October 2013 | The Old New Thing

The guide to trading candy

Raymond ChenOctober 31, 2013Oct 31, 201310/31/13

Important information to know this evening.

If there is no 16-bit emulation layer in 64-bit Windows, how come certain 16-bit installers are allowed to run?

Raymond ChenOctober 31, 2013Oct 31, 201310/31/13

Troy Martin is puzzled by the remark in this knowledge base article that says No 16-bit code can run, except for recognized InstallShield and Acme installers (these are hard-coded in Wow64 to allow them to work). I agree that the sentence is rather confusingly written. It says "No 16-bit code can run, except for this code that runs." Bu

Distinguishing between asking for help with a product and asking for help with a product's installation

Raymond ChenOctober 30, 2013Oct 30, 201310/30/13

Internally at Microsoft, we have a programmer's tool which I will call Program Q. On the peer-to-peer mailing list for Program Q, somebody asked the following question: What's the best way to look at all tables created in the past week? I want to repeat this command across multiple table repositories. Somebody chimed in with the

Help me optimize this code which enumerates all possible GUIDs

Raymond ChenOctober 29, 2013Oct 29, 201310/29/13

Um, not really.

The financial acumen of sea turtles

Raymond ChenOctober 28, 2013Oct 28, 201310/28/13

I dreamed that I was attending some sort of "how to be awesome" seminar where the presenter said, among other things, that a sea turtle, when left to thrive undisturbed, amasses $1 million in personal wealth within one year.

Using GetLogicalProcessorInformationEx to see the relationship between logical and physical processors

Raymond ChenOctober 28, 2013Oct 28, 201310/28/13

Today's Little Program uses the GetLogicalProcessorInformationEx function to print the mapping of logical processors to physical processors, as well as the mapping of logical processors to packages. (A dual-core processor is a single package with two cores. If those cores are themselves dual-hyperthreaded, then you have fo

My, those threads start up really fast nowadays

Raymond ChenOctober 25, 2013Oct 25, 201310/25/13

Here's a little puzzle inspired by an actual bug: Can the assertion at the start of WorkerThread ever fire? Naturally, the answer is Yes, otherwise it wouldn't be a very interesting article. The assertion can fire if the worker thread starts running before the call the CreateThread returns. In that case, the caller hasn't yet rece

When should I use the FIND_FIRST_EX_LARGE_FETCH flag to FindFirstFileEx?

Raymond ChenOctober 24, 2013Oct 24, 201310/24/13

Windows 7 introduces a new flag to the FindFirstFileEx function called FIND_FIRST_EX_LARGE_FETCH. The documentation says that it "uses a larger buffer for directory queries, which can increase performance of the find operation." This is classic MSDN-style normative documentation: It provides "just the facts". Far be it for

It rather involved being on the other side of this airtight hatchway: Planting DLLs into directories on the PATH for applications whose current directory is always System32

Raymond ChenOctober 23, 2013Oct 23, 201310/23/13

A bunch of security vulnerability reports came in from the same person, all of the form, "Program X is vulnerable to DLL planting if you create a DLL with the name Y in a directory on the PATH," with varying values of X and Y. In all the cases, Program X runs as SYSTEM with the System32 directory as its current directory, so a current directo

The hierarchy of user education, as interpreted by a vice president

Raymond ChenOctober 22, 2013Oct 22, 201310/22/13

One of my colleagues told me a story from his days on the Windows team. He had to give a presentation to his vice president on his feature, and he prepared his presentation and demo obsessively to make sure it went smoothly. At the meeting, there were three presentations on the schedule, all of them with features targeting IT professionals. T

The Old New Thing