Hacker News new | comments | show | ask | jobs | submit login
High CPU use by taskhost.exe when Windows 8.1 user name contains “user” (microsoft.com)
444 points by ivank 408 days ago | hide | past | web | 202 comments | favorite



"Resolution:

To resolve the issue, do not create a user account contains the string "user" on the computer."

That's not really a resolution so much as a workaround.


If the issue is happening, you cannot resolve it by not creating an account which contains the string "user". You must probably delete the account which contains "user".

That could be substantially inconvenient compared to going back in time and telling your former self not to create it.


Renaming an user account on Windows systems isn't that complicated.


In theory. In practice, probably not. Windows has a habit of leaving little droplets of history all over that come back to bite.

Best to just wipe and reinstall.


Windows itself? Not really. Third party applications that hard code the path? More likely.


Windows itself leaves the c:\users\<username> path as it was first set, even if you rename the username.


I can confirm this. Recently renamed a user as I handed off an old PC to my wife. The old directory is still there but now all the files within it are inaccessible. Caused a lot of issues!


This shouldn't happen. The directory is still there, but it also should still be your profile directory. Changing a user name shouldn't change the SID and make your files inaccessible.


Lots of things with Windows should not happen, but they do. It shouldn't forget that I have bluetooth hardware installed, but it does. Windows just (in)conveniently forgets things. Or, conversely, remembers things that should be forgotten.


A lot of weird things happen when you violate Windows' core assumptions about the file system.


Not really. Renaming the username-part of the user's home folder has all kinds of data loss potential (apps not being able to find documents, documents linked to each other etc.). Therefore Windows takes the perfectly appropriate approach of leaving the user's files named as they were. Permissions etc. all remain unchanged and allow the same renamed user access. Just the folder on disk shows the old name.


I just renamed my user, too, but I kept the same directory. No issues for the past month or so.


It's a rare operation that most people don't ever do, and so receives little testing. Certainly little testing in a real, deployed, messy system, and not just a pristine, vanilla QA image in some Microsoft Windows test bed.


Yeah, seriously. I love how their workaround is "don't do that," too.


It's actually, "do not ... have done that".


Go back in time and subtly influence your past behaviour to avoid having created an account where the username contains the word 'user'. Alternatively, upgrade to Windows 12.


Seriously. How should I have known not to name my Windows account trousersnake?


aka the doctor's cure.


Very idiot proof indeed


"Don't hold it like that"



Keep moving that mouse...

Method 2: Move Your Mouse Pointer

If you move your mouse pointer continuously while the data is being returned to Microsoft Excel, the query may not fail. Do not stop moving the mouse until all the data has been returned to Microsoft Excel.


You forgot the best part:

NOTE: Depending on your query, it may take several minutes to return the results of your query to the worksheet.


At least, this KB article correctly puts the workarounds under the "Workaround" heading. However in the KB article linked to by this post, a workaround is put under the "Resolution" heading.


Now Microsoft must demonstrate how other operating systems have the same problem "in a certain way"... :-)


And that's Microsoft saying this, officially. It's not some comment on Stack Overflow.

So does DFPCommon.dl do, anyway? Does it have something to do with "telemetry", the built-in spyware in Windows 10?


It appears to be a support library for dfp.exe, which is the "Disk Footprint Tool". I never knew it existed until now, but it seems to be a potentially quite handy utility with a purpose similar to tools like WinDirStat (but CLI only?).

So to answer your question, no, it's not part of the telemetry infrastructure. And I'll add that calling that infrastructure "spyware" is a simplistic analysis of what's a complex issue. I say that as someone who goes to great pains to turn off as much telemetry as I can across almost all applications I use.


I have a personal line that works for me to determine wether something is spyware or not:

Do I have a universal toggle to shut off all "telemetry" data? If not, then it's spyware.

If it spies on me making it difficult or impossible for me to disable the spying, then what really makes it any different from traditional malicious spyware other than the intention? (if there's any difference to begin with)


> do not create a user account contains the string "user" on the computer.

Is this sentence correct? Maybe a "that" is missing after "account", or shouldn't it be "containing" instead of "contains"?

I'm asking because English is not my native tongue.


You are correct. I suspect most native speakers miss this mistake if they're reading quickly. I did. Our brains fill in the missing word and pretend it was present.


English speakers often omit the word "that" when speaking. When I was learning Spanish, the subjunctive tense always felt strange to use. "I wish you'd do the dishes" vs "I wish that you'd do the dishes" sort of thing. This is clearly a different case but the same result of skipping the word "that" when it should really be there.


I'm not the one who downvoted you, btw, but these are different cases.

"I wish you'd do the dishes" sounds fine to most native English speakers, except those who are extremely fussy about language. Leaving out "that" in this sentence will sound wrong to most native speakers (though we can easily gloss over it when reading).


As a native speaker fussy about language, leaving out unnecessary "that"s is something I wish far more native speakers would do. I disagree the sentence sounds wrong, of course, and think including a "that" sounds far more wrong, and should only be done to disambiguate, and only if you cannot reword the sentence to resolve the ambiguity without a "that".

"I wish you'd do the dishes" is fine. Far better than "I wish that you'd do the dishes". The "that" is useless. It's contextually clear what you're wishing, with no misunderstanding.

Many "that"s hide poor sentence structure and are a sign of lazy writing/thinking. Take the following:

- I realize now I need a car.

There is some ambiguity about what exactly I mean. I could use "that" to clear things up:

- I realize that now I need a car.

- I realize now that I need a car.

But that helps me spot the problem isn't the lack of "that", it's the "now", and I subtly alter the sentence's meaning based on where I place it:

- I realize I now need a car.

- I realize I need a car now.

- I now realize I need a car.

I should pick the sentence that most clearly communicates my meaning.


The "that" most certainly should not be in the sentence about dishes—and by most certainly, I most certainly mean subjectively most certainly because it's just a damn awful sentence. You've given a great example of why skipping an unnecessary "that" is as important as not omitting "that" where necessary.

While the article's mistake is a result of omitting a necessary "that", this example about dishes is a case of inserting one that is ugly, unnecessary, and actually ruins the sentence flow.

My other comment to a sibling explains more: https://news.ycombinator.com/item?id=11714645


I'm quite sure leaving out "that" in the given sentence is totally fine. I've been taught that you can leave out that, who, and which if the world after "that" is not a verb. If it is a verb, you can also use participle as suggested by parent (but if you use participle too often with long sentences, the sentence will become hard to understand). When using the participle, you should never use that, who, or which.

It should also be noted that leaving out "that" (if grammatical correct) can sometime sound wrong to native speakers, but that varies from accent and region since there is no standard (at least as far as I know).


Thank you for downvoting, but could you also tell me why and what I learned incorrectly?


Correct. I didn't catch it until it was pointed out.


Yes - both your suggestions are grammatically correct; the original is not.


You are correct, it seems to be missing a word. I am a native English speaker and I missed that the first time I read it!


A "that" is missing, yes. Or "containing" would fix the sentence without a "that". Someone was probably either typing too quickly or edited the surrounding words and neglected to fix the result here.



Especially annoying in a corporate user environment where user names are automatically generated following a standard format. "We upgraded to Windows 8 so now we have to rename some of our employee accounts."


Actually, the problem exists in Windows 8.1, not Windows 8.


Also sucks for people who have legitimate reasons to use such names on shared computers. An MRI might have 3 login accounts: MRIdeveloper, MRItechnician, MRIuser.


Does Windows accept non-ASCII characters in account names? If so, you could use MRIüser.

8-)}


I don't think you're allowed to have metal near an MRI. ;)


Only if you are trying to give the users of your MRI an aneurysm. Which is a bit of irony, I think.


That sounds perfectly safe and there's nothing to worry about. (Not)


Cause of bug: user error.

Solution: GFYS


Cause of bug: "We don't say that word" error.

Solution: Don't say that word.


What word?

The word that the Knights of Ni cannot stand to hear!


As most technet "solutions" have something todo with reinstalling the whole system, this seems a pretty good "solution" to me.


The "solution" is deleting the user and migrating all their stuff to another account. That's not really better than a re-install.


No, you can just rename the user account.


thats like a whole hour less work. praise the operating system gods because this is as efficient as it gets.


Oddly, I've used the username "user" on multiple windows 8 installations and I've never had this happen.


Next up: it's a feature, not a bug.


Windows 10 already says this, but with a different definition of bug.


In other news, the printer won't print on Tuesdays (please print on Mondays instead):

https://mdzlog.alcor.net/2009/08/15/bohrbugs-openoffice-org-...


Reminds me of y2k bugs where the clocked rolled over to 1900, and the days of the week no longer were correct.

Also the email bug some university had that they couldn't send emails further than 500 miles exactly.



>Also the email bug some university had that they couldn't send emails further than 500 miles exactly.

Clearly this is to prevent students from racking up the phone bill surfing long distance[1].

[1] http://bash.org/?142934


Seeing things (C) 19100 did make me smile.


Patient: "It hurts when I touch my abdomen"

Doctor: "Solution: stop touching your abdomen"


Patient: "My abdomen hurts when I or anyone else says my name."

Doctor: "... Change your name?"


Patient: "It hurts when I touch my abdomen"

Doctor: "Your index finger is broken."


-- Oliver Sachs


My Indian cousin Useraji doesn't find this funny…


Or anyone named Kauser. Because screw them, that's why!


Some form devious Kaspar Hauser Syndrome reinforcement at wirk here?


Yeah, better keep him confined to an old Windows NT box down in the data center.


this is even more funny :)


from the people who bought you "if you don't want your contacts to use your wifi for free, change your wifi station name to something with "_optout" in the name.

They're using pretty shit programmers these days I guess. Don't Apple and Google use pretty smart guys? How were they hoping to catch up with these muppets running the show?


> Don't Apple and Google use pretty smart guys? How were they hoping to catch up with these muppets running the show?

Oh don't worry. Google will definitely add another insult with Android. They outsource dealing the injury to OEMs. As for Apple, I expect the next devices to be able to only connect with Apple's Wi-Fi devices. AFAIR they already did that with Bluetooth file transfer.


And last I checked you cannot use the built-in nfc chip on your iPhone because $reasons.


How is it that bluetooth file transfer still comes up in conversations? Obviously I could bring up a personal anecdote about the fact that the last time I have seen anyone using bluetooth for transferring anything was probably in 2005, when I used a nokia 6310i to transfer some contacts. Nowadays if you are on android you touch the phones together and the file is sent by "magic"(since the user doesn't care if it's wi-fi direct or bluetooth), and if you are on iOS you send an email(and again - regular customer doesn't care how the data gets to the other end). Is there really a group of customers who would like to have an explicit option for bluetooth transfer?


> Nowadays if you are on android you touch the phones together and the file is sent by "magic"

Well this magic is actually mostly BT, because not every phone is Wi-fi direct capable.

> and if you are on iOS you send an email

That's exactly what parent is talking about, this is a "workaround" and not even admissible in all situations.

For example, I wanted to print a photo last year on a photo printer in a store, you transfer the file there via BT, select size, then you pay the photo at the counter. After 5 years of Android, I wanted to try out the other side. Sadly I found out that the iPhone doesn't allow that, so I had to email my Android carrying friend the photo and he did it in couple seconds.

Also I'd notice that as a user I do care how my data is transferred, specially because every business nowadays wants to offer their computer to serve as the mediator for that - a.k.a. the cloud.

So no thanks, I'd rather use a protocol which sends the data locally in the vicinity, instead of shipping it around the globe or buying into proprietary ways of doing that.


Sorry, that email was block due to filter/size/etc. Try breaking it up into very small pieces, zipping each and sending individually.


Don't forget to rename the .zip extensions to something else (and write your recipient to do the reverse), because .zip attachments are blocked.


...and encrypt the file with a random password you send in a different email: .jpg in .zip is not in the company whitelist and the mailserver brute-forces all words in the email for a password...


I use Bluetooth to transfer pictures between my wife's phone and mine. MMS resizes / compresses the picture, and I want the full version. And it's easier than setting up some sort of upload system for the few times I use it.


Indeed. Bluetooth transfer is the one thing you can count on working between any random two phones from this decade - be it yours and your wife's, or your and your couchsurfing host, or whoever. Or at least you could count on it before people like Apple decided to fuck up the technology that worked for no real reason.


There's no rent to be extracted from things that just work.


I'm not a huge google fan, but I like that my photos/videos are automatically uploaded to online storage when i charge my phone overnight. You can then share images a number of ways, including a private (ie unguessable) url. I can't imagine going back to bluetooth; I always found everything about that technology horrific.


Soooo, downgrading to a 1970s technology, hacking it up to accept a binary transfer (adding 30% to the size, yaaay), and praying that both the sender and the recipient are of a fast enough internet connection (given that a connection even exists), and nothing bad happens to e-mail in transit (common occurence) is somehow better, because OMG Apple? That's some major Reality Distortion Field at work, right there.


I don't even use iOS products. I just don't know anyone who explicitly wanted to send anything over bluetooth for years, and I am surprised people still mention it in conversations, just like a couple years ago people used to complain that their phones don't support flash.


I don't explicitly want to send data over bluetooth/email/nfc either: what I want is to print a picture. If the other side offers Bluetooth as a means to that end (but not e.g. e-mail), so be it.


I recently tried to print a custom phone cover, I brought the .png on my phone but BT refused to activate. I ended up sharing it through Viber with the cover guy.


asp.net MVC is also entirely based on magic strings. They do not seem to read their own best practice guidelines.


True, and that sucks. But then again, so is Rails. And Ruby and Python and JavaScript.


And PHP, an HTTP request is based entirely on magic super-globals set by the run-time (or yourself, if you're crazy!)


Perl "0 but true" counts as a magic string, probably.

http://stackoverflow.com/questions/129945/what-does-0-but-tr...


I don't know about Rails but for the others I agree. I am not a big fan of dynamic languages in general.

It's a matter of taste. Some people only want a notepad and a command line compiler. For those there is really not much difference between a dynamic language or a statically compiled language, and the only difference to them between a magic string and an enum is one more character to type.


I'd like you and the parent comment to provide one example of "magic strings" in Python and Javascript.

Javascript has really bad type coercion, no doubt. But there is nothing on the language that is built upon these concepts.

And I don't get the comparison between Rails (a framework that, indeed, does use a lot of "magic" in the naming of the classes) to programming languages.


In a dynamic language, every function or property is a magic string since the IDE/Compiler has no way to tell that this function will exist or not until runtime.


That's a total stretch. Stop moving goal posts, and please provide one example of function or variable in either python or JS that behaves in some special way only because of the name.


The "magic" about the strings in ASP.NET MVC is that the name of certain strings define which method gets called further down the line. That's exactly what dynamically typed languages do. Typos are caught at runtime, not at compile time, and possibly with cryptic errors if you're unlucky. The GP is used to C#, where (except if you use MVC), typos are immediately highlighted by the editor.

Your definition of "magic" is much stronger than that, so by accident of not entirely understanding the GP's complaint, you think we're moving goalposts.


While your answer does help in clarifying some misunderstanding ("magic string" to me is supposed to mean something else entirely), it still conflates programming languages with frameworks.

ASP.NET MVC is not a language, as far as I know.

Also, most "dynamic languages" have linters and syntax analyzers that you can hook up to your editor. If I have a typo in my code, flake8 will find it right away, and I don't need to run the code to do it.


__getitem__


That is just a method for an object. And the "double double underscore" thing is more of a way to show that the method is specialized and that there is no good reason to be redefining it. Nothing magic happens on the runtime in your application if you redefine the method.

If these would count as "magic", so would any language that supports operator-overloading and templates, which basically means that even C and C++ have "magic strings".

Still, you got close. If there is one thing that I could accept as "magic" is the fact that Python changes the accessor of functions if the function name starts with double underscore (but not if it also ends with double underscores). Even that would be debatable, because the behavior is well-defined and the transformation is simple.


The `clean_xxx` method will be called when the `xxx` field needs to be cleaned. If you rename the `xxx` field and forget to similarly rename the `clean` method... sucks to be you!

The same thing goes for a bunch of the `ContentType` stuff where you address specific instances generically using the string `applabel.modelname.id`.

Edit: Oops, misread. This is Django specifically, not Python generally.


I'd call "__proto__" a magic string, but it's kind of an accident of history and a one off that everyone wants to get rid of, but can't.


Vim and a clc, I'll have you know!


How so? If you're going to make a wild claim like this you need to back it up with an example.


If you mistype the name of the controller you will get the surprise at runtime:

return RedirectToAction("Index","ProductManager", new { id=id });

Same thing in the Razor syntax, the IDE has no way to check that a class you assign to an element exists since it is a magic string instead of being a markup the IDE can validate.

@Html.TextBoxFor(m => m.Name, new {@class = "title width-7" })

They built Entity Framework to get away from string based SQL statements and when they redesigned the web stack they went all-in on string based... As a result the IDE is pretty much helpless to spot errors in an asp.net MVC project before you compile (or to provide tooling - forget about renaming a controller).


What you're actually asking for is that you want urls and html to be statically typed, neither of which it makes any sense to be.

Your first example is a bad example because you simply don't have to use that stuff, they're convenience functions for quick prototyping using the controller names. Action links are urls, that's all, and urls are strings. If it bothers you, with a tiny amount of code in a helper method you can make it all strongly typed, or use the horrific overkill that is T4MVC as suggested in another reply.

Personally I completely avoid any MVC method with 'Action' in the method name, I use [Route] attributes and use hand-crafted urls rather than the controller autogenerated stuff. These can, again, all be hidden in nice statically typed helper functions and methods. Your example of `RedirectToAction` is simply a glorified `Redirect`, but the convenience method creates the url for you.

That's the good thing, you get to choose.

As for razor, it's the equivalent of complaining about misspelling html attributes. The whole reason that they're dynamic is so we can properly add whatever attributes we want to html, just like html allows us too. If we're using angular, we can easily add ng-attributes. If we want to make up a new data-thing-whatever, it will just work. When new attributes are released, we can simply use them without having to upgrade our MVC libraries.

The whole point is that you should be able to add it arbitrarily, it's not magic strings, it's dynamic by design. It can't be statically typed.

What you're asking for would require a new update for MVC every time they released a new html spec. It would be an utter nightmare.


This might be a Resharper thing, but I'm pretty sure I see errors in my editor if I try to reference an action or a view that doesn't exist. Although I've mostly bailed on MVC in favor of Nancy, since it's a lot easier to run that through a self-hosted OWIN webservice, rather than dick around with IIS.


Last time a did a full on MVC app I ended up writing strongly typed extension methods to handle this. I don't suggest everyone do this themselves, System.Linq.Expressions is a deep dark hole, but surely there are some maintained open source packages out there.


Not a fan of Razor. Track down 'Json.net Decycle' and you can deliver your whole vm in javascript. With signalr and some effort you can then dynamically update a frontend object graph via automation (JS makes this easy). I've abstracted this all into a library which uses knockout (I like knockout!!!) for personal use that I'd like to clean up and share someday. You can do the same thing in .net, but you have to use dynamically compiled delegates to make it efficient. You can also make your own fluent style apis if you Google how. Those with dynamically compiled delegates (aka fast reflection) bridge the function to string gap. God I need people to talk to at work...


That's all nice but doing it all in javascript (or a any dynamic language) is giving me even less help from the IDE, not more.


T4MVC can help with this:

https://github.com/T4MVC/T4MVC


They also partially fixed that in the new version of MVC by offering a markup alternative to razor (effectively going back to webform's markup syntax!).

https://blogs.msdn.microsoft.com/cdndevs/2015/08/06/a-comple...

Doesn't change the fact that it was bad design in the first place.


This is more of a product designer or product owner failure than a developer one.


Do Nvidia updates still make that UpdatusUser account? Oops.


Or all of the OEMs out there who do this out of habit...

I guess don't do upgrade-installs to 8.1 (though I haven't advocated doing those just about ever).


Why? I updated using the windows store from Windows 8 to Windows 8.1 pretty much immediately on my Lenovo Ideapad y510p.

Also note to future me: no, these ideapad notebooks have nothing to do with thinkpads. Do not buy an ideapad.


I meant upgrade installs on OEMs.

Like specifically HP, because HP had a default account of 'HP User' for years.


Thankfully with Windows 10, it seems to be possible to reinstall fresh. Not sure if doing so will reinstall all the crapware though.


I'd love to see the source code of the bug.


Yeah, I'm looking forward to Raymond Chen's post on this one.


I'd love to see the source code for windows...


Sign the NDA!


No thanks. I shouldn't have to sign an NDA just to see the source code of something running on hardware I own...

That's also why I run gnu/linux and only use windows when forced to (for work or gamedev).


Just checked, one of the automatically present accounts on the Windows 8.1 machine I have access to is:

"HomeGroupUser$"

It seems to be mostly undocumented "feature," searching for something "official" I've just found this "errata":

https://support.microsoft.com/en-us/kb/981068

"Creating or joining a HomeGroup creates the HomeGroupUser$ account and the HomeUsers group, and adds all local accounts to the group."

People have real problems with it:

http://answers.microsoft.com/en-us/windows/forum/windows_10-...


This has to be trivially solvable in a backwards-compatible manner (at least if the library at fault is one of windows' own which they update with windows update). Win 8.1 is an OS they actively update.

So why isn't this just fixed in the next update?

It would be one thing if they had to research the problem, and presented a workaround in the meantime. But they appear to have found the cause! To me it seems it would take ten times longer to find this bug, than to fix it. Once they spent the effort to find it, why not patch it?


This sounds like there's a functionality that depends on usernames having "user" in their name. Maybe there's no trivial way of distinguishing between what the system is looking for and a "legitimate" user and fixing that would require a change to the user accounts model.

I'm purely speculating here but I've seen my fair share of seemingly simple-to-fix bugs requiring huge changes.


They still need to write up the article, and it looks like they write the articles assuming you won't upgrade.


Probably because sysadmins aren't willing to push updates to their Windows machines because they tend to change system settings nowadays.


I am not sure how I would even write this bug.


And this is exactly why humans write bugs. We are not very good at understanding systems of systems.


This. Anytime a major company (or major OSS instance) has software with some seemingly stupid bug, I'm amazed by some comments on HN like 'how is this even possible' or 'those programmers must be shit compared to company X or Y'. While if you just reflect on programming and yourself a bit, it should be fairly easy to recognize such bugs are just as easy to introduce as others and that tests preventing them equally hard to write.


I didn't want to come across as arrogant, but the exercise of trying to understand what would drive us to a specific failure is always an interesting one. You must identify the patterns that are behind bugs that look stupid like this one.

Is the code making decisions based on the username instead of a specific attribute of the user structure? That's one recognizable anti-pattern. Is it trying to parse the user's home path and encountering what looks like a folder with a special name?


You don't have to be arrogant to feel superior to this bug. There's no way that this is some inadvertent emergent effect of complex mechanisms reacting to each other. Somebody wrote code that in some context searches username strings for the substring "user." Even worse, under many circumstances when it finds one, it just shits itself probably looking to check that user against something it can't find, then looks for again, but can't find, then looks for again...

The fact that it's obsessing you to figure out what kind of thought process could originate code that produces an interaction that expresses itself in this way IMO means that you'll probably never write code like this. Magic words, magic numbers...


All we know is that it triggers on the string "user"; could be that it CRCs to "00000000" or some other magic value, which then actually triggers the bug - and that there are other strings that could do this. (Which doesn't make your explanation implausible - per Occam's razor, yours would require fewer extra entities, and thus looks more likely - just that we don't know for sure)


The truly mind-blowing thing here is that it's "intermittent" ... so they only _sometimes_ check the username for "user" ??


Sounds like it's triggered by something else, such as the Windows equivalent of a cron job, but it runs much longer if you have a username with the substring "user".


Yes, the DLL mentioned is related to the built-in task called "Disk Footprint."


Or, they always check the username for "user", but such a check only sometimes causes high CPU load.


Do you seriously think they're 'checking the username for "user"'? I wish all bugs were as straightforward.


They could be. If they have some OO Set of substrings that they check a composite login credentials string for then it is possible to accidentally have state that depends on the order of Set iteration.

Quite a few systems use the "bung all options into one configuration string, then have it parsed by this argument parser" method. And it is a reasonable method to use.


I'm guessing something there is interpreting the substring "user" as special - I'm thinking of the kind of bugs like if you type "NULL" in the textfield you'll fuck up the website, etc. Happens when people don't keep their interpreted and non-interpreted data straight.


Maybe "user" in user name causes recursion. Perhaps the "recursion" isn't trivial to fix.

I hope that Microsoft doesn't use the same reasoning for security vulnerabilities.


This is another example of a poorly written MS KnowledgeBase article. It's version 1.0, dated 2015-01-05. It apparently has not been touched in a year despite at least one glaring spelling mistake.

For those who want to know what's going on, see this report from the year before, complete with stack trace:

* http://answers.microsoft.com/en-us/windows/forum/windows8_1-...


High CPU use when Windows is installed.


Is it possible to rename an account previously named user ? my computer running Windows 8.1 came with such account name AS an administrator.


On windows8.1 I found that a program with "update" in the name - eg MyUpdate.exe was treated differently by the OS.


How was it treated differently?


I'm guessing that this will turn out to be the well-known Installer Detection, around since the time of Windows NT 6.0.

* https://technet.microsoft.com/en-gb/library/cc709628(v=ws.10...

* https://blogs.msdn.microsoft.com/uac/2006/01/13/identificati...


That looks like it! Wow, crazy. My application was updating some data but not installing an application.


Asked for admin authorization to run... even though it did nothing special. When I renamed it, it didn't do that any more.


I guess someone who implemented this passed a whiteboard interview...


You were probably being funny. However, if I take this comment seriously, I find it unfair. Large products these days have so many moving parts that it is not always easy to reason how one part of the product may cause mysterious, interesting and incorrect behaviour in another part of the product. I wouldn't be dismissive of the calibre of an engineer just because he or she introduced a silly looking bug. One really needs to understand the root cause of a bug before one can judge the skill of the engineer behind it.

However, the fact that they do not fix this bug and instead offers a workaround as a resolution might offer some clues about the quality of the code and architecture of the product or their priorities or both.

As part of my job, I have discovered several bugs in Microsoft products or APIs that were blocking projects I was working on. When I filed service requests (my then employer had a premier support account with Microsoft), very smart support engineers from Microsoft were assigned to my service requests. By the way, I am calling them smart because they understood the issue accurately and quickly; that in itself could be a lot of trouble while dealing with support engineers of some companies.

I remember two such service requests in particular.

1. An incorrect implementation of WebDAV protocol related to WWW-Authenticate header and redirects. It was too long ago to remember the exact details but the issue was similar to but not exactly same as https://support.microsoft.com/en-us/kb/922722. We were trying to write some software that allows MOSS to be integrated with our SSO products. Since it was not the exact same issue as the one described in the KB article, the workaround provided in the KB article did not work for us. The response provided to me by Microsoft Premier Support was that the fix for the issue was considered multiple times in the past but due to the technical challenges involved, the changes were not approved internally in Microsoft.

2. ReadEventLog ( https://msdn.microsoft.com/en-us/library/windows/desktop/aa3... ) fails with error 87 under certain conditions when dwReadFlags has the EVENTLOG_SEEK_READ flag set. The resolution they provide at https://support.microsoft.com/en-in/kb/177199 is to use the EVENTLOG_SEQUENTIAL_READ flag instead. While that sounds acceptable in theory, when I actually tried it out, I found another bug there. When the event log file at the remote system is 2 MB or larger, ReadEventLog with EVENTLOG_SEQUENTIAL_READ flag did not honour the nNumberOfBytesToRead parameter at all. No matter how large a buffer we allocated to read events, due to this bug we would get exactly one event for every ReadEventLog call. When this issue does not occur, we can get hundreds or thousands of events in one call. But due to this bug, we get one event per call. These two bugs together caused such a major performance issue in our product that it made our product practically unusable in some scenarios. Once again, the Microsoft support engineer began working on the service request very swiftly. He wrote his own code and replicated the exact problematic behaviour we were facing. However, he could not offer a resolution; he said that the issue was present in a very complex part of the product and it was very unlikely that the product team would ever spend time on fixing this bug.

These responses led me to believe that there is a problem with the code quality and architecture of their products that makes bug fixing difficult for them. In my 10 years of career, I have never worked on a product where code complexity was cited as a reason for not fixing a genuine bug.


People have whole blogs dedicated to finding workarounds for quirks in Microsoft products. It's always an adventure.


What might be the root cause?


My guess? Somewhere in the system there's some old tool that's passing user data as a text table. It has a header row. So the dev decided to throw out the row if it contained "user".

After filtering, the program can't find the user name. So it calls the function again.

This probably happened when they moved an old unix app to Windows.


I kinda doubt it. This applies to Windows 8.1 and no earlier or later version. So the problem was introduced in Windows 8.1. Furthermore, Windows never really had utilities passing data as text doing maintenance stuff in the core operating system. That's not how Windows works. There are APIs for everything, not command-line tools. And they sure as hell didn't "move an old Unix app to Windows" in 2013.

As other have said, maybe Raymond Chen will some day do a blog post on this, although, considering that the bug is in DFPCommon.dll, i.e. the "Disk Footprint Utility Library", I doubt it really belongs to the shell and thus he won't know more than we do.


Alternatively, Windows has a fair amount of kludges - put there to fix poorly coded software. This could be an example case and, not knowing what has become dependant on the behaviour, it can't be removed.


This is a cool theory, but why would it call the function again? Shouldn't it just give up? It's not like it would get a different result next time.


You could image code like this:

  for (pos = 0; !found; pos++) {
    row = get_next_row();
    if (strstr(row, "user") {
      // this is obviously a header row
      continue
    }
    if (strstr(row, user_name)) {
      found = 1;
    }
  }


    for (pos = 0; !found; pos++)
This is so cool, I have never thought about this in like a decade of programming. I mean using a bool variable within a for loop.


It doesn't apply to that sample code but maybe this is generally safer:

   for (pos = 0; !found || pos < limit; pos++)
but there is nothing wrong in using an iterator and break out of the loop, especially if the language or the library gives you iterators.


That should be logical AND, not logical OR, because if you go over the limit and the right side is False, the left side will always be True if the item is not found, and True || False is still True, and the loop continues infinitely.

When you are over the iteration limit you want to trigger True && False which is False to break out of the loop where the right side False is the condition when pos > limit

Btw this is covered in Code Complete Second Edition by Microsoft Press on page 378-380


You are right. I believed I didn't need a test for that. See what happens? :-)


Don't do it in production code - indeed try to avoid languages where "for" allows such arbitrary constructs.


> Don't do it in production code

I'd say fair, but...

> indeed try to avoid languages where "for" allows such arbitrary constructs.

... come on. I'd say - go for such languages, they give you if a tiny bit more expressive power than ones who don't let you write such a loop.


Allowing the same statement to do any kind of arbitrary nonsense is not the good kind of expressiveness. Far better to separate your concerns, and keep the orthogonal parts orthogonal. C-style for mixes too many different things.


Semantics of the C-style for loop are pretty well defined - it's: for(initialize form ; condition form ; step form) { loop body forms }. Ascribing any different meaning to it, like e.g. that all three forms in the loop header must be present or must refer to the same set of variables, is a mistake.

That said, if one has an alternative that can express their intention better (like e.g. mapcar, foreach loop, Lisp's dotimes, etc.), one should use it instead.


Well, you also have to consider greater debugging costs of you use a loop comprehension. Expression of intention isn't the only issue to consider.


I disagree - debugging costs usually come directly from choosing a construct that does not express programmer's intentions (like using a naked for when foreach would be more adequate - or, conversely, by messing with conditionals inside loop body when putting the condition in the loop header would be more adequate).


Debugging a higher order function application is harder than stepping through a loop, at least in most debuggers I've used. I use them only when the logic called indirectly is not complicated to require much debugging (and I still wind up converting comprehensions into loops because they are too much trouble).


Oh ok, I can imagine more complex expressions being harder to debug from machine code level.

That said, I rarely if ever have to resort to low-level debugging in such cases. I'm yet to encounter a problem that couldn't be solved by looking at the code and (very occasionally) stepping it through in the debugger. Here, using higher-order constructs in code is actually very helpful - the closer your code gets to expressing your intent, the smaller the set of possible bugs is. For instance, you can't make an off-by-one error in a foreach or a mapcar.


There are many other things to debug beyond the basics. I admire those people who can do all the computer simulation in their head, but many of us want good debugging support, ever since the mid 90s (well, it really started with Microsoft's CodeView in the late 80s). PL abstractions should consider that in their designs, not just elegant conciseness. Code isn't just read.


What you call "Arbitrary nonsense" is for others good practice. For loops allow you to check all the conditions of the loop in one single line, without having to read the body of the loop, which i consider good practice.


Speak the truth, brother. Sadly I've seen production code (I do not work at Microsoft) that contains assumptions that are really that bad..


Calling the function again when the user doesn't exist could in fact be nonsensical and wrong. It could be due to failing to break out of some loop or whatever, not necessary an explicit "we don't have the user; let's branch backwards" logic. Perhaps that looping was not discovered simply because that case doesn't arise: the user always exists. Except, oops, when it appears not to exist due to being pruned because of the "user" substring; then the incorrect backwards branch problem is exposed.


Calling the function again may be entirely logical and may be because of independent state, e.g. locks or security. Think of the famous problem we had for decades with file deletion hanging for 10 seconds or so if you tried to delete a file in use. Somebody traced and disassembled the code; it was literally a hardcoded loop that did 10 iterations of attempting to get a lock on the file followed by sleeping one second if failed... The loop-and-sleep combo there might have been a hack, but it was excusable.


The programmers evidently didn't consider this failure mode. I guess they did consider others. Code could look like this:

   while(!done)
   {
     try
     {
       foo();
       baz();
       done = true;
     }
     catch(...) {}
   }
with baz failing, but the retry present to handle cases where foo fails.


Let's assume that it has a set number of attempts each with some delay.

Let's also assume that whatever this is has multiple instances for some reason; maybe it's something called as part of an update process for system accounting information.

If every process on the machine did this every time it got re-scheduled? Yeah, I can see that.


Oddly specific "guess". Is there something you want to tell us? :)


Yeah it sounds like some kind of "injection".


Without the source code, it is hard to say.


Source code, pfft. Is this not hacker news? ;)


Looking at the binary expression of Win8.1 I've found the problem; one just needs to switch some 0 and 1s, no problem!


hehe, probably has something to do with root.


Hopefully there aren't too many enterprises out there with [domain]\user[0-9]+ type definitions!


I doubt it. Given the symptoms of the issue, I'm sure IT departments would be on the phone with MS in a heart beat.


Maybe this "feature" enables some kind of backdoor either within the task or corresponding library. It's strange that the task is functioning in a manner where the task is dependent upon a string (account) that contains the word "user."


Master Fix could be : "Avoid using this Operating System."



This is a thread where I immediately scroll to the bottom of the comments and upvote everything. I don't see why we as a community have to pretend that your fix isn't the best one :P


Most hilarious KB I read today.


That today frightens me.


I actually got a couple Win81 VMs that have VMUser as a user and I never noticed any CPU usage issues.

But the non-solution is just pathetic response from MS - they used to talk in updates and fixits but with all the focus on Windows 10 now, they hardly seem to have a reason or incentive to care about older OSes.


>I actually got a couple Win81 VMs that have VMUser as a user and I never noticed any CPU usage issues.

Then I propose a new solution, just re-host your windows installation in a VM!


Short of completely re-imaging the machine, you could delete the offending user profile and re-create it. As people have pointed out renaming a user leaves messy jumble of old and new, and may not solve the problem.


Is this resolved or able to replicate on windows 10?


The article applies to just Windows 8.1, so it isn't a problem in Windows 10.


Oh strstr() - that witchery... your foul black magic craft has been poisoning people's minds for 40 years...


Sort of like that hilarious systemd bug with parsing the 'debug' kernel argument.


That was no bug...


Sucks to be in the Grundhauser clan right now.


This is how it looks when in charge is a corporation which does not see any plausible reason for throwing resources at a given kind of problems. No mater that this is something that affects the paying customer in a very direct/personal way, no mater that this is just one symptom for possibly a wider range of buried issues. Imagine this report occurring in the community alternative ReactOS, and about the kind of attitude it would receive. ReactOS just released 0.4.1, BTW!




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: