Re: DLLHOST.EXE and Secure Server Crash

From: Paul Lynch (paul.lynch@ntlworld.com)
Date: 08/24/02 

From: Paul Lynch <paul.lynch@ntlworld.com>
Date: Sat, 24 Aug 2002 20:52:56 +0100

On Fri, 23 Aug 2002 11:41:12 -0700, "Tom Chisholm" <tom@webnw.com>
wrote:

>We seriously need help with this one:
>
>1. We are medium-size, medium volume transaction ecommerce site running IIS
>5.0 on Windows Server 2000 (SP2 and 3). We run between 6-8 front end servers
>(HTTP) with 2-3 dedicated SSL servers. We have very few COM objects (a third
>party mailer object, two online payment verification objects), with the bulk
>of the application written in ASP (using VBScript). Not .NET Framework
>installed on any of the servers.
>2. Somewhere around mid- to late July the SSL servers began to inexplicably
>crash. The problem continues up to the present. The HTTP front end servers
>do not seem to be effected. Through troubleshooting steps, we have
>eliminated two pieces of software we installed at roughly the same time as
>possible suspects. We also performed a code review in the secure area at the
>same time.
>
> 3. A symptom of the problem centers around memory consumption by the
>dllhost.exe process. Typically, memory consumption is observed to increase
>until an error is thrown--"Address cannot be read, dllhost.exe." After
>attaching Windows Debugger to a runaway dllhost.exe process, there are two
>things to note: A). access is denied to the loaded module listing, and B).
>the expanded info on each dllhost.exe instantiation reports on info coming
>from Component Services. In one instance, the mailer object was listed, and
>in most of the others, the IIS Out-Of-Process Pooled Applications (The Web
>Applications Manager).
>
>QUESTIONS:
>
>1. I would like to get more information on DLLHOST.EXE. Specifically: How
>does it work? How can I safely view the modules it is loading (Again, the
>Debugger does not allow access to the proccesses). Any help here would be
>greatly appreciated, as there seems to be a complete dearth of info out
>there on the subject. Also, more info on the IIS Out-Of-Process Pooled
>Applications would be great. What little info I've found is well-nigh
>incomprehensible.
>
>2. What are some of the common reasons for excessive DLLHOST.EXE memory
>consumption? Does anyone have a list of ASP/ADO errors that could lead to
>problem we're dealing with? With the software eliminated as a possibility,
>we're going to take another look at the ASP code again.
>
>Any suggestions?

Tom,

You may find these articles useful :

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q290884

http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q281335

HTH,

Paul Lynch
MCSE

Loading