ZaiRoN
January 22nd, 2008, 13:51
I’ll be in New York City from Thursday, I have too many things to prepare right now, and I don’t have time to end this story. Anyway, I thought it might be interesting to write something about this strange behaviour. It’s only a sort of preview, I hope to complete it in the near future.
I have a new printer, it’s an hp c4380. Don’t know if it’s good or not, I don’t print too much. It was really easy to install and it works fine for me, I have nothing to complain about it… until some days ago when I noticed something strange. When the system starts, I sometimes happen to see the cpu at 100%:
http://zairon.files.wordpress.com/2008/01/hp_cpu.jpg
As you can see it happens when the system starts. It’s one of the starting process for sure. I opened ProcessExplorer just to have an idea about what’s going on:
http://zairon.files.wordpress.com/2008/01/hp_svchost.jpg
Svchost is used to load one or more services, there’s a specific list of services to load inside the registry. The problem doesn’t reside in svchost process, but it’s inside the specific loaded service. How to find it? ProcessExplorer is a great tool, it gives out a lot of information. Just click on the process item and you will have all the necessary information about the process. I’m interested in the command line section which is: “C:\WINDOWS\system32\svchost.exe -k HPService”. Ok, the problem should be inside HPService. To locate the name of the dll you can browse through the process properties, you’ll easily find out the dll: HPSLPSVC32.DLL
This service belongs to hp printer and it’s used to check hp’s peripherals connected through the net. The service is automatically started (have a look at services.msc utility). I made some tries discovering that the problem arises when one or more computers connected to the lan are offline. I’m pretty sure there’s an error inside the dll, but how to find out where the problem is located at? In case like that, when the cpu works at 100%, the problem resides inside a loop. The process is waiting for something that won’t be received; it’s impossible to quit from it due to of a programming error. It could be an error on a variable initialization/update but there are many possibilities, there’s not a general explanation.
What I did is to attach a debugger to the right svchost process hinstance. It’s pretty easy to locate the guilty loop, you only have to break on dll access. Here’s a snippet taken from the loop I was talking before:
Well, as you can see from the comments there are two problems:
1. WaitForSingleObject returns WAIT_FAILED
2. SetEvent’s parameter is 0
I tried to call GetLastError after the two calls and the result was an ERROR_INVALID_HANDLE system error code. Pretty obvious eh!
I don’t know where to look for now, an error on CreateEvent’s return value could be an answer. After a quick glance everything seems to be ok, but I need to check carefully.
The problem occurs to many people out there. It was reported on HP forum support in March 2007, but the problem still exists. To solve (momentarily) it, it’s pretty easy: just set the service from automatic to manual… Anyway it could be interesting to find out where the problem resides, I’ll try to check when my trip will end.
I have a new printer, it’s an hp c4380. Don’t know if it’s good or not, I don’t print too much. It was really easy to install and it works fine for me, I have nothing to complain about it… until some days ago when I noticed something strange. When the system starts, I sometimes happen to see the cpu at 100%:
http://zairon.files.wordpress.com/2008/01/hp_cpu.jpg
As you can see it happens when the system starts. It’s one of the starting process for sure. I opened ProcessExplorer just to have an idea about what’s going on:
http://zairon.files.wordpress.com/2008/01/hp_svchost.jpg
Svchost is used to load one or more services, there’s a specific list of services to load inside the registry. The problem doesn’t reside in svchost process, but it’s inside the specific loaded service. How to find it? ProcessExplorer is a great tool, it gives out a lot of information. Just click on the process item and you will have all the necessary information about the process. I’m interested in the command line section which is: “C:\WINDOWS\system32\svchost.exe -k HPService”. Ok, the problem should be inside HPService. To locate the name of the dll you can browse through the process properties, you’ll easily find out the dll: HPSLPSVC32.DLL
This service belongs to hp printer and it’s used to check hp’s peripherals connected through the net. The service is automatically started (have a look at services.msc utility). I made some tries discovering that the problem arises when one or more computers connected to the lan are offline. I’m pretty sure there’s an error inside the dll, but how to find out where the problem is located at? In case like that, when the cpu works at 100%, the problem resides inside a loop. The process is waiting for something that won’t be received; it’s impossible to quit from it due to of a programming error. It could be an error on a variable initialization/update but there are many possibilities, there’s not a general explanation.
What I did is to attach a debugger to the right svchost process hinstance. It’s pretty easy to locate the guilty loop, you only have to break on dll access. Here’s a snippet taken from the loop I was talking before:
Code:
10025D00 mov eax, dword_100AC550
10025D05 mov ecx, [edi+4]
10025D08 push eax ; dwMilliseconds: 1000 ms
10025D09 push ecx ; hHandle
10025D0A call ebx ; WaitForSingleObject
10025D0C mov edx, [edi+10h]
10025D0F push edx ; hEvent = 0
10025D10 mov esi, eax ; eax = WAIT_FAILED
10025D12 call ebp ; SetEvent
10025D14 cmp esi, WAIT_TIMEOUT
10025D1A jnz short loc_10025D27
10025D1C mov eax, [edi]
10025D1E mov edx, [eax+24h]
10025D21 mov ecx, edi
10025D23 call edx ; call sub_100255E0
10025D25 jmp short loc_10025D00
10025D27 cmp esi, WAIT_FAILED
10025D2A jnz short loc_10025D3A
10025D2C mov eax, dword_100AC550
10025D31 push eax ; dwMilliseconds
10025D32 call ds:Sleep
10025D38 jmp short loc_10025D00
Well, as you can see from the comments there are two problems:
1. WaitForSingleObject returns WAIT_FAILED
2. SetEvent’s parameter is 0
I tried to call GetLastError after the two calls and the result was an ERROR_INVALID_HANDLE system error code. Pretty obvious eh!
I don’t know where to look for now, an error on CreateEvent’s return value could be an answer. After a quick glance everything seems to be ok, but I need to check carefully.
The problem occurs to many people out there. It was reported on HP forum support in March 2007, but the problem still exists. To solve (momentarily) it, it’s pretty easy: just set the service from automatic to manual… Anyway it could be interesting to find out where the problem resides, I’ll try to check when my trip will end.
