
High CPU use by taskhost.exe when Windows 8.1 user name contains “user” - ivank
https://support.microsoft.com/en-us/kb/3053711
======
skykooler
"Resolution:

To resolve the issue, do not create a user account contains the string "user"
on the computer."

That's not really a resolution so much as a workaround.

~~~
pmiller2
Yeah, seriously. I love how their workaround is "don't do that," too.

~~~
kazinator
It's actually, "do not ... have done that".

~~~
schwarrrtz
Go back in time and subtly influence your past behaviour to avoid having
created an account where the username contains the word 'user'. Alternatively,
upgrade to Windows 12.

~~~
PawelDecowski
Seriously. How should I have known not to name my Windows account
trousersnake?

------
praptak
In other news, the printer won't print on Tuesdays (please print on Mondays
instead):

[https://mdzlog.alcor.net/2009/08/15/bohrbugs-openoffice-
org-...](https://mdzlog.alcor.net/2009/08/15/bohrbugs-openoffice-org-wont-
print-on-tuesdays/)

~~~
Houshalter
Reminds me of y2k bugs where the clocked rolled over to 1900, and the days of
the week no longer were correct.

Also the email bug some university had that they couldn't send emails further
than 500 miles exactly.

~~~
asadjb
500 Miles story:
[http://www.ibiblio.org/harris/500milemail.html](http://www.ibiblio.org/harris/500milemail.html)

------
accounthere
Patient: "It hurts when I touch my abdomen"

Doctor: "Solution: stop touching your abdomen"

~~~
unique_parrot2
Patient: "It hurts when I touch my abdomen"

Doctor: "Your index finger is broken."

~~~
agumonkey
\-- Oliver Sachs

------
gwenzek
My Indian cousin Useraji doesn't find this funny…

~~~
croon
Or anyone named Kauser. Because screw them, that's why!

~~~
mxfh
Some form devious _Kaspar Hauser Syndrome_ reinforcement at wirk here?

~~~
croon
Yeah, better keep him confined to an old Windows NT box down in the data
center.

------
dave2000
from the people who bought you "if you don't want your contacts to use your
wifi for free, change your wifi station name to something with "_optout" in
the name.

They're using pretty shit programmers these days I guess. Don't Apple and
Google use pretty smart guys? How were they hoping to catch up with these
muppets running the show?

~~~
TeMPOraL
> _Don 't Apple and Google use pretty smart guys? How were they hoping to
> catch up with these muppets running the show?_

Oh don't worry. Google will definitely add another insult with Android. They
outsource dealing the injury to OEMs. As for Apple, I expect the next devices
to be able to only connect with Apple's Wi-Fi devices. AFAIR they already did
that with Bluetooth file transfer.

~~~
gambiting
How is it that bluetooth file transfer still comes up in conversations?
Obviously I could bring up a personal anecdote about the fact that the last
time I have seen anyone using bluetooth for transferring anything was probably
in 2005, when I used a nokia 6310i to transfer some contacts. Nowadays if you
are on android you touch the phones together and the file is sent by
"magic"(since the user doesn't care if it's wi-fi direct or bluetooth), and if
you are on iOS you send an email(and again - regular customer doesn't care
_how_ the data gets to the other end). Is there really a group of customers
who would like to have an explicit option for bluetooth transfer?

~~~
jdmichal
I use Bluetooth to transfer pictures between my wife's phone and mine. MMS
resizes / compresses the picture, and I want the full version. And it's easier
than setting up some sort of upload system for the few times I use it.

~~~
TeMPOraL
Indeed. Bluetooth transfer is the one thing you can count on working between
any random two phones from this decade - be it yours and your wife's, or your
and your couchsurfing host, or whoever. Or at least you _could_ count on it
before people like Apple decided to fuck up the technology that worked for no
real reason.

~~~
pessimizer
There's no rent to be extracted from things that just work.

------
kazinator
Do Nvidia updates still make that UpdatusUser account? Oops.

~~~
busterarm
Or all of the OEMs out there who do this out of habit...

I guess don't do upgrade-installs to 8.1 (though I haven't advocated doing
those just about ever).

~~~
newjersey
Why? I updated using the windows store from Windows 8 to Windows 8.1 pretty
much immediately on my Lenovo Ideapad y510p.

Also note to future me: no, these ideapad notebooks have nothing to do with
thinkpads. Do not buy an ideapad.

~~~
busterarm
I meant upgrade installs on OEMs.

Like specifically HP, because HP had a default account of 'HP User' for years.

~~~
newjersey
Thankfully with Windows 10, it seems to be possible to reinstall fresh. Not
sure if doing so will reinstall all the crapware though.

------
hoodoof
I'd love to see the source code of the bug.

~~~
arca_vorago
I'd love to see the source code for windows...

~~~
adzm
Sign the NDA!

~~~
arca_vorago
No thanks. I shouldn't have to sign an NDA just to see the source code of
something running on hardware I own...

That's also why I run gnu/linux and only use windows when forced to (for work
or gamedev).

------
acqq
Just checked, one of the automatically present accounts on the Windows 8.1
machine I have access to is:

"HomeGroupUser$"

It seems to be mostly undocumented "feature," searching for something
"official" I've just found this "errata":

[https://support.microsoft.com/en-
us/kb/981068](https://support.microsoft.com/en-us/kb/981068)

"Creating or joining a HomeGroup creates the HomeGroupUser$ account and the
HomeUsers group, and adds all local accounts to the group."

People have real problems with it:

[http://answers.microsoft.com/en-
us/windows/forum/windows_10-...](http://answers.microsoft.com/en-
us/windows/forum/windows_10-security/windows-10-start-up-user-
account/e754a513-c303-44b2-b489-3f4436a5a2d8)

------
alkonaut
This has to be trivially solvable in a backwards-compatible manner (at least
if the library at fault is one of windows' own which they update with windows
update). Win 8.1 is an OS they actively update.

So why isn't this just fixed in the next update?

It would be one thing if they had to research the problem, and presented a
workaround in the meantime. But they appear to have found the cause! To me it
seems it would take ten times longer to _find_ this bug, than to fix it. Once
they spent the effort to find it, why not patch it?

~~~
lagadu
This sounds like there's a functionality that depends on usernames having
"user" in their name. Maybe there's no trivial way of distinguishing between
what the system is looking for and a "legitimate" user and fixing that would
require a change to the user accounts model.

I'm purely speculating here but I've seen my fair share of seemingly simple-
to-fix bugs requiring huge changes.

------
rbanffy
I am not sure how I would even write this bug.

~~~
jacobush
And this is exactly why humans write bugs. We are not very good at
understanding systems of systems.

~~~
rbanffy
I didn't want to come across as arrogant, but the exercise of trying to
understand what would drive us to a specific failure is always an interesting
one. You must identify the patterns that are behind bugs that look stupid like
this one.

Is the code making decisions based on the username instead of a specific
attribute of the user structure? That's one recognizable anti-pattern. Is it
trying to parse the user's home path and encountering what looks like a folder
with a special name?

~~~
pessimizer
You don't have to be arrogant to feel superior to this bug. There's no way
that this is some inadvertent emergent effect of complex mechanisms reacting
to each other. Somebody wrote code that in some context searches username
strings for the substring "user." Even worse, under many circumstances when it
finds one, it just shits itself probably looking to check that user against
something it can't find, then looks for again, but can't find, then looks for
again...

The fact that it's obsessing you to figure out what kind of thought process
could originate code that produces an interaction that expresses itself in
this way IMO means that you'll probably never write code like this. Magic
words, magic numbers...

~~~
Piskvorrr
All we know is that it triggers on the string "user"; could be that it CRCs to
"00000000" or some other magic value, which _then_ actually triggers the bug -
and that there are other strings that could do this. (Which doesn't make your
explanation implausible - per Occam's razor, yours would require fewer extra
entities, and thus _looks_ more likely - just that we don't know for sure)

------
pbnjay
The truly mind-blowing thing here is that it's "intermittent" ... so they only
_sometimes_ check the username for "user" ??

~~~
jey
Sounds like it's triggered by something else, such as the Windows equivalent
of a cron job, but it runs much longer if you have a username with the
substring "user".

~~~
acqq
Yes, the DLL mentioned is related to the built-in task called "Disk
Footprint."

------
0xmohit
Maybe "user" in user name causes recursion. Perhaps the "recursion" isn't
trivial to fix.

I hope that Microsoft doesn't use the same reasoning for security
vulnerabilities.

------
JdeBP
This is another example of a poorly written MS KnowledgeBase article. It's
version 1.0, dated 2015-01-05. It apparently has not been touched in a year
despite at least one glaring spelling mistake.

For those who want to know what's going on, see this report from the year
before, complete with stack trace:

* [http://answers.microsoft.com/en-us/windows/forum/windows8_1-...](http://answers.microsoft.com/en-us/windows/forum/windows8_1-performance/taskhostexe-dfpcommondll-thread-high-cpu/c16ce12f-5bc4-4f59-9e08-7404c554a8e5)

------
tempodox
High CPU use when Windows is installed.

------
spriggan3
Is it possible to rename an account previously named user ? my computer
running Windows 8.1 came with such account name AS an administrator.

------
ape4
On windows8.1 I found that a program with "update" in the name - eg
MyUpdate.exe was treated differently by the OS.

~~~
_kst_
_How_ was it treated differently?

~~~
JdeBP
I'm guessing that this will turn out to be the well-known Installer Detection,
around since the time of Windows NT 6.0.

* [https://technet.microsoft.com/en-gb/library/cc709628(v=ws.10...](https://technet.microsoft.com/en-gb/library/cc709628\(v=ws.10\).aspx)

* [https://blogs.msdn.microsoft.com/uac/2006/01/13/identificati...](https://blogs.msdn.microsoft.com/uac/2006/01/13/identification-of-administrative-applications/)

~~~
ape4
That looks like it! Wow, crazy. My application was updating some data but not
installing an application.

------
zerr
I guess someone who implemented this passed a whiteboard interview...

~~~
susam
You were probably being funny. However, if I take this comment seriously, I
find it unfair. Large products these days have so many moving parts that it is
not always easy to reason how one part of the product may cause mysterious,
interesting and incorrect behaviour in another part of the product. I wouldn't
be dismissive of the calibre of an engineer just because he or she introduced
a silly looking bug. One really needs to understand the root cause of a bug
before one can judge the skill of the engineer behind it.

However, the fact that they do not fix this bug and instead offers a
workaround as a resolution might offer some clues about the quality of the
code and architecture of the product or their priorities or both.

As part of my job, I have discovered several bugs in Microsoft products or
APIs that were blocking projects I was working on. When I filed service
requests (my then employer had a premier support account with Microsoft), very
smart support engineers from Microsoft were assigned to my service requests.
By the way, I am calling them smart because they understood the issue
accurately and quickly; that in itself could be a lot of trouble while dealing
with support engineers of some companies.

I remember two such service requests in particular.

1\. An incorrect implementation of WebDAV protocol related to WWW-Authenticate
header and redirects. It was too long ago to remember the exact details but
the issue was similar to but not exactly same as
[https://support.microsoft.com/en-
us/kb/922722](https://support.microsoft.com/en-us/kb/922722). We were trying
to write some software that allows MOSS to be integrated with our SSO
products. Since it was not the exact same issue as the one described in the KB
article, the workaround provided in the KB article did not work for us. The
response provided to me by Microsoft Premier Support was that the fix for the
issue was considered multiple times in the past but due to the technical
challenges involved, the changes were not approved internally in Microsoft.

2\. ReadEventLog ( [https://msdn.microsoft.com/en-
us/library/windows/desktop/aa3...](https://msdn.microsoft.com/en-
us/library/windows/desktop/aa363674\(v=vs.85\).aspx) ) fails with error 87
under certain conditions when dwReadFlags has the EVENTLOG_SEEK_READ flag set.
The resolution they provide at [https://support.microsoft.com/en-
in/kb/177199](https://support.microsoft.com/en-in/kb/177199) is to use the
EVENTLOG_SEQUENTIAL_READ flag instead. While that sounds acceptable in theory,
when I actually tried it out, I found another bug there. When the event log
file at the remote system is 2 MB or larger, ReadEventLog with
EVENTLOG_SEQUENTIAL_READ flag did not honour the nNumberOfBytesToRead
parameter at all. No matter how large a buffer we allocated to read events,
due to this bug we would get exactly one event for every ReadEventLog call.
When this issue does not occur, we can get hundreds or thousands of events in
one call. But due to this bug, we get one event per call. These two bugs
together caused such a major performance issue in our product that it made our
product practically unusable in some scenarios. Once again, the Microsoft
support engineer began working on the service request very swiftly. He wrote
his own code and replicated the exact problematic behaviour we were facing.
However, he could not offer a resolution; he said that the issue was present
in a very complex part of the product and it was very unlikely that the
product team would ever spend time on fixing this bug.

These responses led me to believe that there is a problem with the code
quality and architecture of their products that makes bug fixing difficult for
them. In my 10 years of career, I have never worked on a product where code
complexity was cited as a reason for not fixing a genuine bug.

~~~
mfoy_
People have whole blogs dedicated to finding workarounds for quirks in
Microsoft products. It's always an adventure.

------
gberger
What might be the root cause?

~~~
wmil
My guess? Somewhere in the system there's some old tool that's passing user
data as a text table. It has a header row. So the dev decided to throw out the
row if it contained "user".

After filtering, the program can't find the user name. So it calls the
function again.

This probably happened when they moved an old unix app to Windows.

~~~
astazangasta
This is a cool theory, but why would it call the function again? Shouldn't it
just give up? It's not like it would get a different result next time.

~~~
thriqon
You could image code like this:

    
    
      for (pos = 0; !found; pos++) {
        row = get_next_row();
        if (strstr(row, "user") {
          // this is obviously a header row
          continue
        }
        if (strstr(row, user_name)) {
          found = 1;
        }
      }

~~~
wingerlang

        for (pos = 0; !found; pos++)
    

This is so cool, I have never thought about this in like a decade of
programming. I mean using a bool variable within a for loop.

~~~
pmontra
It doesn't apply to that sample code but maybe this is generally safer:

    
    
       for (pos = 0; !found || pos < limit; pos++)
    

but there is nothing wrong in using an iterator and break out of the loop,
especially if the language or the library gives you iterators.

~~~
jjawssd
That should be logical AND, not logical OR, because if you go over the limit
and the right side is False, the left side will always be True if the item is
not found, and True || False is still True, and the loop continues infinitely.

When you are over the iteration limit you want to trigger True && False which
is False to break out of the loop where the right side False is the condition
when pos > limit

Btw this is covered in Code Complete Second Edition by Microsoft Press on page
378-380

~~~
pmontra
You are right. I believed I didn't need a test for that. See what happens? :-)

------
cakes
Hopefully there aren't too many enterprises out there with [domain]\user[0-9]+
type definitions!

~~~
JustSomeNobody
I doubt it. Given the symptoms of the issue, I'm sure IT departments would be
on the phone with MS in a heart beat.

------
anon_peace
Maybe this "feature" enables some kind of backdoor either within the task or
corresponding library. It's strange that the task is functioning in a manner
where the task is dependent upon a string (account) that contains the word
"user."

------
padmabushan
Master Fix could be : "Avoid using this Operating System."

~~~
onnoonno
Relevant: [http://superuser.com/questions/957907/unable-to-install-
font...](http://superuser.com/questions/957907/unable-to-install-fonts-on-
windows-10)

------
steve371
Most hilarious KB I read today.

~~~
HeadlessChild
That today frightens me.

------
blinkingled
I actually got a couple Win81 VMs that have VMUser as a user and I never
noticed any CPU usage issues.

But the non-solution is just pathetic response from MS - they used to talk in
updates and fixits but with all the focus on Windows 10 now, they hardly seem
to have a reason or incentive to care about older OSes.

~~~
gerbilly
>I actually got a couple Win81 VMs that have VMUser as a user and I never
noticed any CPU usage issues.

Then I propose a new solution, just re-host your windows installation in a VM!

------
Friedduck
Short of completely re-imaging the machine, you could delete the offending
user profile and re-create it. As people have pointed out renaming a user
leaves messy jumble of old and new, and may not solve the problem.

------
brett40324
Is this resolved or able to replicate on windows 10?

~~~
ygra
The article applies to just Windows 8.1, so it isn't a problem in Windows 10.

------
malkia
Oh strstr() - that witchery... your foul black magic craft has been poisoning
people's minds for 40 years...

------
sklogic
Sort of like that hilarious systemd bug with parsing the 'debug' kernel
argument.

~~~
digi_owl
That was no bug...

------
chris_wot
Sucks to be in the Grundhauser clan right now.

------
userulluipeste
This is how it looks when in charge is a corporation which does not see any
plausible reason for throwing resources at a given kind of problems. No mater
that this is something that affects the paying customer in a very
direct/personal way, no mater that this is just one symptom for possibly a
wider range of buried issues. Imagine this report occurring in the community
alternative ReactOS, and about the kind of attitude it would receive. ReactOS
just released 0.4.1, BTW!

