DEV Community

GauntletCI
GauntletCI

Posted on • Originally published at gauntletci.com

Post-Mortem: How a "Performance" PR Introduced 28 New Regressions

#dotnet #csharp #performance #devops

Analyzing Jellyfin PR #16062 with GauntletCI

Jellyfin PR #16062 is titled "Query Performance Improvements." It was a massive architectural shift: 126 files, 27,810 lines of code. It was reviewed, approved, and merged on May 3, 2026.

By May 7, the community was already reporting 90-second query hangs (Issue #16279).

We ran GauntletCI: a deterministic, rules-based Behavioral Change Risk (BCR) detector: against the merged diff. It took exactly 660 ms to find exactly why the "Performance Improvement" was causing performance degradation.

The GauntletCI dashboard for Jellyfin PR #16062: 129 findings across 27,000+ lines, fully analyzed in just

The Gap Between Intent and Reality

In a 27,000-line diff, human review is a suggestion, not a safeguard. The maintainers intended to fix N+1 query patterns. They succeeded in some areas, but the sheer scale of the change made it impossible to see what was being introduced simultaneously.

1. The Performance Traps (GCI0044)

  • Findings: 28 LINQ-in-loop patterns.
  • The Reality: While the PR closed older performance issues, it introduced 28 new ones. Specifically, 9 findings in BaseItemRepository.TranslateQuery.cs map directly to the filtering logic that users are now reporting as "unbearably slow."

The Verification: Issue #16279 ("Filters query taking 90s each time") isn't a mystery. It's a structural regression that was visible in the diff 1546 ms after it was written.

2. The Deadlock Time-Bombs (GCI0016)

  • Findings: 5 Block-level async violations (.Wait() and .GetAwaiter().GetResult()).
  • The Risk: These are "Heisenbugs." They often pass local CI because they require specific concurrency timing to hang a thread pool.
  • Status: These are currently sitting in the master branch. They haven't "exploded" yet, but the pattern is a well-documented deadlock vector in ASP.NET Core.

3. The Structural Decay (GCI0038 & GCI0043)

Beyond the crashes, the scan found:

  • 45 Dependency Injection Violations: Service locator anti-patterns that create hidden coupling.
  • 15 Type Safety Gaps: as casts without null checks that lead to context-less NullReferenceExceptions.

Execution Profile

Metric Result
Total Findings 129
Block-Level (Merge Stoppers) 11
Scan Time 660 ms
LLMs Used 0

Why This Happened

The Jellyfin team is talented. The problem isn't the people: it's the Scale of Change vs. The Speed of Human Cognition. Reviewers check for intent; GauntletCI checks for structural risk.

Try It Yourself

You don't need an LLM to find these. You need a pessimistic verifier.

dotnet tool install -g GauntletCI
gauntletci analyze --staged
Enter fullscreen mode Exit fullscreen mode

Top comments (0)