Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
OutOfMemoryException in EventBasedLRUCache after upgrading to Microsoft.IdentityModel.Tokens 6.10.1
See original GitHub issueWe are experiencing increased Thread counts and OutOfMemoryExceptions after upgrading to System.IdentityModel.Tokens.Jwt version 6.10.1 in our ASP.NET Core application running in Azure.
After rolling back the package to 6.9.0 the Thread counts are normalized:
The relevant part of the stack trace of the OutOfMemoryExceptions reported in AppInsigts:
{"assembly":"System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e","method":"System.Threading.Tasks.Task.ScheduleAndStart","level":0,"line":0}
{"assembly":"System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e","method":"System.Threading.Tasks.Task.Start","level":1,"line":0}
{"assembly":"Microsoft.IdentityModel.Tokens, Version=6.10.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35","method":"Microsoft.IdentityModel.Tokens.EventBasedLRUCache`2..ctor","level":2,"line":0}
{"assembly":"Microsoft.IdentityModel.Tokens, Version=6.10.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35","method":"Microsoft.IdentityModel.Tokens.InMemoryCryptoProviderCache..ctor","level":3,"line":0}
{"assembly":"Microsoft.IdentityModel.Tokens, Version=6.10.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35","method":"Microsoft.IdentityModel.Tokens.CryptoProviderFactory..ctor","level":4,"line":0}
{"assembly":"redacted, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null","method":"redacted.AzureKeyVaultTokenSignatureService.CreateSignedToken"}
We are using the following code to sign JWT tokens using AzureKeyVault:
public string CreateSignedToken(JwtPayload jwtPayload)
{
var azureServiceTokenProvider = new AzureServiceTokenProvider();
var signingCredentials =
new SigningCredentials(
new KeyVaultSecurityKey($"https://{configuration["KeyVaultName"]}.vault.azure.net/keys/{configuration["redacted"]}",
new KeyVaultSecurityKey.AuthenticationCallback(azureServiceTokenProvider
.KeyVaultTokenCallback)), SecurityAlgorithms.RsaSha512)
{
CryptoProviderFactory = new CryptoProviderFactory()
{ CustomCryptoProvider = new KeyVaultCryptoProvider() }
};
var jwtHeader = new JwtHeader(signingCredentials);
var token = new JwtSecurityToken(jwtHeader, jwtPayload);
var handler = new JwtSecurityTokenHandler();
return handler.WriteToken(token);
}
Here is the diff our our change which caused the errors start to happen:
- <PackageReference Include="Microsoft.IdentityModel.KeyVaultExtensions" Version="6.9.0" />
- <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.9.0" />
+ <PackageReference Include="Microsoft.IdentityModel.KeyVaultExtensions" Version="6.10.1" />
+ <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.10.1" />
We are on .NET Core 3.1.407.
Issue Analytics
- State:
- Created 2 years ago
- Comments:8 (3 by maintainers)
Top Results From Across the Web
OutOfMemoryException in EventBasedLRUCache after ...
We are experiencing increased Thread counts and OutOfMemoryExceptions after upgrading to System.IdentityModel.Tokens.Jwt version 6.10.1 in ...
Read more >CryptoProviderFactory.Default has a reference to ...
When CryptoProviderFactory creates an InMemoryCryptoProviderCache azure-activedirectory-identitymodel-extensions-for-dotnet/src/Microsoft.IdentityModel.
Read more >OutOfMemoryException in .NET Framework 4.6.1
This out-of-memory exception is propagated by the CLR when the code manager subsystem can't allocate memory within a specific address space ...
Read more >FIX: A System.OutOfMemoryException exception occurs or ...
This problem occurs because memory fragmentation occurs between the .NET Framework class library and the XAML parser. Resolution. Hotfix information. A ...
Read more >Troubleshoot Out of Memory issues - ASP.NET
OutOfMemoryException ) in ASP. ... When an application needs to use memory, it reserves a chunk of the virtual address space and then...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@dmetzgar @mackie1001 @nemesv thanks for the detail. Our perf and stress tests didn’t pick this up because they don’t create a new CryptoProviderFactory, ill add that. We had a bug in our code where a task was left running, we assumed incorrectly, a single CryptoProviderFactory in play.
It is probably more efficient when you need to support a new algorithm to make use of CryptoProviderFactory.CustomCryptoProvider as we will call into that object first and if you respond true to IsSupportedAlgorithm, we will pass you control.
I will close this out for now, please ping us if you have issues.
@mackie1001 To get the stacks, we did a core dump of the container and opened it in Visual Studio. VS is limited on Linux dumps but at least gives a thread view where we can see the stacks on each thread. I later confirmed with LLDB the number of threads.