This will be rather short post, but I hope it will be helpful. Basically, goal of this post is to explain importance of sequential changes to anything. And it is better to explain with example. Imagine you switched internet provider, bought new router and new Smart TV and you did it in one day. Now, let us say you have problems during streaming on your new TV.  Where is problem?

It could be new internet provider. For example, new provider can handle IPv6 differently. It could be issue with new router. It could be buggy. It could be your new TV or application you are using for streaming. It could be incompatibility of your new router and internet provider. It

  •   Posted in:
  • .NET

Recently I was investigating memory leak in one of our web sites. The same story, site consuming more and more memory until IIS finally recycles it.

As usually, executed two standard commands:
.cordll -ve -u -l
!DumpHeap -stat

And then I found our class Xyz at about 10th place from bottom. Interesting. Then I executed following command:
!DumpHeap -short Namespace.Xyz

And immediately pressed Ctrl+Break to have only few hundred of them and not all of them. And then I executed this command to find how is holding that reference:
!GCRoot <address of Namespace.Xyz object>

From output I found some singleton class with ConcurrentDictionary<Guid, List< Namespace.Xyz>>.

I was asked to investigate why one of our web services constantly consuming more than 3Gb of memory and constantly recycled. There was nothing new deployed at that time and developers do not understand what’s going on.

After I got memory dump, that contains .NET code I execute this command first:
.cordll -ve -u -l

Then for memory related issues I usually execute this command:
!DumpHeap -stat

This will print how many instances of each object created and total size in memory these objects are consuming. Then I try to find some specific objects at the bottom of this list. General objects like strings usually hard to investigate as many objects has a lot

My previous post explained that for 32-bit process, 32-bit tool should be used, or most tools got confused. Visual Studio able to handle standard PDB files but got confused on PDB files that was custom generated. Normally I would recommend using 32-bit tool and forget about this problem. But in some cases, crash could be so rare, that it worth investigating how to get anything useful from such “bad” dump. And I will show, how to do it.

Firstly, load 32-bit WinDbg and execute following commands:
.load wow64exts.dll
!sw
!r

This will load standard wow64exts WinDbg extension, switch to 32-bit mode, even dump is 64 bit and displays 32-bit context record. From context record

I would not be wrong if I say that most computers these days are 64 bit. 64 bit offers many advantages over 32 bits and in general there is not much sense to install 32 bit OS pretty much anywhere, except maybe for some 32 bit virtual machine with less than 4 Gb of RAM, because in general 32 bit OS takes less memory. But even then, it is better to have 64 bit and just have couple of services running on it.

But at the same time, it is still common to run 32 code on it. For example, if you have IIS in many cases it has sense to run 32-bit worker process. Main reason behind that 32-bit

Recently I got email from customer, that our product consumes relatively lot of CPU on idle. About 3%-7%. He is using old notebook and as result fan is constantly cycles between on and off state and it is really annoying. I decided to check this because very often it could be sign of bigger problems.

Usually for cases like this I am asking customer to run PerfView to collect events that happens during problematic time. It is quite useful application; it is developed by Microsoft and completely free. It has quite unusual interface and requires some learning. There have links to learning videos from app itself.

Anyway, customer was nice and provided quite a few PerfView captures in different state

Case of frozen PeekMessage

Recently I was investigating why our application freezes during certain operations. After collecting few dump files, I found that every single time application freezes in quite old code that was written about 20 years ago. Loading documents could be quite long, and some person decided that it would be good idea if user can press Escape and cancel loading. To detect key press, that code calls something like this:
PeekMessage(Msg, CurrentFormHandle, WM_KeyFirst, WM_KeyLast, PM_Remove Or PM_NoYield)

Callstack looks like this:

win32u!NtUserPeekMessage+0x14
user32!_PeekMessage+0x43
user32!PeekMessageW+0x143

It looks quite innocent and I do not see any reason why it should hang. After some thinking I came with two theories:

  1. CurrentFormHandle returns invalid window handle that got reused by some thread that is sleeping
  2. Code that calls PeekMessage has infinite loop and PeekMessage is just took more time and appears in crash dumps.

Recently I found code that looks like this:
 

        static async Task Main(string[] args)
        {
            const int MaxLines = 10000;
            string line;
            List<string> lines = new List<string>();
            Stopwatch stopwatch = Stopwatch.StartNew();

            using var reader = new StreamReader(args[0]);
            while ((line = await reader.ReadLineAsync()) != null)
            {
                if (lines.Count >= MaxLines)
                {
                    lines.Clear();
                }

                lines.Add(line);
            }

            Console.WriteLine(stopwatch.ElapsedMilliseconds);
        }

As you can see this code is written “by the book”, everything is async: Main function is async, reading from file is async, and looks like this code is good. And if you ask people around which version would be faster: this one or non-async you will get mixed result. Some will say that async version will be faster,

Long-long time ago, our company created internal test tool that test web API for our servers. That tool simulates requests from our application, and it is using WinInet API. Tool always connection to test servers that are recreated every few days, it contains only test data. As this is testing server for our real production server, test tool using HTTPS protocol. But because it is using only for tests, it does have proper SSL certificate. Deploy script just install some self-signed certificate. Obviously testing tool cannot work by with that type of certificate and instead it just passes INTERNET_FLAG_IGNORE_CERT_CN_INVALID to HttpOpenRequest. Everything worked just fine for many years.

But several years ago, we discovered that our test tool