To FOUR-F

Hello,shoo



Thanks you very much.

you gave me a lot valuable suggestion.



in my local net, there are about 47 ip addresses.

i tested the code on windows xp home edition sp2 . I was blocked by the problem about two monthes. I asked the problem for Quantum,q_q,f0dder,Ultrano,roticv... the best result is stoped at lv_15.exe.



it is a difficult problem which need more time to figure out.



thanks again.



regards

 

error msg1

_166287964__ER_MSG2005_05_20__21;18;01.part01.rar

 

error msg2

_1731342106__ER_MSG2005_05_20__21;18;01.part02.rar

 

ok. when i'll have time, i'll try to look inside it again.

commonly, i'd never investigate err. dumps, so, you do not need to post them exactly for me - when i have the source - i'll try to use another ways



well, far suggestions:

1.try to comment inner code in the thread proc (i've done this at first) - just return, and run then - if ok - there is no problem with thread creating.

2.try to call thread proc directly (with one param passed - better with real ip, known to you) instead of thread creating (when do this - uncomment inner code) - if ok - thread proc should work.

3.restore your code and try to "detect" only one ip, then some in short range (2-5) (to test with creating exactly one and then few threads).

4.try to refuse from HeapAlloc inside thread at all:

eg. LOCAL lpMacbufWORD -> LOCAL lpMacbuf[20]:BYTE

5.try to create fixed number of threads + procedure, called from critical section, which returns next unresolved ip: when the thread finished with current ip it's asking for new and starting again, if no more (eg. 0 returned) - then thread exiting.

6.if all of this will not help - start to check returned values from HeapAlloc and CreateThread functions, even with showing last_error.



regards!

 

Hello,shoo



Thanks you.



I'll modify the code according to your suggestions. if the problem will be figured out. i post it here.

the forum is great. many super codes are here. I believe the problem must be solved.



regards

 

well, too many words fresh look - next same error try to replace thread proc with this:

695511803__Arp_IP2MAC.txt

 

replace thread proc with 695511803__Arp_IP2MAC.txt.

error still exist there.

 

ok. let me know if you get any progress. here is next Arp_IP2MAC, working on my pc without HeapAlloc.

also, threads count depends on ip-range, not on the count of real host present. if your subnet mask eg. 255.255.0.0 - you will get 65534 ip-s (=threads), even if there are only a couple of hosts present, so, the first thing to do - try to limit ip-range.

1687493990__Arp_IP2MAC.zip

 

Hello,shoo



Thanks you.



replace thread proc with 1687493990__Arp_IP2MAC.txt and modified as following.

;================================

bswap eax ; eax= Local ip address

;and eax,0FFFF0000H ;FFFF0000h

and eax,0FFFFFF00H ;FFFF0000h

mov dwIP_addr_first,eax ;ip=xxxxxx00h

;or eax,0000ffffh

or eax,000000ffh

mov dwIP_addr_end,eax ;ip=xxxxxxFFH

;================================

error still exist there.





regards

 

modified as following.

;================================

bswap eax ; eax= Local ip address

;and eax,0FFFF0000H ;FFFF0000h

and eax,0FFFF00FFH ;FFFF0000h

mov dwIP_addr_first,eax ;ip=xxxxxx00h

;or eax,0000ffffh

or eax,0000FF00h

mov dwIP_addr_end,eax ;ip=xxxxxxFFH

;================================

error still exist there.

 

1.try this code and tell me result:

Код (Text):

1. Arp_IP2MAC proc dwIpaddr:DWORD
2.  
3.     LOCAL pulMac[8]:BYTE
4.     LOCAL Macbuf[20]:BYTE
5.     LOCAL ulLen,lpNamebuf,lpIpbuf:DWORD
6.  
7. invoke ExitThread,0
8.  
9. Arp_IP2MAC endp

(me - shoo

 

OK.

 

try this app if it works



1404227671__arp_test.zip



enter ip known to you (otherwise no response will be), then "ok" - must be resolved.

 

arp_test.exe is ok

;=========================================

.IF !eax



;invoke gethostbyaddr,addr dwIpaddr,4,2 ;gets host info from address info

;.if eax !=0 ;see if gethost...worked

; xmov lpNamebuf,[eax] ;mov the pointer returnt by gethost into eax

;.else

xmov lpNamebuf,offset unknown

;.endif

invoke inet_ntoa,dwIpaddr

;=================================================

lv_15.exe is ok

the crash maybe made by user name named abnormity.

 

then you can make a log file: in critical section write ip-adress from lpIpbuf into log (file has to be not buffered!), then try to write into the listview. if even crash - you can read last ip and then try to check it with other utility (even arp_test) to know what is real reason of crash. what codepage you are using? maybe there will need some conversion for non-english names? at least you can copy name into the buffer and check for such characters and replace them to "?", for example.



regards!

 

oh! even at first just uncomment gethostbyaddr to know: does it fall when this function called (i do not think so, but...) or when it goes to listview.

 

;=========================================

.IF !eax



invoke gethostbyaddr,addr dwIpaddr,4,2 ;gets host info from address info

;.if eax !=0 ;see if gethost...worked

; xmov lpNamebuf,[eax] ;mov the pointer returnt by gethost into eax

;.else

xmov lpNamebuf,offset unknown

;.endif

invoke inet_ntoa,dwIpaddr

;=================================================

lv_15.exe will be crash.(sometimes)

the problem is at "invoke gethostbyaddr,addr dwIpaddr,4,2 "



regards

 

hello,shoo

[what codepage you are using?]

what's the codepage?

I guessed your meanings what's IDE you used?

I use "EditPlus".



regards

 

no, i mean exactly codepage: there is no difference to program which ide it was built in, but some functions can fail when national codepages used for naming: although all windows in our subnet are localized in russian, we use latin letters to name hosts. also in our charset each letter has one-byte coding, if you are using chineze or some similar codepage (where one character could be coded with two bytes) - it can be fatal to some name interpreting. also i do not think that such critical function can fail so easy - it could be we just do not know something, what can exceeds some limits. let's dig far

 

try this - it is slow enough, but here only one thread used at once. also, it solving ips one-by-one, so, if it will fall, you at least can see after what ip it appeared.

1810599233__lv_15.zip