process.GetCurrentProcess().PrivateMemorySize64 / mb + " MB");
    Console.WriteLine(sw.Elapsed);
}

The output is:

7.6640625 MB
== System.Reflection.Metadata ==
Oracle.ManagedDataAccess, Version=4.122.1.0, PublicKeyToken=89b483f429c47342
8.43359375 MB
00:00:00.0405080
== Mono.Cecil ==
Oracle.ManagedDataAccess, Version=4.122.1.0, Culture=neutral, PublicKeyToken=89b483f429c47342
1601.359375 MB
00:00:01.5745009

Nearly 1.6 GB of memory to load this DLL. The DLL was found in this package: https://www.nuget.org/packages/Flexygo/1.0.13.36-rc

A minimal repro is here: ConsoleApp2.zip

joelverhagen avatar Dec 22 '20 03:12 joelverhagen

Yeah this DLL is obfuscated and designed to break tools like Cecil. Would be interesting to see if there are low hanging fruits to mitigate the issue.

jbevain avatar Jan 04 '21 22:01 jbevain