While working with heap_stat (a Python script based on PYKD library for running Python scripts in a Windbg environment), I'm getting frustrated by the enormous time this script needs for doing its job.
So, I've started a profiling session, using "Very Sleepy", and this gave following result:
Name Exclusive Inclusive % Excl. %Incl. Module
RtlValidSecurityDescriptor 2561.56s 5123.12s 50.00% 100.00% ntdll
ZwWaitForSingleObject 1280.78s 1280.78s 25.00% 25.00% ntdll
NtUserWaitMessage 1279.73s 1279.73s 24.98% 24.98% win32u
As you can see, most of the time is spent in a function, checking some validity (which I don't think is needed). Is there a way to disable this check (Windows configuration, registry setting, ...)?
Edit after first comment
As an xperf analysis has been requested, I've performed following xperf commands:
Start the profiling:
xperf -start "DDS_LoggerName" -StackWalk ObjectCreate+ObjectDelete+ObjectReference -heap -Pids 28068
Stop the profiling:
xperf -stop "DDS_LoggerName"
I've opened the result (incomplete, because I first wanted to see what the result looks like) using the Windows Performance Analyzer, but it makes no sense to me. I believe my xperf configuration is bad. How do I need to start up an xperf profiling in order to be able to measure which function takes which amount of time?
I saw your xperf log anf here you are results:
25% CPU got call heap_output = dbgCommand('!heap -h 0').split('\n')
75% loop for heap_block in heap_output: and the main CPU consumer is pykd.ptrPtr
The main cause of CPU loss is massive calling dbgeng!FlushCallbacks internally by Debug Engine. In Fact, all Debug Engine funciton recall this method and I don't understand why.
I can advice you to have refactored heap_stat.py and rewrite your own ptrPtr funciton with ptrDword or ptrQword, it may decrease CPU losses.