win 8.1 explorer 打开“设备和打印机”时占用 CPU

我遇到了一个无法解决的特殊问题。我最近发现，我的 Win 8.1 Update 1（所有更新均通过 WSUS 离线进行）在打开“设备和打印机”窗口时开始占用所有 CPU。

设备出现之前会有 5-10 分钟的延迟，但是即使图标显示了大约 5-10 分钟后，CPU 仍会继续旋转。

Xperf 文件（感谢@magicandre1981 的说明）发布于Dropbox- 24MB zip 解压后大小为 145MB。

通过 Sysinternals 进程资源管理器查看，问题似乎是由MultiByteToUnicodeN调用引起的（不幸的是我无法发布图像）：

ntdll.dl!RtlMultiByteToUnicodeN+0x1cf0 ntdll.dl!RtlMultiByteToUnicodeN+0x1cf0 ntdll.dl!RtlMultiByteToUnicodeN+0x1cf0 ntdll.dl!RtlMultiByteToUnicodeN+0x1cf0 ntdll.dl!RtlMultiByteToUnicodeN+0x1cf0 SHCORE.dll!GetScaleFactorForDevice+0x1d4 FunDisc.dll!DllCanUnloadNow+0x2e8 SHCORE.dll!GetScaleFactorForDevice+0x1d4 SHCORE.dll!GetScaleFactorForDevice+0x1d4 windows.immersiveshell.serviceprovider.dll! SHCORE.dll!GetScaleFactorForDevice+0x1d4 SHCORE.dll!GetScaleFactorForDevice+0x1d4 SHCORE.dll!GetScaleFactorForDevice+0x1d4 SHCORE.dll!GetScaleFactorForDevice+0x1d4 Explorer.EXE

有什么办法可以解决这个问题吗？要么我等 20 分钟左右，要么必须终止 explorer 任务。我尝试重新安装所有设备，但无济于事；出于某种原因，渲染此窗口会导致 unicode 转换占用所有 CPU。

使用符号更新

根据收到的评论，我安装了零售Windows 8.1 的符号和尖锐的进程资源管理器（如这个帖子然而，输出看起来几乎相同。我查看了线程的堆栈，似乎它大部分时间都花在一个对象的同步上： ntoskrnl.exe!KeSynchronizeExecution+0x2246 ntoskrnl.exe!KeRemoveQueueEx+0x108e ntoskrnl.exe!KeRemoveQueueEx+0xae9 ntoskrnl.exe!KeWaitForSingleObject+0x22a ntoskrnl.exe!KeSetBasePriorityThread+0x4ec ntoskrnl.exe!KeRemoveQueueEx+0x281d ntoskrnl.exe!KiCheckForKernelApcDelivery+0x23 ntoskrnl.exe!SeQuerySessionIdToken+0x1b99 ntoskrnl.exe!SeQuerySessionIdToken+0x15f9 ntoskrnl.exe!SeQuerySessionIdToken+0x1440 ntoskrnl.exe!FsRtlAllocateExtraCreateParameter+0x744e ntoskrnl.exe!FsRtlAllocateExtraCreateParameter+0x52c4 ntoskrnl.exe!FsRtlAllocateExtraCreateParameter+0x13c8 ntoskrnl.exe!FsRtlAllocateExtraCreateParameter+0x10da ntoskrnl.exe!IoDeleteAllDependencyRelations+0x14d0 ntoskrnl.exe!FsRtlAllocateExtraCreateParameter+0xa96 ntoskrnl.exe!FsRtlAllocateExtraCreateParameter+0x898 ntoskrnl.exe!ObReferenceObjectByHandleWithTag+0xe92 ntoskrnl.exe!NtDeviceIoControlFile+0x56 ntoskrnl.exe!setjmpex+0x34b3 ntdll.dll!NtDeviceIoControlFile+0xa KERNELBASE.dll!GetModuleHandleExA+0xb6 KERNEL32.DLL!DeviceIoControl+0x80 cfgmgr32.dll!SwMemFree+0x6a7 KERNELBASE.dll!SetKernelObjectSecurity+0xc1 ntdll.dll!RtlAcquireSRWLockExclusive+0x31e ntdll.dll!RtlMultiByteToUnicodeN+0x20a3 KERNEL32.DLL!BaseThreadInitThunk+0xd ntdll.dll!RtlUserThreadStart+0x1d

下面是来自其中一个启动线程的另一个堆栈（SHCORE.dll!GetScaleFactorForDevice）： ntoskrnl.exe!KeSynchronizeExecution+0x2246 ntoskrnl.exe!KeRemoveQueueEx+0x108e ntoskrnl.exe!KeRemoveQueueEx+0xae9 ntoskrnl.exe!KeWaitForSingleObject+0x22a ntoskrnl.exe!KeSetBasePriorityThread+0x4ec ntoskrnl.exe!KeRemoveQueueEx+0x281d ntoskrnl.exe!KiCheckForKernelApcDelivery+0x23 win32k.sys+0x12aaea win32k.sys+0x6d10d win32k.sys+0xca699 win32k.sys+0x35a9f win32k.sys+0x2a514 win32k.sys+0x138e28 win32k.sys+0x19fa8 win32k.sys+0x4921e ntoskrnl.exe!setjmpex+0x34b3 USER32.dll!WindowFromPhysicalPoint+0x1a USER32.dll!CallWindowProcW+0x2bf USER32.dll!SendMessageW+0x111 UxTheme.dll!DrawThemeParentBackgroundEx+0x18f Comctl32.dll!ImageList_GetIconSize+0xee3 Comctl32.dll!ImageList_GetIconSize+0x1107 Comctl32.dll!DrawScrollBar+0x12bf USER32.dll!DispatchMessageW+0x154 USER32.dll!CallWindowProcW+0x132 Comctl32.dll!DefSubclassProc+0xb2 Comctl32.dll!DefSubclassProc+0x77 explorerframe.dll!Ordinal111+0x655d Comctl32.dll!DPA_GetPtr+0x282 Comctl32.dll!DPA_GetPtr+0x152 USER32.dll!DispatchMessageW+0x154 USER32.dll!OffsetRect+0x172 USER32.dll!OffsetRect+0x22d ntdll.dll!KiUserCallbackDispatcher+0x1f USER32.dll!WindowFromPhysicalPoint+0x1a USER32.dll!CallWindowProcW+0x2bf USER32.dll!SendMessageW+0x111 UxTheme.dll!DrawThemeParentBackgroundEx+0x1a6 explorerframe.dll!Ordinal111+0xabef explorerframe.dll!Ordinal111+0x6ae5 USER32.dll!DispatchMessageW+0x154 USER32.dll!OffsetRect+0x172 USER32.dll!OffsetRect+0x22d ntdll.dll!KiUserCallbackDispatcher+0x1f USER32.dll!WindowFromPhysicalPoint+0x1a USER32.dll!CallWindowProcW+0x2bf USER32.dll!SendMessageW+0x111 UxTheme.dll!DrawThemeParentBackgroundEx+0x1a6 explorerframe.dll!Ordinal111+0xaa52 Comctl32.dll!DPA_GetPtr+0x282 Comctl32.dll!DPA_GetPtr+0x152 USER32.dll!GetWindowLongPtrA+0x265 USER32.dll!OffsetRect+0x172 USER32.dll!OffsetRect+0x22d ntdll.dll!KiUserCallbackDispatcher+0x1f USER32.dll!SendMessageW+0x1aa USER32.dll!SendMessageW+0x1bc explorerframe.dll!Ordinal111+0x546e explorerframe.dll!Ordinal111+0x10568 explorerframe.dll!Ordinal111+0x11d50 explorerframe.dll!Ordinal111+0x11d00 explorerframe.dll!Ordinal111+0xeee3 SHELL32.dll!SHGetKnownFolderPathWorker+0x84c SHELL32.dll!SHGetKnownFolderPathWorker+0xa23 SHCORE.dll!GetScaleFactorForDevice+0x333 KERNEL32.DLL!BaseThreadInitThunk+0xd ntdll.dll!RtlUserThreadStart+0x1d

请注意，这次花了​​ 30 分钟左右的时间 - 有时间安装符号、阅读帖子、进行一些诊断并回发，但 CPU 仍然处于高位。

符号的第二次更新

感谢@kinokijuf，我使用了 Windows Defender Debug.dll 并获得了更准确的信息。线程现在如下所示：

ntdll.dll!TppWorkerThread ntdll.dll!TppWorkerThread ntdll.dll!TppWorkerThread ntdll.dll!TppWorkerThread ntdll.dll!TppWorkerThread SHCORE.dll!Microsoft::WRL::FtmBase::MarshalInterface+0x1c SHCORE.dll!Microsoft::WRL::FtmBase::MarshalInterface+0x1c FunDisc.dll!CNotificationQUeue::ThreadProc SHCORE.dll!Microsoft::WRL::FtmBase::MarshalInterface+0x1c windows.immersiveshell.serviceprovicer.dll!CImmersiveShellController::s_ImmersiveShellComponentsThreadProc Explorer.EXE!wWinMainCRTStartup

尽管顶层线程仍然显示线程/锁争用？：

ntoskrnl.exe!KiSwapContext+0x76 ntoskrnl.exe!KiSwapThread+0x14e ntoskrnl.exe!KiCommitThreadWait+0x129 ntoskrnl.exe!KeWaitForSingleObject+0x22a ntoskrnl.exe!KiSchedulerApc+0x74 ntoskrnl.exe!KiDeliverApc+0x1fd ntoskrnl.exe!KiSwapThread+0x2da ntoskrnl.exe!KiCommitThreadWait+0x129 ntoskrnl.exe!KeRemoveQueueEx+0x27b ntoskrnl.exe!IoRemoveIoCompletion+0x8a ntoskrnl.exe!NtWaitForWorkViaWorkerFactory+0x30a ntoskrnl.exe!KiSystemServiceCopyEnd+0x13 ntdll.dll!NtWaitForWorkViaWorkerFactory+0xa ntdll.dll!TppWorkerThread+0x286 KERNEL32.DLL!BaseThreadInitThunk+0xd ntdll.dll!RtlUserThreadStart+0x1d

谢谢，