The same happens to me. I still haven’t gotten an answer as to why this happens.
if it helps you, with branch 5 it doesn’t happen. I have had to install branch 5 on all my windows.
This happens, above all, in windows servers. In some windows 10, the CPU is over 50%.
With branch 5, CPU usage is typically over 7/10%.
In catch, there are a lot of CPU cycles, in two threads that call the {endthreadex} function of msvcrt.dll
This is in another processor The i3 6100 in Windows Server, here obviously, due to the poor performance of the CPU, the Suricata uses 58%.
But as it is appreciated, maybe the problem is on how Suricata.exe calls and handles its dependence with Windows system modules.
That high consumption of cycles of the two threads, makes the 5950x in Windows 10, activate two cores in the 4.90GHz, there the consumption is triggered at 50W extras.
I want to clarify that, in the Table of Imports of suricata.exe, there is no call to {_endthreadex} in the msvcrt.dll section, so it must be an indirect call.
time after…
libwinpthread-1.dll calls the function {_endthread}
libwinpthread_1.dll is used Suricata 5 (which has no problems), is the same DLL that uses Suricata 6.
