The Old New Thing
Practical development throughout the evolution of Windows.
Latest posts
How can I get the tab index number from a dialog box control?
The tab index number is an authoring concept, not a runtime concept.
When programs assume that the system will never change, episode 4: Stealing strings
The strings are an implementation detail.
Clipping the focus item when looking for its on-screen location, part 3
Finding <I>all</I> the clipping parents.
Clipping the focus item when looking for its on-screen location, part 2
Finding the correct clipping parent.
Clipping the focus item when looking for its on-screen location
Preventing the cursor from pointing to nothing.
Using Active Accessibility to find out where the focus item is
Looking at child objects.
Using Active Accessibility to find out where the Windows caret is
It's old and rather simple, but we like simple.
How can I find out where the Windows caret is?
You'll have go to a larger scope.
Swapping two blocks of memory that reside inside a larger block, in constant memory, refinement
Could do with a little less rotating.
How can you swap two non-adjacent blocks of memory using only forward iterators?
Applying the rotation trick to our new problem.
How can you swap two adjacent blocks of memory using only forward iterators?
A different algorithm, employing a different kind of cleverness.
Swapping two blocks of memory that reside inside a larger block, in constant memory
A variation on the constant-memory rotation.
2025 year-end link clearance
Another year gets relegated to history.
Understanding and mitigating a stack overflow in our task sequencer
The recurring problem of synchronous resumption.
Additional notes on color-keyed overlays as a way of doing smooth video rendering
Choosing the color-key and other brief discussions.
The Gävle Goat (Gävlebocken) succumbs in 2025 to a new menace
You could blow me over.
How can I detect that the system is running low on memory? Or that my job is running low on memory?
You can register for a memory notification.
Why are we worried about memory access semantics? Full barriers should be enough for anybody
You have to find new ways of going faster.
Reading the fine print, episode 4: Holiday promotions
Checking those validity dates.
Why is the last letter of my string not making it to the clipboard?
The struggle for null termination.
Why does my <KBD>Ctrl</KBD>+<KBD>M</KBD> accelerator key activate when I press the <KBD>Enter</KBD> key?
Understanding the difference between keys and characters for accelerators.
When irate product support customers demand to speak to Bill Gates
So transfer them to his office, or so it seems.
All the other cool languages have <CODE>try</CODE>…<CODE>finally</CODE>. C++ says “We have <CODE>try</CODE>…<CODE>finally</CODE> at home.”
The destructor serves as the "finally".
A shortcut gives me a weird path for a program shortcut that doesn’t point to the executable, so what is it?
It's a placeholder because the shortcut is to an MSI application.
Concluding thoughts on our deep dive into Windows clipboard text conversion
Stick to Unicode and you'll be fine.
Deducing the consequences of Windows clipboard text formats on UTF-8
Working out the implications.
Why is the Windows clipboard taking the scenic route when converting from <CODE>CF_<WBR>TEXT</CODE> to <CODE>CF_<WBR>OEMTEXT</CODE>?
Something is forcing it down an alternate path.
Misunderstanding what the Cricket Celebration Bowl is
Apparently, not a bowl of crickets.
The Windows clipboard automatic text conversion algorithm is path-dependent
When the journey is not half of the fun.
Resolving an ambiguity in the Windows clipboard automated text conversion table
Who goes first?
Studying the various locale mismatch scenarios in Windows clipboard text format synthesis
If they don't match, then the 8-bit strings are basically broken already.
How does Windows synthesize the <CODE>CF_<WBR>LOCALE</CODE> clipboard format?
Getting it from a place that might have been obvious in the past, but maybe not today.
How does Windows synthesize <CODE>CF_<WBR>UNICODETEXT</CODE> from <CODE>CF_<WBR>TEXT</CODE> and vice versa?
Let's ask the locale.
How does Windows synthesize <CODE>CF_<WBR>OEMTEXT</CODE> from <CODE>CF_<WBR>TEXT</CODE> and vice versa?
Starting with the easy case, or at least it looks easy.
How can my process read its own standard output?
You'll have to trick yourself before anybody notices, which may not be possible.
How can I read the standard output of an already-running process?
You can't. You'll have to do it before the process starts.
How do I check whether the user has permission to create files in a directory?
Request the directory security attributes that correspond to your proposed operation.
Microspeak: Big rocks
The large obstacles.
How do I get my edit control text to be autoselected when I choose it to be the default focus in my dialog?
Remembering some old APIs.
How can I have a Win32 drop-down combo box with a read-only edit control?
You can ask for its handle and mark it read-only.
Message-only windows are for messaging, not as a convenient victim for hosting UI
If you want to host UI, use a real window (possibly hidden).
At what point in the Windows development cycle is it too late to change the text of a translatable string?
The translation team sets the deadline.
The apocryphal origins of the Hot Dog Stand color scheme
Challenge accepted.
Why does XAML break down when I have an element that is half a billion pixels tall?
You've far exceeded the design goals and have even exceeded the expressive ability of a float.
Maybe somebody can explain to me how weak references solve the ODR problem
I don't see it.
In the commit-on-demand pattern, what happens if an access violation straddles multiple pages?
The access violation exceptions will continue until commit improves.
Is <CODE>WriteProcessMemory</CODE> faster than shared memory for transferring data between two processes?
Shared memory is the copy-free solution.
Microspeak: Little-r
Harkening back to a very old mail program.
How can I detect that Windows is running in S-Mode, redux
Doing it on hard mode.
I can use <CODE>WM_<WBR>COPY<WBR>DATA</CODE> to send a block of data to another window, but how does it send data back?
They can send it back with their own <CODE>WM_<WBR>COPYDATA</CODE> message, or they can put it in an agreed-upon shared location.
Could we use CTAD to simplify the use of WRL’s Callback function?
Not directly, but maybe indirectly.
Non-recursively deleting a binary tree in constant space: Rotating the tree
Preserving in-order while linearizing.
Behind the scenes on how Windows 95 application compatibility patched broken programs
Replacing bytes with the greatest of care.
How did Windows 3.1 distinguish two different programs that happened to share the same executable name?
The trouble with disambiguation.
Non-recursively deleting a binary tree in constant space: Restructuring the tree
Changing the tree structure to make it easier to delete.
Non-recursively deleting a binary tree in constant space: Synthesizing the parent pointer
Making one as you go.
Non-recursively deleting a binary tree in constant space: Traversal with parent pointers
First assume that you have a parent pointer.
The Microsoft SoftCard for the Apple II: Getting two processors to share the same memory
Reportedly Microsoft's first hardware product.
Why does <CODE>SHFormatDateTime</CODE> take an unaligned <CODE>FILETIME</CODE>?
Designed for its original use case.
Microspeak: turn into a pumpkin
To disappear, such as for the year-end holidays.
Trying to build a XAML tree in code throws a “No installed components were detected” exception
An unfortunate error code collision, but the explanatory text leads the way.
What to do when you have a crash in the runtime control flow guard check
You don't have to understand it, but you should be able to extract data from it.
How did the Windows 95 user interface code get brought to the Windows NT code base?
Ported bit by bit.
Dubious security vulnerability: Denial of service by loading a very large file
I mean, it's what you asked it to do.
The early history of the Windows Runtime PropertyValue and why there is a PropertyType.Inspectable that is never used
It used to be there because PropertyValue started out as the fundamental variant type before shifting focus to being the fundamental boxed type.
Windows Runtime design principle: Properties can be set in any order
If all you're doing is setting properties, you can do it any way you like.
What makes <CODE>cheap_<WBR>steady_<WBR>clock</CODE> faster than <CODE>std::<WBR>chrono::<WBR>high_<WBR>resolution_<WBR>clock</CODE>?
It's quite a bit faster, though maybe you don't care.
Microspeak: The hockey stick on wheels
You're always a year away.
What about the icons in pifmgr.dll?
Just for fun.
Using RAII to remedy a defect where not all code paths performed required exit actions, follow-up
If the callback requires copyability.
Using RAII to remedy a defect where not all code paths performed required exit actions
Passing the obligation onward.
Why can you increment a reference count with relaxed semantics, but you have to decrement with release semantics?
It's more important to clean up when you leave.
I remember taking a screen shot of a video, and when I opened it in Paint, the video was playing in it! What witchcraft is this?
You copied the green screen.
API design principle: Don’t tempt people to divide by zero
Remove it from the equation.
The self-assignment principle for Windows Runtime properties: Don’t change behavior based on whether a property has been written to
The fact that a property has been set does not by itself trigger functionality.
The self-assignment principle for Windows Runtime properties applies to default values
The default value must be legal.
Windows Runtime API design principles around read-write properties: Idempotence and self-assignment
Setting it to the value it already has is not a crime.
Remembering the end of support for VRML in Internet Explorer
No one left standing.
Code comments should apply to the state of the system at the point the comment “executes”
Putting them in the flow.
Can we get weak functions for static linking? The Visual C++ compiler says “We have weak functions at home”
It's already there, just under a different paradigm.
The problem with inferring from a function call operator is that there may be more than one
<CODE>auto</CODE> parameters make this easy to write, particularly for lambdas.
How do I convert a <CODE>FILETIME</CODE> to a C++ clock like <CODE>std::system_clock</CODE> or <CODE>winrt::clock</CODE>?
The <CODE>winrt::clock</CODE> has a conversion for you.
Microspeak: Convicted
False backformation.
How can I enumerate the overflow icons in the Notification Area without showing them?
If they aren't shown, then they aren't automatable, so there's no requirement that they exist in the UI automation tree.
Why didn’t Windows 95 setup install a miniature Windows 95 so that it could be written as a 32-bit program?
Getting to the GUI quickly, and rebooting only once.
Samples note: Use comments to describe what code does, not what you wish the code would do
Comments explain the code. They are not substitutes for the code.
Why is Windows still tinkering with critical sections?
The critical section may be an old dog, but it's still learning new tricks.
Another lesson learned from the Windows 98 on-stage USB blue screen
Test before using.
Why was Windows 3.0’s WinHelp called an online help system when it ran offline?
It was online in a different sense.
Learning to read C++ compiler errors: Not a legal base class
What would make it an illegal base class?
Can I close a duplicate handle while I’m waiting on the original?
That's fine, since you're not closing the handle that you're waiting on.
How can I get my shell thumbnail extractors to run in the same process?
Adding another level of indirection.
Translating the <CODE>STATUS_<WBR>STACK_<WBR>BUFFER_<WBR>OVERRUN</CODE> status code into customer-ready text
Reducing the level of alarm.
Why is the name of the Microsoft Wireless Notebook Presenter Mouse 8000 hard-coded into the Bluetooth drivers?
Is it some sort of favoritism?
How can I convert a third party in-process server so it runs in the COM surrogate?
You can put your own object in the surrogate first.
Why can’t <CODE>std::apply</CODE> figure out which overload I intend to use? Only one of then will work!
The overload resolution happens before the compiler knows what it's going to be used for.
The documentation says that CompanyName version information is required, but my program seems to work without it, so how required is it?
It's more of a "Very strongly recommended" than a "Required".
A suggestion to people who assign nicknames to meeting rooms
Lean into the pattern. Don't try to cross it up.
Why didn’t Windows 95 simply special-case the laptops that locked up when it executed the <CODE>HLT</CODE> instruction?
The catastrophic risk of bricking a computer.
The case of the crash on a null pointer even though we checked it for null
Understanding what you're checking.
How can I write a C++/WinRT <CODE>IAsyncOperation<T></CODE> where <CODE>T</CODE> is not a Windows Runtime type?, part 2
Safer smuggling.
How can I write a C++/WinRT <CODE>IAsyncOperation<T></CODE> where <CODE>T</CODE> is not a Windows Runtime type?, part 1
It's not representable in the Windows Runtime, but you can smuggle it.
Dubious security vulnerability: Remembering passwords for recently-opened ZIP files
If it didn't remember them, you wouldn't like it.
Thoughts on creating a tracking pointer class, part 16: Second attempt to use a list
We can splice nodes to move them between lists.
Thoughts on creating a tracking pointer class, part 15: A custom shared pointer
Simplifying it for out limited use case.
Thoughts on creating a tracking pointer class, part 14: Nonthrowing moves with the shared tracking pointer
Moving the exception somewhere else.
Thoughts on creating a tracking pointer class, part 13: Restoring the strong exception guarantee
Don't commit to anything until you know you can finish the job.
Thoughts on creating a tracking pointer class, part 12: A shared tracking pointer
Sharing a single tracking pointer among all instances.
Thoughts on creating a tracking pointer class, part 11: Repairing assignment
Restoring things that were automatically deleted.
Thoughts on creating a tracking pointer class, part 10: Proper conversion
Making sure you cannot remove qualifiers.
Thoughts on creating a tracking pointer class, part 9: Conversion
Making a read-only tracking pointer from a read-write tracking pointer.
Thoughts on creating a tracking pointer class, part 8: Tracking const objects
Making tracking pointers to const objects.
Thoughts on creating a tracking pointer class, part 7: Non-modifying trackers, second try
Another attempt to make tracking pointers to objects that you can't modify.
Thoughts on creating a tracking pointer class, part 6: Non-modifying trackers
Making tracking pointers to objects that you can't modify.
Thoughts on creating a tracking pointer class, part 5: Copying our tracking pointer
How to copy from a const tracking pointer.
Thoughts on creating a tracking pointer class, part 4: Using a circular doubly linked list
Building our own circular doubly-linked list.
Thoughts on creating a tracking pointer class, part 3: Using a <CODE>std::vector</CODE>
Tracking your trackers with a vector.
Thoughts on creating a tracking pointer class, part 2: Using a <CODE>std::list</CODE>
Tracking your trackers with a <CODE>std::list</CODE>.
Thoughts on creating a tracking pointer class, part 1: Concept art
Following an object as it moves.
Under what conditions could a <CODE>ReadFile</CODE> or <CODE>WriteFile</CODE> fail to transfer all of the bytes, and how do I detect that?
If there is not enough data to read, or not room to write.
How can I detect that Windows is running in S-Mode?
Check the code integrity policy.
How do I disable pieces of the property sheet for a service in the Services MMC snap-in?
There's no secret setting. It's all based on access control.
Why are Windows semiannual updates named H1 and H2?
To address an unconscious bias.
How can I read more than 4GB of data from a file in a single call to <CODE>ReadFile</CODE>?
You can't, but you can try to fake it.
Two related questions about keeping track of PIDs of IPC clients
Since you're doing IPC, you may as well let IPC do the work for you.
A consequence of the weird <CODE>wReserved</CODE> value at the start of the <CODE>DECIMAL</CODE> structure
It overwrites things by accident.
In C++/WinRT, how can I await multiple coroutines and capture the results?, part 0
If you don't really care about what happens if something goes wrong.
Why is there a window with no name blocking Windows shutdown?
They never expected you to see it.
API design note: Don’t make up multiple names for the same thing
It may be obvious to you, but that's because you wrote it.
How can I confirm in the Windows debugger that I’m looking at a COMDAT-folded function?
Ask for all the names for an address.
How can I wait until a named object (say a mutex) is created?
You can't, but maybe you can wait for something else.
Exploring possible solutions to the inconsistency in how Windows searches case-insensitively for named resources
Maintaining compatibility while addressing flaws.
Being more adamant about reporting that C++/WinRT was unable to resume execution on a dispatcher thread
Better versions in a different box.
What happens if C++/WinRT is unable to resume execution on a dispatcher thread?
What you get out of the box.
The case of the invalid instruction exception on an instruction that should never have executed
I don't recall ever asking you to do that.
If the Window Runtime PropertyValue is for boxing non-inspectables, why is there a PropertyValue.CreateInspectable?
For completeness, but not for functionality.
The Fundamental Failure-Mode Theorem: Systems lie about their proper functioning
It doesn't say what it does on the tin.
Perhaps not a recommended usage for an emergency power outlet
Maybe that's not a critical system.
There is a <CODE>std::<WBR>chrono::<WBR>high_<WBR>resolution_<WBR>clock</CODE>, but no <CODE>low_<WBR>resolution_<WBR>clock</CODE>
For when you care only enough to be roughly on time.
Detecting and reporting all unhandled C++ exceptions as well as all unhandled structured exceptions
Closing another exit point.
Our first attempt to detect and report all unhandled C++ exceptions as well as all unhandled structured exceptions
Identifying and classifying the exit points.
When I install an unhandled structured exception filter, why doesn’t <CODE>std::<WBR>terminate</CODE> get called?
You're using the same hook that the compiler uses to call <CODE>std::<WBR>terminate</CODE>.
A walkthrough of the original Microsoft Building 3
Don't get lost on your walk down memory lane.
Dubious security vulnerability: If I perform this complex series of manual steps, I can crash a program I am running
What security boundary did you cross?
Why doesn’t <CODE>LVIF_<WBR>INDENT</CODE> work without an image list?
Its original client had an image list.
German language cheat sheet: On changing quantities
How much there is, and how is it changing.
If the <CODE>FormatMessage</CODE> function fails, and I requested that it allocate a buffer, do I have to free the buffer?
There was no buffer returned, so there's nothing to free anyway.
Unintended yet somehow entirely expected consequences of marking a COM interface as local
If it's local-only, then it can't be remote.
The sizzle reel that says things that nobody understands
Failing to understand your audience.
2025 mid-year link clearance
Halfway there.
Embracing the power of the empty set in API design: Requesting zero items
It's okay to ask for nothing. You get nothing.
Why do I get errors or warnings about some weird symbol called ?main@@YAHP$01E$AAV?$Array@PE$AAVString@Platform…, part 3
Forcing <CODE>main</CODE> to be found in the place we want.
Why do I get errors about some weird symbol called ?main@@YAHP$01E$AAV?$Array@PE$AAVString@Platform…, part 2
Figuring out why C++/CX makes a difference.
Your information has been permanently deleted, for small values of permanently
Is it really gone?
Why do I get errors about some weird symbol called ?main@@YAHP$01E$AAV?$Array@PE$AAVString@Platform…, part 1
Welcome to the world of C++/CX. Is "welcome" the right word?
Abusing copyright strings to trick software into thinking it’s running on your competitor’s PC
I did technically cross my fingers.
The MIDL compiler still has trouble with double greater-than signs, sadly
Many have tried.
The case of the invalid handle error when a handle is closed while a thread is waiting on it
You are theorizing one race but experiencing another.
Learning to read C++ compiler errors: Ambiguous symbol errors after including a header file
Finding out why multiple entities with the same name are visible.
You have to tell <CODE>Get-</CODE> and <CODE>SetSecurityInfo</CODE> the object type, you can’t make it guess
It needs to know which provider to give it to.
Funding the Egghead store shopping spree took a little extra legwork
Just ask the boss.
Writing a helper class for generating a particular category of C callback wrappers around C++ methods
Another exercise in C++ template programming.
Thread pool threads are like preschool: Leave things the way you found them
Your mother always told you to clean up behind yourself.
Why does Windows even have <CODE>Interlocked</CODE> functions when we have <CODE>std::atomic</CODE>?
Well, you have to start somewhere.
Removing the <CODE>MAX_PATH</CODE> restriction on paths applies only to paths
The individual file names still retain their existing limits.
Application compatibility for Windows 95 crashed a cash register
Exceeding all reasonable maximums.
Dubious security vulnerability: Tricking a program into running non-elevated
You can do anything, but still within the limits of your authority.
Why does C++ think my class is copy-constructible when it can’t be copy-constructed?
You said that you had a copy constructor, even though it can't be compiled.
Why do some Windows functions fail if I pass an unaligned Unicode string?
Well, if you don't align it, then you've already broken the rules.
Riffing on a typo in the name of the opera <I>Turandot</I>
On the dot.
How can I programmatically find the network path by which a folder has been shared?
There is no direct query. You'll have to infer it.
The symbolism of the magnifying glass is not universal
Just making things bigger?
Stating the obvious about debugging an invalid parameter error when freeing memory
Writing it down for posterity.
Using an oracle to see where your code is producing the wrong output
If there is a reference implementation, then use it as a check.
The case of creating new instances when you wanted to use the same one
C++ language backward compatibility makes legal what you had hoped wasn't.
How do I convert a WIC bitmap back to a GDI <CODE>HBITMAP</CODE>?
You can copy the bits into a DIB section.
What was origin of the code name Redpill for Windows 8 feature lockout?
Pretty obvious, actually.
Why does <CODE>EnumProcessModules</CODE> report no modules on a process that was created suspended?
There are no modules yet because you didn't give them a chance to load.
How can I detect if one of my helper processes is launching child processes?
You can ask a job object to keep track for you.
How can I create a window the size of the screen without it being treated as a fullscreen window?
You can declare that you aren't rude.
Silly parlor tricks: Promoting a 32-bit value to a 64-bit value when you don’t care about garbage in the upper bits
Inline assembly that doesn't do anything.
Why does Windows report my processor speed twice, with slightly different values?
One is calculated. The other is self-promotion.
Secret passages on Microsoft main campus, episode 3
Another covered passage between buildings.
What’s with the weird <CODE>wReserved</CODE> value at the start of the <CODE>DECIMAL</CODE> structure?
It's where the discriminant goes when the <CODE>DECIMAL</CODE> is put "inside" a <CODE>VARIANT</CODE>.
How do I force RunOnce commands to run in a specific order?
Run them in the desired order yourself.
If I mark my thread pool callback as long-running, does it still count toward the thread pool thread limit?
Yes, because it's still in the thread pool.
What is the developer set-up for developing Windows for multiple processor architectures?
You usually just pick one and count on your friends for the others.
Dubious security vulnerability: A program does not run correctly if you run it the wrong way, redux
Trying to make the system run the program automatically.
How can I wait for Clipboard History to recognize a clipboard change before I change it again?
Listen for the change event.
Why doesn’t Clipboard History capture rapid changes to clipboard contents?
Clipboard history operates asynchronously, so you are changing it before it can respond to the changes.
What were the MS-DOS programs that the <TT>moricons.dll</TT> icons were intended for?
Tallying them up.
What were the MS-DOS programs that Windows used the <TT>progman.exe</TT> stock icons for?
Mostly generic-looking icons.
What were the intended uses of those icons in <TT>moricons.dll</TT>?
Icons for old MS-DOS apps.
Using type aliasing to avoid the ODR problem with conditional compilation, part 2
Ensuring that you pick a side.
Using C++ type aliasing to avoid the ODR problem with conditional compilation, part 1
Still one definition, but two types.
Why does Windows have trouble finding my Win32 resource if it contains an accented character?
Disagreements over the fine print.
Protecting Windows users from Janet Jackson’s <I>Rhythm Nation</I>
Granting an exception to a system policy.
Why did Windows 7, for a few months, log on slower if you have a solid color background?
It's waiting for Godot and eventually gives up.
If we can have <CODE>std::atomic<std::shared_ptr></CODE>, why not <CODE>std::atomic<com_ptr></CODE>?
Controlling the reference count.
When I define a window class with no default cursor, what is the explanation for the cursors that appear in my client area?
You said you'd take care of it, but you didn't.
What resource ID should I give my application’s main icon?
Applying what we know about how Explorer finds the "first" icon in a file.
Microspeak: top of mind
Things I'm thinking about.
The ongoing story of seconds on the taskbar
The cost of ticking.
The case of the feature flag that didn’t stay on long enough, part 2
Leaving everything the way you found it.
The case of the feature flag that didn’t stay on long enough, part 1
Understanding scope and order of destruction.
Using the classical model for linking to provide unit test overrides
Overriding a LIB with an OBJ for fun and profit.
There was a lot of imagined dropping tablets in swimming pools
The archetypical example of needing a replacement computer.
Dubious security vulnerability: Once I have tricked the user into running a malicious shortcut, I can install malware
Yes, that's sort of the point.
The case of the UI thread that hung in a kernel call
I did tell you not to do that.
Function overloading is more flexible (and more convenient) than template function specialization
You can change more things in an overload.
Why can’t I use <CODE>SEC_<WBR>LARGE_<WBR>PAGES</CODE> with a file-based file mapping?
No paging, no crying.
The Goldilocks zone of software stability
Not too new, not too old.
On priority inversion in the use of a spinlock to ensure atomic access to a <CODE>shared_ptr</CODE>
Priority inversion may be rare, but correctness doesn't care about rarity.
Adding delays to our task sequencer, part 3
Waiting more cheaply.
Adding delays to our task sequencer, part 2
Waiting the right amount of time.
Adding delays to our task sequencer, part 1
Not so fast there.
The return of Building 7
Pranksters lose one of their longtime inside jokes.
If one program blocks shutdown, then <I>all</I> programs block shutdown, revisited
No take-backs.
The 2025/2026 Seattle Symphony subscription season at a glance
The pocket reference guide for 2025/2026.
Fixing exception safety in our <CODE>task_<WBR>sequencer</CODE>
Exception safety, the forgotten requirement.
On launching a dialog when a specific combo box item is selected
Changing selections is not a good time to launch a dialog box.
Why does <ODE>INVALID_<WBR>HANDLE_<WBR>VALUE</CODE> cast through a <CODE>LONG_PTR</CODE> first?
To ensure that the proper sign extension happens.
We’ll fly you to Atlanta, Texas, and getting to your hotel in Atlanta, Georgia is your problem
Reading the fine print.
A note on the USB-to-PS/2 mouse adapter that came with Microsoft mouse devices
It's a purely mechanical adapter that relies on smarts in the mouse itself.
On how different Windows ABIs choose how to pass 32-bit values in 64-bit registers
Surveying the options and looking for commonalities.
The case of the critical section that let multiple threads enter a block of code
It had one job.
What could cause a memory corruption bug to disappear in safe mode?
A simplified execution environment means fewer things that you can stumble over.
You can’t simulate keyboard input with PostMessage, revisited
If it didn't go through the input system, it only looks like input as much as the app allows itself to be fooled.
Why didn’t Windows 95 setup use a miniature version of Windows 95 as its fallback GUI?
Avoiding an interim GUI environment.
Dubious security vulnerability: A program does not run correctly if you run it the wrong way
So what did you expect?
The case of COM failing to pump messages in a single-threaded COM apartment
A customer encountered a hang caused by COM not pumping messages while waiting for a cross-thread operation to complete. They were using the class for serializing asynchronous operations on a UI thread they created to handle accessibility callbacks. The hang stack looked like this: We see that we have a UI thread (notice the at the bottom of the stack), yet COM decided to block without pumping messages ( instead of (). Is this a bug in the task sequencer? Let's look at the stack more closely. A message arrived via , and that then queued a task into the task sequencer. The saw that the task sequencer had...
Making sure that a DLL loads only from your application directory
You can ask for it as an option, but think about what you're actually protecting against.
What are the thread safety requirements of <CODE>HSTRING</CODE> and <CODE>BSTR</CODE>?
They do not have thread affinity.
What an insightful observation, you get to wear “the hat”
Maybe not so insightful.
How do I destroy an ABI pointer that I extracted from a C++/WinRT object?
You can clean it up the ABI way, whatever that is.
To some people, time zones are just a fancy way of sounding important, episode 2
Words have meaning.
How can I choose a different C++ constructor at runtime?
Make somebody else do it, and then use copy elision.
I tried to subscribe to a C++/WinRT event, but my callback was never called
Check how you registered your event handler.
Microspeak: Respin
Spin it up again, baby.
Lexically scoped functions accessing parent locals: The display
Using a well-known location instead of copying frame pointers.
C++/WinRT implementation inheritance: Notes on <CODE>winrt::implements</CODE>, part 8
Comparing the options.
C++/WinRT implementation inheritance: Notes on <CODE>winrt::implements</CODE>, part 7
Inheritance without involving <CODE>winrt::implements</CODE> at all.
C++/WinRT implementation inheritance: Notes on <CODE>winrt::implements</CODE>, part 6
Using CRTP to delegate the method.
C++/WinRT implementation inheritance: Notes on <CODE>winrt::implements</CODE>, part 5
When the base class isn't self-contained.
C++/WinRT implementation inheritance: Notes on <CODE>winrt::implements</CODE>, part 4
Simple inheritance of a self-contained <CODE>implements</CODE>.
C++/WinRT implementation inheritance: Notes on <CODE>winrt::implements</CODE>, part 3
Discovering the legal inheritance structures for <CODE>winrt::<WBR>implements</CODE>.
C++/WinRT implementation inheritance: Notes on <CODE>winrt::implements</CODE>, part 2
Untangling <CODE>unwrap_<WBR>implements_t</CODE>.
C++/WinRT implementation inheritance: Notes on <CODE>winrt::implements</CODE>, part 1
A closer look at the parameters to the <CODE>implements</CODE> template.
Your statement is now available, just two hidden flyouts and five clicks away
Beware of the leopard.
API design note: Beware of adding an “Other” enum value
What are you going to do when you add a new kind?
Investigating an argument-dependent lookup issue and working around it
Picking apart the language specification.
A sample implementation of the weak reference pattern for COM callbacks
A forwarder through a weak reference.
Async-Async revisited: What about cancellation?
Even the cancellation is async.
Did the Windows 95 setup team forget that MS-DOS can do graphics?
Oh look what you just made there.
How does Explorer find the “first” icon in a file
It enumerates them and takes the first one, so this is really a question about enumeration.
Using alternate locales to get more interesting case mapping than the C
Looking for something better.
The default C locale is not a very interesting one
It barely understands anything.
On exactly when XAML bindings are evaluated if an element is not yet loaded
It depends on which abstraction you prefer.
The original name for Flexible Single Master Operations in Active Directory
Not that kind of F-word.
On trying to log an exception as it leaves your scope
You can't watch it from an object on the outside.
Creating a generic insertion iterator, part 2
Satisfying the iterator requirements, perhaps with a little cheating.
Creating a generic insertion iterator, part 1
We provide the boilerplate; you provide the smarts.
How do I create an inserter iterator that does unhinted insertion into an associative container like <CODE>std::map</CODE>?
Curiously missing from the standard library.
My electric toothbrush was acting up, so I tried to reboot it
It didn't help.
A pattern for obtaining a single value while holding a lock
The immediately-invoked lambda that returns a value.
A brief and incomplete comparison of memory corruption detection tools
A short overview, definitely incomplete.
Memory corruption from outside the process looks like space aliens
The write isn't visible to your process, just the effect of the write.
Be mindful of temporal terms in documents: What is the reference point in time?
What is your implied point in time for the reference?
Why is there a bulge on my bicycle tire when I inflate it?
Get the order of operations right.
Why doesn’t the Windows blue screen of death prominently identify the company that created the driver that crashed?
Because the driver that crashed may not be the one at fault.
Reminder: When a C++ object fails to construct, the destructor does not run
If you need to run after a failed construction, you have to put it in a base class or member variable.
The case of the crash when trying to erase an element from a <CODE>std::set</CODE>
Another kind of fiasco.
In a C++ class template specialization, how can I call the unspecialized version of a method?
You can't talk about things that might exist, so instead talk about things that do.
How does <CODE>GetUserDefaultGeoName</CODE> choose between ISO 3166-1 and UN M.49 codes?
Clarifying the behavior.
Microspeak: The walk-on topic
Just walk on in with your topic.
A simplified overview of ways to add or update elements in a <CODE>std::map</CODE>
And using it to find missing opportunities.
Why does inadvertently passing a <CODE>std::string</CODE> instead of a <CODE>char const*</CODE> to a variadic function crash on x86-32 but not x86-64?
Looking at the calling convention and the small string optimization.
Inside STL: Waiting for a <CODE>std::atomic<std::shared_ptr<T>></CODE> to change, part 2
Digging into the libstdc++ implementation.
Inside STL: Waiting for a <CODE>std::atomic<std::shared_ptr<T>></CODE> to change, part 1
Waiting on a single pointer, but checking for two.
Gesellschaft zur Stärkung der Verben: The German Society for the Irregularization of Verbs
Stand strong and proud.
Emergency power resets on Lenovo, HP, Dell, and Acer laptops
Looking for the magic button.
How can I tell whether a change to a control was due to the user or due to my program?
You know when it was done by your program because you did it.
Forcing an <CODE>ERROR_<WBR>KEY_<WBR>DELETED</CODE> error when trying to open <CODE>HKEY_<WBR>CURRENT_<WBR>USER\<WBR>Software</CODE>
Just an exercise to show that it can be done, even though it's highly unlikely to occur in practice.
Could I be getting <CODE>ERROR_<WBR>KEY_<WBR>DELETED</CODE> for <CODE>HKEY_<WBR>CURRENT_<WBR>USER\<WBR>Software</CODE> when the user logs off?
Probably not, but there are some edge cases.
How is it possible to get <CODE>ERROR_<WBR>KEY_<WBR>DELETED</CODE> when I’m <I>creating</I> a key?
The key that got deleted is not the one you are trying to create.
2024 year-end link clearance
The cycle completes.
Making sure the Microsoft Visual C++ compiler chooses the right source encoding
Making sure the file and settings are set correctly.
How various git diff viewers represent file encoding changes in pull requests
The invisible UTF-8 BOM, and sometimes invisible encoding changes.
In C++, failure to meet the requirements does not always mean that you fail if you don’t meet the requirements
Combining SFINAE/requires, standard layout, and overload resolution.
Why are Win32 resources strings bundled at all? And why bundles of 16?
Balancing multiple performance factors.
How can I check if two GUIDs are equal when they are provided as strings?
A customer asked if there was a helper function in the system that accepted two strings and reported whether the s they represent are equal. This is a tricky question, because you first have to decide what "represent" means. There are many ways of representing a as a string. It could be just 32 case-insensitive hexadecimal digits. Or maybe there are internal hyphens to separate the groups. And the whole thing might be enclosed in braces or parentheses. External and interior whitespace might be allowed. Trailing garbage might be accepted (and ignored). And then there's the special format {0x00000000,0x0000,0x00...
A design flaw in the Windows 3D Pipes screen saver pointed out by a customer
Time-wasting.
A common proposed solution to certain categories of IFNDR: Getting the linker to verify identical functions
You could do it, but it could cramp your style.
How do I register a file type for a scripting language so that users get a warning when they run an untrusted script?
Use the FTA_AlwaysUnsafe edit flag.
Inside STL: The atomic shared_ptr
There's a lock hiding inside the pointer.
Is there a way to split the git history of a file or combine the histories of two files without a merge commit?
Studying how git recovers history.
Microspeak terms that didn’t take hold: airspace, synthetics, and AOI
Sometimes they don't stick.
Why do we have header files <CODE><pshpackN.h></CODE> and <CODE><poppack.h></CODE> instead of just issuing the pragma directly?
Because the pragma may not work everywhere.
Converting to a derived class from the future: How to cast from a base class to an incomplete derived class?
Deferring the definition until the class is complete.
API naming principles for conditional operations: On, When, and If
Describing when a condition is tested.
What is the <CODE>CONTINUE_IF_FAILED</CODE> equivalent of <CODE>RETURN_IF_FAILED</CODE>?
Be careful how you write it, or better: Don't write it at all.
It rather involved being on the other side of this airtight hatchway: Disabling anti-malware scanning
If you have already infiltrated the process, then you can disable things from the inside.
Learning to read C++ compiler errors: Failing to create a <CODE>shared_ptr</CODE>
Understanding what you asked the compiler to do, and why it couldn't comply.
Learning to read C++ compiler errors: Nonsensical errors from a function declaration
Look closely at what the error message is complaining about.
Won’t waiting for multiple threads one at a time introduce a severe performance issue?
It depends on how long you plan on waiting.
Why does my DLL reference count go up by one every time I create and exit a thread?
If you use a wrapper, you need to follow the wrapper's rules.
Tricks from product support: We’re not smart enough to debug the problem, can you help us?
It's not you, it's me.
News flash: Desire for loud cars correlates with psychopathy and sadism
More research into loud vehicles.
An analogy about register preservation rules in calling conventions
And tying it back to unwind codes.
Assessing the attack complexity of a race condition security vulnerability
It's not just how small the race window is, but how easy it is to hit the window.
Why does my program successfully take foreground only when running under the debugger?
That's a special exception to the normal foreground rules.
Checking whether a URI refers to a Web site root
Let somebody else do the parsing.
Microspeak: Real estate and Airspace
Space on the screen and negotiating control over it.
How can I know when a window has processed a message that I posted to it?
Best would be to have it tell you.
In C++, how can I make a default parameter be the this pointer of the caller?, revisited
Expanding on the previous pattern.
How can I detect which menu my item was invoked from?
Just give them all different IDs. But this might itself by an XY problem.
How do I determine whether Explorer is showing or hiding file extensions?
You can ask, but maybe you're asking the wrong question.
A wrinkle in how Windows 95 setup bootstrapped its initial GUI step
Getting access to the common controls that don't exist until Windows 95.
The operations for reading and writing single elements for C++ standard library maps
Breaking down the options.
How do I put a non-copyable, non-movable, non-constructible object into a <CODE>std::optional</CODE>?
Taking advantage of the conversion operator.
Solving the puzzle of trying to put an object into a <CODE>std::optional</CODE>
How do I set a value? Let me count the ways.
The puzzle of trying to put an object into a <CODE>std::optional</CODE>
The C++ standard library template type has one of two states. It could be empty (not contain anything), or it could contain a . Suppose you start with an empty . How do you put a into it? One of my colleagues tried to do it in what seemed to be the most natural way: Use the assignment operator. Unfortunately, the assignment failed to compile: I asked for the rest of the error message, because the details will explain what the compiler tried to do (and why it couldn't). It's long, but we'll walk through it. The compiler is showing its work. It's showing you all the possible overloaded assignment opera...
Why did Windows 95 setup use three operating systems?
Simplifying the problem to an earlier problem.
Debugger breakpoints are usually implemented by patching the in-memory copy of the code
The code in memory may not match what the debugger shows you if the debugger is itself is doing the changing.
The case of a program that crashed on its first instruction
Didn't even make it out of the gate.
Why do I observe reads from a memory-mapped file when writing large blocks?
The CPU doesn't see the entire write at once.
How do I declare an operator overload for my Windows Runtime class?
That's not something expressible in the Windows Runtime.
What’s the difference between Display size and Screen size in the Windows 95 display control panel?
No meaningful difference, though others have created a difference.
On the limits of time travel in the face of undefined behavior in C
C imposes some constraints, but the principle is mostly still there.
On locale-aware substring matching, either case-sensitive or case-insensitive
It's surprisingly complicated, but fortunately, somebody has done it for you.
What has case distinction but is neither uppercase nor lowercase?
It has one foot in each world but belongs to neither.
I have enabled “take ownership” permission, but I still cannot obtain write access
Taking ownership is only one part of gaining write access.
Reverse-engineering what a “short” section is
The long and short of it all.
How useful is the hint passed to the <CODE>std::<WBR>unordered_…</CODE> collections?
Only a little, or sometimes not at all.
How can I explicitly specialize a templated C++ constructor, follow-up notes
You can use a maker function, but that doesn't let you escape the problem.
It rather involved being on the other side of the airtight hatchway: Defeating ASLR after you’ve gained RCE via ROP
If you defeat ASLR, then you can defeat ASLR.
How do I create a Windows Runtime <CODE>IRandomAccessStream</CODE> around a bunch of bytes or a classic COM <CODE>IStream</CODE>?
Another wrapper function.
Did Windows 95 shrink the default font size of windowed MS-DOS apps?
The effect was that it shrunk, but only sometimes.
Why does adding <CODE>WS_<WBR>MINIMIZEBOX</CODE> change how my window behaves when the user presses <KBD>Win</KBD>+<KBD>D</KBD>?
It minimizes your window if it can.
Evaluating tail call elimination in the face of return address protection, part 2
Rewriting the activation frame.
Evaluating tail call elimination in the face of return address protection, part 1
Reusing the activation frame.
Effects of classic return address tricks on hardware-assisted return address protection
Return address manipulations that are possibly even more impermissible than they already were.
A quick introduction to return address protection technologies
Detecting attempts to manipulate the return address.
On naming things: The tension between naming something for what it is, what it does, or how it is used
You are guaranteed to make someone upset.
How can I explicitly specialize a templated C++ constructor?
Looking for a C++ tag type for representing another type.
A correction to the awaitable lock for C++ PPL tasks
Over-scoped lock.
If threads are created without a message queue, why can I post to them immediately upon creation?
Check who is doing the posting.
Microspeak: Run to ground
Come to a resolution.
A popular but wrong way to convert a string to uppercase or lowercase
Converting character by character isn't good enough any more.
How does the linker decide whether to call <CODE>WinMain</CODE> or <CODE>wWinMain</CODE>?
If you don't tell it, it will try to figure it out.
How can I detect whether the user is running as an elevated administrator (as opposed to a natural administrator)?
You can ask for the elevation type.
A function for creating an absolute security descriptor from a self-relative one
Just wrap it up.
Misunderstanding the “Prevent access to registry editing tools” policy
It prevents access to the tools, but not to the registry itself.
Pulling a single item from a C++ parameter pack by its index, remarks
Why such a complicated way to pull the type from the pack?
The case of the crash when destructing a <CODE>std::map</CODE>
Who is corrupting the map?
If you’re going to specify the <CODE>LVS_SORTASCENDING</CODE> or <CODE>LVS_SORTDESCENDING</CODE> style, you had better be telling the truth
Because the listview control uses it to optimize searching.
Another example of the Windows Runtime interop pattern: Using the UserConsentVerifier from a Win32 program
Following the standard pattern.
The UserConsentVerifier confirms that the user is there, but it doesn’t protect any data
Is that really you?
Going beyond the empty set: Embracing the power of other empty things
Just because there's nothing in it doesn't mean it's not valid.
How can I check that all the changes in a git branch have been cherry-picked or rebased into its upstream branch?
You can pretend to merge it and see if anything happens.
My window has the <CODE>WS_<WBR>EX_<WBR>NOACTIVATE</CODE> extended style, but it got activated anyway
Well, at least it wasn't activated by a click.
More on the mysterious <CODE>[default_interface]</CODE> attribute in Windows Runtime classes
Forcing you to make a choice.
It rather involved being on the other side of this airtight hatchway: Posting completions to somebody else’s I/O completion port
If you have gained access to it, then that was the problem.
Some notes on Win32 carets
Assorted notes and musings.
The case of the fail-fast crashes coming from the power management system
Understanding why it decided to fail fast.
How can I tell whether two programs will share drive letter mappings?
You can compare the authentication IDs.
The case of the string being copied from a mysterious pointer to invalid memory, revisited
Reflections on an older topic.
Does the Resource Compiler have a separate preprocessor or doesn’t it?
It did, but now it doesn't.
GitHub trick to find the commit that deleted a file
Ask for the history of the file.
The case of the image that came out horribly slanted: Negative stride
It's all topsy-turvy.
The case of the image that came out horribly slanted: Taking the pitch into account
Getting the pieces to line up.
The case of the image that came out horribly slanted: Diagnosis
Imperfect pitch.
Why did Windows 95 use blue screen error messages instead of hard error messages?
You may not able to get there from here.
The <CODE>CoInitializeSecurity</CODE> function demands an absolute security descriptor
Even though you usually have a self-relative one in hand.
In the Windows kernel, what is a LUID, and what makes it loo-ey?
It's a locally-unique ID, for a specific definition of "local".
How is the Windows.Foundation.Uri.Domain property different from Host?
It's an educated guess.
On the strange status of <CODE>wchar_t</CODE> in classic MIDL
From the era before <CODE>wchar_t</CODE> was a standard type.
The Microsoft/IBM joint development was built on mutual respect, wait, is respect the right word?
Maybe it's some other word.
Thoughts on finding the essential elements of a set
Another binary search, but searching a different way.
What if I need to wait for more than <CODE>MAXIMUM_<WBR>WAIT_<WBR>OBJECTS</CODE> threads?
Studying your options, and the consequences of breaking things up.
The role of the activation factory in the Windows Runtime
The activation factory represents the class itself.
What does <CODE>ERROR_<WBR>KEY_<WBR>DELETED</CODE> mean?
You now have a handle to a key that doesn't exist, and there's nothing you can do with it.
Another tribute to Microsoft history hiding in Building 41
Logo touches.
Constructing nodes of a hand-made linked list, how hard can it be?
Trying to force copy elision.
The case of the missing ordinal 380
Untangling the error message and developing a theory.
Instead of putting a hash in the Portable Executable timestamp field, why not create a separate field for the hash?
That would defeat the purpose.
Temporarily dropping a lock: The anti-lock pattern
It's not to prevent locking, but rather to counteract a lock.
A look back at one of the (many) projects code-named Highlander
The showdown that almost repeated.
Embracing the power of the empty set in API design (and applying this principle to selectors and filters)
You got plenty of nothing.
What does it even mean to Close a Windows Runtime asynchronous operation or action?
That's the end of the road.
Why do I get <CODE>E_<WBR>ACCESSDENIED</CODE> when trying to access my brokered Windows Runtime object?COM is double-checking the trust level.
COM is double-checking the trust level.
How do I know when the user has finished interacting with the <CODE>AccountsSettingsPane</CODE>?
You can use the version that runs an asynchronous operation.
It rather involved being on the other side of the airtight hatchway: Disabling a security feature as an administrator
At least they don't beat around the bush.
What are the dire consequences of registering a RunOnce command from my RunOnce command?
The circle of life, or a perpetual motion machine.
The difference between undefined behavior and ill-formed C++ programs
They are two kinds of undefined-ness, one for runtime and one for compile-time.
What’s the difference between <CODE>DataPackageView.<WBR>GetUriAsync</CODE> and <CODE>DataPackageView.<WBR>GetWebLinkAsync</CODE>?
Just improving on an ambiguous name.
How to compress out interior padding in a <CODE>std::pair</CODE> and why you don’t want to
Context-sensitive layout means you get a different structure each time you use it.
There is no mystery over who wrote the Blue Screen of Death, despite what some may want you to believe
No real contradictions in anybody's story.
Why don’t Windows Imaging Component pixel format GUIDs continue their nice pattern?
Patterns are predictable, which is not always a good thing.
What can I do if IMlangConvertCharset is unable to convert from code page 28591 directly to UTF-8?
You can do the conversion in two steps using things you already have.
In my Visual Studio project, I set my Conformance mode to permissive, but it’s still not permissive
Digging into what the compiler sees.
API naming principle: If there is no direct object, then the direct object is the source object
If you don't know what it operates on or produces, then it operates on or produces itself.
Unquoted service paths: The new frontier in script kiddie security vulnerability reports
Usually not exploitable, but the script kiddies don't know that.
Organizing the five creation dispositions of the <CODE>CreateFile</CODE> function
Six possibilities, but only five useful ones.
Creating an already-completed asynchronous activity in C++/WinRT, part 9
Cheating the delegates.
Creating an already-completed asynchronous activity in C++/WinRT, part 8
Generalizing the pattern.
Creating an already-completed asynchronous activity in C++/WinRT, part 7
Implementing the contract directly.
Creating an already-completed asynchronous activity in C++/WinRT, part 6
Let the conversion do the talking.
Creating an already-completed asynchronous activity in C++/WinRT, part 5
Trying to fail more correctly.
Creating an already-completed asynchronous activity in C++/WinRT, part 4
Failing is easy. Failing correctly is hard.
Creating an already-completed asynchronous activity in C++/WinRT, part 3
Generalizing to the four kinds of Windows Runtime asynchronous activities.
Creating an already-completed asynchronous activity in C++/WinRT, part 2
Making our function a coroutine.
Creating an already-completed asynchonous activity in C++/WinRT, part 1
The simplest version.
What’s the point of <CODE>std::<WBR>monostate</CODE>? You can’t do anything with it!
Not doing anything with it is exactly the point.
How do I produce a Windows Runtime asynchronous activity from C++/WinRT?
Somebody that deals with them natively.
How do I produce a Windows Runtime asynchronous activity from C#?
The AsyncInfo helper class converts Tasks to Windows Runtime asynchronous activities.
How do I produce a Windows Runtime asynchronous activity from C++/CX?
The Parallel Patterns Library has special support for C++/CX.
The history of <KBD>Alt</KBD>+number sequences, and why <KBD>Alt</KBD>+<KBD>9731</KBD> sometimes gives you a heart and sometimes a snowman
Code pages and custom keyboard handling.
If I register the same shell extension as both a context menu extension and a drag/drop extension, how do I know which one the system is using?
Who forced you to register the same shell extension for both?
2024 mid-year link clearance
Emptying out the junk drawer.
Writing a <CODE>remove_all_pointers</CODE> type trait, part 2
Factoring out the type resolution to after the dangerous part.
Writing a <CODE>remove_all_pointers</CODE> type trait, part 1
Delaying the expansion to avoid infinite recursion.
Is there a built-in way in C++/WinRT to get the string name for a Windows Runtime enum?
No, and maybe you don't want to.
Microspeak: Fun fork
A place to party.
Finding a specific value in a sequence of integers that changes by at most 1
It's basically a discrete version of the intermediate value theorem.
The Windows Runtime <CODE>winrt::<WBR>hstring</CODE> and the C++ <CODE>std::<WBR>wstring</CODE> are inter-assignable
Just assign them over, no cermony necessary.
How to convert between different types of counted-string string types
Looking for constructors that take a character count.
On the sadness of treating counted strings as null-terminated strings
You're throwing away perfectly good data, there.
The time smart quotes prevented the entire Office division from committing code
Breaking your tools with your tools.
How can I view the list of symbols available in a library?
A tool hiding inside another tool.
Lock-free reference-counting a TLS slot using atomics, part 3
Keeping track of two things at once.
Lock-free reference-counting a TLS slot using atomics, part 2
Getting it is easy. Getting rid of it is hard.
Lock-free reference-counting a TLS slot using atomics, part 1
First, we do it with locks.
The origin story of the Windows 3D Pipes screen saver
Looking for a place to show off.
How do I get the name of a SID, and what does it mean when the conversion fails?
Most places will do it for you, or at least try.
What’s the deal with <CODE>std::type_identity</CODE>?
When you want to use a type without participating in type deduction.
Can INI files be Unicode? Yes, they can, but it has to be your idea
It'll only be Unicode if it's already Unicode.
How 16-bit Windows cached INI files for performance
Taking advantage of co-operative multitasking.
Why does <CODE>GlobalLock</CODE> max out at 255 locks?
Because that's how many bits were available for reporting the lock count.
More on harmful overuse of <CODE>std::<WBR>move</CODE>
Could we expand copy elision to cover the harmful cases?
A graphical depiction of the steps in building a C++ executable, with XAML and packaging
Fleshing out the diagram.
A graphical depiction of the steps in building a C++ executable, enhanced for classic Win32
Adding in Microsoft-specific tools.
A graphical depiction of the steps in building a C++ executable, basics
A high-level overview.
How can I force a DLL to register itself if it won’t respond to <CODE>regsvr32</CODE>?
You can't force something that isn't there.
Is there any difference between <CODE>StringFromIID</CODE> and <CODE>StringFromCLSID</CODE>?
Not really.
Setting the contents of a Windows Runtime Vector from C++/WinRT in one call
The one-stop shop for updating a Windows Runtime Vector.
Creating a prepopulated Windows Runtime Vector from C++/WinRT without going through an explicit <CODE>std::<WBR>vector</CODE>
Creating the vector inline.
If you have to create a Windows Runtime Vector from C++/WinRT, do it as late as possible
Stay with the <CODE>std::vector</CODE> until you really need the Window Runtime Vector.
A blurry photo of the legendary USB Cart of Death
And some details about that infamous on-stage bluescreen.
If you know what interface you want, just pass it directly to CoCreateInstance
Avoiding a second round trip.
Why can’t I find the injected name of a templated class’s templated base class?
The compiler needs help finding it because it's not findable at the time the template is parsed.
Pulling a single item from a C++ parameter pack by its index
Combining a few tools to make a new tool.
Building the most efficient device selector query that selects no devices
Looking for the most efficient way of rejecting everything.
The confidential coffee maker was not the only source of shenanigans at the IBM Boca office
The culture (and weather) clash continues.
Before you try to change something, make sure you can change nothing
Nobody touch anything.
An informal comparison of the three major implementations of <CODE>std::string</CODE>
Pros and cons.
Asking for a DispatcherQueue from a GUI thread you created
Grafting a DispatcherQueue onto an existing thread.
Awaiting a set of handles with a timeout, part 7: Just doing it one at a time
A simpler version with its own quirks.
Awaiting a set of handles with a timeout, part 6: Capturing the handles efficiently
SFINAE'ing the case of a random-access(ish) iterator.
Awaiting a set of handles with a timeout, part 5: Generalizing the awaiter
Fitting into existing patterns.
Awaiting a set of handles with a timeout, part 4: Building our own awaiter
To stop relying on unspecified behavior.
Awaiting a set of handles with a timeout, part 3: Going beyond two
Generalizing what we learned last time.
Awaiting a set of handles with a timeout, part 2: Continuing with two
Giving it another try.
Awaiting a set of handles with a timeout, part 1: Starting with two
Let's see by seeing if we can do it with just two.
Awaiting a set of handles in C++/WinRT
It's easier thank you think.
Adding state to the update notification pattern, part 8
Comparing the two algorithms.
Adding state to the update notification pattern, part 7
Going free-threaded.
Adding state to the update notification pattern, part 6
Using a change counter with coalescing.
Adding state to the update notification pattern, part 5
Using a change counter.
Adding state to the update notification pattern, part 4
What if the UI thread isn't there to save you?
Adding state to the update notification pattern, part 3
Abandoning the background work if we know that it is pointless.
Adding state to the update notification pattern, part 2
First attempt to try to fix the race condition.
Adding state to the update notification pattern, part 1
Where each notification depends on some state information.
In search of the Ballmer Peak, and other results from SIGBOVIK 2024
Continuing studies in silliness.
Dubious security vulnerability: Program allows its output to be exfiltrated
Once the output is generated, the program can't control where it goes.
What were the tax consequences of letting Windows 95 team members keep a piece of software as long as they tested it?
It basically falls under the <I>de minimis</I> rule.
The case of the string being copied from a mysterious pointer to invalid memory
Using AppVerifier to deduce the heap allocation history.
Why do <CODE>STANDARD_<WBR>RIGHTS_<WBR>READ</CODE>, <CODE>STANDARD_<WBR>RIGHTS_<WBR>WRITE</CODE>, and <CODE>STANDARD_<WBR>RIGHTS_<WBR>EXECUTE</CODE> have the same values?
Don't they mean different things?
How can I find out which process has locked me out of the clipboard?
You can ask for the clipboard opener.
If I enumerate all the processes and add up all the <CODE>GetGuiResources</CODE>, why doesn’t it match the <CODE>GR_<WBR>GLOBAL</CODE> value?
There are some things that aren't charged to processes.
How does the classic Win32 ListView handle incremental searching?
Combining prefix search with repeated search, to accommodate multiple styles.
The case of the exception that a <CODE>catch (…)</CODE> didn’t catch
Reconstructing a false history.
It rather involved being on the other side of this airtight hatchway: System corruption caused by an administrator
If your goal was to corrupt the system, you sure are doing it the hard way.
Windows debugger trick: Breaking when a specific debugger message is printed
A different kind of conditional breakpoint.
The history of computing, as told by the hallways of Microsoft Building 41
A walk through history, in the form of wall textures.
Subroutine calls in the ancient world, before computers had stacks or heaps
A lot of computing got done even before we had stacks and heaps.
How can I tell C++ that I want to discard a nodiscard value?
A variety of tricks, with different degrees of readability and legality.
I called <CODE>CreateEnvironmentBlock</CODE> with a process’s token, but I didn’t get that process’s environment
That's not what the <CODE>CreateEnvironmentBlock</CODE> function does.
Some choices for encrypting data so that it can be decrypted only by the same user or computer
There's your classic, and there's some newfangled stuff.
Dubious security vulnerability: Manual operations can cause a program to hang
You did this to yourself.
Why isn’t C++ using my default parameter to deduce a template type?
Trying to have it both ways.
Why does my thread get a broken string as its initial parameter?
It got converted too late.
Using the <CODE>DisplayInformation</CODE> class from a desktop Win32 application, part 2
Completing the prerequisites.
Using the <CODE>DisplayInformation</CODE> class from a desktop Win32 application, part 1
A little interop music.
How well does C++/WinRT <CODE>com_ptr</CODE> support class template argument deduction (CTAD)?
It doesn't even try, and probably doesn't want you to do it.
How well does wil <CODE>com_ptr</CODE> support class template argument deduction (CTAD)?
Falling into a hole in the C++ language, not filled in until C++20.
How well does WRL <CODE>ComPtr</CODE> support class template argument deduction (CTAD)?
It tries too hard and accidentally breaks CTAD.
How well does ATL <CODE>CComPtr</CODE> support class template argument deduction (CTAD)?
It actually works right out of the box.
How well does MFC <CODE>IPTR</CODE>/<CODE>CIP</CODE> support class template argument deduction (CTAD)?
Not very well, thanks to requiring the interface ID to be specified explicitly.
How well does <CODE>_com_ptr_t</CODE> support class template argument deduction (CTAD)?
Not very well, thanks to storing the pointer and IID pair in a helper type.
Class template argument deduction (CTAD) and C++ COM wrappers: Initial explorations
How well do these libraries support a feature that likely didn't exist at the time they were written?
The 2024/2025 Seattle Symphony subscription season at a glance
The pocket reference guide for 2024/2025.
How can I force a copy of a C++ value?
Forcing a copy with a minimum of typing.
In C++/WinRT, you shouldn’t destroy an object while you’re <CODE>co_await</CODE>ing it
A generalization of the ground rules of programming.
How do I make an expression non-movable? What’s the opposite of <CODE>std::move</CODE>?
You can turn it into a const thing so it's no longer movable, in a conventional sense.
In domain\user syntax, you can often use the period as an abbreviation for “this computer”
A bit of a typing saver, particularly with complex machine names.
Is shadowing a member variable from a base class a bad thing? Maybe, but maybe not.
It depends on the order in which things occurred.
C++/WinRT performance trap: Switching to Windows Runtime too soon
Stay in the devirtualized world until you are forced to leave.
If a parameter isn’t used, what should I pass?
It doesn't matter what you pass, but if you have to ask, then just pass zero.
On the whole idea of giving away a reference to yourself at destruction
Hey, at least it's possible.
Mitigating attacks based on knowing the length of a Windows Hello PIN
Balancing convenience against security, and how you can tune the knobs toward more security.
A C# LINQ one-liner to check if exactly one of a set of conditions is met
Maybe not the most efficient, but it's easy to write.
Gotcha: Be careful how you shut down your dispatcher queues
The dispatcher queue thread isn't useful after it has shut down, so don't try anything.
Gotcha: Don’t forget to shut down your dispatcher queues
Keep that dispatcher queue controller around, or you'll never be able to clean up.
Once your object reaches <CODE>final_release</CODE>, you are committed to destructing it (eventually)
Don't try to resurrect it.
Microspeak: Closing out, duping out
Making work items no longer appear on a query.
Why can’t I trigger a manual blue screen crash by injecting the magic key sequence?
It has to come from the physical keyboard, because that's the code that detects the magic key sequence.
If you’re just going to sit there doing nothing, at least do nothing correctly
How to be inert.
Registered command lines are just command lines, not a programming language
If you want a programming language, you know where to find one.
Functions that return the size of a required buffer generally return upper bounds, not tight bounds
An over-estimate is better than an under-estimate.
It rather involved being on the other side of this airtight hatchway: Attacking a domain administrator from the local administrator
If you pwn the machine, then you pwn everyone on the machine.
How can I get the Windows Runtime HttpClient to display a basic authentication prompt?
You need to give it some help finding the right window.
On the virtues of the trailing comma
A more uniform appearance comes with its own benefits beyond aesthetics.
How do I suppress the error box that appears when a <CODE>LoadLibrary</CODE> fails?
They don't appear often, but they do appear occasionally.
Why doesn’t my program get fancy drag/drop effects in high contrast mode with <CODE>CLSID_<WBR>DragDropHelper</CODE>?
You have to upgrade your manifest.
On using milliseconds as a measure of network latency
There's a limit to how much technology can improve.
How can I close a thread pool and cancel all work that had been queued to it?
You can put them in a group.
The case of the invalid parameter error from <CODE>MeasureOverride</CODE>
Chasing it back to its origin.
Using virtual memory placeholders to allocate contiguous address space for multiple purposes
Can you hold this for a second?
How can I add an environment variable to a process launched via <CODE>ShellExecuteEx</CODE> or <CODE>IContextMenu</CODE>?
Hooking into the way the Windows shell launches processes.
Smoothing over the differences (and defects) in the various implementations of <CODE>IMemoryBuffer</CODE>
Stick to the part that nobody messes up.
A comparison of various implementations of the Windows Runtime <CODE>IMemoryBuffer</CODE>
Every unhappy class is unhappy in its own way.
How can I expose a pre-existing block of memory as a Windows Runtime object without copying the data?
Assembling all the pieces.
How can I give away a COM reference just before my object destructs?
You have to do it before committing to destruction.
The dangerous implementations of the <CODE>IMemoryBufferReference.Closed</CODE> event
Mistakenly handing out COM references that don't work.
The useless <CODE>IMemoryBufferReference.Closed</CODE> event
It tells you that you have already lost.
Accessing a block of memory represented by a Windows Runtime IMemoryBuffer
Through the currency known as an IMemoryBufferReference.
The case of the fail-fast trying to log a caught exception
What is being thrown and why can't we log it?
Implementing two-phase initialization with ATL
ATL looks like it supports two-phase initialization, but it doesn't.
Getting a strong reference from the <CODE>this</CODE> pointer too soon
Giving out strong references to an object before you can guarantee that it will work.
What is a hard error, and what makes it harder than an easy error?
A throwback to the early days of 16-bit Windows.
C++/WinRT gotcha: Not all exceptions derive from <CODE>hresult_error</CODE>
There are also C++ standard exceptions, particularly <CODE>std::bad_alloc</CODE>.
In C++/WinRT, how can I await multiple coroutines and capture the results?, part 3
Dealing with awaitables that return <CODE>void</CODE>, and questioning our life choices.
In C++/WinRT, how can I await multiple coroutines and capture the results?, part 2
Wrapping the results and returning them in a tuple.
In C++/WinRT, how can I await multiple coroutines and capture the results?, part 1
Using a custom awaiter to suppress the <CODE>GetResults()</CODE>.
After I accidentally denied access to everyone, how do I get access back?
Congratulations, you locked your keys in the car.
How do I prevent my C++/WinRT implementation class from participating in COM aggregation?
Looking for a clue.
The case of the vector with an impossibly large size
Play threading games, win threading prizes.
How can I specify icons for my app to use on the Start menu in high contrast mode?
Put them in your manifest.
Why doesn’t my code compile when I change a <CODE>shared_ptr<T>(p)</CODE> to an equivalent <CODE>make_shared<T>(p)</CODE>?
It depends on who is doing the parameter conversion.
It rather involved being on the other side of this airtight hatchway: Attacking another program by modifying its memory
If you assume the existence of a vulnerability, you can use that vulnerability to attack something.
How do I prevent my ATL class from participating in COM aggregation? <CODE>DECLARE_<WBR>NOT_<WBR>AGGREGATABLE</CODE> didn’t work
That marker applies only to creation via the class factory.
2023 year-end link clearance
Ringing out another year.
How to allocate address space with a custom alignment or in a custom address region
Some new powers to guide the allocation.
On calling <CODE>AfxConnectionAdvise</CODE> with <CODE>bAddRef</CODE> set to <CODE>FALSE</CODE>
Playing fast and loose, and eventually you get burnt.
What does it mean when the compiler says that it can’t convert something to itself?
Why is it even thinking about a conversion?
Don’t keep state in your XAML item templates; put the state in the items
Beware of temporary alliances.
That time the Word team sent presents to the children of WordPerfect’s executive vice president
No, it wasn't creepy.
If I don’t have any items, what error should my <CODE>IFolderView::Items</CODE> method return?
It shouldn't return an error at all.
How do I get access to the <CODE>wParam</CODE> and <CODE>lParam</CODE> of the <CODE>WM_<WBR>QUERYENDSESSION</CODE> method from my MFC message handler?
Don't be afraid to see how the macros are built.
It rather involved being on the other side of this airtight hatchway: Spoofing another program
You already had the power to do it yourself.
Microspeak: Locked and loaded
Armed and ready, with the suggestion that no further changes will be needed (or accepted).
In 2023, the Gävle Goat faces a new threat to its survival
It's bock.
If the RegisterClass function takes ownership of the custom background brush, why is it leaking?
It takes ownership only on success.
How do I specify an optional string parameter to a Windows Runtime method?
Strings are sort of reference but sort of values.
How do I specify an optional parameter to a Windows Runtime method?
There is no way to express explicit optionality, but there are implicit ways.
How can I work around the absence of default parameters in the Windows Runtime?
You can fake it with overloads.
What happens if I define one environment variable in terms of the value of another environment variable?
Only certain types of dependencies are supported.
The mysterious second parameter to the x86 <CODE>ENTER</CODE> instruction
For an ABI that probably nobody uses.
A simpler version of the task sequencer that doesn’t promise fairness
Just let a kernel object control the access.
In C++, how can I make a default parameter be the <CODE>this</CODE> pointer of the caller?
Again, you can't, but you can fake it.
In C++, how can I make a member function default parameter depend on <CODE>this</CODE>?
You can't, but you can fake it.
What was the code name for 64-bit Windows?
Sundown, which was a hidden jab at the competition.
What is a static chain pointer in the context of calling convention ABI?
Buried in the System V Application Binary Interface.
Why does the Windows Portable Executable (PE) format have both an import section and input directory?
They seem to be the same thing. Do we need both?
Why does the Windows Portable Executable (PE) format have separate tables for import names and import addresses?, part 2
Keeping read-only data separate from read-write data.
Why does the Windows Portable Executable (PE) format have separate tables for import names and import addresses?, part 1
Even though their lifetimes don't overlap, you sometimes need to go back in time.
A reported vulnerability about getting paid apps for free is really about paying for free apps
Try shopping around.
In Windows 3.1 and Windows 95, what is a “grabber”?
It grabbed your MS-DOS screen and put it into a window.
On harmful overuse of <CODE>std::move</CODE>
Initial excitement leads to overuse.
On the need to keep most event sources alive if you want them to raise events
You can't receive a notification from something that doesn't exist.
How can I convert a Windows Runtime <CODE>SoftwareBitmap</CODE> to a WIC bitmap?
The reverse of <CODE>ISoftwareBitmapNativeFactory::<WBR>CreateFromWICBitmap</CODE>.
Microspeak revisited: Line of sight
A fancy way of saying unimpeded network connectivity.
If you’re going to crash on an unhandled exception, you may as well do it sooner rather than later
Avoiding the problem discovered by the case of the invalid argument exception from a method that takes no arguments.
The theory behind the IHttpFilter interface
Layering features on top of each other.
What happened to the custom exception description I threw from a C++/WinRT IAsyncAction?
The description is just a courtesy and is not part of the API contract.
Why does calling a coroutine allocate a lot of stack space even though the coroutine frame is on the heap?
Heap elision optimization kicks in, and doesn't kick out.
Starting on the other side of this airtight hatchway: Running a program that leaks memory
There are a lot of things you can do to consume memory.
What is the difference between UuidToString, StringFromCLSID, StringFromIID, and StringFromGUID2?
Different ways of stringizing a GUID.
The case of the invalid argument exception from a method that takes no arguments
Where did the invalid argument come from?
A clarification on the multithreading constraints of the <CODE>EncryptMessage</CODE> function
Reading a sentence in the context of the whole paragraph.
How can I get information about media playing on the system, and optionally control their playback?
Going to the global system media transport controls world.
“Stop sharing this folder” is not the same as “Never share this folder”
It stops sharing the folder, but that doesn't prevent you from starting it again.
Why doesn’t reduction by modulo work for floating point values?
Working out why it works for integers and seeing what goes wrong.
Why does unsafe multithreaded use of an <CODE>std::<WBR>unordered_<WBR>map</CODE> crash more often than unsafe multithreaded use of a <CODE>std::<WBR>map</CODE>?
It's all in the implementation details.
How come my custom exception message is lost when it is thrown from a <CODE>IAsyncAction^</CODE>?
Things that survive in the C++ world and things that are lost when you cross the ABI.
More notes on use of the <CODE>DS_<WBR>CONTROL</CODE> style
Styles that have to go in, and styles that have to come out. (And styles that you can choose.)
What is the thread reaper?
Should you fear the thread reaper?
What are the dire consequences of not removing all the properties that were set via <CODE>SetProp</CODE>?
Not so much any more, but it could be a sign that you forgot something.
How to support a COM interface conditionally in WRL
Customizing the QueryInterface and GetIids methods.
How to support a COM interface conditionally in C++/WinRT
Prevent <CODE>winrt::implements</CODE> from responding to it or reporting it.
The format of icon resources, revisited
Filling in some gaps.
Why is there a hash of a weak password in the Windows cryptographic libraries?
They're part of an internal self-test.
How do I add a non-copyable, non-movable object to a <CODE>std::map</CODE> or <CODE>std::unordered_map</CODE>?
Fancy emplacement.
On the failed unrealized promise of <CODE>RegOverridePredefKey</CODE>
An early attempt to sandbox the registry for a process.
What’s the difference between setting a page’s protection to <CODE>PAGE_NOACCESS</CODE> and freeing it?
Nobody can access it, but it's still there.
How can I check if I’m on a DispatcherQueue’s thread if I can’t call HasThreadAccess?
Looking at the tools you have available.
Microspeak: The As-Appropriate (AA) interviewer
So, how are things going so far?
API design principle: Reading a property or adding an event handler should not alter observable behavior
Don't punish people for looking.
On detecting improper use of <CODE>std::<WBR>enable_<WBR>shared_<WBR>from_<WBR>this</CODE>
Playing around with the standard library.
I created an overloaded operator for my C++/WinRT class, but it’s not working
Take a closer look at what you are overloading.
Why does <CODE>IFileDialog</CODE> still show non-filesystem folders when I pass <CODE>FOS_<WBR>FORCEFILESYSTEM</CODE>?
Because you need to pass through them to get there.
It rather required being on the other side of this airtight hatchway: Knowing the domain administrator password
If you give away the password, well, that's sort of on you.
Is there any performance advantage to marking a page read-only if I had no intention of writing to it anyway?
The CPU already figured it out.
A very belated improvement to the filtering of the Browse for Folder dialog so it shows only drive letters
The case of the very short UNC.
How can I get WideCharToMultiByte to convert strings encoded in UTF-16BE?
You first have to get it into a format the WideCharToMultiByte accepts.
On the confusing names for the Windows service SID types
Too much abbreviation.
A complaint about Links the Cat, the Office assistant
Do all cats do that?
How do I manually update a remote tracking branch, say, to undo a fetch?
Updating refs to point to whatever you like.
Template meta-programming: Avoiding saying a type before it is complete
Deferring use until after the class is defined.
C++/WinRT gotcha: <CODE>get_strong()</CODE> will produce a broken strong reference if destruction has already begun
A strong reference to nothing.
The dangers of releasing the last strong reference from within its own callback
Deadlocking with yourself.
Why is kernel32.dll running in user mode and not kernel mode, like its name implies?
It's just a name, and it comes from the days before user-mode/kernel-mode separation.
GetQueueStatus and the queue state
There's stuff going on that's hiding behind the innocuous-looking name.
When I try to call an exported function, the target crashes when it tries to call any Windows function
Using what you know about how functions are imported to construct a theory that matches the evidence.
How does Explorer calculate the “Date” of a file?
Mapping the generic concept to specific file types.
Why does my C++/WinRT project get unresolved externals for constructors?
You forgot to include the namespace header file, didn't you.
Why did the 16-bit _lopen and _lcreat function return -1 on failure instead of 0?
Trying to look like somebody else.
When looking to free up disk space, don’t forget your symbol file caches
They go all over the place.
How can I prevent myself from using a parameter after I’ve extracted all value from it?
You can shadow it with something useless.
I accidentally performed an operation on <CODE>INVALID_<WBR>HANDLE_<WBR>VALUE</CODE>, and it worked: What just happened?
Coincidentally valid, but not what you think.
How do I perform a case-insensitive comparison of two strings in the Deseret script?
It sort of depends on why you're comparing them.
The odd cadence of narrative engineering design documents
Following the rubric off a cliff.
Any sufficiently advanced uninstaller is indistinguishable from malware
The common pattern of trying to delete yourself.
On transferring or copying ABI pointers between smart pointers
Keep track of who owns the reference.
A freestanding JavaScript function that uses <CODE>this</CODE> is easily mistaken for a constructor
Because that's what constructors look like.
Detecting whether a tree-like data structure contains a cycle
Combining two things we already know.
When documentation cautions that something may not happen, that suggests that it normally does happen
Reading between the lines.
Just for fun: What happens when you shift a register by more than the register size?
A comparative study of processor architectures.
How do I find out more about the fail-fast exception that occurs when an exception in a PPL task goes unobserved?
Digging into the internals.
Diagnosing a crash when trying to call <CODE>ReadFile</CODE> via language interop
Checking the signatures and inferring what could have gone wrong.
How can I programmatically obtain the value of the “Make text bigger” slider?
The text scale factor property.
The popularity of DOS/4GW made Windows 95 game compatibility a little easier, but with higher stakes
A popular path to protected mode.
Just for fun: Which processors prefer sign-extended loads, and which prefer zero-extended loads?
Another pointless chart.
On writing loops in continuation-passing style, part 4
Equivalents in C# and JavaScript.
On writing loops in PPL and continuation-passing style, part 3
Explicit shared state.
On writing loops in PPL and continuation-passing style, part 2
Recursion comes back.
On writing loops in PPL and continuation-passing style, part 1
Keeping track of what to do next.
Inside STL: The different types of shared pointer control blocks
Well, some of them, at least.
Phantom and indulgent shared pointers
The phantom controls something yet holds nothing. The indulgent holds something but controls nothing.
What it means when you convert between different <CODE>shared_ptr</CODE>s
Changing the pointer while controlling the same object.
Inside STL: The <CODE>shared_ptr</CODE> constructor and <CODE>enable_shared_from_this</CODE>
Working together through a secret signal.
Inside STL: The <CODE>shared_ptr</CODE> constructor vs <CODE>make_shared</CODE>
Where to hide the control block.
Inside STL: Smart pointers
Simple pointers or more complicated pointers.
Inside STL: The array
It's just an array.
Inside STL: The deque, implementation
An array of (pointers to) arrays.
Inside STL: The deque, design
An array of (pointers to) arrays.
Inside STL: The unordered_map, unordered_set, unordered_multimap, and unordered_multiset
A hash table.
Inside STL: The map, set, multimap, and multiset
A red-black tree.
Inside STL: The lists
Your traditional singly- or doubly-linked list.
Inside STL: The string
An allocation, with a twist.
Inside STL: The vector
A contiguous memory block, reallocated as necessary.
Inside STL: The pair and the compressed pair
Two fields in one object, how hard can it be?
Misinterpreting the misleadingly-named <CODE>STATUS_<WBR>STACK_<WBR>BUFFER_<WBR>OVERRUN</CODE>
The subcode tells you why we stopped executing, and it's rarely because of a stack buffer overflow.
How to split off an older copy of a file while preserving git line history
Variation on a theme.
Perfect forwarding forwards objects, not braced things that are trying to become objects
Before you can forward something, it needs to be a something.
On the various ways of creating Windows Runtime delegates in C++/WinRT and C++/CX
Comparing and contrasting.
Before you try to do something, make sure you can do nothing
If you can't do nothing, then don't expect to be able to do something.
Why does <CODE>IAsyncAction</CODE> or <CODE>IAsyncOperation.<WBR>GetResults()</CODE> produce a <CODE>E_<WBR>ILLEGAL_<WBR>METHOD_<WBR>CALL</CODE> exception?
You're asking too soon.
How to clone a Windows Runtime map in the face of possible concurrent modification, part 3
Doing it one more time, for C++/CX.
How to clone a Windows Runtime map in the face of possible concurrent modification, part 2
Applying what we learned about vectors.
How to clone a Windows Runtime map in the face of possible concurrent modification, part 1
Applying what we learned about vectors.
How to clone a Windows Runtime vector in the face of possible concurrent modification, part 4
Translating to C++/CX and dealing with some quirks of that language.
Cloning a Windows Runtime vector in the face of possible concurrent modification, denial of service?
Can you get sent into an infinite loop?
How to clone a Windows Runtime vector in the face of possible concurrent modification, part 3
Dealing with the pesky <CODE>std::vector<bool></CODE>.
How to clone a Windows Runtime vector in the face of possible concurrent modification, part 2
Trying to make a generic solution.
How to clone a Windows Runtime vector in the face of possible concurrent modification, part 1
Backing off and retrying, but the detection is the tricky part.
Why does the compiler complain about a missing constructor when I’m just resizing my <CODE>std::vector</CODE> to a smaller size?
The compiler doesn't know that you're shrinking.
How to wait for multiple C++ coroutines to complete before propagating failure, concluding remarks
The things that could go wrong before you even start.
How to wait for multiple C++ coroutines to complete before propagating failure, finding the awaiter
Making sure to wrap the right thing.
How to wait for multiple C++ coroutines to complete before propagating failure, wrapping the awaitable
Intercepting the exception on the front side.
How to wait for multiple C++ coroutines to complete before propagating failure, preallocating the coroutine frame
Avoiding dynamic memory allocation.
How to wait for multiple C++ coroutines to complete before propagating failure, memory allocation failure
There's no good way to report the failure, so we just have to give up.
How to wait for multiple C++ coroutines to complete before propagating failure, symmetric transfer
Avoiding stack build-up.
2023 mid-year link clearance
The tradition continues.
How to wait for multiple C++ coroutines to complete before propagating failure, custom promise
Taking things into our own hands.
How to wait for multiple C++ coroutines to complete before propagating failure, peeling away at a tuple
Iterating over a tuple recursively.
How to wait for multiple C++ coroutines to complete before propagating failure, false hope
Trying to iterate over a pack.
How to wait for multiple C++ coroutines to complete before propagating failure, unhelpful lambda
The usual trick doesn't work.
How to wait for multiple C++ coroutines to complete before propagating failure, initial plunge
Remembering the exception while finishing the other work.
What can go wrong if you release an SRWLock from a thread different from the one that acquired it?
It's not a supported scenario, so anything can happen.
How can I find out the last time a user logged on from C++?
The information is in the historically-named LANMAN APIs.
The case of the <CODE>make_shared</CODE> on a C++/WinRT type
Now you can't tell who's in charge.
Why is Windows using only even-numbered processors?
Spreading out the load over cores.
Why am I being told about a signed/unsigned comparison, and why only sometimes, and how can I fix it?
How the compiler back-end can influence warnings.
The case of the invalid handle despite being managed by an RAII type, part 2
Avoiding using an object after is has destructed, and maybe using a less-well-known corner of the C++ language.
The case of the invalid handle despite being managed by an RAII type
The handle remains valid for the object's lifetime, but what is the object's lifetime?
How expensive is it to create a Windows performance counter?
The cost depends on the performance counter.
SIDs are really just another a fancy way of creating unique IDs in a decentralized way
Keeping them from colliding with each other.
The move constructor that you have to declare, even though you don’t want anyone to actually call it
Forcing named return value optimization.
Reordering C++ template type parameters for usability purposes, and type deduction from the future
You want them to go first, but you also want to deduce them.
How can I register a program to auto-relaunch if it crashes or is terminated?, redux
You can get a little bit of the way there.
Pulling sleight of hand tricks in a security vulnerability report, episode 2
I see what you did there.
How can I make WiFi passwords per-user rather than per-system?
A little-known system configuration setting.
It’s great that you provide operator overloads, but it’s also nice to have names
Avoiding the need to invoke the operator explicitly as a specialized template, among other things.
C++/WinRT event handlers that are lambdas with weak pointers to the parent class, part 3
Extending to <CODE>std::weak_ptr</CODE>.
C++/WinRT event handlers that are lambdas with weak pointers to the parent class, part 2
Working out the boilerplate.
C++/WinRT event handlers that are lambdas with weak pointers to the parent class, part 1
Assessing the state of affairs.
How do I change the directory Windows uses for user profiles? revisited
You can still do it, but it's not really supported.
On writing functions that accept any specialization of a C++ template type
There are the obvious arguments, the non-obvious arguments, and the invisible arguments.
Getting a strong reference from the <CODE>this</CODE> pointer too late
Once destruction begins, strong references mean nothing.
How can I trigger a recalc of the mouse cursor after I changed some of my internal application state?, follow-up
You still need to filter to your window, so you don't mess up another window on the same thread.
Don’t name your header file <CODE>security.h</CODE> either
You may be overriding an SDK header by mistake.
On creating (and using) a transforming iterator
It lets you change the thing being iterated over, on the fly.
Speeding up the insertion of a sorted (or mostly-sorted) key list into a <CODE>std::map</CODE> or other ordered associative container
Provide a hint for the location of the next item.
On catching exceptions in PPL tasks
You also have to catch the exception when it comes out the end of the task chain.
What is the opposite of <CODE>LVM_SORTITEMS</CODE>?
How can you unring the bell?
How do I free the pointers returned by functions like <CODE>GetTokenInformation</CODE>?
They are all pointers back into the main memory block.
It appears that I’ve never made a complete visit to the Pacific Northwest
If the marketing department is to be believed.
Summary of the duck-typing requirements of C++ COM wrappers
Wrapping up and comparing.
What are the duck-typing requirements of C++/WinRT <CODE>com_ptr</CODE>?
The experiments conclude.
What are the duck-typing requirements of wil <CODE>com_ptr</CODE>?
The experiments continue.
What are the duck-typing requirements of WRL <CODE>ComPtr</CODE>?
Another round of experimentation.
What are the duck-typing requirements of ATL <CODE>CComPtr</CODE>?
Looking for the minimum requirements.
What are the duck-typing requirements of MFC <CODE>IPTR</CODE>?
Seeing what goes wrong and trying to fix it.
What are the duck-typing requirements of <CODE>_com_ptr_t</CODE>?
As long as you fulfill the contract, based on method names.
The case of the crash in a C++/WinRT coroutine: Unpeeling the onion
Digging deeper and deeper.
Why does XAML complain that none of the overloads of <CODE>winrt::to_hstring</CODE> could be used?
Look at what you are converting from and converting to.
What can I do if I don’t want my file version number to be a sequence of four integers?
The format is enforced by the Windows file format, but you can present the information in a custom way.
Why does Task Manager disappear briefly when you switch it into or out of <I>Always on top</I>?
Ascending to another plane of existence.
How is it even possible to cheat on a musical performance practical exam?
Nature finds a way.
A quick note about WRL’s <CODE>ChainInterfaces</CODE> template class
For interfaces which extend each other.
On the finer points of cancelling timers and wait objects in Windows thread pool
Assorted little details.
What’s up with this new <CODE>memory_<WBR>order_<WBR>consume</CODE> memory order?
A weaker variation of acquire.
One way to defer work when a re-entrant call is detected
Tying a string on your finger, as a reminder to yourself.
A code comment noting the steps to take when a 256th enum field is added
A note for my future self.
Why is <CODE>std::hardware_destructive_interference_size</CODE> a compile-time constant instead of a run-time value?
The compiler is already making compile-time assumptions about the processor; you just don't realize it.
Protecting a broker from a failing delegate
Catching them in a different way.
Protecting a broker from a failing event handler
Gotta catch them all.
The case of the unhandled exception in a brokered Windows Runtime component
Digging into the event dispatch code.
No, it is not a security vulnerability that there is no certificate of appreciation for reporting a bug
It wasn't even a bug report.
How can I find the invalid class when C++/WinRT tells me that the class may not be final?
It's in the error details.
How can I convert a WIC bitmap to a Windows Runtime SoftwareBitmap? part 4: Handing it over
Just take the whole thing.
How can I convert a WIC bitmap to a Windows Runtime SoftwareBitmap? part 3: Filling the SoftwareBitmap directly
Avoiding the intermediate buffer.
How can I convert a WIC bitmap to a Windows Runtime SoftwareBitmap? part 2: Via a buffer
Passing raw pixels across.
How can I convert a WIC bitmap to a Windows Runtime SoftwareBitmap? part 1: Via an encoded stream
We'll start with the hard way, but it gets easier.
Why is there a large gap between some of the Windows system metrics indices?
An artifact of the internal implementation.
The case of the PasswordVault.Add call that the customer thinks was hung
But was it really hung? Or did it just look that way.
An ignored exception can be misinterpreted as a hang, particularly in coroutines
I mean, execution seems to have stopped.
How do I modify the contents of a boxed Windows Runtime value?
Once it's in the box, you can't change it.
What is the maximum size of a process environment block?
There's no hard-coded limit in Windows, but maybe somebody else has a limit.
C++17 creates a practical use of the backward array index operator
Possibly more than just a curiosity.
What is this <CODE>[uuid(…)]</CODE> in front of my C++ class declaration?
It's an old nonstandard syntax that you should try to move away from.
If you want to watch games on your tractor, please use your own iPad
Not an approved use of the embedded system.
How can I box a <CODE>std::optional</CODE> into a C++/WinRT <CODE>IInspectable</CODE>?
There's a handy conversion for that, but you have to know where to look.
The <CODE>WM_GETDLGCODE</CODE> message is a query message and should not modify state
Wait until you actually get the message.
How can I try to escape the disease-ridden hot-tubs known as the TEMP and Downloads directories?
You can ask that dependent DLLs be loaded from the System32 directory.
Using the contents of a file to define an MSBuild property
A little trick that maybe should be better known.
Adventures in application compatibility: The case of the jump into the middle of an instruction from nowhere
Another rogue patcher.
How unique must the <CODE>uIdSubclass</CODE> parameter be when I call <CODE>SetWindowSubclass</CODE>?
Each one identifies an instance of the subclass for the window.
Why am I getting a weird error about <CODE>promise_type</CODE> when I try to write a coroutine? part 2
Are you even writing a coroutine?
Why does the usage of the initial registers of a Win32 process depend on whether it is a 32-bit or 64-bit process?
Well, I mean, it's a different processor.
On the proper care and feeding of the enigmatic <CODE>GetDistanceOfClosestLanguageInList</CODE> function
Thinking about how this could be used.
Exploiting C++/WinRT CRTP: Property and event declarations
They don't have to be methods; they just have to look like methods.
Mind your C++/WinRT namespaces
What you say changes meaning depending on where you are.
How can I create a git feature branch that can merge into multiple other branches?
Just work in your patch branch.
Did Vienna ever exist or was it just misinformation?
It could be neither.
The 2023/2024 Seattle Symphony subscription season at a glance
The pocket reference guide for 2023/2024.
What is the expression language used by the Resource Compiler for non-preprocessor expressions?
Oddly different for a different audience.
When should I use <CODE>CS_GLOBALCLASS</CODE>?
When you want to be summoned from anywhere.
From a Windows app, how can I check whether there is an app installed that implements a particular URI scheme?, part 2
Alternatives that work for unpackaged apps.
From a Windows app, how can I check whether there is an app installed that implements a particular URI scheme?
Additional function to let you see what is available.
Microspeak: Baseball card
A one-page summary, and this time we mean it.
I can create a read-only page, but why not a write-only page?
At the end of the day, it comes down to processor support.
Enumerating Windows clipboard history in PowerShell
Doing Windows Runtime things from PowerShell.
Enumerating Windows clipboard history in C++/WinRT and C#
Exploring the clipboard history API.
If you want to sort a Windows Runtime collection, you may first want to capture it into something a bit easier to manipulate
Moving everything into the same universe.
Once you give away the farm, you can’t take it back: Recovering from a rogue administrator
Who knows what happened to it while you weren't looking.
The unintentionally-expanding scope of the <CODE>SEM_NOGPFAULTERRORBOX</CODE> flag
Other suppressions caught in its net.
Understanding a mysterious <CODE>RPC_<WBR>E_<WBR>WRONGTHREAD</CODE> exception when we’re on the right thread
Things can go wrong in ways you may not have realized.
Why am I getting an unhandled exception from my C++ function that catches all exceptions?
Yes, you caught an exception. But that's not the one that went unhandled.
Avoiding the redundancy of adding the object files to both the primary project and its unit test
Adding another level of indirection.
Microspeak: Light reading (ironic)
Just a fun diversion.
The case of the mysterious "out of bounds" error from <CODE>CreateUri</CODE> and <CODE>memmove</CODE>
Unfolding some COMDATs.
What happens if you co_await a std::future, and why is it a bad idea?
Just waiting for something to finish.
What does it mean when my cross-thread COM call fails with <CODE>RPC_<WBR>E_<WBR>SYS_<WBR>CALL_<WBR>FAILED</CODE>?
Look for an unresponsive recipient.
What are the potentially-erroneous results if you don’t pass NULL as the lpNumberOfBytesRead when issuing overlapped I/O?
It's to avoid a self-inflicted race condition.
Why are the Windows chassis hardware button hotkeys so strange?
Operating within the constraints of the system.
Adventures in application compatibility: The case of the display control panel crash on exit
When you get a 64-bit pointer, you probably should remember all 64 of the bits.
The case of the <CODE>RPC_<WBR>E_<WBR>DISCONNECTED</CODE> error thrown from <CODE>await_<WBR>resume</CODE>
You can keep trying, but the result won't change.
A more direct and mistake-free way of creating a process in a job object
A new attribute for creating a process directly in a job object.
How can I get the original target of a shortcut without applying any 32-bit adjustments?
Disable the fancy tracking.
The frustration of finding a suitable time to hold a meeting when the participants are evenly spaced around the globe
Somebody has to suffer, but we try to make sure it's not the same person each time.
It rather involved being on the other side of this airtight hatchway: Reading the user’s saved passwords
Only the user can read their own saved passwords, so you must already have gained total control over the user.
Inside C++/WinRT: Coroutine completions: Cancellation propagation
Giving up.
Hyperlinking to Hutchison Whampoa Limited is still forbidden
Didn't make you look.
Inside C++/WinRT: Coroutine completions: Avoiding reentrant completion
Resuming the coroutine directly, rather than consuming yet more stack.
Inside C++/WinRT: Coroutine completion handlers: Disconnection
When the other end hangs up without even saying good-bye.
Inside C++/WinRT: Apartment switching: Error reporting
If you can't get back to where you started, who you gonna call?
Inside C++/WinRT: Apartment switching: COM without COM
Also known as Nano-COM.
Inside C++/WinRT: Apartment switching: Unwinding the stack
Reducing stack usage.
Inside C++/WinRT: Apartment switching: Bypassing the context callback
Reducing stack usage.
Inside C++/WinRT: Apartment switching: Unblocking the outgoing thread
Avoiding the problem of the synchronous apartment-changing callback: Let the outgoing thread do whatever it wants to do next.
Inside C++/WinRT: Apartment switching: The basic idea
Getting back to where you started.
Inside C++/WinRT: Coroutine completions: The oversimplified version
Resuming the coroutine when the asynchronous work completes.
How can I call a method on a derived class from a base class, say, to get a strong reference to the containing object?
A variety of patterns are available.
Windows Runtime asynchronous operations can fail in two different ways, so make sure you get them both
Fail me now or fail me later.
It rather involved being on the other side of this airtight hatchway: Attacking a user by modifying that user’s files
You're just attacking yourself.
A trio of dubious denial-of-service security vulnerability reports which are just style points piled on top of nothing
You could have accomplished the same thing with a garbage file.
Making C++ primitive types meaningfully movable when they have sentinel values
The value actually moves now.
Adventures in application compatibility: Querying for an internal interface
Reaching in and fiddling the internal knobs.
How should I interpret the various values of <CODE>NLM_CONNECTIVITY</CODE>?
Different levels of connectedness.
What does it mean when I get a mismatch from MSVC for <CODE>_COROUTINE_ABI</CODE>?
The two different kinds of coroutine interfaces shouldn't be mixed and matched.
It rather involved being on the other side of this airtight hatchway: Administrator attacking a domain account on the local system
You don't gain control over any other systems.
On leading underscores and names reserved by the C and C++ languages
The rules laid out.
Dubious security vulnerability: Granting access to SIDs that don’t exist yet
You can put anyone you like on your guest list, even if they don't exist.
How can I force a user to have a specific SID prefix, so that they go into a particular group?
The prefix doesn't define group membership.
Using perfect (and imperfect) forwarding to simplify C++ wrapper classes
Just call that other thing the same way you called this thing.
It rather involved being on the other side of this airtight hatchway: Gaining code execution from a Trojan horse
You already have code execution, so it's not surprising that you can gain code execution.
Opinionated notes on the Windows.Data.Json namespace
It's available if you need it, but there are some tricks and pitfalls, and you may very well have better options.
2022 year-end link clearance
Closing the book on another year.
When I create a waitable timer with a callback, do I have to wait alertably on that specific timer before the callback will run?
Any alertable wait will do.
How can I detect programmatically whether Windows is an N or KN version?
Don't check the version, just check the feature.
After importing a TLB, how do I convert from one type of <CODE>_com_ptr_t</CODE> to another?
Digging into the source code.
Why can’t I print when I boot Windows into audit mode?
It's not all there.
The worst-selling Microsoft software product of all time: OS/2 for the Mach 20
Count 'em on one hand.
The case of the recursively hung <CODE>WM_DRAWCLIPBOARD</CODE> message
Understanding why it's happening and how you can avoid it.
Is there a fixed virtual address that the system promises never to use for anything, so I can use it?
Everything is up for grabs.
Running some UI code on a timer at a higher priority than your usual timer messages, or without coalescing
You can build your own timer system.
Why doesn’t the BitLocker wizard let me save the BitLocker key on an encrypted drive?
Don't lock your keys in the car.
On the large number of ways of expressing Microsoft Visual C++ compiler versions
So many version numbers.
Why doesn’t Windows use the 64-bit virtual address space below <CODE>0x00000000`7ffe0000</CODE>?
It does use it, although it doesn't look like it.
Inside C++/WinRT: <CODE>IReference<T></CODE>
Reverse-engineering the usages from the code.
In C++/WinRT, how do I create or consume an <CODE>IReference<T></CODE> that wraps a particular value?
Conversions to and from <CODE>IReference</CODE>.
Thank you for conference announcement, but it would help if you told me what your conference was about
There was an announcement of an all-day Microsoft-internal conference featuring a project I will call Project Enzyme. The announcement went like this: The Project Enzyme Forum is our flagship community conference that brings together engineers, project managers, data scientists, and designers from around the company to learn about Project Enzyme and get a first look at some of the exciting new improvements in the platform. Senior leaders will share their vision for Project Enyzme and how we can use it to create the next wave of cutting-edge products and experiences. Other senior leaders will participate in a ...
What does it mean when the compiler tells me that <CODE>promise_type</CODE>: is not a member of <CODE>coroutine_traits<void></CODE>?
Applying your understanding of the coroutine transformation.
How can I do the opposite of <CODE>compare_exchange</CODE> and exchange if the value is <I>different</I>?
An exchange with itself has no effect on the value.
If you’re going to wrap a Windows Runtime event, you may as well let the wrapped event source manage the token
It keeps the original object in control.
Reminder: If you intend to use a C++/WinRT namespace, you must include that namespace’s header file
Various errors that can be traced back to breaking that one rule.
Trouble connecting to Web sites and services because of certificate errors? Check if you’re being held captive
There's a man in the middle.
Instead of a C++ template parlor trick, why not just add support based on whether the header file has already been included?
Header file inclusion order dependencies.
C++ template parlor tricks: Using a type before it is defined
You can talk about hypothetical things, hoping that a real thing shows up later.
Not even trying to cross an airtight hatchway: Calling a function in your own process by synthesizing a function pointer
You can already attack yourself in far more interesting ways.
I used <CODE>FILE_FLAG_SEQUENTIAL_SCAN</CODE> but it didn’t seem to speed up my sequential scanning
It triggers prefetching, but your usage pattern may mean that prefetch doesn't mean much.
Dubious security vulnerability: Reading the files in the WindowsApps folder
You already had access to those files, by virtue of the fact that they ran in the first place.
What kind of caller diagnostic information can I get from exceptions thrown by C++/WinRT and wil?, C++20 edition
The state of the art has moved forward slightly.
The case of the application that used thread local storage it never allocated
Of course it's there, isn't it? I mean, it's always been there.
How do I pass a raw pointer to a Windows Runtime function?
Raw pointers don't exist in the Windows Runtime, so you'll have to re-express it in terms of something that does.
How does JavaScript represent output parameters in the Windows Runtime?
It has to fake it.
Sometimes perfect forwarding can be too perfect: Lazy conversion is lazy
Lazy conversion is too lazy.
Microspeak: Breaking into jail
Just asking for trouble.
What kind of caller diagnostic information can I get from exceptions thrown by C++/WinRT and wil?
A survey of the current state of the art.
On Windows Runtime asynchronous operations with critical progress reports
Make the caller provide the progress handler up front.
How soon is too soon to report progress from a C++/WinRT coroutine that implements a Windows Runtime asynchronous operation with progress?
If a progress is sent to a forest but there's no one there to hear it.
Why won’t C++/WinRT let me <CODE>co_await</CODE> a <CODE>CoreDispatcher</CODE> or <CODE>DispatcherQueue</CODE>?
Making sure you meet the usual prerequisites.
It’s important to get the most difficult part out of the way by putting it in the title
It does much less harm there than in the body.
How does Windows decide whether your computer has limited or full Internet access?
Looking for special servers.
C++ constexpr parlor tricks: How can I obtain the length of a string at compile time?
The <CODE>constexpr</CODE>'ification of <CODE>strlen</CODE>.
If I issue multiple overlapped I/O requests against the same region of a file, will they execute in the order I issued them?
Overlapped I/O refers to temporal overlap, and that includes completion out of order.
On the dangers of giving a product feature the name “new”
It may be new today, but it won't be new tomorrow.
Why don’t Windows functions begin with a pointless MOV EDI,EDI instruction on x86-64?
Applying the hot-patch in a different way.
Why is there a system sound called Asterisk? What sound does an Asterisk make anyway?
It's to accompany the asterisk, back when we had an asterisk.
My niece is just here for the food
The important part of the trip.
In the debugger, how can I get from a projected type back to the C++/WinRT implementation?
Look behind you.
Why am I getting a <CODE>RPC_E_WRONG_THREAD</CODE> exception when I’m on the right thread?
It's the wrong thread from XAML's point of view.
How does the dialog manager calculate the average width of a character?
It's a simple formula, perhaps too simple.
A history of the <CODE>fd_set</CODE>, <CODE>FD_SETSIZE</CODE>, and how it relates to WinSock
The <CODE>fd_set</CODE> started out as just a bitmap.
What is a “Select Administrator”? Is that some special elite kind of administrator?
It's two different messages that combine in an interesting way.
How can I test my geolocation code on a system without a GPS?
You can use the Windows Device Portal to create a synthetic GPS.
Setting properties in C++/WinRT is done by a function call, but you need to call the function the right way
The new value is the function parameter.
Why am I seeing two WRITE requests at the same offset from a single call to WriteFile?
It started as one write, but turned into a lot of other things.
What can or should I do with the cursor handle returned by <CODE>SetCursor</CODE>?
You can put it back, but sometimes you need to make sure you do it before anybody else can see the change.
Why are many Windows user interface elements positioned at multiples of 4 or 8 pixels?
It depends on whose pixels you're talking about.
Why can’t I programmatically inspect the check boxes in the Security property sheet any more?
Abusing the <CODE>ISecurityInformation::<WBR>PropertySheetPageCallback</CODE> method.
What happens if my C++ exception handler itself raises an exception?
And comparing to the handling of structured exceptions.
Is it true that raising a structured exception from a structured exception handler terminates the process?
Untangling the myth.
Why is there a <CODE>make_unique</CODE>? Why not just overload the <CODE>unique_ptr</CODE> constructor?
You'll have to resolve the ambiguity, so you're still typing a lot.
Why is there a <CODE>passwords.txt</CODE> file on my system that’s filled with somebody else’s passwords?
It's part of an open-source password strength package.
How can I check the integrity level of my process?
A series of range checks.
The case of the memory corruption from a coroutine that already finished
The zombie coroutine.
How can I check whether the user’s network connection is roaming or metered?
The classic way and the Windows Runtime way.
One possible reason why your program crashes when submitted to the Microsoft Store, but it runs fine on your machine
Check your minimum requirements.
Clicking past the warning that you are about to cross the airtight hatchway: Vulnerable file type that you are warned about
Acknowledging the danger but complaining about it anyway.
On the overloading of the address-of operator <CODE>&</CODE> in smart pointer classes
Different patterns, which means you're never sure what you're going to get.
How can I perform a CopyFile, but also flush the file buffers before the destination handle is closed?
Your callback function can do things with the handle, even extend their lifetime.
The Import Address Table is now write-protected, and what that means for rogue patching
Making a potential attack vector less attractive.
The gotcha of the C++ temporaries that don’t destruct as eagerly as you thought
You have to look for the end of the full expression.
Starting on the other side of this airtight hatchway: Overwhelming the system
It'll take time for things to drain out.
Feel free to stop using IMultiLanguage2::DetectInputCodepage
You should have been keeping your eye on the code page all along.
Debugging coroutine handles: Looking for the source of a one-byte memory corruption
Applying what we know about coroutines.
I did that merge-as-cherry-pick thing, but my change still didn’t merge correctly
A case study of what goes wrong.
Why does COM express GUIDs in a mix of big-endian and little-endian? Why can’t it just pick a side and stick with it?
Oh, it does pick a side. It's just that some dashes are missing.
Microspeak: Break glass
Metaphorically breaking the glass in case of emergency.
What does the C++ error “A pointer to a bound function may only be used to call the function” mean?
You got all set to call a function but forgot to call it.
Why am I receiving <CODE>SHCNE_<WBR>UPDATEDIR</CODE> notifications that my code never generates?
You did generate them, indirectly.
How can I get WRL to link my object into its activation factory?
More magic macros.
How can I trigger a recalc of the mouse cursor after I changed some of my internal application state?
Go through the standard process one more time.
Janet Jackson had the power to crash laptop computers, follow-up
Deeper speculation by others.
Why load fs:[0x18] into a register and then dereference that, instead of just going for fs:[n] directly?
Simplifying the compiler.
Serializing asynchronous operations in C++/WinRT, gotchas and final assembly
Cancellation and abandonment.
Serializing asynchronous operations in C++/WinRT
Making them run one after the other.
Creating a lazy-start C++/WinRT coroutine from an eager-start one, part 2
Keeping a turkey in suspense.
Creating a manual-start C++/WinRT coroutine from an eager-start one, part 1
Ready, wait for it.
Serializing asynchronous operations in C#
Making them run one after the other.
The case of the APC that never arrives
Or maybe it did?
How do I consume raw COM interfaces from a Windows Runtime metadata file?
There's a handy tool for generating raw COM interfaces.
It rather involved being on the other side of this airtight hatchway: Replacing a service binary
Looking for misconfigured services.
Commonly-supported Windows shortcuts for pasting without formatting
Variations on a paste theme.
Is there any meaningful way to compare two Time Travel Debugging positions?
They are basically in chronological order, subject to the uncertainty of multiprocessing.
The case of the recursively-acquired non-recursive lock, and how to avoid the unintentional reentrancy
Watch what you do when you hold a lock.
Why am I getting a null pointer crash when trying to call a method on my C++/WinRT object?
Requirements weren't met.
The x86-64 processor (aka amd64, x64): Whirlwind tour
Pretty much a 64-bit-ification of the i386.
The AArch64 processor (aka arm64), part 25: The ARM64EC ABI
Aligning with the x86-64 calling convention.
The AArch64 processor (aka arm64), part 24: Code walkthrough
Putting theory into practice.
The AArch64 processor (aka arm64), part 23: Common patterns
Learning to recognize various code generation patterns.
The AArch64 processor (aka arm64), part 22: Other kinds of classic prologues and epilogues
Taking shortcuts, or maybe adding steps.
The AArch64 processor (aka arm64), part 21: Classic function prologues and epilogues
Implementing the ABI.
The AArch64 processor (aka arm64), part 20: The classic calling convention
How parameters are passed.
The AArch64 processor (aka arm64), part 19: Miscellaneous instructions
Sweeping up the crumbs.
The AArch64 processor (aka arm64), part 18: Return address protection
Making it even harder to smash the return address.
The AArch64 processor (aka arm64), part 17: Manipulating flags
Trying to twiddle the knobs directly.
The AArch64 processor (aka arm64), part 16: Conditional execution
Making decisions.
Janet Jackson had the power to crash laptop computers
Not an artistic judgement. Just a technical one.
The AArch64 processor (aka arm64), part 15: Control transfer
We're going places.
The AArch64 processor (aka arm64), part 14: Barriers
Keeping things in the right order.
The AArch64 processor (aka arm64), part 13: Atomic access
Don't let someone else get a word in edgewise.
The AArch64 processor (aka arm64), part 12: Memory access and alignment
The load and store part of the load/store architecture.
The AArch64 processor (aka arm64), part 11: Loading addresses
Finding a needle in the haystack of the 64-bit address space.
The AArch64 processor (aka arm64), part 10: Loading constants
Getting them into a register.
The AArch64 processor (aka arm64), part 9: Sign and zero extension
Nothing new here, but old things being used in clever ways.
The AArch64 processor (aka arm64), part 8: Bit shifting and rotation
Sliding around.
The AArch64 processor (aka arm64), part 7: Bitfield manipulation
Peeking inside the words.
The AArch64 processor (aka arm64), part 6: Bitwise operations
And their very strange immediates.
The AArch64 processor (aka arm64), part 5: Multiplication and division
Arithmetic gets harder.
The AArch64 processor (aka arm64), part 4: Addition and subtraction
Starting with the basic arithmetic.
The AArch64 processor (aka arm64), part 3: Addressing modes
The ways of accessing memory.
The AArch64 processor (aka arm64), part 2: Extended register operations
The weird ways of transforming the value in a register.
The AArch64 processor (aka arm64), part 1: Introduction
Make it a double.
Yes, the 8086 wanted to be mechanically translatable from the 8080, but why not add the ability to indirect through AX, CX and DX?
So many addressing modes, so little space.
Using C++/WinRT’s <CODE>final_release</CODE> to control which thread destructs your object
Once it's yours, you can take it wherever you like.
Making sure that people use <CODE>make_unique</CODE> and <CODE>make_shared</CODE> to make your object
Using a secret signal in what is required to be a public constructor.
My class derives from <CODE>std::enable_<WBR>shared_<WBR>from_<WBR>this</CODE>, but <CODE>shared_<WBR>from_<WBR>this()</CODE> doesn’t work
Various cases where your enabled <CODE>shared_<WBR>from_<WBR>this</cODE> doesn't work.
Microspeak: The one-pager
Rarely ever one page long.
C++ coroutine gotcha: Falling off the end of a function-level catch
You still have to return something, but today's compilers don't warn you.
Processing a ValueSet or PropertySet even in the face of possible mutation, part 4
Processing the result differently.
Processing a ValueSet or PropertySet even in the face of possible mutation, part 3
Applying and adapting the pattern.
Processing a ValueSet or PropertySet even in the face of possible mutation, part 2
The first one there has to stay there until the work is done.
Processing a ValueSet or PropertySet even in the face of possible mutation, part 1
Watching out for iterator invalidation.
How can I provide a Windows Runtime ValueSet or PropertySet while non-intrusively monitoring changes to it?
Use the right kind of observer.
Windows Runtime observable collections don’t mix well with multithreading
Concurrent observation and mutation is a bit of a mess.
How can I write a coroutine that produces a result but keeps on running?
Returning without returning.
The empty Windows Runtime string is not just a pretty face
It really is an empty string.
How to write like Raymond: Intentional typographical errors, part 2
I can take you there, but you'll have to fix one tiny typo. Let's see if you can do that.
The case of the constructor that was being ignored
Retracing the compiler's steps.
Under what conditions can I modify the memory that I received in the form a <CODE>STGMEDIUM</CODE>?
If you own it, then it's yours to do with as you wish.
2022 mid-year link clearance
Another accumulation of stuff.
How can I build a URL query string in the Windows Runtime?
Pretend you're submitting a form.
How can I parse URL query string in the Windows Runtime?
There's a query parser built in, but it's a little cantankerous.
Microspeak: Inside baseball
Specialized jargon comprehensible only to a select few.
Starting on the other side of the airtight hatchway: Attacking the batch file parser
Why stop at denial of service when you have remote code execution?
The case of the mysterious over-release from deep inside the marshaling infrastructure
The tedium of monitoring reference counts.
Writing a marshal-by-value marshaler, part 2
Maybe you don't need a copy on the other side.
Understanding the marshaling flags: The free-threaded marshaler
Keeping your eye on the reference count.
Writing a compound marshaler
On the nature of streams.
On the importance of managing the stream pointer when manipulating marshal data
Making sure things are ready for the person who comes after you.
Writing a marshal-by-value marshaler, part 1
Creating an identical object on the other side.
The skeleton marshaler that does default marshaling
Starting with a marshaler that has no special features.
An initial look at the mechanics of how COM marshaling is performed
Pretend you're an oracle.
What are the various usage patterns for manually-marshaled interfaces?
The outermost simple layer, and the more complex inner layer.
Adventures in application compatibility: The case of the PC-relative indirect jump that reads from nowhere
A little too much copy/pasta.
How do I retrieve an extremely large range of cells from Excel if the clipboard functions all time out?
Maybe you shouldn't be using the clipboard.
How can I wait more than 30 seconds for a delay-rendered clipboard format to become rendered?
Provide your own delay.
Is there a maximum size for Windows clipboard data? Because I’m getting null for something I know should be there
There is no pre-set maximum size, but that null might be coming from somewhere else.
How to write like Raymond: Contacting another team for the first time
Flattery will get you in the door.
An opinionated comparison of C++ frameworks for consuming and implementing Windows Runtime types
The three leading contenders.
Assessing a read-after free for security implications: The string comparison
Can you get elevation? What are you disclosing?
Converting between Windows <CODE>FILETIME</CODE> and Unix <CODE>time_t</CODE> without having to type the magic number 116444736000000000
It's not exactly a number that you can rattle off the top of your head.
The case of the COM reference that suddenly went bad in the middle of a coroutine
Is the coroutine really to blame?
The <CODE>activeCodePage</CODE> manifest element can be used for more than just setting UTF-8 as the active code page
AppLocale grows up.
On passing iterables of iterables in the Windows Runtime
Different projections help you out in different ways, some more than others.
Why do rescued stack traces often have instability at the start?
Trying to pick up the scent.
Rescuing a stack trace the lazy way on x86-64 (aka amd64) after the debugger gave up
Looking for a good frame to start from.
How can I get my <CODE>FileSavePicker</CODE> to open in the same folder that was picked by the <CODE>FileOpenPicker</CODE> or <CODE>FolderPicker</CODE>?
Make them all share the same settings identifier.
What is the CreateExplorerShellUnelevatedTask scheduled task?
To keep Explorer running unelevated.
How does Windows decide whether a newly-created window should use LTR or RTL layout?
Gathering the algorithmic details scattered throughout the documentation into one place.
Writing a sort comparison function, part 4: descending sort
Flipping the script.
Writing a sort comparison function, part 3: spaceships
Sprinkling some C++20 magic.
Writing a sort comparison function, part 2: avoid unnecessary expense
Avoid doing the work until needed.
Writing a sort comparison function, part 1: basics
Trying to avoid the pitfalls.
How can I synthesize a C++20 three-way comparison from two-way comparisons?
Multiple ways of synthesizing a comparison.
Should I pay attention to the warning that I’m <CODE>std::move</CODE>‘ing from a trivial type? Part 2
It's not about the journey. It's about the destination.
Should I pay attention to the warning that I’m <CODE>std::move</CODE>‘ing from a trivial type? Part 1
It's just informing you that what you're doing may not have the desired effect, depending on what your desired effect was.
On ways of finding out when a C++/WinRT IAsyncAction has run to completion
Just some noodling on ideas.
A brief summary of the various versions of the Security Descriptor Definition Language (SDDL)
Things come, and rarely go.
Why does my overridable Windows Runtime method turn into a protected method, and how can I work around it?
Just an odd rule, but it's there for a reason.
On awaiting a task with a timeout in C++/WinRT
Doing the same thing, just in another language.
On awaiting a task with a timeout in C#
Putting something together from pieces you already have.
Producing an empty Windows Runtime type in C++/WinRT
How to say that you don't have anything.
What are these SIDs of the form S-1-15-3-xxx?
They are app capability SIDs.
What are these SIDs of the form S-1-15-2-xxx?
They are app container SIDs.
The case of the failed exchange of the vtable slot
Another application compatibility case.
What’s up with <CODE>std::piecewise_construct</CODE> and <CODE>std::forward_as_tuple</CODE>?
When you need to pass two sets of variadic parameters, and to work around other extremely weird edge cases.
How do I decode a <CODE>#pragma detect_mismatch</CODE> error?
The linker tells you a bunch of stuff. Here's what it means.
Be careful with that thing, it’s a confidential coffee maker
Just keep it under wraps.
How can I force a <CODE>WriteFile</CODE> or <CODE>ReadFile</CODE> to complete synchronously or hang, in order to test something?
You can use a named pipe.
Trying to create a factory that remembers the parameters to pass to another method
Lost in a twisty maze of universal references.
How do I access and customize the IInspectable methods of a Windows Runtime class written in C++/WinRT?
Special access methods, but normal overrides.
Class template argument deduction may be the new hotness, but we’ll always have maker functions
It's all or nothing, and sometimes you don't have all.
The Applesoft Compiler (TASC): We have the source code, in a sense
The desperation of programming under tight memory constraints.
The x86 architecture is the weirdo, part 2
It does everything differently, because of course it does.
How can I <CODE>co_await</CODE> on a Windows Runtime async action or operation with a timeout?
You can combine it with a timeout.
How can I tell the WIL <CODE>RETURN_<WBR>IF_<WBR>FAILED</CODE> macro that some errors are ignorable?
You can create a custom filter using things you already know how to do.
A survey of how implementations of Windows Runtime events deal with errors
All happy event delegates are alike; each unhappy event delegate is unhappy in its own way.
Notes on BitLocker and the TPM and the pre-boot password or PIN
How to get BitLocker and the TPM to play friendly.
Now that computers have more than 4MB of memory, can we get seconds on the taskbar?
Letting the CPU go to sleep.
Please repeat yourself: The <CODE>noexcept(noexcept(…))</CODE> idiom
Each time you say it, it means something different.
If I am getting a DllNotFoundException from Windows 10 N, how do I get the missing DLLs?
Enter the Media Feature Pack.
All Windows threadpool waits can now be handled by a single thread
Come in and join the thread, the water's fine.
Adventures in application compatibility: The case of the RAII type that failed to run its destructor
Breaking all the rules and getting away with it.
How are Windows Runtime GUIDs represented in JavaScript?
They're strings, in various formats.
The <CODE>std::invoke</CODE> function does more than invoke functions
Inspiring a new level of code obfuscation.
Should I translate my window class names?
Who's going to read it?
Why am I getting the error message “This is only for weak ref support” when I try to create a C++/WinRT weak reference?
Reverse-engineering the error message.
How to become a Senior Detective, according to Murderville
A little copy pasta will take you far.
Why are there separate Program Files and Program Files (x86) directories?
Why can't we just combine them?
Why is every other line of my file mysteriously changed to nonsense Chinese characters?
Decoding another type of mojibake.
The 2022/2023 Seattle Symphony subscription season at a glance
The pocket reference guide for 2022/2023.
Behind C++/WinRT: How does C++/WinRT get the list of implemented interfaces?
Doing some template metaprogramming reverse engineering.
Behind C++/WinRT: How does C++/WinRT decide which interfaces are implemented?
Finding the code that does the interface detection.
Why does C++/WinRT say that <CODE>first_interface</CODE> is not a member of <CODE>winrt::impl::interface_list<></CODE>?
An empty list has no first element, but why is the list empty?
A hypothetical magical musical power: The one-piece wonder
You can play one thing well, but only one.
How do I un-ignore an Outlook email thread, and how does it work?
A peek under the covers.
Injected class names: The C++ feature you didn’t even realize that you were using
Simplifying the name of what you are.
Making our multiple-interface query more C++-like, part 2
Letting you specify which interfaces are required and which are optional.
Making our multiple-interface query more C++-like, part 1
Maybe we can write a nice wrapper.
Reducing chattiness by querying for multiple interfaces at once, part 2
You can just load them into the cache.
Reducing chattiness by querying for multiple interfaces at once, part 1
The multiple-query alternatives.
How expensive is PssCaptureSnapshot? How fast is it? How much memory does it consume?
Think of it as a copy-on-write copy, like the Volume Snapshot Service.
Optimizing code to darken a bitmap, part 5
Once more, with ARM feeling.
Optimizing code to darken a bitmap, part 4
Bringing out the big SIMD guns, for x86 at least.
Optimizing code to darken a bitmap, part 3
Jumpless conditionals via masking.
Optimizing code to darken a bitmap, part 2
Exploiting parallel arithmetic.
Optimizing code to darken a bitmap, part 1
Starting with the basics.
If the slim reader/writer lock (SRWLOCK) doesn’t remember who the shared lock owner is, does that mean it’s okay to acquire it recursively?
No, but you sort of knew that deep down.
Filtering out fake keyboards from the GetRawInputDeviceList function
Maybe look to see if it has any keys.
How can I detect whether the system has a keyboard attached? On the GetRawInputDeviceList function
You can enumerate the input devices and see if there's a keyboard.
How does Windows decide what instructions to provide for unlocking the PC?
It sniffs around at your hardware capabilities.
Zero-cost exceptions aren’t actually zero cost
Shifting the cost to the exceptional path.
How can I monitor changes to the reference count of a C++/WinRT object?
A little cookbook.
COM asynchronous interfaces, part 9: Asynchronous release, assembling a solution
Juggling the references in the right way.
COM asynchronous interfaces, part 8: Asynchronous release, the problems
If you don't need something any more, then you usually don't really care when it gets taken away.
COM asynchronous interfaces, part 7: Being called directly when the operation completes
Becoming part of the system.
COM asynchronous interfaces, part 6: Learning about completion without polling
You can peek at the handle hiding inside the synchronization interface.
COM asynchronous interfaces, part 5: The unreliable server
Trying not to hang when the server is hung.
COM asynchronous interfaces, part 4: Doing work while waiting for the asynchronous operation
Just checking in on how things are going.
COM asynchronous interfaces, part 3: Abandoning the operation after a timeout
Waiting a little while, but not forever.
COM asynchronous interfaces, part 2: Abandoning the operation
Simply losing interest.
COM asynchronous interfaces, part 1: The basic pattern
Letting things run on their own, and then coming back for the answer later.
Notes on COM aggregation: How do you implement tear-offs in an aggregated object?
Keeping the controlling unknown in the know.
Notes on COM aggregation: Obtaining a pointer to your aggregated partner without introducing a reference cycle
Putting your thumb on the scale.
How can I find out which processor architectures are supported via emulation by the current system?
Fortunately, there's a special function for that, or at least for enough of that to serve your needs.
The cats sitting on a fence in early builds of Windows 8
Something to look at when all is lost.
On finding the average of two unsigned integers without overflow
Another code golfing adventure.
The case of the stack overflow exception when the stack is nowhere near overflowing
There's a problem with the stack that prevents it from growing, so you could consider than an overflow.
A closer look at the stack guard page
It is there to detect stack growth, but only if the stack grows into it.
Gotcha: C++/WinRT weak_ref.get() doesn’t get the weak reference; it gets the strong reference
What traditionally goes by the name <CODE>lock()</CODE>.
How do I customize the color of the Windows blue screen?
It's hard-coded now, sorry.
Why does the Windows debugger engine show a bunch of hex digits after one of the DLL names?
It's trying to disambiguate name collisions.
How can I recognize whether two handles refer to the same underlying file?
Exploring several avenues, hoping one of them leads somewhere.
How can I recognize file systems that don’t support 64-bit unique file identifiers?
It's buried somewhere in the specification.
What are these weird internal Visual C++ runtime functions named NLG?
They are part of exception handling.
I deleted a file from Explorer, but it came back when I refreshed, and I get Access Denied if I try to delete it again
The file is circling the drain, but it's not gone yet.
The MainWindowHandle property is just a guess based on heuristics
If you really need to find your main window, you'll have to come up with something more determinstic.
Fixing the crash that seems to be on a <CODE>std::move</CODE> operation
Getting the order of evaluation to be what you want.
The mystery of the crash that seems to be on a <CODE>std::move</CODE> operation
But is that really what's happening?
The error code you get might not be the one you want
Some error codes are contractual, but most aren't.
How to write like Raymond: The typing-saver
One of my little catch phrases.
C# and C++ type aliases and their consequences
Just some idle thoughts, and what it means for debugging.
Resolving confusion over how to return from a C++ coroutine
You have a few options, but you have to stay with it.
The oracle always tells the truth, even when it is wrong: COM method calls with a user-defined type as a return value
What you ship becomes the truth.
Standing on the shoulders of giants: Let the compiler tell you what the ABI is
Consult the oracle.
Jumping into the middle of an instruction is not as strange as it sounds
It's just another trick for saving space.
How can I detect that a thread pool work item is taking too long?
Call in a watchdog.
How do I upgrade a 32-bit tick count to a 64-bit one?
Fortunately, there's a 64-bit one sitting nearby.
Filling in some gaps in the story of Space Cadet Pinball on 64-bit Windows
The story as I experienced it.
How do I prevent folder verbs intended for file system directories from showing up in my shell extension’s virtual folder’s context menu?
They shouldn't be there in the first place.
My Excel spreadsheet doesn’t scroll even though I can use the arrows to move around
Freeze, and put your hands up!
Speculation on the design decisions that led to the common ABI for C++ coroutines
Considering some alternatives.
2021 year-end link clearance
Another trip around the sun.
The case of the programs that were launched with impossible command line options
Death and resurrection, unsuccessfully.
The C++/CX <CODE>String^</CODE> is not an object, even though it wears a hat
A strange beast that thing is.
You can’t copy code with memcpy; code is more complicated than that
There's more to code than just instructions.
A rejected attempt to inject pseudo-physics into Windows 8 toast notifications
Like a mischievous rubber band flung across the screen.
How do I add custom controls to the common file open or file save dialogs?
A survey of the history of customization, leading to the present.
The Thanksgiving to Christmas sales nationwide of the VIS could be tabulated in an unsigned char
One of the great duds of console gaming history.
It’s easy to get data into the GPU, but harder to get it out
The continuing evolution of graphics memory.
How do I programmatically reposition monitors in a multiple-monitor system?
The magic phrase is <CODE>DM_POSITION</CODE>.
You thought Windows drivers from 2006 were old, wait’ll you see the Intel drivers from 1968!
It's the same driver date hack, just even more extreme.
Why do I have to add one when setting a class background brush to a system color?
To make sure it's not null.
Why is the stack overflow exception raised before the stack has overflowed?
You need some stack to deal with the exception.
Why does the precise point at which I get a stack overflow exception change from run to run?
The system is trying to introduce some unpredictability.
What does “Do not launch, but debug my code when it launches” mean?
Don't launch my code when it launches? Does that even make sense?
Embarrassing product names created: Windows CE
You do all you can, but at the end of the day, it's not yours to control.
Dubious security vulnerability: Accessing information across accounts after changing email address
It's still you, just with a different online façade.
It’s okay to be contrary, but you need to be consistently contrary: Going against the ambient character set
Code different.
If you’re going to configure a header file, you have to do it before you include the header file
It sounds obvious, but you can be faked out.
Using CRTP to your advantage: Simplifying overloaded Windows Runtime method projections in C++/WinRT
As long as the wrapper can call it, you can implement it any way you like.
What happens when a hot air balloon lands in your yard?
Break out the bubbly.
It rather involved being on the other side of this airtight hatchway: Producing malicious data in a kernel driver
Sure, you can fool other people, but you can do far more than that already.
Compiler error message metaprogramming: Helping to find the conflicting macro definition
Shaping the code so a required diagnostic will be useful.
How can I produce a C-style array from a Windows Runtime asynchronous operation?
No good solutions, but some workarounds.
How do I receive ownership of a C-style array in a Windows Runtime component?
The implementation side of the role reversal.
How can I transfer ownership of a C-style array to a Windows Runtime component?
Survey the options and realize that the only choice is to go backward.
How can my C++/WinRT component pass a <CODE>std::vector</CODE> back to the caller?
Implementing the ReceiveArray pattern.
How did Windows 3.1’s virtual machine manager get the information to show in the text-mode <KBD>Alt</KBD>+<KBD>Tab</KBD> switcher?
Getting by with a little help from a friend.
The two products may be identical, but they are not the same
No price-matching for you.
I called AdjustTokenPrivileges, but I was still told that a necessary privilege was not held, redux
Did any privilege adjustment occur at all?
How do I pass an array of variable-sized <CODE>PROPSHEETPAGE</CODE> structures to <CODE>PropertySheet</CODE>?
It's "just" an array of variable-sized structures.
Appending additional payload to a <CODE>PROPSHEETPAGE</CODE> structure
Taking it along for the ride.
Every business process secretly wants to fail
At least, that's how it looks from the outside.
A reminder about the correct way of accessing and manipulating the position of icons on the desktop
There's an interface for that. Please use it.
Why is my C++/CX ref class forbidden from having public methods that are templates or mention, say, std::vector?
C++/CX overloads the class member access control keywords to control metadata generation.
What does the CompileAsWinRT Visual Studio project option mean?
And why it's badly-named.
The mental model for StartThreadpoolIo
It's internally managing a reference count.
Microspeak: Righteous
A colloqualism that has become a preferred adjective.
A practical use for <CODE>GetHGlobalFromStream</CODE> when sharing was never your intention
This may even have been its original purpose.
Another way of looking at C++ reverse iterators
It's the same thing, just going in the opposite direction, right?
I sort of knew that I’m a bad flute player, but I guess this proves it
The fault is in ourselves, after all.
The inside story of the outside investigation of SoftRAM 95
It had a plan, but didn't quite execute on it.
How am I supposed to create children of the Win32 tab control?
They look like children, but they're not.
If your domain name parser can’t handle internationalized domain names, then maybe that’s your parser’s problem
Don't blame someone else for letting strange domain names reach you.
Restoring support for pre-standardization coroutine free awaiters for even older code bases
Connecting the dots, and reaching back to an earlier time.
The case of the C++/WinRT cached factories that pointed into freed memory
Developing theories that match the evidence.
How can I prevent myself from accessing a lambda captured variable or a parameter after I’m done with it?
Name-hiding on purpose.
A capturing lambda can be a coroutine, but you have to save your captures while you still can
Save it all before it disappears.
The focus rectangle says, “I’m not orange. I’m just drawn that way.”
How does <CODE>DrawFocusRect</CODE> draw the focus rectangle?
Why do all this coroutine stuff if you can just use <CODE>std::future</CODE>?
Escape from PPL.
Giving a single object multiple COM identities, part 4
Simplifying the pattern.
Giving a single object multiple COM identities, part 3
Returning to the scene of the crime.
Giving a single object multiple COM identities, part 2
Trying to develop a slightly more efficient multi-headed snake.
Giving a single object multiple COM identities, part 1
Like a multi-headed snake.
A very brief introduction to patterns for implementing a COM object that hands out references to itself
We'll look at many choices, but focus on one.
Renaming a file is a multi-step process, only one of which is changing the name of the file
If you're going to swoop in, make sure to swoop in carefully.
Why isn’t <CODE>MapDialogRect</CODE> mapping dialog rectangles?
Maybe you don't have a dialog.
My code crashed when I asked WIL to convert an exception to an HRESULT, did I throw an improper exception type?
Digging into the failure more closely.
That time we had a network outage due to unexpected hunter activity
Watch where you're pointing that thing.
How can I get the screen reader to read out an error message that I displayed inline on a page?
Make it a live region.
What does the <CODE>SizeOfImage</CODE> mean in the <CODE>MODULEINFO</CODE> structure?
It's the size in terms of mapped address space when loaded.
Why does GetModuleInfo fail to produce an entry point for executables?
Because it's getting the information from the loader, who has no use for such things.
Local variables are different from parameters in C++ coroutines
You tend to think of them the same, but they destruct differently.
The happy hand: A puzzle about odd names in Azure DevOps
Who's renaming everything into something cute?
Is there a way that my macro can detect that it’s running in a C++ coroutine?
You are part of the decision.
What can I do about timer build-up when waiting for COM outbound calls to complete?
You'll have to drain them out yourself.
Debugging coroutine handles: The Microsoft Visual C++ compiler, clang, and gcc
Peeking behind the curtain.
Why is the <CODE>main()</CODE> function always at address 0x00401000 in a simple program?
When multiple technical decision add up, literally.
Not from inside the Redmond Reality Distortion Field: Microsoft Streets and Trips support for ferries
From somebody else's reality distortion field.
Some lesser-known powers of std::optional
Things it does that you may not know about.
The subtleties of <CODE>CreateStreamOnHGlobal</CODE>, part 4: Non-movable memory
Fear and reallocation.
The subtleties of <CODE>CreateStreamOnHGlobal</CODE>, part 3: Suppressing the deletion of a shared <CODE>HGLOBAL</CODE>
Trying to set up joint custody.
The subtleties of <CODE>CreateStreamOnHGlobal</CODE>, part 2: Suppressing the deletion of an unknown <CODE>HGLOBAL</CODE>
You don't know what it is, but you said you don't want it deleted automatically.
The subtleties of <CODE>CreateStreamOnHGlobal</CODE>, part 1: Introduction and basic usage
Developing the mental model.
Why am I getting an unresolved external from C++/WinRT if it is a header-only C++ library?
Maybe you didn't get all of the headers.
The case of the UWP application that crashes at launch on Windows 10X
Look before you leap.
Why is there trailing garbage when I try to decode the bytes of a HttpContent object?
You need to know when to stop.
Converting between UTF-8 strings and UTF-16 strings in C++/WinRT
A pair of conversion functions.
The CertUtil program will decode Windows error codes, and in a variety of formats
Even more versatile than <CODE>NET HELPMSG</CODE>.
What does this mean? The caller specified wait timed out before the operation completed because a host termination is in queued
An error message written with infrastructure-colored glasses.
Adventures in application compatibility: The case of the wild instruction pointer that, upon closer inspection, might not be so wild after all
The search for clues leads to an unexpected place.
The C++ implicit assignment operator is a non-ref-qualified member, even if the base class’s assignment has a ref-qualifier
Does that count as dis-qualification?
How do I set the alpha channel of a GDI bitmap to 255?
Most things destroy the alpha channel, but there's a way to bring it back, or at least make it opaque.
Microspeak: Persona
A template for a prototypical user.
The C++/WinRT <CODE>query_<WBR>interface_<WBR>tearoff</CODE> extension point, and using it for COM aggregation
For adding your own <CODE>QueryInterface</CODE> magic.
Ordering asynchronous updates with coroutines, part 5: Bowing out via cancellation
Using the built-in way of stopping a coroutine.
Ordering asynchronous updates with coroutines, part 4: Bowing out, explicit version
Realizing you're not the one.
Ordering asynchronous updates with coroutines, part 3: Let them all compete, but only one wins
Everybody tries, but only one wins.
Ordering asynchronous updates with coroutines, part 2: Restart with hand-off
Everybody just waits their turn.
Ordering asynchronous updates with coroutines, part 1: Mutual exclusion
Everybody just waits their turn.
I declared my Windows Runtime method as accepting an array by reference, but it always arrives empty
You were only meant to put things into the box, not look at what was already there.
Adventures in application compatibility: The cost of forgetting to specify a calling convention
Cleaning up behind mistakes of the past.
Looking at world through __stdcall-colored glasses
It's the default, or at least it's my default.
Notes on the Seattle Symphony’s expanded concert schedule for 2021–2022 season
More concerts, more options.
What are the consequences of increasing the per-process GDI handle limit?
Striking a balance.
The various ways of moving between C++/WinRT and classic COM
Crossing to the other side.
How can I break down a shell item in the same way as the breadcrumb bar?
Gathering the folders that lead up to a shell item, walking up the tree, or walking from the root to the leaf, and then obtaining the desired name.
In C#, how do I get the descriptive text for an HRESULT?
You can pretend it was an exception.
The Windows Runtime PassArray is a read-only array, even though it isn’t declared <CODE>const</CODE>
Because in most languages, there is no such thing as const.
How to sneak the Windows 95 credits screen into the build without anybody noticing
Write it in an obscure language.
C++/WinRT nasty gotcha: <CODE>winrt::param::hstring</CODE> constructed from <CODE>std::wstring_view</CODE> requires null termination
An additional constraint not part of the rules.
How do I find out the size of the mouse cursor?
Well, first you have to decide which one you want to measure.
How to pwn an unattended laptop, according to Humans
According to television.
What is the deal with the SM_CXCURSOR system metric?
A metric from an earlier, simpler time.
What’s with all of the references to “dude” in the accessibility header files?
A catch phrase from long ago.
Is it expected that custom default pinned taskbar items via LayoutModification.xml keep coming back each time the user logs on?
Yes, so you need to plan accordingly.
What are these dire multithreading consequences that the GetFullPathName documentation is trying to warn me about?
The current directory is volatile, so plan accordingly.
Resolving the ambiguity when your C++ class inherits from multiple base classes that have the same method
Steer the compiler toward the method you want.
How can I find the heap that a memory block originally came from, so I can free it properly?
You'll have to keep track of it yourself.
How can I prevent my UWP app from showing up in the Start menu?
Deny its app list entry.
Why did the old RAID database use a signed 16-bit integer for its record count? Why not unsigned, or a 32-bit integer?
You have to understand decisions in context, and that includes knowing the problem it was trying to solve.
Why am I getting a weird error about <CODE>promise_<WBR>type</CODE> when I try to write a coroutine?
Digging into the coroutine infrastructure for the answer.
Using Windows Runtime interop methods from C++/WinRT: Some helper functions
Getting the interface, and the capturing from it.
An example of using Windows Runtime interop methods from C++/WinRT: <CODE>RequestTokenForWindowAsync</CODE>
Understanding how the C++/WinRT interop pieces fit together.
What is a static Windows Runtime class, how should I express it, and when should I use it?
The underlying question is "Can you even make one?"
Why are all of the retail demo names male?
For localization consistency.
How can I figure out which object is being hosted in an instance of dllhost?
Finding the object.
Why doesn’t my asynchronous read operation complete when I close the handle?
Because the file isn't closed yet.
On the interaction between the <CODE>FILE_<WBR>FLAG_<WBR>NO_<WBR>BUFFERING</CODE> and <CODE>FILE_<WBR>FLAG_<WBR>WRITE_<WBR>THROUGH</CODE> flags
Let's fill in another table.
How can I prevent the mouse from moving in response to touch input?
You need to make your program pointer-aware.
Twitter misdetected the 2011 Build conference keynote as a denial-of-service attack
Just a lot of excited developers.
Diagnosing why your batch file prints a garbage character, one character, and nothing more
Following the clues you have.
The history of passing a null pointer as the key name to <CODE>RegOpenKeyEx</CODE>
It doesn't mean anything special any more, but it once did.
The case of the strange NT-style path that was discovered by SearchPath
Remember where it searches.
I know I can change the color of the DC pen, but what about the other attributes?
They're locked in, sorry.
Why does the New menu even exist for creating new empty files?
You have to open the file anyway to make it useful, so why not just open the program directly?
C++11 braced initialization made the impossible possible (and how to fix it so it stays impossible)
Braced initialization to the rescue, or denied.
What’s the difference between throwing a <CODE>winrt::hresult_error</CODE> and using <CODE>winrt::throw_hresult</CODE>?
It affects the error origination.
On proper handling of buffers in COM and RPC methods
The RPC layer deals with most of the problems for you, assuming you're using the RPC layer.
How to perform more complicated search and replace-style renaming in a batch file
Try something other than wildcards.
How did copying and renaming with wildcards work in MS-DOS?
By lining up two parallel arrays.
Why do smart pointers null out the wrapped pointer before destroying it?
It's not a race condition, but it's some condition.
On the perils of holding a lock across a coroutine suspension point, part 3: Solutions
How to avoid the trap.
On the perils of holding a lock across a coroutine suspension point, part 2: Nonrecursive mutexes
Another way things can go wrong.
On the perils of holding a lock across a coroutine suspension point, part 1: The set-up
One way things can go wrong.
How to act like you know Chinese even though you don’t, episode 2
Find the magic word.
What happens if I use a squash instead of a true merge when performing one of the git tricks?
In many cases, the merge is where the magic is.
How a basketball became a featured instrument in a Sting song
It's all in the name.
Is it okay to call <CODE>MapViewOfFile</CODE> on the same mapping handle simultaneously from different threads?
Or do you have to enforce serialization to ensure both calls succeed?
Studying linker error messages to find the cause of the unresolved external: Character sets
Puzzling out why the symbols don't match exactly.
2021 mid-year link clearance
A collection of stuff that has accumulated.
What should the CPU usage be of a fully-loaded CPU that has been throttled?
A valid difference of opinion.
The initializing constructor looks like an assignment, but it isn’t
There is no assignment going on; it's just a quirk of syntax.
The ARM processor (Thumb-2), part 20: Code walkthrough
Putting together what we've learned, with a surprise.
The ARM processor (Thumb-2), part 19: Common patterns
Code sequences you will learn to recognize.
The ARM processor (Thumb-2), part 18: Other kinds of prologues and epilogues
Taking shortcuts and combining steps, or omitting them entirely.
The ARM processor (Thumb-2), part 17: Prologues and epilogues
Implementing the receiving end of the calling convention.
The ARM processor (Thumb-2), part 16: The calling convention
Pretend it's on the stack, even if it isn't.
The ARM processor (Thumb-2), part 15: Miscellaneous instructions
The stuff that didn't fit anywhere else.
The ARM processor (Thumb-2), part 14: Manipulating flags
Reaching in and flipping the switches.
The ARM processor (Thumb-2), part 13: Trampolines
The overly-uniform program counter register strikes again.
The ARM processor (Thumb-2), part 12: Control transfer
Let's go places.
The ARM processor (Thumb-2), part 11: Atomic access and barriers
Doing things one at a time.
The ARM processor (Thumb-2), part 10: Memory access and alignment
It's just loads and stores.
The ARM processor (Thumb-2), part 9: Sign and zero extension
Making small things bigger.
The ARM processor (Thumb-2), part 8: Bit shifting and bitfield access
That barrel shifter again.
The ARM processor (Thumb-2), part 7: Bitwise operations
Flip-flopping the bits.
The ARM processor (Thumb-2), part 6: The lie hiding inside the CMN instruction
Don't let the name fool you.
The ARM processor (Thumb-2), part 5: Arithmetic
Starting with basic mathematics.
The ARM processor (Thumb-2), part 4: Single-instruction constants
Flaunt your barrel shifter if you've got it.
The ARM processor (Thumb-2), part 3: Addressing modes
It's a load-store architecture, but with rather fancy loads and stores.
The ARM processor (Thumb-2), part 2: Differences between classic ARM and Thumb-2
Squeezing into a 16-bit instruction size.
The ARM processor (Thumb-2), part 1: Introduction
Moving into the present.
On the proper care and feeding of the default_overload Windows Runtime attribute
Generally avoid it, but if use it you must, at least follow these rules.
How can I convert between IANA time zones and Windows registry-based time zones?
ICU to the rescue.
How ownership of the Windows clipboard is tracked in Win32
A simple model, complicated by the reality of misuse.
Why are device-independent bitmaps upside down?
Well, it depends on what you consider to be right-side up.
On static methods in the Windows Runtime and C++/WinRT
Transforming the ABI into a projection.
Obtaining attributed network usage information from the Windows Runtime
Breaking it down by application.
Obtaining network usage information from the Windows Runtime
Getting your foot in the door with the NetworkInformation class.
Awaiting Windows Runtime asynchronous operations from C# desktop apps
Need to find the awaiter.
The blessing of the leading zero
Sometimes it's not a curse.
Why did Windows 95 keep window coordinates at multiples of 8?
Because sub-byte memory access is really annoying.
Why isn’t my shell namespace extension getting every single DragOver mouse message?
Trying to avoid too much chattiness for things that aren't important.
Drag/drop effects: The little drop information box
Updating the description.
Using Explorer’s fancy drag/drop effects in your own programs
Accessing those pre-made shell drop effects.
Why does the mouse cursor jump a few pixels if you right-click on the Start button?
To give you a head start.
What are the page sizes used by Windows on various processors?
Usually there was no choice, but sometimes there was.
A subtle way your await_suspend can access the coroutine frame when it shouldn’t
Hiding in the coroutine machinery.
Is std::exception_ptr nothrow constructible and assignable?
Yes, buried in the fine print.
Why is coroutine_handle::resume() potentially-throwing?
It enables a very specific usage scenario.
A map through the three major coroutine series
For your casual reading convenience.
C++ coroutines: Promise constructors
Snooping on the coroutine parameters, with a gotcha.
C++ coroutines: Converting among tasks that use the same promise
Keeping the promise in the dark.
C++ coroutines: Waiting synchronously for our coroutine to complete
Using the extension point for another purpose.
C++ coroutines: Adding COM context support to our awaiter
Getting into the correct context on resume.
C++ coroutines: Snooping in on the coroutine body
Transformers are robots in disguise.
C++ coroutines: How do I create a coroutine that terminates on an unhandled exception?
You need to get inside the coroutine.
C++ coroutines: What does it mean when I declare my coroutine as noexcept?
The noexcept keyword doesn't mean what you think.
C++ coroutines: Associating multiple task types with the same promise type
Using the special initialization rule for <CODE>get_<WBR>return_<WBR>object</CODE>.
C++ coroutines: Improving cold-start coroutines which complete synchronously
Avoiding stack build-up.
C++ coroutines: Cold-start coroutines
On your mark, get set, wait for it!
C++ coroutines: Getting rid of our atomic variant discriminator
Don't look unless you know it's safe.
C++ coroutines: Allowing the awaiter to be destroyed while suspended
We were already there.
C++ coroutines: Getting rid of our reference count
It never goes up. It only comes down.
C++ coroutines: Getting rid of our mutex
We can capture the progress in a single value.
Pivot points and financial numerology
It will or it won't. That's the beauty of it.
C++ coroutines: Making it impossible to co_await a task twice
Always keep moving: Make the <CODE>co_await</CODE> consume the task.
C++ coroutines: Tradeoffs of making the promise be the shared state
Are you meant to be ephemeral, or are you intended to be durable?
C++ coroutines: The lifetime of objects involved in the coroutine function
Follow them as they pop into existence and vanish.
C++ coroutines: Managing the reference count of the coroutine state
Are we done yet?
C++ coroutines: Awaiting the simple_task
Let me know when it's ready.
C++ coroutines: Accepting types via return_void and return_value
A little bit of SFINAE tweaking.
C++ coroutines: Building a result holder for movable types
Not that kind of movable type.
C++ coroutines: Making the promise itself be the shared state, the outline
Now we do it.
C++ coroutines: Making the promise itself be the shared state, the inspiration
Just be it.
C++ coroutines: What happens if an exception occurs in my return_value?
What happens if you can't save the result?
C++ coroutines: The initial and final suspend, and improving our return_value method
Why would you stop before you start?
C++ coroutines: Basic implementation of a promise type
Filling in the diagram with code.
C++ coroutines: The mental model for coroutine promises
We start by drawing pictures.
Creating a task completion source for a C++ coroutine: Failing to produce a result
Stowing an exception.
Creating a task completion source for a C++ coroutine: Producing nothing
Nothing is produced, but you still want to know that the production completed.
SEO spammers don’t really understand who they spammed
Maybe we can help you.
Creating a task completion source for a C++ coroutine: Producing a result with references
Carefully preserved to prevent decay.
The 2021/2022 Seattle Symphony subscription season at a glance
The pocket reference guide for 2021/2022.
Creating a task completion source for a C++ coroutine: Producing a result
Let's call it a result holder.
Creating other types of synchronization objects that can be used with co_await, part 10: Wait for an event to clear
Something new.
Creating other types of synchronization objects that can be used with co_await, part 9: The shared mutex (continued)
Fixing some problems.
Creating other types of synchronization objects that can be used with co_await, part 8: The shared mutex
Two different kinds of waiting and releasing.
Creating other types of synchronization objects that can be used with co_await, part 7: The mutex and recursive
The mutex and recursive mutex as strange beasts in the world of coroutines.
Creating other types of synchronization objects that can be used with co_await, part 6: The semaphore
The asynchronous semaphore.
Creating other types of synchronization objects that can be used with co_await, part 5: The auto-reset event
The asynchronous auto-reset event.
Creating other types of synchronization objects that can be used with co_await, part 4: The manual-reset event
The asynchronous manual reset event.
Creating other types of synchronization objects that can be used with co_await, part 3: Parallel resumption
Resuming waiting coroutines in parallel on the thread pool.
Creating other types of synchronization objects that can be used with co_await, part 2: The basic library
Distilling the pattern to its essence, and the building back up.
Creating other types of synchronization objects that can be used with co_await, part 1: The one-shot event
First a little demonstration.
Creating a co_await awaitable signal that can be awaited multiple times, part 6
Looking back on what we've done.
Creating a co_await awaitable signal that can be awaited multiple times, part 5
Discussion of what we've done so far.
Creating a co_await awaitable signal that can be awaited multiple times, part 4
Why allocate memory when you can have it given to you?
Creating a co_await awaitable signal that can be awaited multiple times, part 3
Doing it all ourselves, without any need to go into kernel mode.
Creating a co_await awaitable signal that can be awaited multiple times, part 2
Because sharing is caring.
Creating a co_await awaitable signal that can be awaited multiple times, part 1
Sort of like an event.
What does error E_ILLEGAL_DELEGATE_ASSIGNMENT mean?
A delegate was assigned when not allowed, but when is it allowed?
What does it mean when a call fails with 0x8000001F = RO_E_BLOCKED_CROSS_ASTA_CALL?
Waiting wouldn't have helped.
What is so special about the Application STA?
Basically, it blocks re-entrancy.
Why does Task Manager tell me that I have a Startup program named Program?
It's a program that didn't register itself properly.
French is a very fragile language, or at least it seems so from the stories I hear
The slightest variation renders it incomprehensible.
How do I reset my PIN complexity requirements after removing a work account from Windows 10?
You need to remove the PIN and add it back.
How can I prevent a Windows Runtime WebView from loading any content beyond the initial request and its redirects?
Follow the bouncing redirect.
How can I prevent a Windows Runtime WebView from loading any content beyond the initial request?
You can intercept every resource request.
How can I return custom content for specific URLs requested by a Windows Runtime WebView?
Intercepting the attempts to contact the outside world.
Hardware engineers solve a usability problem with the PS/2 connector, but inadvertently create a new one
What's the difference between a mouse and a keyboard?
The COM static store, part 6: Using C++ weak references
A quicker way to get to what you have.
The COM static store, part 5: Using COM weak references
Avoiding having to go through the static store at all.
The COM static store, part 4: Aggregating into a single object
Batch all the things you need into a single object.
The COM static store, part 3: Avoiding creation of an expensive temporary when setting a singleton
Don't create one unless you really need one.
The COM static store, part 2: Race conditions in setting a singleton
There can be only one, so don't end up with two.
The COM static store, part 1: Introduction
Communal storage for COM things.
How do I get a foothold in the neutral apartment?
You can explicit ask for its context.
Usage patterns for winrt::unbox_value_or
Two templates, many patterns.
Why is there no useful information in the RetailInfo class?
It's just marketing nonsense.
A metric that is consistently at 100% is probably broken
They say that you get what you measure.
Why am I being told my fire_and_forget coroutine is not returning a value?
Fire-and-forget coroutines don't return a value, do they?
Autoscrolling on drag, part 5: Adding wiggle-to-scroll to escape velocity
Reintroducing a bug that's now a feature.
Autoscrolling on drag, part 4: Dynamic autoscroll based on escape velocity
Get a good running start.
Autoscrolling on drag, part 3: Dynamic autoscroll based on mouse position
Pull the rubber band more taut.
Autoscrolling on drag, part 2: Why does scrolling go faster if I wiggle the mouse?
You're tickling the adjustment code outside its normal cycle.
Autoscrolling on drag, part 1: Basic implementation
Setting the groundwork.
How do I protect myself against a COM call that can hang? I’m already running the server out-of-process.
You can cancel the call, and if the server ignores you, it's left working on a canceled operation.
What happens to the value returned from the function passed to QueueUserWorkItem?
Nothing. Nothing at all.
How do I disassociate a thread from an I/O completion port?
Escaping the trap.
Why did I lose 3D display mode when I upgraded to the next version of Windows 10?
It's not the Windows version that lost it. It's your display driver that lost it.
How can I prevent another program from showing a thumbnail preview in the taskbar?
You can't, really. It's not your window.
The perils of the accidental C++ conversion constructor
Single-parameter constructors are also conversions.
How can I write a C++ class that iterates over its base classes?
Variadic templates to the rescue.
The misleading MIDL error message: MIDL5023: The arguments to the parameterized interface are not valid
They aren't valid, but then again, nothing would have been.
Why am I receiving SHCNE_UPDATEDIR notifications that my code never generates?
You did generate them, indirectly.
How did I find the old Windows binaries and compilers for the processor retrospective series?
Going through old virtual boxes of stuff.
The case of the crash during the release of an object from an unloaded DLL during apartment rundown
The great escape from the confines of the custom COM context.
What happens if I give contradictory values for the stack commit and stack reserve?
The system will try to massage the values into something less unreasonable.
How can I tell whether my process is running as SYSTEM?
Check your token.
Additional helpful pseudo-handles: The process token, the thread token, and the effective token
For quick queries.
How can I write a program that monitors another window for a change in size or position?
Accessibility hooks come to the rescue once again.
I’d like an IUnknown, I know you have many, I’ll take any of them
Taking the first one is as good as any other.
How can I create a non-circular tab order, or some other type of custom ordering in my Win32 dialog?
Taking things into your own hands.
Why are the C and C++ compilers giving me error messages about int when my code doesn’t mention int?
It's a manufactured <CODE>int</CODE>.
What are these duplicate services whose names differ just by random characters at the end?
You get a service, and you get a service, everybody gets a service!
Why is the HSHELL_WINDOWDESTROYED notification raised when a window is hidden, even if it hasn’t been destroyed?
Taskbar-colored glasses.
How can I emulate the REG_NOTIFY_THREAD_AGNOSTIC flag on systems that don’t support it? part 5
Using the new thread pool functions.
How can I emulate the REG_NOTIFY_THREAD_AGNOSTIC flag on systems that don’t support it? part 4
Onward to coroutines.
How can I emulate the REG_NOTIFY_THREAD_AGNOSTIC flag on systems that don’t support it? part 3
Getting more asynchronous.
How can I emulate the REG_NOTIFY_THREAD_AGNOSTIC flag on systems that don’t support it? part 2
Asking the thread pool for help.
How can I emulate the REG_NOTIFY_THREAD_AGNOSTIC flag on systems that don’t support it? part 1
An exercise from long ago.
What should the state of a moved-from object be?
It's formally unspecified, but there may be informal expectations.
On the ways of finding a dispatcher for the current thread in the Windows Runtime
You have to look around, but be careful not to trip over anything.
Why does PF_VIRT_FIRMWARE_ENABLED return false even when virtualization is enabled in the firmware?
It may be enabled, but it's not enabled for <I>you</I>.
Lost Windows feature: The Horizon
Unlike the real horizon, this one is up close.
How do I avoid race conditions in WaitOnAddress where the wake happens before I enter the blocking state?
You're waiting on it wrong.
Parsing ETL traces yourself, part 3: The TraceProcessor
Getting it from the same source as the Windows Performance Analyzer.
Parsing ETL traces yourself, part 2: The EventLogReader
For true programmatic processing of classic ETL events.
Parsing ETL traces yourself, part 1: wpaexporter
A simple converter that spits out comma-separated values.
How did Windows open a portal to another dimension when reporting a program error?
A momentary tear in the space-time continuum.
Why does CreateWindowEx take the extended style parameter as its first parameter instead of its last?
It sure looks like a strange place to add a new parameter.
The humor hiding behind “JavaScript error: Semicolon expected”
Apparently not automatic enough.
Additional notes on the various patterns for passing C-style arrays across the Windows Runtime boundary
Filling in some of the implicit details.
How can I check whether the user has disconnected from the session?
You'll have to ask Terminal Services.
Did Windows ever find solutions for programs that crashed?
It did on occasion.
What are the requirements for the built-in Windows 10 camera-based barcode scanner?
Basically, it needs to be able to get a good picture.
Disk and File I/O performance with ETW traces: Miscellany
A few other columns.
Disk and File I/O performance with ETW traces: Why is System doing so much stuff?
The System does many things, or at least many things are blamed on it.
Preliminary notes on analyzing Disk and File I/O performance with ETW traces
Deciphering the numbers.
Why does the disk optimizer put boot files at low-numbered sectors?
Taking advantage of disk geometry.
Virtual desktops are an end-user window management feature, not a programmatic one
It's for users to organize their windows, not for programs to organize them.
How thread-safe is the Windows Runtime PropertySet object?
It's thread-safe as far as it goes, but you may want to go further.
Other uses for the -library flag of the C++/WinRT compiler
Injecting a little something extra.
On combining static libraries that implement C++/WinRT activatable objects
Separating the shared names, so you can combine them yourself.
One senior executive’s warning about escalating conflicts to upper management
You're not gonna like what you get.
Why does my command line redirection echo with an extra 1? Who’s inserting these rogue 1s everywhere?
It just came out of nowhere, or did it?
The history of the EncodePointer function for obfuscating pointers
Still useful, but less painful.
Destructing outside the lock when removing items from C++ standard containers
Managing the order of destruction.
My strategy for playing Settlers of Catan
It doesn't work, but I use it anyway.
The hidden callout: The destructor
You may not know where that's going to lead.
The prank cursor that resulted in an employee being fired before they even started
Don't try this at home.
Why aren’t my custom backgrounds, animations, and colors working, such as ApplicationViewTitleBar colors?
You're subject to user and system policy.
How do I save a C++/WinRT array_view as a com_array?
There's a not-entirely-obvious constructor for that.
What’s the point of APTTYPE_CURRENT? I mean, of course I’m current.
No matter where you go, there you are.
What is the format of the data in the AudioBuffer memory buffer, and how do I convert it to something else?
It's a bunch of floating point samples, in a particular order.
The Settings app lets me pick a custom color for my mouse pointer, how do I get in on that action?
You'll have to build a better mouse pointer.
How can I ask the networking stack whether the system has obtained network connectivity?
Depends what kind of connectivity you're looking for.
Why am I getting an access violation trying to access a method on my C++/WinRT object?
The method vanishes.
Do any Windows Runtime projections cache nondefault Windows Runtime interfaces?
Possibly, but I know two that definitely don't.
Windows Runtime objects are represented by their default interface, so choose your default interface wisely
The choice is usually obvious, but on occasion, the non-obvious choice may be better.
The BurgerMaster segment may have been legendary, but some legends aren’t true
Just give them a call.
I told the Microsoft Visual C++ compiler not to generate AVX instructions, but it did it anyway!
Well, you explicitly generate them.
How can I tell whether a file is on an SSD?
Putting the pieces together.
Taking a shortcut: You can query properties from a volume, and it will forward to the physical drive
Saving a little extra trip.
How do I get from a volume to the physical disk that holds it?
Another step down the hierarchy.
How do I get from a file path to the volume that holds it?
Walking down the topology, with a little backslash weirdness thrown in.
Mount points, volumes, and physical drives, oh my!
Navigating the storage topology.
Structured binding in C++/WinRT: The key-value pair
Taking them apart in a simpler way.
How to add C++ structured binding support to your own types
Joining the cool kids.
A brief introduction to C++ structured binding
Just learning the basics.
Just for fun: Retail demo user names in Windows 10
A bunch of plausible but fictitious names.
In 1979, some software company in Bellevue was hiring
Digging through the archives.
A consequence of being the first to adopt a standard is that you may end up being the only one to adopt it: The sad story of Korean jamo
To be a leader, others must follow.
An iterable of iterables: C# collections support covariance, but C++ collections do not
You have to say exactly what you want, which may not be exactly what you have.
Error C3867: non-standard syntax; use ‘&’ to create a pointer to member: What it means and how to fix it
The compiler is trying to guess what you are trying to do. It sometimes guesses wrong.
How to plug in your USB Type A connector correctly the first time
Mating rituals.
How can I bulk-revert a subdirectory of a repo to an earlier commit?
Read it into the index.
Little gotcha with C++/WinRT iterators: The case of the mutated temporary
You are operating on copies, not the originals.
Bonus operations for C++/WinRT iterators: The IIterable<T>, and C++/WinRT collections
Stepping through a collection.
Bonus operations for C++/WinRT iterators: The IIterator<T>
The equivalent of an input iterator.
How did we end up parsing Savvyday 29 Oatmeal 94 as Saturday 29 October 1994?
Unsophisticated pattern matching.
git commit-tree parlor tricks, Part 9: How can I bulk-revert an entire repo to an earlier commit?
Take me back to a simpler time.
Structured binding may be the new hotness, but we’ll always have std::tie
Sometimes the old things are what you need.
Inside C++/WinRT: How does C++/WinRT represent ABI types?
Hiding in the internal <CODE>impl::abi</CODE> template.
How to get your C++/WinRT asynchronous operations to respond more quickly to cancellation, part 3
Automatic cancellation propagation is here.
Why does the Disk Cleanup tool’s Windows Update Cleanup take so long and consume so much CPU?
It's doing some real work.
Git commit-tree parlor tricks, Part 8: I just rebased my branch, but now I realize that I should have merged
You can rewrite the tree while preserving files.
I get a weird error about no matching function when I try to use winrt::capture
The confusing error message strikes again.
The C++/WinRT “capture” function helps you interoperate with the COM ABI world
Simplifying a common COM pattern.
Why did I lose the ability to co_await a std::future and concurrency::task?
Early moves in a direction that didn't pan out.
Embarrassing product names averted: Windows Embedded POS and Windows 10 for Advanced PCs
If you see something, say something.
What’s up with error C4838: a WinRT type cannot be a member of a union, and how can I work around it?
A restriction left over from C++03.
The macros for declaring COM interfaces, revisited: C++ implementation
Now to make things concrete.
The macros for declaring COM interfaces, revisited: C++ version
Apparently there's this new language people are using nowadays.
The macros for declaring COM interfaces, revisited: C version
Following the expansion.
How is it possible to jam a virtual card reader?
Did you feed it a bent virtual card?
This is definitely rare: It happens only ten times a month
Playing the bigger fool.
C++/WinRT injects additional constructors into each runtime class
For dealing with the objects as the smart pointers they actually are.
Rough edges in the when_all coroutine, part 2: Overloaded comma operator
Shame on you.
Rough edges in the when_all coroutine, part 1: Empty parameter list
I've got plenty of nothing.
Synthesizing a when_all coroutine from pieces you already have
You just need to await on all of them.
More on trivial functions like CopyRect and EqualRect
Let's go code golfing.
Is there a code page that matches ASCII and can round trip arbitrary bytes through Unicode?
For round-tripping binary data.
How do I convert from the C++/WinRT projection type to the C++/WinRT implementation type?
You have to trust what's inside the box.
How do I convert from the C++/WinRT implementation type to the C++/WinRT projection type?
Fortunately, there's a conversion for that.
Why are some system functions exported as stubs instead as forwarders?
Compatibility, of course, at least for some of them.
That time Bill Gates went through a McDonalds drive-through with no cash
No special treatment, not even for the richest man in the world.
How can I get the number of processors in the system, when there are more than 64?
You can ask for the active processor count.
Recognizing different types of exception objects that Windows platform libraries can throw
Just a few of the more common ones.
Inside the Microsoft STL: The std::exception_ptr
Digging inside, for debugging purposes.
On using FILE_FLAG_WRITE_THROUGH and FILE_FLAG_NO_BUFFERING for memory-mapped files
You're trying to control I/O you didn't issue.
What are the possible Status values for Win32_ComputerSystem?
There's really only one possible status.
How WRL squeezes a weak reference and a reference count into a single integer
It's basically a union of a pointer and an integer.
The case of Explorer calling into an unloaded DLL while trying to run down a reference to it
Let's do some debugging.
Working around the requirement that Concurrency Runtime task results must be default-constructible and copyable
Applying tricks to avoid the pitfalls.
Hidden constraints on the result type in Concurrency Runtime tasks
If you are using the Concurrency Runtime to represent asynchronous activity, there are some hidden constraints on the type . If you violate these constraints, the compiler will complain, but perhaps not in an obvious way.¹ If you try to create a where does not have a public default constructor, then you get an error like And if the is not copyable, then you get something like What's going on? Let's look at the copyability first. Task results must be copyable because the task result can be consumed multiple times in multiple ways. You can multiple times, and each time returns the task result. You can...
Microspeak: Placemat
Everything in its place.
How can I tell whether the user has disabled toast notifications for my app?
The ToastNotifier settings will tell you.
How do I make my accelerators apply only when used in the main window and not when the user is using a modeless dialog?
Sometimes you feel like an accelerator table, sometimes you don't.
What was so horrible about the FORMAT_MESSAGE_ALLOCATE_BUFFER flag that the Windows Store disallowed it for so long?
Letting in the riffraff.
What does it mean when it says that FORMAT_MESSAGE_ALLOCATE_BUFFER can be used in Store apps starting in Windows 10?
What happens if you use it anyway?
How can CharUpper and CharLower guarantee that the uppercase version of a string is the same length as the lowercase version?
Does it have a special under-the-table deal with the Unicode Consortium?
Peeking inside the implementation of AnsiUpper and AnsiLower in Windows 1.0
Some retro-reverse-engineering and the weird micro-optimizations.
What does the /ALTERNATENAME linker switch do?
In case of emergency, go look for something else.
What’s the deal with OLDNAMES.LIB?
For backward compatibility with pre-standard C.
C++/WinRT gotcha: Setting properties incorrectly
A bit too much search/replace during porting.
A look back at memory models in 16-bit MS-DOS
Ways of dealing with the fractured address space.
How do I set multiple items to a Windows Runtime vector in a single call?
It depends on the language projection.
C++/WinRT doesn’t let your coroutine cheat death, but it does get to say good-bye
Some manual cleanup.
How to get your C++/WinRT asynchronous operations to respond more quickly to cancellation, part 2
You can also take more proactive steps.
How to get your C++/WinRT asynchronous operations to respond more quickly to cancellation, part 1
Well, one way is to poll for it.
Deconstructing function pointers in a C++ template, returning to enable_if
Going back to the old standby to filter out unwanted specializations.
Deconstructing function pointers in a C++ template, addressing the calling convention conundrum
Finding a template metaprogramming trick that works.
Deconstructing function pointers in a C++ template, trying to address the calling convention conundrum
Hunting for the right template metaprogramming trick.
Deconstructing function pointers in a C++ template, the calling convention conundrum
Teasing out the calling convention from a function pointer.
Deconstructing function pointers in a C++ template, vexing variadics
Yet another function signature to specialize.
Deconstructing function pointers in a C++ template, the noexcept complication
Trying to infer the noexcept qualifier.
Deconstructing function pointers in a C++ template
Learning the magic incantation.
Cancelling a Windows Runtime asynchronous operation, part 8: C++/WinRT, revised
Using the completion result.
Cancelling a Windows Runtime asynchronous operation, part 7: WRL-generated asynchronous operations
The library that came before.
Cancelling a Windows Runtime asynchronous operation, part 6: C++/WinRT-generated asynchronous operations
It came from inside the building.
Cancelling a Windows Runtime asynchronous operation, part 5: C++/WinRT
Relying on the ABI result.
Cancelling a Windows Runtime asynchronous operation, part 4: C++/CX with PPL, coroutine style with raw IAsyncAction and IAsyncOperation
Looks the same, but actually tastes completely different.
Cancelling a Windows Runtime asynchronous operation, part 3: C++/CX with PPL, coroutine style
Same wrapper, different sugar.
Cancelling a Windows Runtime asynchronous operation, part 2: C++/CX with PPL, explicit continuation style
Going through a different wrapper.
Cancelling a Windows Runtime asynchronous operation, part 1: C#
How is the cancellation reported?
2020 mid-year link clearance
Another midpoint.
Mundane std::tuple tricks: Finding a type in a tuple
Inverting <CODE>tuple_element_t</CODE>.
Mundane std::tuple tricks: Creating more interesting index sequences
Generalizing our manipulations so far.
Mundane std::tuple tricks: Creating interesting index sequences
Building our own little template language.
Mundane std::tuple tricks: Selecting via an index sequence, part 2
Preserving references.
Mundane std::tuple tricks: Selecting via an index sequence
It all comes down to the index sequence.
Mundane std::tuple tricks: Getting started
Concatenating tuples the hard way, and the easy way (or maybe it's the lazy way).
Understanding warning C4265: class has virtual functions, but destructor is not virtual, part 2
Applying what we've learned.
Understanding warning C4265: class has virtual functions, but destructor is not virtual, part 1
What's it trying to warn you about? Does it matter?
Blaming the operating system for allowing people to create files with unusual characters in their names
Four fingers pointing back at your self.
Excuse me, has anybody seen the FOCAL interpreter?
I thought <I>you</I> had it.
Error 0x80131040 “The located assembly’s manifest definition does not match the assembly reference” when I use a Windows Runtime class written in C# from my C++/WinRT project
Version numbers strike again.
Using fibers to expand a thread’s stack at runtime, part 6
Caching fibers to avoid bouncing.
Using fibers to expand a thread’s stack at runtime, part 5
Expanding only as needed.
Determining approximately how much stack space is available, part 2
Probing the stack limits.
Determining approximately how much stack space is available, part 1
Ask for the memory and give it back right away.
Comparing fibers to threads for the purpose of expanding a thread’s stack at runtime
Pros and cons.
Using fibers to expand a thread’s stack at runtime, part 4
Moving an exception from a fiber to the main thead.
Using fibers to expand a thread’s stack at runtime, part 3
Propagating additional thread state.
Using fibers to expand a thread’s stack at runtime, part 2
Reducing code size with type erasure.
Using fibers to expand a thread’s stack at runtime, part 1
The simple return value.
How can I expand my thread’s stack at runtime?
You can use fibers, but you need to use them carefully.
Hiding C++ template parameter packs in a tuple
So you can pull them back out.
Template metaprogramming trick: Get the compiler to tell you what type you have
Let the error message tell you.
The SetClientGuid method of the common file and folder dialogs lets you give names to those dialogs, too
Sort of like Bob and Carol for Win32.
When programs assume that the system will never change, episode 1, redux
It was never yours to begin with.
The SettingsIdentifier property of the various file pickers lets you give names to your pickers
Like Bob or Carol?
On the various ways of constructing a C++/WinRT com_array
Surveying the constructors.
A noinline inline function? What sorcery is this?
Two different senses of the word inline.
The case of the <CODE>SHGetFolderPath(CSIDL_<WBR>COMMON_<WBR>DOCUMENTS)</CODE> that returned <CODE>ERROR_<WBR>PATH_<WBR>NOT_<WBR>FOUND</CODE>
Accidentally reconfiguring the system.
How can I view my devices based on how they are connected to each other?
You can view by connection.
Reporting on what you could do once you get to the other side of the airtight hatchway
Counting all those chickens.
Storing a non-capturing lambda in a generic object
Reimplementing a small corner of <CODE>std::function</CODE>.
Inside <CODE>std::function</CODE>, part 2: Storage optimization
Preallocating the storage yourself.
Inside <CODE>std::function</CODE>, part 1: The basic idea
Holding all different kinds of things.
When you start getting in-page errors on your hard drive, it’s time to go shopping for a new hard drive, redux
The click-click-click of impending doom.
Peeking inside WRL weak references
If you ever have to debug one of these things.
The C++ preprocessor doesn’t understand anything about C++, and certainly not templates
You need to help it along.
Why does <CODE>RegNotifyChangeKeyValue</CODE> stop notifying once the key is deleted?
Because that's the last thing a key ever does.
How can I prevent the user from using Snip and Sketch to take screen shots?
Programs can already specify that their windows should not be captured.
Why did the message on the Start menu change from <I>Start</I> to <I>Ship It!</I> for one build?
A rogue expression of mixed encouragement and impatience.
Peeking inside C++/CX weak references
If you ever have to debug one of these things.
Diagnosing a hang: Everybody stuck in <CODE>WinHttpGetProxyForUrl</CODE>
Putting on your thinking cap.
COM in-process DLL unloaded while trying to clean up from the destruction of the last object
Choosing the right time to bid farewell.
How can I detect that the system is no longer showing a UAC prompt?
Let's try to understand the actual problem.
When you set Windows 10 to allow only Windows Store apps, it allows them to be installed by anyone, not just the Store app
It's about the source of the program, not the delivery mechanism.
The paradoxical sense of relief when instructions to solve the problem fail at the first step
Time saved.
How do I use C++/WinRT to implement a classic COM interface that derives from another classic COM interface?
You can specialize <CODE>guid_of</CODE>.
Why does the value of my XAML Slider change when I updated its range?
Releasing the spring.
What kind of apartment is the private apartment I created via <CODE>CLSID_<CODE></CODE>ContextSwitcher</CODE>?
It's where you are.
Virtual desktops are a window management feature, not a performance feature
Everything runs the same as it did before.
It rather involved being on the other side of this airtight hatchway: Planting files onto a custom PATH
Adding a directory to the PATH comes with obligations.
What will be placed in the output parameter if the function fails?
Officially, it could be anything. In practice, though, there are some constraints.
Why can’t you return an <CODE>IAsyncAction</CODE> from a coroutine that also does a <CODE>co_await</CODE>?
You already returned. No take-backs.
When I ask the <CODE>GetIpAddrTable</CODE> function to sort the results, how are they sorted?
Nothing particularly fancy. Just plain numerical order.
If one program blocks shutdown, then <I>all</I> programs block shutdown
We're all in this together, as far as the Blocked Shutdown Resolver is concerned.
The type-dependent type or value that is independent of the type
To delay the evaluation until instantiation.
Creating a non-agile delegate in C++/WinRT, part 5: Waiting synchronously from a thread that may already be the right thread
You might already be there.
Creating a non-agile delegate in C++/WinRT, part 4: Waiting synchronously from a background thread
Using things you already have.
Creating a non-agile delegate in C++/WinRT, part 3: The other cases and why they aren’t interesting
We handled only one case, but that's the only one worth handling.
Creating a non-agile delegate in C++/WinRT, part 2: The synchronous coroutine
It awaits without waiting.
Creating a non-agile delegate in C++/WinRT, part 1: Initial plunge
Forcing the delegate to run in a specific apartment.
An observation about what people used iPads for in the early days
Does everything you need, if you also bring an assistant.
Error compiling C++/WinRT runtime class: function does not take N arguments
You need to cover all the overloads.
Pulling sleight of hand tricks in a security vulnerability report, or maybe it was a prank
Something up my sleeve.
Why am I ignoring my second monitor? A case study in working from home.
Settling into the new routine has its rough spots.
A sneaky way to make sure nobody assigns test failures to your team
Buffer overflow.
Are Windows Runtime asynchronous operations guaranteed to complete?
As much as anything is guaranteed to complete.
If you say that your minimum requirements are the Universal contract, then you need to probe for anything beyond that
Reaching beyond your declaration.
How can I check whether a Windows Runtime object supports a member before I try to use it?
You can sniff at the metadata.
Accessing a member of a Windows Runtime class raises an <CODE>InvalidCastException</CODE> / throws a <CODE>hresult_</CODE><CODE>no_</CODE><CODE>interface</CODE>, what does this mean?
It's interfaces under the hood.
Why not just share a single event across all critical section?
How will you know when the thundering herd has calmed down?
The security check happens at the acquisition of the handle
Once you buy a handle, it's yours to keep.
Further refinements to the attempt to create a type-dependent expression that is always false
It still falls down, but for stranger reasons.
It rather involved being on the other side of this airtight hatchway: Booting into another operating system
It's not your computer any more.
We called it RAID because it kills bugs dead
The history of defect tracking databases in Windows.
The Windows Runtime IDL compiler lets you abbreviate some interface names
But only a few of them.
Providing a better error message when someone tries to use <CODE>std::vector<bool></CODE> as a buffer
Defer the problem further.
Of what use is a type-dependent expression that is always false?
Deferring an assertion to instantiation.
How can I create a type-dependent expression that is always false?
Use information that you know to be true (or false).
The sad but short story of the <CODE>SM_AccessoriesName</CODE> registry value
Another victim of programs that reach into undocumented sections of the registry.
Why does MS-DOS put an <CODE>int 20h</CODE> at byte 0 of the COM file program segment?
In case you end up there, but how?
Why do people take a lock around <CODE>CreateProcess</CODE> calls?
Managing your inheritance.
Can I wait for a kernel event to become <I>unsignaled</I>?
Not directly, but maybe you can simulate it.
Meet me here on Savvyday 29 Oatmeal 94
<CODE>InternetTimeToSystemTime</CODE> tries really hard to make sense out of that sentence.
The only thing preventing them from going home was two AA batteries
I wonder where we can find them.
How can I detect that my window has been suppressed from the screen by the shell?
Cloak and dagger, without the dagger.
Should there be a standard C++ pattern for this? transform_to
Or maybe you should expect to write it out the slow way.
How to save a lot of money on cable car tickets in San Francisco
Go downstairs and buy it from the machine.
How can I configure my Windows NT service to autostart when the system gains Internet access?
You can ask to be started when the system gets an IP address.
What’s up with the <CODE>CF_SYLK</CODE> and <CODE>CF_DIF</CODE> clipboard formats?
From a galaxy far, far away.
The custom-made computers powered by pepperoni pizza
Once more for old time's sake.
The 2020/2021 Seattle Symphony subscription season at a glance
The pocket reference guide for 2020/2021.
Why are there trivial functions like <CODE>CopyRect</CODE> and <CODE>EqualRect</CODE>?
You could call them to save a dozen bytes!
Why you might need additional control over the secret event hiding inside the file object
Sometimes every little bit of contention means a lot.
If you’re not keeping the parameter, then you still want to have separate <CODE>T const&</CODE> and <CODE>T&&</CODE> overloads
Forwarding it onward.
If you plan on keeping the parameter anyway, then there’s no need to have separate <CODE>T const&</CODE> and <CODE>T&&</CODE> overloads
You can just take it by value and move it out.
Microspeak: Click stop
A place to pause and refresh.
Gotcha: A threadpool periodic timer will not wait for the previous tick to complete
Don't be like Lucy in the chocolate factory.
Quality updates: Consequences for rogue-patched binaries
You can't get back any more.
Survey of Windows update formats: The Quality update, which obsoletes all the others
Supports everything the others do, at a fraction of the price.
Survey of Windows update formats: The Express update
It's faster in some ways, slower in others.
Survey of Windows update formats: The Delta update
Trying to do some trimming.
Survey of Windows update formats: The Full update
First we need to understand where we started.
Psychic debugging: Why does my app sometimes fail to change the display settings?
Maybe you're in the box.
Why does my C++/WinRT project get errors of the form “<CODE>abi<…>::…</CODE> is abstract see reference to <CODE>producer<…></CODE>“?
Nobody said how to produce the interface.
The various patterns for passing C-style arrays across the Windows Runtime ABI boundary
It's not an object, but not a scalar either.
The legend of the library that caused Building 4 to sink
Are the rumors true? We'll let you decide.
It rather involved being on the other side of this airtight hatchway: Disclosure of information you already had access to
A peek behind your own curtain.
The XAML hat rule: Understanding how it works and why it doesn’t
Finding the point in the parsing where the rule kicks in.
Why am I getting an exception from the thread pool during process shutdown?
The thread pool is already gone. You can't schedule any work on it any more.
Crashing in COM after I call <CODE>CoUninitialize</CODE>, how can COM be running after it is uninitalized?
Mind your destructors.
You might call it a “cross”, but I’m still going to call it an “X”
Different usage on this side of the pond.
How do you pronounce WinDbg?
Just a lot of hot air.
Is there a difference between creating a null pen with <CODE>CreatePen</CODE> and just using the stock null pen?
All null pens are functionally equivalent, so why have more than one? Are some pens more null than others?
Peeking inside C++/CX delegates
If you ever have to debug one of these things.
Windows Runtime delegates and object lifetime in C++/CX, redux
If you are the one calling the delegate, you have an extra thing to worry about.
Not even getting to the airtight hatchway: Creating a process with a different parent
Fiddling a knob that isn't connected to anything.
Microspeak: Bucket bugs, bucket spray, bug spray, and failure shift
How failures in the wild get categorized by analysis.
Can shrinking a <CODE>std::string</CODE> throw an exception?
It depends on how you shrink it.
How can I turn a structured exception into a C++ exception without having to use /EHa, if I can constrain exactly where the structured exception is coming from?
Trying to contain the damage.
How can I handle both structured exceptions and C++ exceptions potentially coming from the same source?
Call for a translator.
Why can’t I use <CODE>SHSetKnownFolderPath</CODE> to change the location of <CODE>FOLDERID_LocalAppData</CODE>?
A acknowledgement of the reality that it not only doesn't work, but leaves the user profile corrupted.
The historical significance of the Burgermaster drive-in restaurant
You can just phone it in.
It’s not a security vulnerability that users can access files that they have access to, even if the file is a little hard to find
Perhaps it's behind a sign that says <I>Beware of the Leopard</I>.
Over-documenting TTM_RELAYEVENT and why it results in a one-second periodic timer running as long as the tooltip is visible
Too much information leads to trouble.
Tree-walking algorithms: Incrementally performing an inorder walk of a binary tree
We need to keep track of where we came from.
Tree-walking algorithms: Incrementally performing a postorder walk of an N-ary tree
This time, we report on the way back up.
Tree-walking algorithms: Incrementally performing a preorder walk of an N-ary tree
Remembering whether you were moving down or up.
Tree-walking algorithms: Incrementally enumerating leaf nodes of an N-ary tree
Stop to rest when you turn.
Anybody who writes <CODE>#pragma pack(1)</CODE> may as well just wear a sign on their forehead that says “I hate RISC”
Alignment as well as padding.
Why doesn’t <CODE>RegSetKeySecurity</CODE> propagate inheritable ACEs, but <CODE>SetSecurityInfo</CODE> does?
An artifact of the timeline.
Nasty gotcha: Positioning your window beneath a topmost window makes it topmost
Picking up properties unintentionally.
2019 year-end link clearance: The different kinds of DLL planting
And why most of them aren't security vulnerabilities.
How do I make a clone of a Windows Runtime vector in C++/CX?
Taking shortcuts with special constructors.
Controversial extension methods: <CODE>CastTo<T></CODE> and <CODE>As<T></CODE>
Reduction in eye exercises.
C++ coroutines: The problem of the DispatcherQueue task that runs too soon, part 4
You can update it a different way.
C++ coroutines: The problem of the DispatcherQueue task that runs too soon, part 3
The storage was right in front of your nose.
C++ coroutines: The problem of the DispatcherQueue task that runs too soon, part 2
Hang on a little bit longer.
C++ coroutines: The problem of the DispatcherQueue task that runs too soon, part 1
Variables disappearing out from under you.
C++ coroutines: The problem of the synchronous apartment-changing callback
Holding the caller thread hostage.
C++ coroutines: The <CODE>co_await</CODE> operator and the function search algorithm
At the confluence of multiple C++ features.
C++ coroutines: Defining the <CODE>co_await</CODE> operator
Converting an awaitable into an awaiter.
C++ coroutines: no callable ‘await_resume’ function found for type
The thing you want isn't there.
C++ coroutines: Short-circuiting suspension, part 2
Avoiding suspension entirely.
C++ coroutines: Short-circuiting suspension, part 1
Avoiding needless stack buildup.
C++ coroutines: Awaiting an <CODE>IAsyncAction</CODE> without preserving thread context
Another use for a custom awaiter.
C++ coroutines: Framework interop
Plays well with others.
C++ coroutines: Constructible awaitable or function returning awaitable?
Two common patterns for simple awaitable objects.
C++ coroutines: Getting started with awaitable objects
Starting our walk-around.
In C++/WinRT, what happens when I treat an <CODE>IInspectable</CODE> as or convert one to a <CODE>bool</CODE>
Much less weird than C++/CX.
In C++/CX, hat pointers are contextually convertible to <CODE>bool</CODE>, but you can’t always <CODE>static_cast</CODE> them to <CODE>bool</CODE>
Because C++/CX is weird like that.
Not actually crossing the airtight hatchway: Harmless out-of-bounds read that is never disclosed
There's no way to make anything bad happen, so is anything bad actually happening?
The automotive emergency kit is not a toy
Please use it only for emergencies.
When should I use delayed-marshaling when creating an agile reference?
It's a balance between doing more work now in anticipation of saving work later.
My summer vacation: The Tower of London and Kensington Palace
Doing the admissions price math.
Using contexts to return to a COM apartment later
You can go back home again.
How do you get into a context via <CODE>IContextCallback::</CODE><CODE>ContextCallback</CODE>?
Piggybacking on the internal infrastructure.
Setting up private COM contexts to allow yourself to unload cleanly
Your private little enclave.
Yo dawg, I hear you like COM apartments, so I put a COM apartment in your COM apartment so you can COM apartment while you COM apartment
Or maybe this is subletting? Airbnb for COM apartments?
A slightly less brief introduction to COM apartments (but it’s still brief)
Managing the multithreading.
My summer vacation: Speaking German (wait, what?)
But you went to England and France.
How do I make a clone of a Windows Runtime vector in C++/WinRT?
You copy it into your own vector, but make sure you copy what you think you're copying.
Why does the Alpha AXP predict a coroutine transfer the way it does?
Working out the possibilities.
The case of the <CODE>UuidCreateSequential</CODE> that didn’t use the MAC address
If you want to use it, make sure it's good.
The Magical Excel 97 Far East Language Build Screwdriver™
For your magical build needs.
I set the same ACL with the GUI and with <CODE>icacls</CODE>, yet the results are different
Sometimes your tools lie to you.
My summer vacation: The London Eye
Round and round. We'll, really just round. No "and round".
Why does my single-threaded program have multiple threads?
They're not your threads, but they're in your process.
Can the MTA thread exit while keeping its COM class registrations alive?
You can keep the MTA alive without having to dedicate a thread.
Not even getting to the airtight hatchway: Planting files in world-writable directories
But who uses that world-writable directory?
How can I copy or move a group of files into a new folder from Explorer?
Putting together things you already have.
The curious pattern of pre-emptively rejecting the solution to your problem: Redrawing during resizing
You'll have to invalidate it, either the easy way or the hard way.
Can I force a <CODE>WM_</CODE><CODE>TIMER</CODE> message to be generated when the timer comes due, even if the message queue is not idle?
You can ask for it explicitly.
How can I give a C++ lambda expression more than one <CODE>operator()</CODE>?
Wacky template games.
How can I have a C++ function that returns different types depending on what the caller wants?
Quantum superposition comes to C++.
The legend of Steve Ballmer’s rental car, the most diligent employee in the world
What a hardworking new employee that must be.
I tried to adjust the time on my alarm clock. I failed.
Now it's not even wrong twice a day.
What happened if you tried to access a network file bigger than 2GB from MS-DOS?
What a strange world you live in.
Why does my program crash if I terminate a thread that is waiting to enter a critical section? It never got the critical section, so who cares?
But we care that it's still waiting.
For one internal build, Windows 95 contained an evil message
Another prank from the user interface team.
The program “G” is preventing you from shutting down
Minding your character set.
If you suppress GDI+ background thread, then you are expected to pump messages yourself
That stuff is now happening on your thread.
Did you hear that story about Bill Gates?: A PR person’s view
They've heard them all.
Why does <CODE>FormatMessage</CODE> say that <CODE>%0</CODE> terminates the message without a trailing newline? Is it secretly <I>adding</I> newlines?
Well, it's not <CODE>FormatMessage</CODE> that's adding the newline.
If you want to terminate on an unexpected exception, then don’t sniff at every exception; just let the process terminate
Get the stack before it unwinds.
Why can’t I create a “Please wait” dialog from a background thread to inform the user that the main UI thread is busy?
Reversal of fortune.
What’s the difference between the hotkeys <KBD>F6</KBD> and <KBD>Alt</KBD>+<KBD>F6</KBD>?
Switching between things, but different things.
When I tell the file or folder picker that I want only file system files and folders, why does it still show virtual folders?
Because there might be a file hiding under it.
C++/WinRT implementation extension points: <CODE>abi_guard</CODE>, <CODE>abi_enter</CODE>, <CODE>abi_exit</CODE>, and <CODE>final_release</CODE>
Coming in, going out, and going away.
By Grabthar’s Hammer, it’s a Galaxy Quest documentary
The seventh best Star Trek movie.
How can I make a call into an elevated service without requiring an elevation prompt?
This is actually quite old technology.
Why do I get a <CODE>winrt::hresult_no_interface</CODE> exception when I try to register an auto-revoke event handler?
The necessary infrastructure isn't there.
How should I create controls on my dialog box that has a tab control?
They are siblings of the tab control, not children.
Rugby: The rules for the casual viewer
What you need to know as an observer.
A common mistake when you try to create a C++ class that wraps a window procedure: Saving the window handle too late
You need it before then.
Fibers aren’t useful for much any more; there’s just one corner of it that remains useful for a reason unrelated to fibers
A better way to clean up.
My summer vacation: London public transportation
It's easy until you try to leave town.
Why are timer IDs and dialog control IDs 64-bit values on 64-bit Windows? Did you really expect people to create more than 4 billion timers or dialog controls?
Anywhere it's possible to put a pointer, somebody will try to put a pointer.
Kabaddi: The rules for the casual viewer
What you need to know as an observer.
A window can’t have two timers with the same ID, so how do I assign an ID that nobody else is using?
A pointer can be used like an ID.
Auctioning off the privilege of initiating the destruction of the Microsoft old campus
Emerging victorious in the bidding war.
Why does my string consist of this Korean character repeated over and over?
Decode that character to its code point.
My summer vacation: The Changing of the Guard at Buckingham Palace
Pomp and circumstance.
How do I define a UWP XAML dependency property that is a collection type?
Putting previous guidance into practice.
Odd things you find when you read the airplane safety information card
Will it float?
What if I want the default value for a XAML dependency property to be a mutable object?
Give it one, but save it for real.
My summer vacation: Watching a German movie on the plane and learning some language history
Trying to keep that part of my brain from disappearing.
The default value for a XAML dependency property should be immutable
Spooky action at a distance.
Reminiscences on 5.25″ floppy drives of the early 1980’s
Because you may have forgotten, or perhaps never knew.
Where did DirectX code names come from?
From too much pizza.
My summer vacation: Paris public transportation
Getting around is easy. Paying for it is hard.
Why does the compiler refuse to let me export my class? If I don’t export it, then the class works fine.
You forced the compiler to try to compile it.
My summer vacation: Versailles
Ostentation fatigue is a real thing.
Why does <CODE>std::is_copy_constructible</CODE> report that a vector of move-only objects is copy constructible?
Because it has a copy constructor, says so on the tin, even though the constructor itself doesn't compile.
My summer vacation: The Louvre Museum
Don't waste your time queueing to see the Mona Lisa.
How do I create a Windows Runtime method that accepts a lambda?
You can use a delegate as a generalized lambda.
How did MS-DOS decide that two seconds was the amount of time to keep the floppy disk cache valid?
A stopwatch and a race against time.
Stop cherry-picking, start merging, Part 11: Chasing the commit by taking a train
Let the train carry you.
Why perform all these complex git machinations when you can just tweak the command line to get what you want?
Who controls the command line?
How to duplicate a file while preserving git line history
Synthesize it in a branch via a rename.
How to split out pieces of a file while preserving git line history: The easy way with misleading commits
Anticipating the octopus.
How to split out pieces of a file while preserving git line history: The hard way with commit-tree
More commit-tree tricks.
How do I split a file into two while preserving git line history?
The octopus delivers.
My summer vacation: The Eiffel Tower
It's really tall, for one.
Another way to sort GUIDs: Java
Because it's Java.
The Turkish lira’s currency code is an unexpected source of problems with computer programmers
Following the rules for currency codes leads to a collision with popular macro.
The sad history of the MFC <CODE>TRY</CODE>/<CODE>CATCH</CODE> macros
Because standard C++ exception handling didn't exist yet.
Trying to wrangle a site visit to Paul Allen’s superyacht “Octopus”
An unsuccessful play for a site visit.
PowerShell programming puzzle: Convert snake_case to PascalCase in one line
Abusing linguistic helper functions for fun.
It rather involved being on the other side of this airtight hatchway: Guessing window procedure magic cookies
You created a very funny-looking function pointer.
Making the <CODE>COM_</CODE><CODE>INTERFACE_</CODE><CODE>ENTRY</CODE> macro better at detecting misuse
Playing around with compile-time errors.
The <CODE>COM_</CODE><CODE>INTERFACE_</CODE><CODE>ENTRY</CODE> must be a COM interface, but nobody actually checks
And if it isn't, bad things happen.
Any sufficiently advanced technology is indistinguishable from a bomb
Even though it doesn't tick. Do bombs even tick?
Silly Alexa trick: Speaking French with a horrible American accent
Asking for a repeat, but in a different speech synthesizer.
If FlushInstructionCache doesn’t do anything, why do you have to call it, revisited
The elixir of forgetfulness.
The sad history of Unicode printf-style format specifiers in Visual C++
Getting ahead of the standard, which went a different way.
What to do if you can’t get the stovetop in your London apartment to turn on
Look for an apparently-useless switch.
On resolving the type vs member conflict in C++, revisited
Filling in some gaps in the previous discussion.
The sad history of Visual Studio’s custom <CODE>__if_exists</CODE> keyword
When times were simpler and bytes were precious.
One byte used to cost a dollar
The cost of software distribution.
Custom-printing your own attendee pass to the Windows 95 launch
Only the highest quality forgeries will do.
The SuperH-3, part 15: Code walkthough
Taking this thing for a spin.
The SuperH-3, part 14: Patterns for function calls
Different ways of setting up a function call.
The SuperH-3, part 13: Misaligned data, and converting between signed vs unsigned values
Okay, now we're doing some programming.
The SuperH-3, part 12: Calling convention and function prologues/epilogues
A typical RISC pattern.
The SuperH-3, part 11: Atomic operations
How do you create an atomic operation when the processor doesn't support them?
The SuperH-3, part 10: Control transfer
The return of the branch delay slot.
Why is there a huge spike in cruise ship width at 32 meters?
Squeezing through tight spaces.
The SuperH-3, part 9: Constants
Squeezing constants into a tiny instruction.
The SuperH-3, part 8: Bit shifting
Sliding left and right.
The SuperH-3, part 7: Bitwise logical operations
Just the basic operations, not much fancy.
The SuperH-3, part 6: Division
And you thought multiplication was complicated.
The SuperH-3, part 5: Multiplication
Now things get more complicated.
The SuperH-3, part 4: Basic arithmetic
Basic elementary-school stuff.
How do I fill out the Canadian eTA if I have a green card with no expiration date?
Use your passport expiration date.
The SuperH-3, part 3: Status flags and miscellaneous instructions
Basically, there's only one flag.
The SuperH-3, part 2: Addressing modes
Quite a lot for a RISC.
The SuperH-3, part 1: Introduction
Digging into the dusty boxes in the closet.
How can I extract the color from a solid color GDI brush?
You can ask for the object information.
Not actually crossing the airtight hatchway: Applying per-user overrides
The user is merely attacking himself.
What about USERSEEUSERDO and GDISEEGDIDO?
Funny names for funny functions.
Why doesn’t the Programs and Features control panel show Last Used On information?
The system doesn't try to figure it out any more, because it was always a guess, and often a really bad one.
Is it a good idea to let <CODE>WriteProcessMemory</CODE> manage the page protection for me?
It's a courtesy, not a contractual obligation.
When it absolutely, positively has to be there for the product demo overnight
We can make up the time in the air.
Why do pinned apps sometimes go to the end of the taskbar, rather than going into the “pinned apps” section of the taskbar?
That's not really a "pinned apps" section. It just looks like one.
Adventures in application compatibility: Calling an internal function
Clearly wandering into unsupported implementation details.
How can I log users off after a period of inactivity, rather than merely locking the workstation? Is there a “logoff” screen saver?
Putting together some building blocks.
What was the code name for Windows 7?
Windows 7.
Providing a small amount of additional control over what happens when an asynchronous I/O completes synchronously
An option named with kernel-colored glasses.
Brännboll: The rules for the casual viewer
The minimum you need to know.
After I made my DLL delay-load another DLL, my DLL has started crashing in its process detach code
You started without it. You should be able to finish without it.
Apollo 11 in real time: Follow the lunar landing mission as it happened
A fifty-year-old replay.
Windows NT services are assigned a SID based on an SHA-1 hash, but what about the risk of collision?
Those collisions are going to be hard to manufacture.
That time Dana Carvey went off script at the Microsoft Company Meeting
Timing is important in investing as well as comedy.
Cricket: The practical exam for 2019
How much did you understand the rules?
My initial confusion when encountering functions whose names begin with <CODE>Co</CODE>
We aren't in the math department any more.
Detecting in C++ whether a type is defined, part 5: Augmenting the basic pattern
Making things more convenient for specific scenarios.
Pesäpallo: The rules for the casual viewer
I wonder how much of this I got right.
Detecting in C++ whether a type is defined, part 4: Predeclaring things you want to probe
Declaring the thing whose definition you are looking for.
Detecting in C++ whether a type is defined, part 3: SFINAE and incomplete types
You can give something a name without saying what it is.
Detecting in C++ whether a type is defined, part 2: Giving it a special name
Maybe it's the real thing, makybe it's a fake.
A difference between cricket and baseball that most people don’t mention
The pitch invasion.
Detecting in C++ whether a type is defined, part 1: The initial plunge
Let's play games with unqualified name lookup.
I set the <CODE>OFN_NONETWORKBUTTON</CODE> option in the <CODE>OPENFILENAME</CODE> structure, but it has no effect on the network item in the navigation pane
But hey, at least it's not a button.
Baseball: The rules for the casual viewer
The minimum you need to know.
Generating good error messages from code analysis tools is harder than it looks
Describing the problem accurately, with enough diagnostics to chase the problem
Why does my attempt to index a collection with the <CODE>x:Bind</CODE> markup extension keep telling me I have an invalid binding path due to an unexpected array indexer?
Important detail stated by omission.
Cricket: The rules for the casual viewer
The minimum you need to know.
Microspeak: Ingestion
Let's hope it goes down easily.
A program to detect mojibake that results from a UTF-8-encoded file being misinterpreted as code page 1252
Because it happens.
2019 mid-year link clearance
Another checkpoint reached.
Why does the <CODE>GetVersion</CODE> function report the major version in the low-order byte, and the minor version in the high-order byte?
It seemed like a good idea at the time.
Why does Windows list my SSD system drive as removable?
Because the driver said it was removable.
Why was Windows for Workgroups pejoratively nicknamed Windows for Warehouses?
That's where most of the copies ended up, at least at first.
Detecting whether the <CODE>-opt</CODE> flag was passed to <CODE>cppwinrt.exe</CODE>: Using <CODE>__has_include</CODE>
Looking in the cushions of the couch.
The 2019 Microsoft Giving Campaign Run/Walk comes with some ground rules
Each rule has a story.
Getting a value from a <CODE>std::variant</CODE> that matches the type fetched from another variant
A bunch of type fiddling, but you'll get there eventually.
How do I write a function that accepts any type of standard container?
There's the standard way, and then there's the generous way.
What is WofCompressedData? Does WOF mean that Windows is a dog?
It stands for Windows Overlay Filter, but that name doesn't really tell you much.
A simple workaround for the fact that <CODE>std::equal</CODE> takes its predicate by value
Pass something else that is easy to copy.
Why does SetFocus fail without telling me why?
If you're going to replace part of the operating system, you have to replace the side effects, too.
What should you do if somebody passes a null pointer for a parameter that should never be null? What if it’s a Windows Runtime class?
They messed up, so make them suffer the consequences, but make the consequences diagnosable.
If you can use GUIDs to reference files, why not use them to remember “recently used” files so they can survive renames and moves?
Because the file that you think is the same file may not actually be the same file.
What order do the items in the “New” menu appear? It looks kind of random.
It's alphabetical order, but not in the obvious way.
How can I determine in a C++ header file whether C++/CX is enabled? How about C++/WinRT?
For conditionally enabling features, say.
The Resource Compiler defaults to CP_ACP, even in the face of subtle hints that the file is UTF-8
Subtlety is not its strong point.
Why does my C++/WinRT project get errors of the form "Unresolved external symbol <CODE>void* __cdecl winrt_<WBR>make_<WBR>YourNamespace_<WBR>YourClass(void)</CODE>"?
You enabled optimizations, but there's some extra bookkeeping to support those optimizations.
Why does my C++/WinRT project get errors of the form ‘<CODE>winrt::</CODE><CODE>impl::</CODE><CODE>produce<D, I></CODE>‘: cannot instantiate abstract class, missing method <CODE>GetBindingConnector</CODE>
The header file requirement was always present, but you often got away with omitting it. Not so much any more.
In the file copy conflict dialog, what happened to the option to copy the new file with a numeric suffix?
It's still there, but you have to dig a little deeper for it.
A bug so cool that the development team was reluctant to fix it
A nice parlor trick, if you had the memory for it.
I called AdjustTokenPrivileges, but I was still told that a necessary privilege was not held
Which token did you adjust?
Why does my C++/WinRT project get errors of the form “consume_Something: function that returns ‘auto’ cannot be used before it is defined”?
Narrowing down the source of the missing header file.
Why does my C++/WinRT project get errors of the form “unresolved external symbol … consume_Something”?
Declared but not defined, but what exactly wasn't defined?
In times of uncertainty, take your cue from the janitor
He's been there before.
Why does Explorer’s <I>New</I> menu take so long to appear the first time I open it?
It's trying to figure out what new things it can do.
Programming puzzle: Creating a map of command handlers given only the function pointer
Creating the magic decoder ring automatically.
Windows Runtime delegates and object lifetime in C++/WinRT
So many choices.
Windows Runtime delegates and object lifetime in C++/CX
You specify the lifetime rules, typically weak.
Windows Runtime delegates and object lifetime in C# and other GC languages
You've left the comfort of the CLR.
The secret signal that tells Windows Runtime events that the event recipient no longer exists
Watch out that you don't make the signal by mistake.
If each thread’s TEB is referenced by the fs selector, does that mean that the 80386 is limited to 1024 threads?
They don't all have to be different simultaneously.
When would CopyFile succeed but produce a file filled with zeroes?
Did the bytes actually make it to the disk?
Why are Bluetooth functions exported from the infrared control panel?
Artifacts of service pack constraints from long ago.
Mundane git commit-tree tricks, Part 7: Combining more than two files into one while preserving line history, manual octopus merging
Sometimes you just have to take things into your own hands.
Mundane git tricks: Combining two files into one while preserving line history
Starting with the two-file case.
Mundane git commit-tree tricks, Part 6: Resetting by reusing an earlier tree
Just take me back.
Mundane git commit-tree tricks, Part 5: Squashing without git rebase
Working completely from trees.
Mundane git commit-tree tricks, Part 4: Changing a squash to a merge
Retroactively removing a command line switch.
Mundane git commit-tree tricks, Part 3: Building a throwaway commit in order to perform a combined cherry-pick-squash
You can create a commit just so you can pick it.
Mundane git commit-tree tricks, Part 2: Building a merge commit manually out of a tree
A variation on a theme.
Mundane git commit-tree tricks, Part 1: Building a commit manually out of a tree
A little bit of plumbing.
Async-Async: Consequences for exceptions
The exception doesn't pop out until later.
Async-Async: Consequences for ordering of multiple calls in flight simultaneously
You don't know when they'll reach the other side.
Async-Async: Consequences for parameters to parallel asynchronous calls
Keep those parameter stable.
Async-Async: Reducing the chattiness of cross-thread asynchronous operations
Setting up fakes on both sides.
Spotting problems with destructors for C++ temporaries
It's sometimes later than you want.
How many ways are there to sort GUIDs? How much time do you have?
Look at all the pretty snowflakes.
How can I launch an unelevated process from my elevated process, redux
You can ask to execute it as if had been executed by somebody else.
The administrative assistant who lasted only one day: A legendary prank from days of yore
When you need to execute a prank effectively, hire a professional.
Why was Texas Hold ‘Em Poker a Windows Ultimate Extra instead of a built-in game?
Cultural sensitivity.
A little program to look for files with inconsistent line endings
Something I wrote.
On resolving the type vs member conflict in C++: The Color Color problem
You have to nudge the compiler in the right direction.
How arbitrary is the ArbitraryUserPointer in the TEB?
Another identifier defined with kernel-colored glasses.
What does this strange value for “Percent CPU” mean in Performance Monitor?
It's the percent CPU, but you have to undo the various adjustments you requested.
Microspeak: Occupant compression
Ouch, it hurts when you squeeze me there.
Today is tax day, but it’s also division meeting day, so let’s get you some forms to fill out
Render unto Caesar, but ask for a little more time.
How can a desktop app use a Windows Runtime object that infers UI context from its thread? The IInitializeWithWindow pattern
Explicitly associating with a window handle.
How can I determine the reason why my window is closing?
Listen for signals.
Even if you open a file with GUID, you can still get its name, or at least one of its names
GetFinalPathByHandle works even for files opened by ID.
When I select multiple files in the File Open dialog, why does the last item come first?
Because it's the focus.
Optimizing your cafeteria meal card stockpile
What's the rate of return on Microsoft cafeteria meal cards?
What does it mean when my attempt to stop a Windows NT service fails with ERROR_BROKEN_PIPE?
The Service Control Manager lost contact with the service, but why?
Why do we need atomic operations on the 80386, if it doesn’t support symmetric multiprocessing anyway?
You might race with yourself.
Dubious security vulnerability: Code execution via LNK file
The hard part is getting them to execute it in the first place.
On the bogosity of speculation: Guessing the price of the original Surface
Scraping the barrel.
Oh no, it’s inspection time again
Great moments in history.
C++/WinRT envy: Bringing thread switching tasks to C# (WPF and WinForms edition)
More magic tasks that break out of the thread configuration mold.
C++/WinRT envy: Bringing thread switching tasks to C# (UWP edition)
Magic tasks that break out of the thread configuration mold.
How do I wait for the completion of the delegate I passed to <CODE>CoreDispatcher.</CODE><CODE>RunAsync</CODE> and <CODE>ThreadPool.</CODE><CODE>RunAsync</CODE>?
You'll need your own signal.
When do <CODE>CoreDispatcher.</CODE><CODE>RunAsync</CODE> and <CODE>ThreadPool.</CODE><CODE>RunAsync</CODE> actions complete?
When the delegate returns, not when it completes.
What does the N in nmake stand for?
It's old now, but at the time, it was new.
Vintage Computer Festival Pacific Northwest 2019
For all your retro-computing gawking.
Turning anything into a fire-and-forget coroutine
Turning on the metaprogramming.
Expressing fire-and-forget coroutines more explicitly, -or- How to turn any coroutine into fire-and-forget
Putting it at the call site instead of in the function itself.
<CODE>winrt::fire_and_forget</CODE> was too forgetful
Usually, you don't care when it finishes, as long as it does.
Why does my app’s uninstaller disappear from the Start menu?
Keeping things tidy.
How do I design a class so that methods must be called in a certain order?
Consider it a chain of operation objects.
How can we use IsBadWritePtr to fix a buffer overflow, if IsBadWritePtr is itself bad?
Don't catch the overflow as it happens. Stop the overflow before it happens.
Resolving security issues sometimes involves its own degree of managing people’s egos
It's not purely technical. There's sociology here, too.
Welcome to my new home on the Microsoft Developer Tools and Services blog site
Pardon the dust.
Why is there a limit of 15 shell icon overlays?
Ran out of bits.
Asking for clear written documentation that “Require trusted path for credential entry” is no longer recommended
It was never recommended in the first place.
Precision questioning: The cynical description
Just keep digging.
Even if your assembly language code doesn’t call any Windows APIs, you still have to follow the ABI
You're not off by yourself; you're part of a society.
What order are pages in a memory-mapped file flushed out to disk?
There isn't one.
How do I destruct an object that keeps a reference to itself, because that reference prevents the object from being destructed
Keep a reference to the right thing.
Predator-prey reversal: Rock lobsters vs whelks on Malgas Island and Marcus Island
Multiple stable configurations.
Alternate definitions for English words, as inferred from bug reports
Lost in translation.
My initial frustration trying to configure our internal VoIP phones that were integrated with instant messaging
A combination of settings that the feature team considered nonsensical.
How to compare two packed bitfields without having to unpack each field
The magic carry-out vector.
How should I report errors from my Windows Runtime API?
It depends on what kind of error it is.
The std::map subscript operator is a convenience, but a potentially dangerous one
It makes code easy to read, but things happen behind the scenes you may not be expecting.
How to draw a nifty text box in your email message
This one weird trick.
That time the CEO of a company complained to Congress about Windows file extensions
Four fingers pointing back.
The 2019/2020 Seattle Symphony subscription season at a glance
The pocket reference guide for 2019/2020.
How do I permit a minus sign to be entered into my edit control, but only if it’s the first character?
Check the insertion point.
How do I allow negative numbers with the <CODE>ES_NUMBER</CODE> edit control style?
You'll have to roll your own.
The early history of the <CODE>ES_NUMBER</CODE> edit control style
It's just a little style bit.
How do I convert all these strange Unicode digits into the ones I remember from Sesame Street?
Know when to fold'em.
How can I check in Win32 whether a Unicode character is any kind of digit?
Ask for its character type.
Accidentally creating a choke point for what was supposed to hand work off quickly to a background task, part 3
Keeping the MTA alive without a thread.
Accidentally creating a choke point for what was supposed to hand work off quickly to a background task, part 2
Synchronizing on the thread pool makes you wait for the thread pool.
Accidentally creating a choke point for what was supposed to hand work off quickly to a background task, part 1
A few simple decisions accumulate and interact.
The Intel 80386, part 17: Future developments
Where we went next.
The Intel 80386, part 16: Code walkthrough
Putting the information into practice.
The Intel 80386, part 15: Common compiler-generated code sequences
Recognizing the patterns.
The Intel 80386, part 14: Rescuing a stack trace after the debugger gave up when it reached an FPO function
Pretend to be the computer.
The Intel 80386, part 13: Calling conventions
A refresher course.
The Intel 80386, part 12: The stuff you don’t need to know
For completeness but not for usefulness.
The Intel 80386, part 11: The TEB
I need another register, let's see what scraps I can find.
The Intel 80386, part 10: Atomic operations and memory alignment
Not much to work from.
The Intel 80386, part 9: Stack frame instructions
For creating and tearing down stack frames.
The Intel 80386, part 8: Block operations
One of the highly specialized groups of instructions.
The Intel 80386, part 7: Conditional instructions and control transfer
Maybe yes, maybe no.
The Intel 80386, part 6: Data transfer instructions
Keeping things moving.
The Intel 80386, part 5: Logical operations
Fiddling with bits.
The Intel 80386, part 4: Arithmetic
The things that computers do.
The Intel 80386, part 3: Flags and condition codes
It's just a bunch of stuff that happened.
The Intel 80386, part 2: Memory addressing modes
Thirteen different ways to access memory.
The Intel 80386, part 1: Introduction
Hitting a bit closer to home.
How do I get the effect of C#’s async void in a C++ coroutine? Part 3: Simplifying the boilerplate
Factoring it out.
How do I get the effect of C#’s async void in a C++ coroutine? Part 2: Keeping track of the lifetimes
There are two types of lambdas you have to write, so why not write two lambdas?
How do I get the effect of C#’s <CODE>async void</CODE> in a C++ coroutine? Part 1: Why does the obvious solution crash?
Wrap it up, but watch out how you do it.
Don’t pass lambdas (or other multi-line entities) as parameters to macros
It makes debugging much more difficult.
Why would the incremental linker insert padding between section fragments?
So it can be incremental more easily.
Why do we even need to define a red zone? Can’t I just use my stack for anything?
I mean, it's my stack, isn't it?
Why am I getting mojibake when I try to create a window?
Look for the character set mismatch.
It rather involved being on the other side of this airtight hatchway: Messing with somebody’s registry
Getting to the other side is left as an exercise.
<CODE>STATUS_<WBR>STACK_<WBR>BUFFER_<WBR>OVERRUN</CODE> doesn’t mean that there was a stack buffer overrun
It used to mean that, but now it can mean other things, too.
The GetRegionData function fails if the buffer is allocated on the stack. Is it allergic to stack memory or something?
One of the lesser-known ground rules.
A trick for keeping an object alive in a C++ lambda while still being able to use the <CODE>this</CODE> keyword to refer to it
Capture it twice, once for the money, and once for the show.
Why am I getting mojibake when I try to create a shell link?
Make sure the thing you ask for is the thing you want.
How can I prevent a WebView control from opening a browser window?
It will check with you first, but you have to be listening.
Why does the elevation prompt have only the wallpaper as its background?
Caught unprepared.
2018 year-end link clearance
We made it to the end!
The case of the orphaned critical section despite being managed by an RAII type
Rolling up the debugging sleeves.
<CODE>SHOpenRegStream</CODE> does not mix with smart pointers
Old school meets new school, again.
Don’t forget: std::pair does lexicographical ordering, so you don’t have to
Let it do the comparing.
How do I save the results of a file search in Explorer? Not the query itself, but the results
Copy them to the clipboard.
Random internal Windows terminology: IDW, Razzle, and their forgotten partners IDS and Dazzle
A peek behind the history of the terms.
On the attempts to resurrect Space Cadet Pinball
Not many options remain.
In 16-bit Windows, some per-process data structures were really per-data segment
You just have to set up a private data segment.
It rather involved being on the other side of this airtight hatchway: Hanging the loader
You're already there. No need to brag.
How come Explorer reports higher disk space used on my volume than my third party disk space tool?
It's probably in a place your tool can't see.
Not getting past the title: This is not the bug you’re looking for
The title contains the same word, but that's about the only thing that's the same.
The case of the mysterious LoadLibrary error message after signing in
A little screen shot forensics.
How can I programmatically wait until the taskbar has finished booting completely before I create my notification icon?
It will let you know.
How can I programmatically wait until the system has finished booting completely before doing my own computations?
Your observation of the system mutates the system.
Why doesn’t my lock screen image change after I replace the image file?
It got captured when it was set.
When a customer asks for something unsupported, and they promise not to get upset when it stops working, don’t believe them
Because they'll be back.
The case of the buffer overflow vulnerability that was neither a buffer overflow nor a vulnerability
Not quite knowing how assembly language works, I guess.
Xformer 10: The Atari 800 emulator has gotten a huge update
It's over 30 years old, but can still be improved, and it sure did.
How is it that WriteProcessMemory succeeds in writing to read-only memory?
Because it tries really hard.
How can dereferencing the first character of a string take longer when the string is longer? I’m looking only at the first character, which should be constant time
There's a lot hiding in that <VAR>O</VAR>.
The plural of Nexus is Nexūs, in case you cared (which you almost certainly don’t)
Only for Latin nerds.
Why can’t I close windows directly from the Alt+Tab interface in Windows Vista?
Elevation and interruption.
Choosing error codes based on a really nice <CODE>#define</CODE> doesn’t necessarily lead to a readable message to the user
Device not ready? What device?
Why does Clipboard.SetData put extra junk in the clipboard data? And how can I get it to stop?
Strings and things, but you need the things.
Taking advantage of the ordering guarantees of the LINQ GroupBy method
Sorting and grouping in a particular way.
What happens if I mutate a string in a p/invoke?
It seems to work, for specific meanings of "seems".
Nifty trick: Combining constructor with collection initializer
Two great tastes that work great together.
What’s up with Code Analysis rule CA2202: Do not dispose objects multiple times?
It's trying to get inside your head.
If activation of your gift card lasts more than four hours, consult a physician immediately
Is it ready yet?
The default number of threads in an I/O completion port is the number of processors, but is that logical or physical processors?
How much stuff can happen at once?
How can I make a dialog box right-to-left at runtime?
You'll have to get that style change in quickly.
Trying to allocate the same virtual address in multiple processes
But what are you going to put there?
For a brief period, the kernel tried to deal with gamma rays corrupting the processor cache
Not sure what good it does.
How do I suppress the “Did you mean to switch apps?” warning message from my XAML WebView control?
It will ask you what to do, and you can tell it to do nothing.
The Moncler 1 Pierpaolo Piccioli, your high fashion for the elegant parties that take place in a walk-in freezer
I'm sure it looks better after you unpack it from the bubble wrap.
Closing the race window between creating a suspended process and putting it in a job
Start it there from the beginning.
Songs with every other beat removed, how to make your own!
Sounds familiar, but oddly wrong.
How do I revert a control back to its default theme?
The special signal.
What’s the point of passing a never-signaled event to MsgWaitForMultipleObjects?
It's a placeholder for something that didn't need a placeholder.
Saying good-bye to the original Microsoft Redmond campus
The home of many memories, perhaps not all good ones.
The case of the System process that consumed a lot of CPU
Let's look at the performance trace.
Gotchas when using linker sections to arrange data, part 2
An unexpected null could throw the whole thing out of alignment.
Gotchas when using linker sections to arrange data, part 1
Nulls can show up in unexpected places.
Using linker segments and __declspec(allocate(…)) to arrange data in a specific order
Getting the ducks in a row, in order.
Dubious security vulnerability: A program that adds a user to the Administrators group in the usual way
This is a perfectly legitimate program.
Sure, you can implement your own cryptographic service provider for a standard algorithm, but why would you?
You are signing up for a very big world of hurt.
Why does the MonthCalendar control show the wrong week numbers in Romania?
Wrong from whose point of view?
In the state of Washington, you are allowed to turn left on a red light onto a one-way street
And freeway onramps count as one-way streets.
If the prototypes of DispatchMessageA and DispatchMessageW are identical, why have both?
Because there's still a character set dependency.
Dulce et decorum est pro patria party
Anyone up for a toga party?
What happened to the Arial Unicode MS font?
It couldn't do what it was originally created to do.
The case of the oplock deadlock poppycock
Call Sherlock.
How do I prevent users from using the mouse to drag the trackbar thumb to positions that aren’t multiples of five? Part 2: Nudging the thumb position
A little nudging here, a little nudging there.
How do I prevent users from using the mouse to drag the trackbar thumb to positions that aren’t multiples of five? Part 1: Reframe the problem
Make <I>everything</I> a multiple of five.
Adding a Ctrl+arrow accelerator for moving the trackbar by just one unit, part 2: Second try
Intercepting the thumb motion.
Adding a Ctrl+arrow accelerator for moving the trackbar by just one unit, part 1: Initial plunge
The obvious thing starts to get out of hand.
Why does the Entry Point Not Found error dialog sometimes not include the name of the missing entry point?
Because the name is too long.
File-extending writes are not always synchronous, which is entirely within the contract
It is an option but not a requirement.
After reporting a non-responsive program to Windows Error Reporting, why does the process spawn a suspended child process?
That's just a ghost, a shadow of the original.
What does the “Ae” stand for in AeDebug?
I'm not sure, but I think it's Application Error.
Why does Windows ask me to pick a program with which to open a file, even when I already specified which program I want to use to open the file?
It's just double-checking after the situation has changed.
How can I programmatically inspect and manipulate a registry hive file without mounting it?
Enter the offline registry library.
So, um, what are we looking at?
The wonders of nature, perhaps.
Why doesn’t GetTextExtentPoint return the correct extent for strings containing tabs?
It doesn't do carriage control.
How can I include/exclude specific memory blocks in user-mode crash dumps?
Add it to the inclusion or exclusion list.
Notes on DrawText and tab stops
You can ask, but then you can't ask for other things, unless you ask a different way.
The numerology of the sample directory listing in the Windows 95 font selector property sheet page
Leave a thumbprint.
When I call <CODE>CryptProtectData</CODE> with the same parameters, why aren’t the results identical?
A little added seasoning.
How can I use <CODE>WS_</CODE><CODE>CLIPCHILDREN</CODE> and still be able to draw a control with a transparent background?
Removing all the barriers to painting, perhaps too many.
Can I be sure that turning on automatic generation of short file names will get me short file names?
You can try hard, but it may not succeed.
Practical example of why you need to leave room for German localization
Try to say it all in one breath.
All sorts of bad things happen when we disable the Task Scheduler service, is that bad?
Well, it sure doesn't sound good.
Generating a table with vertical text, like I did with the sad history of the C++ <CODE>throw(…)</CODE> exception specifier
Here's how I did it.
The sad history of the C++ <CODE>throw(…)</CODE> exception specifier
I promise not to throw, but who's going to check?
Can you wear wallpaper on your feet? You can if it’s a PARTY.BMP!
Wearing your history.
Considering the performance implications of converting recursion to an explicit stack
Another game of trade-offs and balances.
What does the thread parameter to <CODE>SetWindowsHookEx</CODE> actually mean?
What does it mean to be "associated" with a thread?
How do I prevent my program’s temporary documents from appearing in Search?
Put them in the right place.
Why does the compiler turn my conditional loop into an infinite one?
It's all in the threading.
Why is <CODE>regsvr32</CODE> exiting with code 3?
Coming up with theories and ways to test those theories.
What do the various <CODE>regsvr32</CODE> exit codes mean?
Reporting which step the problem occurred at.
Why did every Windows 3.0 DLL have an exported function called WEP?
The Windows Exit Procedure.
Why is Alt+F4 the hotkey for closing a window? Why not Alt+F5 or Alt+F3?
It was the next one available.
A lack of species sensitivity when serving pizza to guests
This bacon thing is getting out of hand.
What defines an old-style common dialog?
Going back into the Before Time.
Why does the Zune HD have the message “For our Princess” on the inside of the case, and why is she a princess?
A tribute to a team member who passed away.
Raising the colon off the ground
Not something your gastroenterologist says, surprisingly.
Anything is a soldering kit if you’re brave enough: The MOnSter 6502
Are you nuts? Probably.
How do I get the system to run my program in this very special way?
You can set up the special way yourself.
Le Chatelier’s principle in action: Notifications
Let me notify you about things you don't care about.
How can I conditionally compile based on a preprocessor macro value, while ensuring that the macro is correctly spelled?
Another stupid preprocessor trick.
Removing the <CODE>TerminateThread</CODE> from a DLL that needs to shut down a helper thread at unload
Designing it out again.
What does it mean for a window to be Unicode?
The expected character set of the current window procedure.
How do I request that my out-of-process COM server run unelevated?
Back to the interactive user.
Apparently they know more information about me than me, but dare I ask?
Blind content retweeting.
That time the Word team hired somebody who never showed up, who turned out to be an important member of the team in spite of not being on it
Well, we've got the nameplate at least.
Removing the <CODE>TerminateThread</CODE> from code that waits for a job object to empty
Designing it out.
The early history of Windows file attributes, and why there is a gap between System and Directory
One, two, four, sixteen.
Obsolete Microspeak: TDBN and the six-pack
Old Windows 8 terminology.
The evolution of Windows 8 charms
For regaling people at your next cocktail party, perhaps.
How do I force the Task Manager window closed whenever it opens?
Um, that's not really your decision.
The Windows 95 team were proud slackers
Another adopted slight.
The PowerPC 600 series, part 14: Code walkthrough
Putting the theory into practice.
The PowerPC 600 series, part 13: Common patterns
How to recognize different kinds of jumps and calls.
The PowerPC 600 series, part 12: Leaf functions
Making do with what you are given.
The PowerPC 600 series, part 11: Glue routines
Binding the two sides together.
The PowerPC 600 series, part 10: Passing parameters, function prologues and epilogues
The most dangerous parts of flying a function are take-off and landing.
The PowerPC 600 series, part 9: The table of contents
Finding your bearings.
The PowerPC 600 series, part 8: Control transfer
Jump around.
The PowerPC 600 series, part 7: Atomic memory access and cache coherency
How to avoid a break-up.
The PowerPC 600 series, part 6: Memory access
Load 'em up.
The PowerPC 600 series, part 5: Rotates and shifts
Get out your Swiss army knife.
The PowerPC 600 series, part 4: Bitwise operations and constants
Twiddling around.
The PowerPC 600 series, part 3: Arithmetic
Who knew there were so many ways to add numbers.
The PowerPC 600 series, part 2: Condition registers and the integer exception register
Keeping track of things that happened.
The PowerPC 600 series, part 1: Introduction
Here we go again.
A puzzle aboard the Anacortes-Sidney ferry: How do the cars get off?
At an apparent impasse.
Creating an awaitable lock for WinJS and JavaScript Promises
Rolling onward.
Creating an awaitable lock for C++ PPL tasks
Rolling our own.
Creating an apartment-aware PPL task from nothing
It says it has to be <CODE>IAsyncAction</CODE>- or <CODE>IAyncOperation<T></CODE>-derived, so let's do that.
Server names: One of the remaining places where IT managers can be a little silly
Usually by establishing a theme.
Dark Pattern: Opt-in above the fold, but opt-out below the fold
Don't stop yet. Read all the way to the end.
Is the <CODE>TerminateThread</CODE> function synchronous?
Nope. It merely starts the termination but does not wait for the termination to complete.
What happens to custom unhandled exception filters if a debugger is not running?
Nothing, that's what. Absolutely nothing.
Why are my file write operations synchronous, even though I opened the file as <CODE>FILE_<CODE></CODE>FLAG_<CODE></CODE>OVERLAPPED</CODE>?
Extending the valid bytes is always synchronous.
Pushing the boundaries of cryptography in a security vulnerability report
If it's what you say, then you don't need a supercomputer.
The heavy metal umlaut reaches baked goods
For that extra Germanic oomph.
How do I trigger an EN_UPDATE notification for all of my edit controls when the user’s locale information changes?
It's your edit control, so you can do it yourself.
How can I get the actual window procedure address and not a thunk?
Match the character set of the top-level window procedure.
When is it appropriate to use the current processor number as an optimization hint?
Try not to let it slip out from under you.
Sure I can protect data with CryptProtectData, but how do I remove the ability to decrypt it?
You can put a secret in the nonce, though it's not really a secret by that point.
What is this vmmem program that is using up all my CPU and memory?
That's where your virtual machine resource usage goes.
Internal training video on expense reports contains inconsistency: Alert the media!
Was this a test? I'm not sure.
Warning: Ruler is not to scale
Inches enlarged to show texture.
When generating a random password, the result must still be a valid string
Invalid strings can't round trip through multiple encodings.
Why does a non-recursive <CODE>ReadDirectoryChangesW</CODE> still report files created inside subdirectories?
Because they do affect the top-level directory.
Const methods don’t prevent a method from having side effects
Though they shouldn't if you know what's good for you, but the compiler doesn't know whether you know what's good for you.
How do I change the password of another user without having to sign in as them?
You can do it from the password change screen.
Stop merging if you need to cherry-pick
An opposing view from the VSTS team.
The case of the very large memory blocks of the same size, mostly zero, but whose nonzero bytes follow a pattern
Some initial pattern recognition, followed by an ad-hoc tool.
How can I detect whether the user is logging off?
It's hidden as a strange sort of system metric.
The Windows Calculator no longer generates tiny errors when calculating the square root of a perfect square
Tweaking the algorithm.
Did you happen to lose something in the Amstel River? Say within the past 500 years?
Maybe you can find it here.
How can I determine why the System process is listening on port 80?
netsh can tell you.
Consider the environment: Do you want a receipt?
Actually, I don't really care whether you want one. The decision is foregone.
2018 mid-year link clearance
Reaching the halfway point.
How can I detect from the preprocessor what a macro’s definition is?
Evil preprocessor tricks.
Lock free many-producer/single-consumer patterns: A work queue of distinct events, order not important, follow-up question
We try to minimize spurious wake-ups, but eliminating them is probably not worth the effort.
Taking advantage of the asymmetry of offline compression
You can spend a lot of time compressing, but decompression still needs to be fast.
The cost/benefit analysis of comparing before an assignment
Factors pull in both directions. The result is a balance.
How I learned to type
On an old manual typewriter.
What can influence how much stack is consumed when sending a message?
Who wants to know? No really, that's the answer.
When I intentionally create a stack overflow with <CODE>SendMessage</CODE>, why do I sometimes not get a stack overflow?
It depends on what overflows first.
Microspeak: knobs
Configuration settings, basically.
Woodworking, the opposite of software development
According to self-reported data from one person who could have just made it up.
Is there a problem with <CODE>CreateRemoteThread</CODE> on 64-bit systems?
There's more to injecting code than copying bytes.
How do I programmatically control the order of my program’s notification icons?
That's not something you can control programmatically.
Even though the brand is called One A Day, none of them actually should be taken one a day
For large values of one.
Why does the CREATOR_OWNER SID sometimes reset itself to the object’s current owner rather than its original owner?
It's a snapshot, but you can ask for a new snapshot.
Stupid <CODE>cmd.exe</CODE> tricks: Entering a directory that doesn’t exist, then immediately leaving
It's as if it never existed. Oh wait, it never existed.
Where is the Seattle BoltBus stop?
Adjacent to the Uwajimaya parking lot on 5th, at least as of this writing.
Pulling the rug out from under an internet protocol
Extracting maximum value from licensing.
Unusual choice of units: 1.8 billion square millimeters
So many yet so small.
Why does GetServiceDisplayNameA report a larger required buffer size than actually necessary?
It's making a conservative guess.
What is this weird constructory syntax <CODE>C::C()</CODE>?
An archaic syntax from ancient times.
The unhandled exception filter is the responsibility of the process; don’t change it without permission
It's only common courtesy.
Stupid <CODE>cmd.exe</CODE> tricks: Changing directories with forward slashes instead of backslashes
Provided it doesn't look like a switch.
Adventures in application compatibility: Following a detour off a cliff
An arrow pointing to nowhere.
How can I write a program that monitors another window for a title change?
Accessibility saves the day once again.
How can I obtain the heap from which a heap block was allocated?
You'll have to keep track of that yourself.
When you call <CODE>OpenThreadToken</CODE> while impersonating, you have to say who is asking for the thread token
I am for you.
The alphabet, in alphabetical order, in various languages
From A to Z, or beyond.
How do I get file version information from the command line?
PowerShell does for you.
How are <CODE>BitBlt</CODE> raster opcodes calculated?
The complicated language of raster operation codes.
My namespace importing trick imported the same three namespaces into each top-level namespace, yet it worked?
They are different namespaces, spelled the same.
How do I create a disabled checkbox for a listview item?
A little state image magic.
If you say that your buffer can hold 200 characters, then it had better hold 200 characters
Otherwise the mistake is on you.
Why does the install date and size of a program change roughly two days after I install it, even though no changes were made to the program in the meantime?
Because the system is trying to fill in missing information.
Maintaining Notepad is not a full-time job, but it’s not an empty job either
Adding features by removing code.
Misdirected security vulnerability: Malformed file results in memory corruption
Who did the corrupting?
How do I create a SAL annotation for a structure with a variable-length array?
The <CODE>_Field_size_</CODE> annotation does the trick.
C++ namespace parlor tricks
Shuffling names around.
Why is Windows Compressed Folders (Zip folders) support stuck at the turn of the century?
Because that's where we last left it.
For a brief period, Windows 95 could run Windows 3.1 in a virtual machine
The ultimate in backward compability.
Why can’t FindWindowEx find another program’s window by name?
Are you sure it's there?
On the difficulty of getting pixel-perfect layout in Win32 dialog templates
That's not what it's for.
Why does my shortcut to a nonexistent file end up with spaces changed to underscores?
Trying to make the best of a bad situation.
Microspeak: ZBB, recall class, glide path, and RTM
Bug tracking jargon.
After all, it’s called a hotkey, not a hotcharacter
Hotkeys are based on keys.
See you at Build 2018 next week
Hopping across the lake.
Avoiding deadlocks when cancelling a thread pool callback, part 2: Referring back to the containing object
Run it, but only as long as I still exist.
Avoiding deadlocks when cancelling a thread pool callback, part 1: External callback data
Breaking the deadlock by disassociating from the thread pool.
How to avoid accessing freed memory when canceling a thread pool callback
Making sure everybody is done before you free it.
Windows 10 virtual desktops are a window management feature, not a security feature
It's just for helping you focus.
The seasoned pianist’s guide to musical collaborators
What's it like working with others?
I don’t know how I managed to be presenting at the same conference as Dona Sarkar
Maybe if I hang out with her enough, some of the cool will rub off.
A cute hidden message in a image to entertain you while you wait
Pull out your handy decoder ring.
How can I have my program execute some code only if run from the Visual Studio debugger?
Let's look at the problem rather than the question.
Microspeak: Tented
No peeking into the tent.
It rather involved being on the other side of this airtight hatchway: Passing invalid parameters from kernel mode to another kernel-mode function corrupts the kernel (who knew?)
You're already deep on the other side.
The early history of redundant function pointer casts: MakeProcInstance
The generic function pointer.
The MIPS R4000, part 15: Code walkthrough
Let's look at some code.
The MIPS R4000, part 14: Common patterns
How to recognize different kinds of jumps and calls.
The MIPS R4000, part 13: Function prologues and epilogues
Keeping the unwinding bookkeeping straight.
Whoa, that fitness tracker is a really expensive watch
And you only have to recharge it every few days, instead of every two years.
The MIPS R4000, part 12: Calling convention
Pretty standard… for a MIPS.
The MIPS R4000, part 11: More on branch delay slots
I guess this really confuses people.
The MIPS R4000, part 10: Trampolines and stubs
You can't get there from here, at least not in one go.
The MIPS R4000, part 9: Branch delay slot parlor tricks
Technically legal, but strange.
The MIPS R4000, part 8: Control transfer
Branch, but wait, not quite yet.
The MIPS R4000, part 7: Memory access (atomic)
Load and lock, erm, link.
The MIPS R4000, part 6: Memory access (unaligned)
Split 'em up.
The MIPS R4000, part 5: Memory access (aligned)
Simple loads and stores.
The MIPS R4000, part 4: Constants
Load them up, a half at a time.
The MIPS R4000, part 3: Multiplication, division, and the temperamental HI and LO registers
You have to treat them nicely or they will refuse to coöperate.
The MIPS R4000, part 2: 32-bit integer calculations
The usual suspects.
The MIPS R4000, part 1: Introduction
Here we go again.
Why is it cheaper to fly out of Vancouver for spring break instead of Seattle, while also being cheaper to fly out of Seattle for spring break instead of Vancouver?
Study the school schedules.
How do I choose between the strong and weak versions of compare-exchange?
It depends on how bad a spurious failure is for your algorithm.
Geology throwdown: The whisper of the rocks
Listen or don't listen. Pick a side.
What’s up with <CODE>compare_</CODE><CODE>exchange_</CODE><CODE>weak</CODE> anyway?
It's handy for certain classes of processors.
When I memcpy a struct into a std::atomic of that struct, why does the result not match?
You're storing it wrong.
The WMI root node is just a node in the WMI namespace
Don't let the name fool you.
A rare opportunity to fact-check the “celebrity net worth” sites
Well, technically it's "north".
What are the odds that two pull requests get completed at the exact same time?
Merges do not occur instantaneously, so there is a window of opportunity for overlap.
Stop cherry-picking, start merging: Index
For one-stop reading.
Stop cherry-picking, start merging, Part 10: Web-based workflow for Azure DevOps (formerly VSTS)
Clicking your way to a merged cherry-pick.
The mystery of the stalker dental hygienist
Haven't I seen you before?
Stop cherry-picking, start merging, Part 9: Chasing the commit
Catch the train.
Stop cherry-picking, start merging, Part 8: How to merge a partial cherry-pick
Pick what you want.
Stop cherry-picking, start merging, Part 7: Preventing a change from leaving a branch
More advanced merge base tricks.
Stop cherry-picking, start merging, Part 6: Replacing the temporary fix with the permanent fix
Advanced merge base tricks.
Stop cherry-picking, start merging, Part 5: Exploiting the three-way merge
Making sure you have the correct merge base.
Stop cherry-picking, start merging, Part 4: Exploiting the recursive merge algorithm
Recursive merging for fun and profit.
Stop cherry-picking, start merging, Part 3: Avoiding problems by creating a new merge base
Move the cherry-pick into the merge base so that git knows it exists in both sides.
Stop cherry-picking, start merging, Part 2: The merge conflict that never happened (but should have)
You wish you got a merge conflict, but you didn't.
Stop cherry-picking, start merging, Part 1: The merge conflict
Setting the pieces into motion.
Torsken har ankommet
Cod you believe it?
Why is the daylight saving time cutover time 1 millisecond too soon in some time zones?
Another other time zone anomalies.
What’s the difference between CreateTimerQueueTimer and SetThreadpoolTimer?
They are both the same thing under the covers.
When MSDN says <CODE>NULL</CODE>, is it okay to use <CODE>nullptr</CODE>?
One of many equivalent formulations.
Microspeak: The triad, the ad-hoc acronyms that result, and the arithmetic problem 3 × 3
There are six possible ways of arranging them. Surely one of them must look good.
Inadvertently designing a horrible time and date picker
Perhaps inspired by the worst possible volume control.
If I call GetExitCodeThread for a thread that I know for sure has exited, why does it still say STILL_ACTIVE?
Because that's not the thread handle you think it is.
How does Task Manager choose the icon to show for a process?
It uses your window icon, and if you don't have a window, then it starts hunting.
An amusing story about a practical use of the null garbage collector
The computer itself ceases to exist.
It rather involved being on the other side of this airtight hatchway: Replacing an unsigned writable MSI package
Another case of the insecurely-configured system.
I just met you, and this is crazy, but here’s my callstack. Debug me maybe.
You gave me nothing at all, but still, you're in my way.
The 2018/2019 Seattle Symphony subscription season at a glance
The pocket reference guide for 2018/2019.
How do I make sure that my shell extension is at the top of the context menu?
The battle for absolute supremacy continues.
Why does IsPathRelative return FALSE for paths that are drive-relative?
It's complicated.
How can I call freopen but open the file with shared access instead of exclusive access?
Coming through the back way.
We couldn’t create a new partition or locate an existing one, possible workarounds
Well, it worked for me.
This is a race the display driver wouldn’t normally expect to lose
But flukes can happen.
So what is a Windows “critical process” anyway?
<CODE>IsProcessCritical</CODE> tells you whether a process is critical, but what does that mean?
Why are there two kinds of Universal Windows apps, one for Windows 8 and another for Windows 10?
Universality is not universal.
What’s the difference between the zero width non-joiner and the zero width space?
Are you separating two words?
When Windows copies a file, does it ever copy bytes that are in the slack space?
Keeping tabs on the slackers.
There are no bugs in the I/O manager
True each time it is uttered.
Optimizing <CODE>BitBlt</CODE> by generating code on the fly
Artisanal bit block transfers made to order.
What do the output values from CoGetApartmentType mean?
Four types of threads, possibly in the neutral apartment temporarily.
Why does misinterpreting UTF16-LE Unicode text as ANSI tend to show up as just one character?
Because you're probably working in the ASCII subset.
Microspeak: POR
The plan of record.
// If this happens, I am going to quit and become a barista
Maybe you should check if Starbucks is hiring.
The case of the SRWLock violation in a thread pool work item
Application verifier tells the story.
Spurious wake-ups in Win32 condition variables
Another peek behind the curtain.
How can I get a signature for a Windows system that will remain unchanged even if the user reinstalls Windows?
The SystemIdentification class will give you something.
Communication by hand signals, and other complex coordination problems
The secret language.
Why does hypervisor remain enabled even when Hyper-V is disabled in Windows Features?
Because somebody else needs it.
Microspeak sighting: over-index
It's like birdwatching, but for words.
Well that was a helpful error message
I guess they don't know what went wrong either.
The saga of Heartland vs. The United States Beet Sugar Association
Is molasses a foreign substance with respect to sugar?
How can I reserve a range of address space and create nonzero memory on demand when the program reads or writes a page in the range, even when multithreading?
Some memory mapping magic.
Like love, taxes make people do the strangest things
Tariff engineering.
How can I reserve a range of address space and create nonzero memory on demand when the program reads or writes a page in the range?
Swizzle me this.
How can I reserve a range of address space and receive notifications when the program first reads or writes a page in the range?
Be in the exception handler chain.
Microspeak: Impedance mismatch
Any kind of mismatch, really.
The history of change-packing tools at Microsoft (so far)
They all say "pack" for one reason or another.
A helper template function to wait for a Win32 condition variable in a loop
Another case of the spurious wake-up.
Stuff my father-in-law says: On taking the train
A five-minute tour.
A helper template function to wait for WaitOnAddress in a loop
Because this is what you always have to do.
Why does <CODE>HRESULT</CODE> begin with H when it’s not a handle to anything?
Well, it used to be a handle.
As far as the French government is concerned, I am the expert on Windows XP
At least it's my name on the paperwork.
How do I know that Resource Monitor isnt just retaining a handle to the terminated process?
Let's try it again, with feeling.
Why don’t context menus respect the UI state for keyboard accelerators?
Well, technically, they're a separate window.
What does it mean when the documentation says that you must specify the app in the system’s metadata before you can retrieve <CODE>SmbiosInformation</CODE> properties?
It's talking to a specific "you" that's not you.
Why is there a semicircular bar at the base of the ORCA card reader?
Another mystery.
How do I get the computer’s serial number? Consuming Windows Runtime classes in desktop apps, part 5: PowerShell
Now we're cooking with power.
How do I get the computer’s serial number? Consuming Windows Runtime classes in desktop apps, part 4: C#
Over into managed code.
How do I get the computer’s serial number? Consuming Windows Runtime classes in desktop apps, part 3: C++/WinRT
Getting into the modern swing of things.
How do I get the computer’s serial number? Consuming Windows Runtime classes in desktop apps, part 2: C++/CX
Annoying to set up, but easier to use.
How do I get the computer’s serial number? Consuming Windows Runtime classes in desktop apps, part 1: Raw C++
We can do this the easy way or the hard way. Let's do it the hard way.
Why are the module timestamps in Windows 10 so nonsensical?
They're really a uniqueness identifier.
What happens when a huge number of people share a single grocery store loyalty card?
They can tell.
How do I know that Resource Monitor isn’t just retaining a handle to the terminated process?
Let's run some more experiments.
2017 year-end link clearance
Another year passes.
How does Resource Monitor get information for processes that already terminated?
It's an optical illusion.
Why do I have to pass a valid page protection value to VirtualAlloc even if it ignores it?
It ignores it, after it validates it.
Microspeak: over-index
To give too much prominence to something in a discussion or analysis.
Time travel is here, at least when it comes to debugging
A present for all the developers out there.
Exposing undefined behavior when trying to port code to another platform
Oops, that wasn't allowed after all.
What’s the difference between VARIANT and VARIANTARG?
Well, is it an argument?
How do I ShellExecute a file, but with a specific program instead of the default program?
Count the ways.
How does Task Manager categorize processes as App, Background Process, or Windows Process?
It's a made-up term.
On the little-documented role of the page-turner
Intended to be invisible.
What kind of messages can a message-only window receive?
Only messages that are sent directly to that window.
Creating double-precision integer multiplication with a quad-precision result from single-precision multiplication with a double-precision result using intrinsics (part 3)
Applying the sign adjustment.
Creating double-precision integer multiplication with a quad-precision result from single-precision multiplication with a double-precision result using intrinsics (part 2)
Put it all in registers.
Creating double-precision integer multiplication with a quad-precision result from single-precision multiplication with a double-precision result using intrinsics (part 1)
Once more with intrinsics.
Why not slipstream ZDP fixes into the bits downloaded by the installer rather than being a separate download?
Well, yeah, but what if it was downloaded months ago?
Coroutines mean that the thing that looks like a stack variable may not technically be one
Hoisted into the future.
How do I respond to the WM_MENUCHAR message?
You identify the menu item that corresponds to the character.
Knowing just enough about debugging IRPs to chase the problem out of the I/O stack
Fumbling around and stumbling into a diagnosis.
How can I prevent the keyboard focus rectangle from appearing on a control I created?
You can lie to the control.
Tree view check boxes: The extended check box states
Partial, dimmed, and exclusion.
Tree view check boxes: A sordid history
How we got into the mess we did.
Creating tree view check boxes manually: Themed check boxes
Using visual styles.
Creating tree view check boxes manually: Responding to clicks
Cycling through the state images.
Creating tree view check boxes manually: A simple state image list
Rebuilding the states, maybe with some new ones.
Beware of the leaked image list when using the TVS_CHECKBOXES style
It'll make one for you, but it's still on you to destroy it.
The TVS_CHECKBOXES style is quirky, which is a polite way of saying that it is crazy
You have to set it at just the right time.
Getting a parent and child window to have the same UI states
Wrangling them into agreement.
Demonstrating what happens when a parent and child window have different UI states
Setting up for a fail.
What is the documentation for SetParent trying to tell me about synchronizing the UI state?
There's this thing called a UI state, see, and it should be synchronized.
The sad implementation history of COM component categories and why it means you have to click twice to see your newly-installed taskbar toolbar
First we have to find them.
How can I find the installation directory for my UWP application?
You can ask PowerShell.
The wrong way of benchmarking the most efficient integer comparison function
Missing the forest for the blade of grass.
Why is there no way to add a permission to a page with VirtualProtect instead of replacing it?
Who's in charge here?
What happens if you simply return from the thread callback passed to _beginthread and _beginthreadex?
Who's got the thread handle?
Microspeak: FCIB
Foreign checked-in binary, or at least that's what it means now.
On memory allocations larger than 64KB on 16-bit Windows
The mysterious __AHINCR.
Cancelling the <CODE>INamespaceWalk::</CODE><CODE>Walk</CODE> operation a little faster
You can use <CODE>IActionProgress</CODE>
How can I cancel the <CODE>INamespaceWalk::</CODE><CODE>Walk</CODE> operation?
You can cancel it during a <CODE>INamespaceWalkCB</CODE> callback.
How can I control which parts of the shell namespace the INamespaceWalk::Walk operation will walk into?
You can ask it to skip the folder, or you can tell it to give up entirely.
Was there a problem with Windows 95-era programs relying on undocumented information disclosure stuff?
Surprisingly not.
Why did Windows 95 store image list bitmaps four-across instead of as a strict vertical strip?
To make sure they all fit in a 16-bit coordinate space.
Why are my notification icon customizations lost after six months of disuse?
Sorry, didn't realize you were still using it.
What are the dire consequences of accessing the fields of <CODE>__m128i</CODE> directly?
It works, but not well.
How can I detect that a shell item refers to a virtual folder, or to a file system inside a file?
Unpacking the attributes.
Why does upgrading my project to Unicode cause Visual Studio to use a different version of the common controls?
Because it's now possible.
Should I name my file mapping after the file it was created from?
Well, it depends on why you're giving it a name at all.
How do I preserve the user’s notification icon preferences for my program after I update it?
Give it a GUID.
How do I prevent my registered hotkey from firing repeatedly due to auto-repeat?
You can ask for auto-repeat to be ignored.
Why was the Windows 95 precursor project code-named Panther abandoned?
Didn't fit in a 4-megabyte bag.
When I use Alt+PrtSc to take a screen shot of a maximized window, why does it capture a few pixels from an adjacent monitor?
Because it's hanging over the edge.
A closer look at the complexity analysis of finding the k’th smallest element in two sorted arrays
Let's calculate it properly.
On the gradual improvements in how the system deals with the failure to initialize a critical section
Gradually improve the situation until the problem vanishes completely.
How do I create a shortcut whose target is specified by a relative path?
It's already in there.
I used WS_EX_COMPOSITED to get rid of my redrawing flicker, but it resulted in sluggish response
The system needs to know when to present the back-buffer.
When a stopgap solution becomes an undocumented feature some people rely on
It was never meant to be long for this world.
Nasty gotcha: Powershell aliases that match commands you might want to run
Because two-letter names would never collide, right?
Exploring the problem: Create a file that only one process can write to
That's not the real problem.
Why does my program crash when I throw an exception from an APC?
Because c'mon.
How can I specify that my DLL should resolve a DLL dependency from the same directory that the DLL is in?
Use the manifest.
Microspeak: Gardening
General housekeeping.
Why does NTVDM create empty IO.SYS and MSDOS.SYS files?
Compatibility, of course.
How can I investigate the possibility of a lot of leaked window classes (RegisterClass)?
Looking for names.
Evaluating the security consequences of an instance of reading past the end of a buffer
In order to get the information, you must already have significant powers.
Reconciling yucky boys and gross kissing with the occasional dance
Just friends.
The Resource Compiler’s preprocessor is not the same as the C preprocessor
It's a very limited subset.
Alas, Microsoft Building 109 Conference Room A is no more
Another code word bites the dust.
How can I detect that my window is on the current virtual desktop?
And what are the recommended policies for using virtual desktops anyway?
Why does my thread handle suddenly go bad? All I did was wait on it!
The scary world of _beginthread.
CancelIoEx can cancel synchronous I/O, which is kind of nice
Get me out of there.
How to check if a pointer is in a range of memory
Thanks to the C language standard, it's trickier than it seems.
Who implemented the Windows NT blue screen of death?
My colleague John Vert.
What happens if I wake a condition variable when nobody is waiting for it? Is the wake saved for the next thread that waits?
It shouldn't matter.
What does it mean when I get an access violation at a very low address when entering a critical section?
It probably means that you're entering a critical section that is not initialized.
How accurate are the various Windows time-querying functions?
Most of them are based on the system timer, but some are better.
What is the correct way of using SaveDC and RestoreDC?
Understanding the model.
The NET HELPMSG command will decode Windows error codes, at least the simple ones
It's originally for decoding network error messages, but it doesn't actually care.
The increasingly complex Kremlinology surrounding Windows
Wait, who's standing next to whom?
How can I diagnose why my FreeLibrary isn’t freeing the library?
Application Verifier to the rescue.
Why is my window unexpectedly becoming topmost?
There are a few places where the system will auto-topmost a window.
What is the correct way of using the string buffer returned by the WindowsPreallocateStringBuffer function?
Write the characters you allocated, but only those characters.
Microspeak: Ripcord
Deploy the emergency parachute.
If you configure a program to run in Windows 2000 compatibility mode, then it is also vulnerable to Windows 2000 security issues
Bug-for-bug compatibility.
Nasty gotcha: SetThreadUILanguage cannot be used to restore the thread UI language
You have to use some other function entirely.
What are anonymous structs, and more importantly, how do I tell windows.h to stop using them?
The struct with no name.
Can I enable Large Address Awareness dynamically at runtime?
No, but you can maybe fake it.
Does anybody know what really happened on August 25, 2017 at the Red Sox/Orioles game?
A strange thing might have happened, but did it?
Why did my systems reboot into the Recovery Environment and how do I prevent that from happening in the future?
You can disable it in the boot configuration.
Inadvertently becoming the change you wish to see in the world
Sharing some duties.
I guess I may as well confess that I wrote the Itanium information in the Debugging Tools for Windows package
The story of how I ended up being the guy who understands all these processors.
The Alpha AXP, epilogue: A correction about file system compression on the Alpha AXP
Setting the record straight, even though the lie has already circumnavigated the world.
The Alpha AXP, part 17: Reconstructing a call stack
Putting the information into practice.
The Alpha AXP, part 16: What are the dire consequences of having 32-bit values in non-canonical form?
It depends on what the next calculation is.
The Alpha AXP, part 15: Variadic functions
Keeping two sets of books that eventually become one.
The Alpha AXP, part 14: On the strange behavior of writes to the zero register
Room for future optimization.
Yes, that was a horrifically awkward video, but it wasn’t the Windows 95 launch
Some sort of sales event, probably.
The Alpha AXP, part 13: On treating a 64-bit processor as if it were a 32-bit processor
It's all in the point of view.
The Alpha AXP: Part 12: How you detect carry on a processor with no carry?
The same way you do it in C, which also doesn't have a carry.
The Alpha AXP, part 11: Processor faults
Sometimes you know where it happened. Sometimes you don't.
The Alpha AXP, part 10: Atomic updates to byte and word memory units
Putting together some things we've learned.
The Alpha AXP, part 9: The memory model and atomic memory operations
When does it happen? I have no idea!
The Alpha AXP, part 8: Memory access, storing bytes and words and unaligned data
Those little pieces.
The Alpha AXP, part 7: Memory access, loading unaligned data
Now it gets harder.
The Alpha AXP, part 6: Memory access, basics
Start with the easy cases.
The Alpha AXP, part 5: Conditional operations and control flow
But there is no flags register.
The Alpha AXP, part 4: Bit 15. Ugh. Bit 15.
Let's make some bits.
The Alpha AXP, part 3: Integer constants
Building them up a piece at a time.
The Alpha AXP, part 2: Integer calculations
It's all fun and games until somebody does sign extension.
The Alpha AXP, part 1: Initial plunge
Pretty registers, all in a row.
Wrapping some other scripting language inside a batch file
Polyglot to the rescue.
Decomposing file paths (and extracting other information like file size, date and time, and attributes) from a batch file
FOR to the rescue.
Why does attempting to echo an undefined environment variable result in the message “ECHO is on”?
Because that's what happens when you echo nothing.
The redirection can come anywhere on the line, and you can use that to get rid of the spaces
Up front and personal.
The redirection can come anywhere on the line, so watch out for those spaces
The operator vanishes.
Can I throw a C++ exception from a structured exception?
Technically okay, but it's unusual and doesn't solve your problem.
How am I supposed to free the memory the system allocates in the SetPrivateObjectSecurity function?
It comes from the process heap.
Trip report: Sequim Lavender Festival and the Olympic Game Farm
Some learned travel tips.
Wrapping up 2017’s extended CLR Week-and-a-half with some links to other CLR trivia
Additional useless reading.
If there is no difference between two options, choose the one that is easier to debug
Because you're going to be debugging it eventually.
How can I find out how many threads are active in the CLR thread pool?
Let's answer the question, but then look at the scenario.
The perils of async void
Go on without me.
Crash course in async and await
Hang on a second, I'll get back to you.
Do people write insane code with multiple overlapping side effects with a straight face?
I guess some do.
Why does the assignment operator in C# evaluate left to right instead of right to left?
Because that's what people expect, for certain values of "people".
Revisions to previous discussion of the implementation of anonymous methods in C#
All instance all the time.
Discussion of how to add UTF-16 support to a library that internally uses UTF-8
Convert it, but make sure it can convert back.
Customizing the window handle for item enumeration in IShellItem
It's on the site.
Why is the maximum number of TLS slots 1088? What a strange number.
It's a little less strange in binary.
Microspeak: To stand up
To get something working and available for use.
On the circular path from RAII to crazy-town back to RAII: Thoughts on emulating C#’s using in C++
A trip around the block.
How can I tell whether two paths reside on the same underlying volume, so I can know whether they can be hard-linked?
Don't try to guess. Just do it.
Debugging tip: Use .frame /r to recover nonvolatile registers from the stack frame
Saving you the trouble of reconstructing it manually.
How fair are SRW locks, particularly when there are both readers and writers?
Not fair! As with the other Windows synchronization objects.
Urban and suburban camouflage
Hey, what's that in my backyard?
Emulating the C# <CODE>using</CODE> keyword in C++
The co_await enables new patterns.
2017 mid-year link clearance
Marking the halfway point.
Extracting pages from a PDF document and saving them as separate image files, C++/CX edition with co_await
Everybody seems to be converging on C#.
Extracting pages from a PDF document and saving them as separate image files, C++/CX edition with explicit tasks
Sliding over to C++/CX.
Extracting pages from a PDF document and saving them as separate image files, JavaScript edition with async
Diving into an upcoming feature of ES8.
Extracting pages from a PDF document and saving them as separate image files, JavaScript edition with Promises
Trying it out a different way.
Extracting pages from a PDF document and saving them as separate image files, C# edition
A Little Program I needed.
Trying to make the thread pool more responsive to a large queue of long-running work items
Convert them to tasks.
When can GetSecurityInfo API return ERROR_INSUFFICIENT_BUFFER?
It's the race condition called out in the documentation.
Summertime, and the lemonade is easy
Unearthing an old game from my youth.
Why is Explorer opted out of Data Execution Prevention and termination on heap corruption, and how effective is the policy to opt it back in?
It's out, but it quickly comes back in, unless you tell it to stay out.
How do I set the initial directory of the File Open dialog to a virtual directory?
Use the IFileDialog::SetDefaultFolder method.
Stuff my father-in-law says: On baking bread
Three hours.
Combining the work queue of distinct events, order not important, with an auto-reset event
Combining two solutions into a bigger solution.
Creating an automatic-reset event from WaitOnAddress
Completing the quartet.
Creating a manual-reset event from WaitOnAddress
A diversion, in the form of a different exercise.
Creating a semaphore with a maximum count from WaitOnAddress
The exercises continue.
Creating a semaphore from WaitOnAddress
More exercises.
The case of the longjmp from nowhere trying to open a registry key
Close your eyes and jump.
What will GetLastError() return after a failed InitOnceExecuteOnce?
Whatever you tell it to.
On enabling NX and ASLR for a module after the fact
You can flip the bit, but you can't regenerate relocation information.
Microspeak: ROB and Office Hours
Rhythm of business.
How can I register a program to auto-relaunch if it crashes or is terminated?
There is no system registration. You'll have to roll one yourself.
How likely is it that a window will receive a WM_NULL message out of the blue?
Not entirely unlikely, let's put it that way.
Comparing WaitOnAddress with futexes (futexi? futexen?)
Two different ways of creating a synchronization object out of nothing.
Extending our critical section based on WaitOnAddress to support timeouts
Ooh, look, a new feature.
Why isn’t the original window order always preserved when you undo an Aero Shake?
Acts the same way as undoing a Minimize All, since that's basically what it is.
Does DebugBreak work to launch the debugger, or doesn’t it?
It does, eventually, but not because it is DebugBreak.
Why are hidden files with a leading tilde treated as super-hidden?
Because in practice they are ultra-temporary.
Diagnosing why you cannot create a stable subkey under a volatile parent key
You can't do it, but why is the parent volatile?
Some questions about unflushed data and calling FlushFileBuffers on a new handle to a file
Will it get flushed out eventually?
What do these hard drive icons mean?
Various kinds of BitLocker, mostly.
Why doesn’t searching my Start menu with Cortana find Internet shortcuts in my All Programs list?
Because our A/B testing showed that showing them was worse.
Debugging a GDI resource leak: Case study
If it leaked once, it'll leak again.
Why is the !locks command called !locks even though it debugs only critical sections?
Because those were the only kind of locks, back in the day.
Why do my PDF file associations get reset every time I restart?
Hey, that doesn't look right.
There’s a group policy for Action Center, and another one for Action Center
Two things with the same name, how confusing.
At least it wasn’t on a Web page with the warning “Beware of the leopard”
But it was simple.
A question about avoiding page faults the first time newly-allocated memory is accessed
What are you trying to optimize?
How to calculate the resulting security descriptor of a child object without creating it
Pretend that it's a private object.
Revised notes on the reliability of FlushFileBuffers
A check-in on what's happened over the past few years.
The early Windows phone devices were liquid-cooled, sort of
Soda is a liquid, right?
Couldn’t we fix the lackey catastrophe by using #pragma init_seg(user)?
That doesn't help, for more than one reason.
Remember that in a stack trace, the addresses are return addresses, not call addresses
It's where the function is going to return to, not where it came from.
The interaction between AppBars and Windows 10 virtual desktops
They apply to all virtual desktops.
Why don’t I get thumbnails for files that are marked offline?
Because offline files are assumed to be expensive to access.
Microspeak: Work-back
Start and the end and work backwards.
Those blue boxes all over the place, I always wondered what they were for
Non-electronic mail.
Why doesn’t SHGetFileInfo give me customized folder icons?
Because you asked for it that way.
Why does the compiler generate memory operations on the full variable even though only one byte is involved?
Store-to-load forwarding.
Static hooking through predefinition
Creating your own hook points.
Why are there two incompatible ways of specifying a serial port baud rate?
Toto, I don't think we're on an IBM PC XT any more.
How do I kill a program that hung with an always-on-top fullscreen window?
Hey, look at that desktop over there.
Filtering the Browse for Folder dialog so it shows only drive letters
An exercise in filtering.
Application crash reported as security vulnerability, but you never crossed the airtight hatchway
A crash is not a priori a security vulnerability.
On generating sentinel pointer values in Windows
That's not a pointer. <B>This</B> is a pointer.
Under what conditions could a commit of reserved memory fail?
Usually because you are out of memory, but really it's when you're out of commit.
That time a customer reported an error in the map used by Flight Simulator
But whose map is right?
Why does my __FILE__ macro produce an invalid address, which mysteriously becomes valid a few moments later?
It's not there until somebody demands it.
How can I atomically leave a critical section and delete it?
Even if you could, it wouldn't help you.
Can memcpy go into an infinite loop? Why is it being blamed for a busy hang?
Look at the bigger picture.
How do I get the current directory for a non-current drive?
GetFullPathName will tell you.
The Windows 8 close gestures, a retrospective
Top to bottom.
When I enable page heap, why is my one-byte buffer overrun not detected immediately?
I thought that was the point of page heap.
If I have a thread waiting on an event, and I call SetEvent immediately followed by ResetEvent, is the waiting thread guaranteed to be released?
Congratulations, you reinvented PulseEvent.
What can I do if I want to throw a C++ exception from my InitOnce callback?
There's the naïve solution and a sneakier one.
How do I programmatically obtain the user’s selected accent color in Windows 10?
It's in the UISettings object.
Microspeak: snap
To take a snapshot of the source code in order to produce a build.
How do I create a shortcut in the Send To menu that runs a program with a command line option?
Put the option in the shortcut target.
A survey of the various ways of creating GDI bitmaps with predefined data
So many to choose from.
For sale: One TARDIS, working (lights), you must pick up from Vancouver
Time travel circuits disabled by Time Lords, however.
The gradual erosion of the SEM_NOOPENFILEERRORBOX error mode
It does less and less, until it basically does nothing.
A brief discussion on how best to respond to the end-session messages
You can start early, but be aware that the user might change their mind.
Explorer is a single-instance application, but you can find other ways to get the effect of running a separate instance
Look for the explorer browser helpers.
How real-mode Windows loaded code from the disk, and how you could use that to minimize disk swapping
Send in the clones.
When you submit a security vulnerability report, we go the extra mile and try to fix your typos
Even if the typo is what confused you.
Responses to various ideas on how to get people to stop using that leaked build
Over-engineering the solution.
You can peek to see whether your delay-loaded function loaded successfully
Predicting the future.
Why does the volume control let me set the volume only to even numbers?
Because pressing Volume-Up 100 times would be really annoying.
Secret passages on Microsoft main campus, episode 2
Getting from one point to another.
Happy St. Patrick’s Day. Watch out for that throne.
A challenger from North Bend.
Not interested in college basketball? No problem. Follow the Name of the Year 2017 bracket
The greatest names of real people.
If I want to maintain a free list of pages, should I use MEM_RESET or MEM_DECOMMIT?
It depends.
How do I provide data to the sharing pane from a Win32 desktop application?
Continuing the interop pattern.
How do I show the sharing pane from a Win32 desktop application?
Unwrapping the projection, but now with interop.
Why is Alt+D the keyboard shortcut for putting focus on the address bar?
Because it was Ad&dress.
Raymond’s highly scientific predictions for the 2017 NCAA men’s basketball tournament
This one will definitely work, right?
Which languages are fully-localized by Windows?
And your little console too.
Is GENERIC_ALL equivalent to GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE?
Only if the object says so.
How do I keep thread pool threads, or other threads in general, from competing with my render thread for CPU?
You assign them to the default CPU set.
How do we improve the performance of conhost processes when we ping a bunch of servers?
How about avoiding them entirely?
Microspeak: to reason over
To make programmatic decisions based on, usually to produce a higher-level result.
Some internal developer chatter on a bug that caused your screen to turn black
A little dry humor for your amusement.
The case of the 32-bit program that tries to load a 64-bit DLL
A continuing saga which ultimately comes to a resolution.
What happens when you tell a Millennial to take pictures of a party
Oh, how tasty.
Don’t forget to implement canonical names for verbs in your shell context menu extension
The system uses it to find you later.
Want to include a gift message with your tires? Nice try.
You'll have to show your love some other way.
Why does my attempt to acquire an SRW lock block even though !locks report no locks held?
!locks is looking for critical sections.
Great moments in journalism: “Confirmed Microsoft Surface Pro 5 launch date”
Confirmed by rumor?
Baking soda has hundreds of uses, but what about what it says on the tin?
Can you bake with it?
How do I disable the press-and-hold gesture for my window?
Digging back into ancient history.
Eventually you reach a critical mass of LEGO pieces where you can build most things from what you already have
Just look it up.
The system manages the system image lists; don’t go changing the art on the walls
You can read from them, but don't modify them.
How am I supposed to print my print-at-home tickets if I can’t reproduce them?
Legal disclaimers from the past.
How to create a folder that inherits its parent’s ACL, and then overrides part of it
Creating it with a custom security descriptor isn't working.
Those Year 2000 disaster preparedness trucks were originally there for a different reason
Originally for long-haul testing in the power-unstable Pacific Northwest.
What little kids think of lifeguards
Lots of yelling.
Psychic debugging: Why does opening a command prompt always print a weird error message?
Check your AutoRun.
The 2017/2018 Seattle Symphony subscription season at a glance
The pocket reference guide for 2017/2018.
Another more efficient solution to the problem of a long-running task running on the thread pool persistent thread
The thread-agnostic change notification.
Follow-up: The bus that straddles traffic
Sitting motionless over half a road.
A more efficient solution to the problem of a long-running task running on the thread pool persistent thread
Break it up a little more.
How do I fix the problem of a long-running task running on the thread pool persistent thread?
Hey, you, get off of my thread.
Man, this housing downturn is hitting everyone, follow-up
Down we go.
Why did my thread pool stop processing work once it hit a long-running work item?
Because you ran the work item on the persistent thread.
Pipelining your laundry, and the ensuing silliness
When geeks go overboard.
Advertisement for ink cartridges doesn’t do all the math
Maybe they are trying to minimize the frequency of ink cartridge changes.
Sometimes you get so worked up about the compatibility consequences of a change that you miss the obvious
It clearly was not happening before, because it crashed.
How do I do an interlocked exchange of a hat pointer?
Perform a raw exchange of the underlying native pointer.
Suspicious memory leak in std::basic_string
There are not the PODs you are looking for.
Why are all Windows drivers dated June 21, 2006? Don’t you ever update drivers?
Are you just a bunch of slackers?
Microspeak: Placemat review
Put the fork here and the knife there.
My proposal for an episode of the new Star Trek series
Darmok says, "Internet, its tubes clogged."
Why does a Microsoft mouse accept two batteries even though it works just fine on only one battery?
To reduce the frequency of battery changes.
It is a great deal and not a great deal, both at the same time
At least until you open the box.
Why am I getting a crash at shutdown inside the thread pool?
Stop talking to a dead thread pool.
Some friendly advice from the Redmond Public Safety department on nighttime nude jogging
Stay healthy out there, folks.
Are DDE and WM_COPYDATA related as IPC mechanisms?
Specifically, is one dependent on the other?
I wasn’t fooled into thinking the Star Wars trench run was along the equatorial trench, but I was fooled anyway
I thought it was a different route entirely.
How am I supposed to free the information passed to the SetSecurityInfo function?
You allocated it. You get to free it.
Why does my Surface power brick keep blinking on and off?
Power negotiations break down.
Creating an object on the other side of the airtight hatchway isn’t yet a security vulnerability
What can you do with that object?
How can a COM local server keep itself alive even though there are no active clients?
CoAddRefServerProcess to the rescue.
How can I control the directory from which my delay-loaded DLL is loaded?
Use the hook.
Are there alternatives to _lock and _unlock in Visual Studio 2015?
This is unlikely to work.
Why do my program’s notifications sometimes show a small icon, and sometimes a large icon?
And why does it sometimes show the program name?
How do I prevent users from terminating a service?
Use the ACL.
How important is it nowadays to ensure that all my DLLs have non-conflicting base addresses?
Not so much, since ASLR changes it anyway.
A fine detail on how DLLs are relocated as the result of a base address collision, and consequences
Fixed up as necessary, but only as necessary.
Does ASLR relocate all DLLs by the same offset?
No.
Microspeak: ladder up
Let's puzzle it out.
How come my CreateMutex call sometimes fails with Access denied?
Because the creator didn't grant you access.
A survey of the various ways of declaring pages of memory to be uninteresting
Let me tell you how much I don't care.
How do I detect Windows 10 if I cannot GetProcAddress for the function IsWindows10OrGreater?
Just like in a cheesy movie, the answer was inside you all along.
Applying a permutation to a vector, part 6
Completing an earlier exercise: The reverse permutation.
Applying a permutation to a vector, part 5
Error checking.
Applying a permutation to a vector, part 4: What is the computational complexity of the apply_permutation function?
It's linear, though it doesn't look that way at first glance.
Sorting by indices, part 2: The Schwartzian transform
Decorate-sort-undecorate.
Sorting by indices, part 1
Putting things together.
Applying a permutation to a vector, part 3
Permuting more than just vectors.
Applying a permutation to a vector, part 2
To swap or not to swap. That is the question.
Applying a permutation to a vector, part 1
Tinkering with an algorithm.
2016 year-end link clearance
Another year.
The invisible work of preparing PC BIOSes for the year 2000
Nursing the BIOS into the new century.
The evolution of the text size limits related to the standard static control
Smaller, then bigger.
The case of the four unlabeled toggle buttons
Make up whatever you like.
Why don’t I get properly translated program output after installing the corresponding language pack?
There's localization and there's localization.
Wireless AC is, unfortunately, not what it sounds like
The strange naming conventions of IEEE 802.11 standards.
The mother lode of well-known SIDs
Jackpot.
Another pattern for using the InitOnce functions
The synchronous two-phase initialization.
What is the maximum numeric value for a socket, and what is the maximum number of sockets a Windows program can create?
You can create as many as you want, subject to the usual resource constraints.
If you ask robocopy to destroy the destination, then it will destroy the destination
Be careful what you ask for. You might get it.
Why can’t VarDateFromStr parse back a Hungarian date that was generated by VarBstrFromDate?
Parsing is hard. Date parsing doubly so.
My colleague who thought he held the unofficial record for consecutive months of skiing
He stumbled upon an entire community of like-minded skiers.
How bad is it to delay closing a thread handle for a long time after the thread has exited?
Not too bad, as long as you don't make a habit of it.
Dubious security vulnerability: Discovering the salt
The salt is not a secret.
Can a server-side Web application trigger the creation of thumbs.db files?
Probably not.
Why does tapping the Alt key cause my owner-draw static control to repaint?
Time to draw the underlines.
Answers to a customer’s questions about memory and DLLs
Simple questions and hopefully simple answers.
What is this race condition that the OpenMutex documentation is trying to warn me about?
Open it, but it won't come.
Why don’t I get a broken pipe when the child process terminates?
The pipe isn't broken yet.
How can I reset a PC if I forgot the administrator password?
What I reboot three times is true.
The case of the unexpected ERROR_ACCESS_DENIED when calling MapViewOfFile
Mind those weakly-typed integers.
Why do I get a _BLOCK_TYPE_IS_VALID debug assertion failure when I try to delete a WIC pixel buffer?
Because that's not your pixel buffer.
What is __wchar_t (with the leading double underscores) and why am I getting errors about it?
It's the internal wchar_t.
What could be happening in Safe Mode to make my heap corruption bug go away?
It's more about what's not happening.
The case of the volume label that doesn’t change
Who can read it?
If I simply want to create a registry key but don’t intend to do anything else with it, what security access mask should I ask for?
If you need nothing, then ask for nothing.
The Gävle Goat is now 50 years old
Welcome to Gävle. Please don't burn down our goat.
Lock free many-producer/single-consumer patterns: A work queue of distinct events, FIFO
No cutting in line.
Turkeys Away: An Oral History
The most famous sitcom Thanksgiving Day episode.
Lock free many-producer/single-consumer patterns: A work queue of distinct events, order not important
Each one is different in its own special way, but we don't care what order they are processed.
Lock free many-producer/single-consumer patterns: A work queue of identical non-coalescable events
They're all the same, but each one counts.
Lock free many-producer/single-consumer patterns: A work queue where the last one wins
There can be more than one, but only the last one counts.
Lock free many-producer/single-consumer patterns: A work queue with task coalescing
Starting out simple.
Why does calling SetForegroundWindow immediately followed by GetForegroundWindow not return the same window back?
Because it's not the foreground window... yet.
Is RunAsInvoker a secret, even higher UAC setting?
Actually, it's a secret even lower UAC setting.
When you decide to travel at the speed of light, you have to accept the consequences
Lots of things break down.
The speed of light is unlikely to improve: consequences
The limits of resolution.
What does the shield over a WiFi network mean?
It means that the network is not secure.
The long-awaited Redmond Costco opens today, and some useless Costco trivia
Home sweet home.
If you don’t blow up a debug session every so often, you’re not debugging hard enough
Life on the edge.
Under what circumstances will GetProcessTimes report that a process exited before it was created?
If it hasn't exited yet.
Zeroing out my memory does cause them to page in faster after all
Thanks to a special check in the memory manager.
Why do my file creation, access, or modified time disappear if I set it to midnight on January 1, 1980?
Mind the epoch.
How do I programmatically add a folder to my Documents library?
You can use SHAddFolderPathToLibrary, but there's a catch.
Why is my crash dump file filled with 0xAAAAAAAA?
No, it's just that the original data was scrubbed out.
Solving the problem instead of answering the question: How do I get this RichEdit control to look just like a static control?
That's not your problem.
What happens if you call RevertToSelf when not impersonating?
Nothing, but be careful.
Windows file system compression had to be dumbed down
Adjusting the trade-off.
This processor has no stack (insert spooky laughter)
Nothing to push here.
Why does SetThreadPriority sometimes take a really long time?
Because you asked for it.
How to electrify your own fence: ProcessStrictHandleCheckPolicy
Don't touch that; it's a live wire.
Why does the documentation for ReadFile say that the lpNumberOfBytesRead parameter is optional when it is sometimes mandatory?
In the fine print, due to incomplete expressiveness.
Microspeak: lift up
Take a look around you.
Why is Identical COMDAT Folding called Identical COMDAT Folding?
Common data, as in FORTRAN.
Is there anything better than GetThreadTimes for obtaining per-thread CPU usage information?
QueryThreadCycleTime.
Using DuplicateHandle to help manage the ownership of kernel handles
That one's mine.
Three short questions about LogonUser (with answers!)
The answers are probably the most useful part.
Was it intentional that the Media Control Interface has the same acronym as a telecommunications company?
Why yes, actually.
The Windows 8.1 ship-it awards were yellow
Code name Blue.
How can I force memory to be allocated above the 4GB boundary (for debugging purposes) on Windows 7?
Sadly, no easy solution.
Dubious security vulnerability: Attacking the application directory in order to fool yourself?
Look over there. Ha ha made you look.
Nasty gotcha: The inadvertently named resource
No such thing as undefined.
Oh, you’re with them?
Unconscious biases in the workplace.
A Little Program to fix one particular type of mojibake
Keep your eye on the code page.
How can I get the default code page for a locale?
Ask GetLocaleInfo.
How do I cancel autoplay from a wizard page?
You need to listen on the top-level window.
Why doesn’t my custom-drawn trackbar get a paint notification when the position changes from 1 to 0?
It had no visible effect.
Wow, that’s amazing. You got Picabo Street and Alberto Tomba to autograph the same poster!
Partly true.
You can register your child’s name in any language providing you use any Unicode character
Happy birthday, Unicode!
When are global objects constructed and destructed by Visual C++?, redux
Adding another column to the table.
The lackey catastrophe
You know it will be done, but you don't know when.
When can you free the memory backing the HSTRING you created with WindowsCreateStringReference?
Nothing you haven't had to deal with already.
What’s up with Windows developer tools being written in perl?
It's socially acceptable.
It says that I should use USB usage page 1 and usage 6 to get raw keyboard data, but what if I have a PS/2 keyboard?
The numbers came from the USB HID specification, but that doesn't require the keyboard to be USB.
When you break into a user-mode application in the kernel debugger, how do you connect a user-mode debugger?
Make the program its own bridge.
Dither me this
Where did the error go?
The case of the system() call that returned before finishing
Study the output more carefully.
The social skills of a thermonuclear device: Ruining a conversation
The party's over.
It’s an unfortunate choice of data type for the file system redirection cookie
The untyped pointer strikes again.
Does the page table entry really have a sad-face for pages that are reserved?
Not exactly, but it's not as silly a question as it sounds.
Decoding the parameters of a thrown C++ exception (0xE06D7363), revisited
The mysterious second parameter.
What exactly does the msWindowLength parameter to SetThreadpoolTimer mean?
It's the maximum delay, but never the maximum anticipation.
What are these ghost drivers named dump_diskdump.sys and other dump_*.sys that didn’t come from any file?
Send in the clones.
How can I have a window that rejects activation but still receives pointer input?
The obscure return values of the WM_MOUSEACTIVATE message.
How can I get the memory manager to prefetch bigger chunks of data from my memory-mapped file?
Explicit prefetch.
How can I change a registry key from within the debugger?
There's the hard way and the easy way.
If I zero out my memory pages, does that make them page in faster?
Not really.
How to get people who installed a leaked build to stop using that build?
Change the wallpaper.
The complicated engineering behind an ice cream social
Lost in translation.
A customer question about shortcuts that don’t have a target path
Digging into the question to find the solution.
Discardability in drivers has nothing to do with discardability in user-mode (which has nothing to do with discardability, really)
Overloaded flags.
The ship date predictor: Redux
Each project is different.
What is the NTDiskQuotaSidCache.ndx file for?
It's the SID cache for the disk quota control panel.
Detecting what language or script a run of text is written in, redux
One step closer to actually doing it.
Spurious wakes, race conditions, and bogus FIFO claims: A peek behind the curtain of WaitOnAddress
Watch the gears turn.
Soarin’ over California + Seattle = Wings over Washington
I wonder what it's like.
Implementing a critical section in terms of WaitOnAddress
Building things out of other things.
The International Fair Play Committee announces the Rio 2016 Fair Play Awards, but spends most of the time congratulating themselves
Sporteaucratic nonsense.
Implementing a synchronization barrier in terms of WaitOnAddress
Kicking the tires by building another kind of tire.
WaitOnAddress lets you create a synchronization object out of any data variable, even a byte
Pick a byte, any byte.
Adventures in application compatibility: The bogus memory calculation
Let's add some numbers together, shall we?
Is it okay to call TryAcquireSRWLock from a thread that has already acquired the lock?
No.
If I have a modeless dialog box with custom accelerators, which should I call first: IsDialogMessage or TranslateAccelerator
Only one way works.
On installing a custom unhandled exception filter and intentionally raising an exception to get its attention
Mind those stack frames.
There are really only two effectively distinct settings for the UAC slider
Off and on.
Things I learned from my recent trip to Vancouver
It's not butter.
How can I debug a function that has been subjected to COMDAT folding?
The easy way is to mutate the function.
On the importance of making sure WaitForInputIdle doesn’t think you’re idle, episode 2
WaitForInputIdle is how the shell knows that your DDE server.
I’m speaking at the brand new Microsoft Canada Excellence Centre tomorrow
But only for Microsoft employees, sorry.
On the importance of making sure WaitForInputIdle doesn’t think you’re idle, episode 1
WaitForInputIdle is how the shell knows that your DDE server.
How to create a file mapping that allows others to open the file in exclusive mode?
This is a job for opportunistic locks.
What is a ZDP, and what’s so Z about it?
Zero Day Package, but not that kind of zero day.
Why didn’t Windows 95 suck the brains out of the XMS driver?
It was working fine up until now.
The case of the hung Explorer window
Decoding the deadlock.
The origin story of the Microsoft ninjacat
So it begins.
Using #pragma detect_mismatch to help catch ODR violations
There can be more than one, but they must be the same.
Why don’t I get a file deletion confirmation warning from Explorer when I undo a copy?
Because this is not really a deletion operation.
How do I disable edge gestures when my window is full screen?
System.EdgeGesture.DisableTouchWhenFullscreen.
Further discussion of the synchronization barrier
It's really just a switch.
How can I check whether a parameter is a pointer to a stack variable?
Check it against the thread limits.
Why does setting the horizontal scroll bar range for the first time also set the vertical range, and vice versa?
An attempt at delay-initialization.
Why does sharing a folder in Explorer grant full permission on the share to everyone?
The ACLs will do the work.
Is there a Windows API for IntelliSense?
That's not really an operating system thing.
What is the significance of changing the registration for CLSIDs to point to a private copy of MSXML3?
You hijacked the CLSID, which is not going to end well.
If you don’t want the changes to be permanent, the don’t pass the flag that says that you want the changes to be permanent
Stands to reason.
Microspeak: Tick-tock
Who's doing what when?
Having trouble with Windows Hello face recognition? Try a Jedi mind trick!
This is the user you are looking for.
When I tell Windows to compress a file, the compression is far worse than I get if I ask WinZip to compress the file; why is that?
The different compressors have different goals.
Trying to recover from enhancement software that generates fake input incorrectly
Try to reprocess it the right way.
How can I preallocate disk space for a file without it being reported as readable?
Set the file allocation information.
What happens if I have multiple asynchronous ReadDirectoryChangesW calls outstanding on the same directory handle?
It doesn't matter because you already lost to the scheduler.
Why does the Windows 8 sign-in animation slide upward?
Opening like a curtain.
Where can I get the glossary of Microsoft’s standard translations for computer terms?
At the Microsoft Language Portal.
It rather involved being on the other side of this airtight hatchway: Elevating the elevator
You already control the horizontal and the vertical.
Even if you modify a high contrast theme so it isn’t quite so high-contrast, it’s still a high contrast theme
The bit is still set.
Mathematical term or Hollywood movie?
Another quiz.
How can I detect whether my PC is in tablet mode?
You ask for the user interaction mode.
Observing the bizarre rumor mill from the other side
Make it up, and then ask if it's true.
Attention all humorless technaheads
But still no love for Clippy.
How exactly are page tables allocated on demand for large reserved regions?
Just create a placeholder page directory entry that says "Nothing to see here."
2016 mid-year link clearance
Out you go.
How can I detect whether the Game Bar is covering my window?
A little interop.
Why does the Windows calculator generate tiny errors when calculating the square root of a perfect square?
Because it doesn't know that it's a perfect square.
If I have multiple attached keyboards, how can I read input from each one individually?
Raw input will tell you.
Why is my message queue full of WM_TIMER messages?
Where do timer messages come from, anyway?
Why does the x64 calling convention reserve four home spaces for parameters even for functions that take fewer than four parameters?
Variadic functions.
Using the Windows::Globalization::Calendar object from a Win32 app
An introduction to projection.
How to recognize DNS zone scavenging availability timestamps from quite a long way away
A rather peculiar format.
Peeking inside an IShellItem to see what it’s made of
There are a folder and a pidl in there, but only if you look.
How can I update my WinForms app to behave better at high DPI, or at normal DPI on very large screens?
Understanding DPI awareness.
Why do I get a spurious WM_MOUSEMOVE message whenever Resource Manager is running?
An artifact of certain window manager operations.
Raymond’s complete guide to HSTRING semantics
It's reference-counted, except when it isn't.
Is there a way to change the minimum size for large pages?
It's set by the processor, not Windows.
What’s so special about the number 64 when it comes to TLS slots?
That's how many there were, a long time ago.
Investigating an app compat problem: Part 3: Paydirt
Finding the answer.
Investigating an app compat problem: Part 2: Digging in
Understanding the scenario a little more.
Investigating an app compat problem: Part 1: The initial plunge
Seeing the proximate cause.
I finally finished this awesome game called Photoshop, let me send you a video
Taking the Game DVR to the next level.
If I create multiple selectors each of size 4GB, do I get a combined address space larger than 4GB?
Not really
Why does SetFileValidData fail even though I enabled the SE_MANAGE_VOLUME_NAME privilege?
It's all in the timing.
How can I tell whether a file is on a removable drive, a fixed drive, or a remote drive?
Beware of the volume mount point.
Why does SHGetKnownFolderPath fail when impersonating?
Because there's a special way to call it for impersonation.
The chain reaction started when a customer’s line of business application doesn’t work with UNCs
Fighting over a registry key.
Printing the name and position of the focused item on the desktop
You already know how to get the view, so ask the view.
Diagnosing a crash in unloaded_something.dll
Find out what used to be loaded there.
Debugging session: Which of the many things happening in this single line of code is the one that crashed?
Let's go to the disassembly.
How can I generate a stack backtrace that is independent of ASLR?
Use module offsets rather than absolute addresses.
How do I create a directory where people can create subdirectories but cannot mess with those created by other users?
Advanced ACL games.
Security through lying
Factual errors make it harder for the good guys.
How long do I have to keep the SECURITY_ATTRIBUTES and SECURITY_DESCRIPTOR structures valid after using them to create a file?
Once CreateFile returns, they aren't needed any more.
Why did the friendly name for the Network Service account change?
Nobody promised it wouldn't.
Why doesn’t RevertToSelf undo the most recent SetThreadToken?
It removes all impersonation; it doesn't restore it.
But Australian Telecom loves it!
Weighted average.
Wow, that article sounds an awful lot like something I would have writt… hey, wait a second
Deja vu.
Is Metro on fire today?
Single-serving.
Why am I being told that my message ID is too large?
Look at the message format.
How come a duplicated token doesn’t behave identically to the original?
The inside's the same, but the outside is different.
What’s the difference between duplicating the handle to a token and duplicating a token?
Are you sharing an object or are you creating two objects?
How can my CPU be running faster than the maximum speed?
Remember the Turbo button?
Taking shortcuts when following driving instructions doesn’t always pay off
Back to the source.
Is it okay to acquire an SRWLOCK recursively? (And why not?)
The documentation says it's not allowed, so it's not allowed.
How can I write an unkillable program, redux
License to not be killed.
How can I detect whether the user’s keyboard has a Break key?
Looking at the problem the wrong way.
Getting MS-DOS games to run on Windows 95: Not enough XMS handles
Of course I got it, right?
Does Mulan speak Chinese?
Not really.
Startup apps start up when I tell them
It's not really a useful performance metric.
What does QueryThreadCycleTime actually count?
Whatever the CPU wants.
Is there an API for redrawing a specific window from another application?
Once again, turns out to be the wrong question.
How does Explorer calculate “Size on disk”?
Very simplistic.
Why can’t I pin a document to the taskbar?
Because that's not what the taskbar is.
Getting MS-DOS games to run on Windows 95: Too much EMM memory
Now that you got it, you need to find a place to put it.
Should I be concerned that WaitForSingleObject is taking a large percentage of my performance test’s execution time
What you've got there, my friend, is a WaitForSingleObject stress test.
It rather involved being on the other side of this airtight hatchway: Invalid parameters from one security level crashing code at the same security level (doesn’t get old)
You never crossed a security boundary.
Why are mouse wheel messages delivered to the focus window instead of the window under the mouse?
Keyboard modifiers.
Why is there a screen that says “It is now safe to turn off your computer”?
Because that's when you know.
Getting MS-DOS games to run on Windows 95: Too much memory!
Another case of intentionally under-reporting memory.
What happens if I call EnumPropsEx while another thread is mutating the properties?
You get a best-effort.
Even though the target audience may be programmers, it can still be seen by users
Freaking out over programmer jargon.
If relocated DLLs cannot share pages, then doesn’t ASLR cause all pages to be non-shared?
ASLR is careful to keep sharing alive.
Inherited access control entries are captured when the child object is created
Frozen in time.
Getting MS-DOS games to run on Windows 95: The interrupt flag
Incomplete virtualization strikes again.
Why does FindExecutable behave erratically for files with extensions longer than three characters? (And what can you do about it?)
Short file names strike again.
Why can’t the debugger call GetFinalPathNameByHandle via .call?
Because it doesn't know how.
How does GetFinalPathNameByHandle choose the name if there are multiple names due to hard links?
It picks the one you you used to open the file.
Dubious security vulnerability: Disk space consumption
You have permission to use all the disk space you can.
Getting MS-DOS games to run on Windows 95: Working around the iretd problem
Speed Racer in the Challenge of Racer X, please make it stop.
Is it really a prank if the victim doesn’t realize there’s a prank going on?
Oblivious.
Why are there four functions for parsing strings into GUIDs, and why are they in three different DLLs?
Different historical contexts..
The numerology of the build, redux
But why 16?
Why doesn’t a program show up on the Start menu’s Recently Used Programs list if I just used it to open a document?
You have to actually use the program directly, at least once.
Getting MS-DOS games to run on Windows 95: Virtual memory
Memory access is uniform and free, right?
Fixing a floating point exception when operating on NaN
Generate it at compile time.
Why does PathIsUNC say that paths that begin with \\?\ are not UNCs?
Because they aren't.
Don’t be helpless: You can find information too, if you try (episode 3)
Look around you.
How can I find out how much disk space the WinSxS folder is really occupying?
Untangling the links.
Were there specific criteria for making a game work at all costs vs. leaving it be if it had problems too weird to debug?
It was basically up to me.
What are the consequences of reserving a huge amount of memory, most of which is never committed?
It's mostly harmless now.
Why not use weak linking to solve the retargetable library problem?
A discussion.
Randomly-generated passwords still have to be legal strings
Well-formed strings according to the encoding.
Why doesn’t this registry hack for disabling autorun work?
Because it never claimed to.
Adventures in UI Automation: Scraping the Driver Files dialog
Drivery goodness.
On week numbering in the United States
We don't really do it.
Could there be any problems with calling GetModuleFileNameEx on your own process?
Yes.
String comparisons against program output is not usually the best solution
Look for programmatic interfaces.
If what you’re doing is undocumented, it’s not guaranteed to keep working, and your promise not to complain doesn’t really hold water
Because that's what undocumented implies.
On word breaking in Chinese and Japanese
Different rules.
Why not auto convert week-based time zone information to date-based?
What an adorable snowflake.
Are SetProp and RemoveProp thread-safe?
As thread-safe as they can be.
How can I get the name of the function that crashed given just a module name and offset?
Resolving symbols offline.
You kids are so cute, thinking you invented email
It predated the Internet, you know.
The 2016/2017 Seattle Symphony subscription season at a glance
The pocket reference guide for 2016/2017.
How can I get the original shortcut target path with environment variables unexpanded?
You'll have to dig into the data list.
Changing a loop into a promise or task chain
Crack open your textbooks.
How do I preload a chunk of memory into a memory-mapped file?
PrefetchVirtualMemory will do this.
A static_cast is not always just a pointer adjustment
That null pointer thingie.
Why does the date disappear from my taskbar, sometimes?
Because there's no room for it.
Finding the shortest binary string in a given interval
Narrowing in.
When I try to calculate a performance counter manually, the answer is off by a factor of 100
Because it's a percentage.
Nasty gotcha: VarCmp vs VariantCompare
Similar names, different return values.
Don’t just grab the foreground window and host UI on it, redux
Oops, it's not there any more.
I have difficulty following Swedish when spoken at conversational speed, and I count on being able to read the subtitles in order to catch up
This doesn't help.
If I select multiple files of different types, why does the Open verb disappear?
It won't always work.
How can I get the name for the user’s profile directory that is shown in Explorer?
You ask the shell namespace.
We batched up our COM requests and return a single stream of results, but the performance is still slow
Your stream marshaled by reference.
Debugging walkthrough: Diagnosing an NX exception
Leap of faith.
If somebody creates or deletes a file in a directory while I am enumerating its contents, what happens?
It's not really predictable.
Hey, you work for Microsoft. Do you know…?
Sometimes the longshot pays off.
How can I get the canonical name for a known folder?
You ask it.
The overly complicated rules for American football
Attempting to close a loophole creates another loophole.
If I issue a second overlapped I/O operation without waiting for the first one to complete, are they still guaranteed to complete in order?
Of course not. That's why it's called "overlapped."
How do I prevent a child process from displaying the Windows Error Reporting dialog?
Take advantage of the fact that SetErrorMode is inherited.
Localization gotcha: The RTL question mark
Depends on the locale.
What happened to the ability to use … (three dots) to refer to the grandparent directory?
An old NetWare compatibility hack.
A brief tour of the console alias functions
Kicking the tires.
Does the thread pool have different handle access privileges? Why am I getting ERROR_INVALID_HANDLE?
The most common reason for getting ERROR_INVALID_HANDLE is that you have an invalid handle.
Why is getting the HP_HASHSIZE so weird?
Second-order logic.
Why does CryptDestroyHash crash, but only sometimes?
Improper destruction leads to undefined behavior, and undefined behavior includes "crashing only sometimes".
Some senior executives are afraid to provide feedback, because they know that their feedback will be given too much weight
Excess baggage.
How can I tell whether my console program was launched from Explorer or from a command prompt?
That's not actually what you want to know.
If I’m going to store a SID in a file, should I store the string form or the binary form?
Pros and cons.
What does the /V (verify) flag to XCOPY mean, and how did it get that way?
It doesn't mean much any more.
So how bad is it that I’m calling RegOpenKey instead of RegOpenKeyEx?
Mostly not bad, except for the gotcha.
What makes XCOPY so X?
It's extra awesome. But I don't know what the X stands for.
Some notes about the blog migration
Put your feedback here.
A puzzle involving dynamic programming, or maybe it doesn’t, episode 2
Once again, the hint is wrong.
What does this crash in TppRaiseHandleStatus mean?
Imagining how a feature was written.
When you start talking about numbers as small as 2⁻¹²², you have to start looking more closely at the things you thought were zero
Do the math.
My program for faking debugging demos
Looking behind the curtain.
Getting one’s paycheck from some mysterious pile of money
But at least you get to visit the receptionist.
Creating a shell extension that applies only to files with a very specific name
The AppliesTo tag.
The FILE_FLAG_DELETE_ON_CLOSE flag applies to the handle, also known as the file object, which is not the same as the file
The file on disk, the representation of the file, and the reference to the representation of the file.
It rather involved being on the other side of this airtight hatchway: Attacking the system clock
Tick.
Why does the mouse cursor jump a few pixels when you right-click on the Start button?
To make it easy to click the first item.
Why did Windows NT decline to support an undocumented flag to TrackPopupMenuEx?
Duh.
Slam City with Scottie Pippen (1995): A flashback
No video? No problem.
If you want to receive a message that is broadcast to top-level windows, you need a top-level window
Stands to reason.
2015 year-end link clearance
More random stuff.
Why is my call to ChangeTimerQueueTimer having no effect? (And another case of looking past the question to solve the problem.)
Because it's too late.
Why are Windows setup logs stored in a Panther directory? Does it have anything to do with the abandoned Panther project from the precursor to Windows 95?
Unrelated.
Determining how each Explorer window is sorted
Ask for the sort criteria.
When is the correct time to call FreeLibraryWhenCallbackReturns?
Any time during the execution of the callback is fine.
Why does my in-place tooltip dismiss itself as soon as it appears?
Because it's detecting itself.
Confusing gotcha: PSECURITY_DESCRIPTOR is not a pointer to a SECURITY_DESCRIPTOR
It's just an untyped pointer.
Unhandled Exception: Cannot print exception string because Exception.ToString() failed.
So that happened.
Allocating page file space without allocating RAM
Fixing an old tool.
Are views of memory-mapped files coherent within a single process? (And how this was the wrong question.)
Yes.
Dubious security vulnerability: Messing with the Recycle Bin
You're only screwing yourself.
You’d think that with the name TEMP, people wouldn’t expect it to be around for a long time
Temp stands for Temporary.
Great moments in forgetfulness: Does anybody have a copy of this file?
It's in a safe place.
Calculating integer factorials in constant time, taking advantage of overflow behavior
Too high! Too high!
Hasn’t the problem of updates being partially installed until the next reboot already been solved by changes in Windows?
Mostly, yes.
Why does OpenProcess return access denied, even if I enable debug privilege?
Asking for more than you need.
Why doesn’t findstr use the standard regular expression library?
What standard regular expression library?
How do I register a command on the desktop background context menu? (And how do I remove one I don’t like?)
Places to go, and places to look.
Enumerating all the programs that can launch a particular protocol
SHAssocEnumHandlersForProtocolByApplication
Why did disabling interrupts cause Windows 95 to hang?
Because compatibility.
A question about how to detect whether Windows Update needs the system to be restarted turns out to be the wrong question
For critical availability, don't install it until you are ready to reboot.
Hidden gotcha in the thread pool sample program on MSDN
That's a pretty small pool.
What does Ctrl+Enter mean? It depends on whom you ask
Maybe it enters a soft return, maybe it sends a command.
Enumerating all the programs that can open a particular file extension
SHAssocEnumHandlers.
In order to serve you better: Charging your credit card in your home currency
For a fee.
How can I append to a file and know where it got written, even if the file is being updated by multiple processes?
File locking strikes again.
The increasing urgency of a request to fill out a survey
Let's try that again.
Clarifying the documentation on wildcards accepted by FindFirstFile/FindFirstFileEx
Only in the file name portion.
We got around three
One in a million, or not quite.
Playing with synchroninzation barriers
All for one and one for all.
Investigating a problem constructing a security descriptor to deny thread-specific access rights to Everyone
Clearing up the confusion and deleting code.
Stupid JavaScript debugging tricks: Abusing the conditional breakpoint
Code injection.
If You Are The One: The crazy Chinese dating show
Serious inquiries only.
Why is the StartRunNOHOMEPATH policy so very specific about what it does?
Because that's what the customer asked for.
The ritual of choosing your next office
Cap and trade.
How can I get notified when the cursor changes?
Accessibility to the rescue, again.
Exploring the Supercute World of Hello Kitty
There's still time to get to the Hello Kitty Supercute Opening Party at the Experience Music Project, kicking off a four-month exhibition of Everything Hello Kitty. (Here are pictures from the Los Angeles leg of the tour.) Curiously, one of the events on the agenda for the opening night gala is a "Q&A with Hello Kitty" at 8:00pm, which is going to be interesting, seeing as Hello Kitty does not have a mouth. One of the exhibit's sponsors is UNIQLO, who I should remind you, has a very strange clock. Bonus chatter: EVA Air now has a thrice-weekly flight between Taipei and Houston, so you can now fly Hello Kit...
Diagnosing high CPU by studying profiling results, example
Why would a wait consume so much CPU time?
Why is January 1 being reported as the last week of the previous year?
Because the rules say so.
Oh, that’s probably why I’m in the Quake credits
I'm touching you!
It’s called “proofreading”, give it a shot why don’t you, episode 2
Collaterol.
I cloned a project, but the new project still groups with the old project on the taskbar
The Application User Model ID strikes again.
Some helper functions for interlocked pointer operations
Template-o-rama.
Why does the access violation error message put the operation in quotation marks, redux
It could be.
Sometimes a function returns NULL because NULL really is the answer
There is nothing there.
Changing the conditions under which ReadFile produces fewer bytes than requested
Where's the rest of me?
Microspeak: North star
Guiding principle.
How can I make my custom namespace extension get categorized correctly in My Computer?
Give it the appropriate description ID.
Why does the timestamp of a file increase by up to 2 seconds when I put it in a ZIP archive, then extract it?
The MS-DOS time format again.
When you open a securable object, make sure you pass the security mask you actually want (no more, no less)
You will get all you want, but you have to ask for it.
How do I create a wizard that contains none of the things that makes a wizard a wizard?
It's not a wizard, so don't use a wizard.
The Redmond Reality Distortion Field: Analogies involving high-performance cars, usually Ferraris
Vroom.
Are there any negative consequences to having a ton of files on the desktop?
Extra work.
CoGetInterfaceAndReleaseStream does not mix with smart pointers
Old school meets new school.
What are the rules for CoMarshalInterface and CoUnmarshalInterface?
Keeping an eye on the reference gets a little harder.
What are the rules for CoMarshalInterThreadInterfaceInStream and CoGetInterfaceAndReleaseStream?
Keeping an eye on the reference.
What is COM marshaling and how do I use it?
Keeping an eye on the reference.
How do I get the user-customized name of a mapped network drive?
Ask the shell. That is, after all, how the shell displays is.
I have the handle to a file; how can I get the file name from the debugger?
Build the call on the stack.
What’s the difference between UuidFromString, IIDFromString, CLSIDFromString, GUIDFromString…
Mostly the same if what you have is a stringized GUID; otherwise...
The MoveSecurityAttributes policy affects only how Explorer recalculates ACLs when a file is moved; everybody else is on their own
GUI policies tend not to apply to command line tools.
Why do Saturation and Luminance go all the way to 240, but Hue goes only to 239? And why 239 anyway?
Mapping a floating point number to a byte.
How do I get the user-customed name of My Computer or Recycle Bin?
Ask the shell. That is, after all, how the shell displays it.
Learning about farm animals from my niece
Things you don't learn in biology class.
How does a shell namespace extension provide icons for virtual items that track the standard icons set by the user’s file associations?
Forward to the standard implementation.
What happens if you call VirtualAlloc to MEM_COMMIT a page you never MEM_RESERVE?
It is not guaranteed to succeed.
How do we change permissions on a share as fast as Explorer does it?
First, make sure you're changing the permissions on a share.
First, try reading the error message, episode 4: Even programmers see error messages without reading them
Here we go again.
How do I obtain the comment for a share?
NetShareGetInfo.
Hacking the law: On the role of the marriage officiant in the State of Washington
Strange rules that basically mean there are no meaningful rules.
Calling ShutdownBlockReasonCreate from my service doesn’t stop the user from shutting down
That's not how to do it from a service.
If you can’t remember the exact text of a dialog box (so you can search for it), you can ask the Internet
Search ju-jitsu, v2.
Why can’t I create a file equal to the available disk space?
Gotta save the metadata somewhere.
The trust relationship between this workstation and the primary domain failed, what does this mean?
The secret password every machine has.
What happens to lost timer messages if I don’t process them fast enough?
They never existed.
Why doesn’t my keyboard hook get called for keyboard messages I manually posted?
Because that's not input.
How do I call SetTimer with a timer ID that is guaranteed not to conflict with any other timer ID?
Put it in its own window.
It rather involved being on the other side of this airtight hatchway: Elevation from Administrator to SYSTEM
But you're already there.
Thanks for informing us that you know about the compatibility issue in your application, so we don’t have to fix it
Now that you let us know that you know, you can deal with it yourself.
How can I tell if Windows Update is waiting for the system to reboot?
RebootRequired.
Why are there all these processes lingering near death, and what is keeping them alive?
Actually, they're zombies.
How can I start my service as soon as possible, before any other service?
FRIST!
Why doesn’t GetAddrInfo work from behind a proxy?
You can't get there from here.
A process inherits its environment from its parent, and the consequences of this simple statement
The chain of custody.
How do I run a Web search in the user’s default Web browser using their default search provider?
You kind of have to guess.
The C runtime library cannot be mixed and matched
Coupled to the compiler.
How do you get network connectivity from the worst PC in the world?
Can't use an expansion slot.
Raymond’s Windows Universal Samples API concordance
Finding samples that use a particular method or property or whatever.
Cynical interpretations of various project milestones
Call it what you want.
I guess this explains why Warren Buffett hasn’t retired
Hang in there.
Using an intermediate library to make the main library retargetable
A little traffic cop.
When I change the icon in my shortcut, why doesn’t it update on the screen?
Dotting all the i's.
I saved some files into the Program Files directory, and now they’re gone!
They got virtualized.
Microspeak: move the needle
Have a significant and noticeable impact
How do I enumerate remembered connections that are not currently connected?
WNetEnumResources again.
Debugging walkthrough: Access violation on nonsense instruction, episode 3
Ow, that patch hurts.
The Windows 95 I/O system assumed that if it wrote a byte, then it could read it back
Stands to reason.
Rules can exist not because there’s a problem, but in order to prevent future problems
Not constraining future optimizations.
Microspeak: DRI, the designated response individual
The first line of defense.
Insightful graph: The ship date predictor
Factor of two (and a little).
Handy delegate shortcut hides important details: The hidden delegate
Sit. Stay.
I saw a pinvoke signature that passed a UInt64 instead of a FILETIME, what’s up with that?
Stricter than necessary, but that's okay.
If you are going to call Marshal.GetLastWin32Error, the function whose error you’re retrieving had better be the one called most recently
Watch out for functions called behind your back.
If you are going to call Marshal.GetLastWin32Error, the function whose error you’re retrieving had better have SetLastError=true
Or it won't get anything.
p/invoke gotcha: C++ bool is not Win32 BOOLEAN is not UnmanagedType.Bool
Watch the sizes.
Windows started picking up the really big pieces of TerminateThread garbage on the sidewalk, but it’s still garbage on the sidewalk
So stop throwing garbage on the sidewalk.
Crashes in the I/O stack tend to occur in programs which do the most I/O
just playing the odds.
Why does the taskbar icon for grouped windows change to something weird?
Because you told it to use that icon.
The ARM processor architecture: Somebody else’s introduction
Over at the NT Debugging blog.
The changing fortunes of being the last program on the Start menu
Last but not least.
What if I have two programs that are logically a single application, and I want them to be treated as a single group on the taskbar?
The Application User Model ID strikes again.
The Itanium processor, part 10: Register rotation
Around and around.
The Itanium processor, part 9: Counted loops and loop pipelining
Line up in neat order.
The Itanium processor, part 8: Advanced loads
I hoped you were going to say that.
The Itanium processor, part 7: Speculative loads
I knew you were going to say that.
The Itanium processor, part 6: Calculating conditionals
Deciding what to do next.
The Itanium processor, part 5: The GP register, calling functions, and function pointers
Who am I? How did I get here?
The Itanium processor, part 3b: How does spilling actually work?
Working quietly in the background.
The Itanium processor, part 4: The Windows calling convention, leaf functions
Just use what you've got.
The Itanium processor, part 3: The Windows calling convention, how parameters are passed
Slide on over.
The Itanium processor, part 2: Instruction encoding, templates, and stops
Stop and go.
The Itanium processor, part 1: Warming up
All those registers.
The curse of the redefinition of the symbol HLOG
Too generic a name.
Corrupted file causes application to crash; is that a security vulnerability?
Maybe, maybe not.
When you think you found a problem with a function, make sure you’re actually calling the function, episode 2
Watch out for the local overrides.
Please enjoy the new eco-friendly printers, now arguably less eco-friendly
Missing the point.
How can I detect whether a keyboard is attached to the computer?
Look at the available raw input devices.
What did the Ignore button do in Windows 3.1 when an application encountered a general protection fault?
Muddling through.
Why do I get ERROR_INVALID_HANDLE from GetModuleFileNameEx when I know the process handle is valid?
Because it's not complaining about the process handle.
Why doesn’t the Print command appear when I select 20 files and right-click?
So you don't kill your machine with a stray click.
Hazy memories of the Windows 95 ship party
How'd that happen?
Generating different types of timestamps from quite a long way away
Transforming in reverse.
On the various ways of creating large files in NTFS
To zero or not to zero.
Why is my x64 process getting heap address above 4GB on Windows 8?
Why shouldn't it?
What would be the point of creating a product that can’t do its job?
No 32-bit server products. Because what would be the point?
Intentionally making the suggestion look nothing like any scripting language, yet understandable enough to get the point across
Pseudobabble.
Trying out all the different ways of recognizing different types of timestamps from quite a long way away
Running through the list.
Why does the BackupWrite function take a pointer to a modifiable buffer when it shouldn’t be modifying the buffer?
An artifact of an earlier time.
Is a SID with zero subauthorities a valid SID? It depends whom you ask
Maybe.
How secure are GUIDs? Can I use it to generate passwords?
Not a good idea.
2015 mid-year link clearance
Midpoint check.
Microspeak: Stretch goal
Extra credit.
Parsing a string as a 64-bit integer, somehow
Signed or unsigned, I don't care.
Windows 95 and Windows NT manage the TEB on x86 differently
Reuse.
Where is the full version of the music that plays when you start Windows 98 for the first time?
There isn't one.
A trick for finding the correct internal mailing list
Looking for common threads.
Sorry for the interruption, but it doesn’t happen often
Be right back.
Reinterpreting the bits of a 64-bit integer as if they were a double-precision floating point number (and vice versa)
Punning.
Random links on taking better pictures
Just a little linkery.
Why does the class name for Explorer change depending on whether you open it with /e?
Compatibility, of course.
How come the technique for launching an unelevated process from an elevated process doesn’t work?
You've disabled the feature that makes unelevated processes possible.
When you think you found a problem with a function, make sure you’re actually calling the function
Don't mock me.
One way to make sure nobody reports problems with your Web site
I'll get right on that.
How can I reposition my window so it isn’t covered by the touch keyboard?
Taking it a step further.
How can I force a CreateFile call to hang, in order to test something?
Opportunistic locks again.
Keep your eye on the code page: Is this string CP_ACP or UTF-8?
You don't know. Somebody has to tell you.
Taking ownership of a file doesn’t give you access, yet
One more step.
Bitter or acerbic? or does it make a difference?
What does that word mean?
How can I reposition my controls so they aren’t covered by the touch keyboard?
Register with the framework input pane.
There is no /8TB flag on 64-bit Windows
You get it all, baby.
What’s the point of giving my unnamed object proper security attributes since unnamed objects aren’t accessible outside the process anyway (or are they?)
You can get it without the name.
Adding a little marker to your comments in Microsoft Word
The TAB key.
Why do events logged by the ReportEvent function show up in the wrong order in the Event Viewer?
Bad sorting.
How can I make the touch keyboard appear automatically when focus enters an edit control in my program?
Enable focus tracking.
Under what conditions can SetFocus crash? Another debugging investigation
SetFocus is the symptom, not the cause.
When designing your user interface, be mindful of the selection-readers
Also the double-click readers, the hover-readers, and the margin-click readers.
Dubious security vulnerability: Luring somebody into your lair
Constructing an insecure directory.
The tadpole operators explained
Combining two things in an unintuitive way.
New C++ experimental feature: The tadpole operators
Give it a whirl.
So you decided to call SHFileOperation from a service, at least remember to disable copy hooks
Mitigating the disaster.
If you can set enforcement for a rule, you can set up lack of enforcement
An exeption to a rule is just another rule.
When you inadvertently become a collector of something you really aren't all that into
As I was heading home at the end of the day, I ran into one of my colleagues who was also going home, and he was carrying a Star Wars-themed metal lunchbox similar to this one. For those who didn't grow up in the United States, these metal lunchboxes are the type of things elementary school children use to carry their lunch to school. I remarked, "Nice lunchbox." My colleague explained, "Yeah, I sort of ended up as the lunchbox guy. It started when somebody gave me a lunchbox as a semi-humorous gift, and I kept it on my shelf. Then other people saw that I had a metal lunchbox and concluded, 'Oh, he must collec...
It rather involved being on the other side of this airtight hatchway: Code injection via QueueUserAPC
But you already pwn that thread.
Determining programmatically whether a file was built with LAA, ASLR, DEP, or OS-assisted /GS
Sucking the flags out of the header.
MapGenericMask is just a convenience function for converting generic access to specific access, according to the instructions you provide
It's useful on the server side, not the client side.
Low-level hooks have thread affinity, so make sure you keep an eye on the thread
Poof, it's gone.
Why don't you forward WM_GETMINMAXINFO and clamp the results?
In my illustration of how to make a window resizable in only one direction, commenter Josua asks, "Why don't you forward and clamp the results?" I'm going to assume the question is really "Why don't you forward before clamping the results?" rather than "Why did you bother writing all this code in the first place? Why not simply forward and clamp the results?"¹ The answer is that forwarding doesn't do anything. As noted in the documentation, the incoming structure already has the default values on entry. The default handler for the message returns without doing anything, since all the default handler...
How does Task Manager compute Up Time, and why doesn't it agree with GetTickCount?
Task Manager shows a piece of information called "Up time". How is this value calculated, and why doesn't it agree with the value reported by /? Task Manager calculates "up time" by subtracting the system boot time from the current time. In other words, it is misnamed; it really should be called time since system was started. It doesn't subtract out the time when the computer was in sleep or hibernation. The tick count, on the other hand, counts only time that elapses while the computer is on.
Can I run a service executable from a network location?
You can, but you shouldn't.
Documentation creates contract, which is why you need to be very careful what you document
Once it's documented, it needs to remain supported forever.
Hidden message in a T-shirt, it's been done before
While everybody is trying to figure out the hidden message in Joe Belfiore's T-shirt,¹ I figure I'd give you an easier puzzle. Here is the pattern of 0's and 1's printed on the T-shirt handed given out at the Windows 8 kick-off meeting. Because you don't have a project until you have a T-shirt. The actual shirt clipped many of the digits to make the shape come out smoother. I've filled in the partial digits. There are at least two typos in the shirt. It didn't take a room full of developers long to decode the message. Click here to reveal the answer. The digits are merely the binary encoding ...
Why is there an invisible U+202A at the start of my file name?
The desperation Left-to-right marker.
What does it mean when the Advanced Security Settings dialog says that an ACE was inherited from "Parent Object" without naming the specific parent?
The Advanced Security Settings dialog shows the ACEs in an object's ACL, and one of the pieces of information is a column labeled Inherited from which identifies whether the ACE was inherited, and if so, from where. A customer observed that when they opened the Advanced Security Settings dialog, one of their objects had an ACE that showed Parent Object as the Inherited from. However, when they went to the parent object , that ACE is nowhere to be found. How can an ACE be inherited from its parent, when it doesn't exist in the parent? The Advanced Security Settings dialog is trying to be helpful, but in...
Creating a window that can be resized in only one direction
Overriding WM_NCHITTEST.
That's not how you start a boat
Tomorrow is Opening Day of the Seattle boating season. (Which, as I noted some time ago, is purely a social occasion with no legal significance.) One of my colleagues is not much of a boat person, but his wife is. (In fact, she's a commercial fisherman.) They were on board some fancy boat or other as it sat docked. He was up on the top deck—this being a boat so fancy that it had an upstairs and a downstairs—and as the preparations were made for heading out, his wife called out to him to start the boat, since he's up there already. Now, as I mentioned, my colleague isn't much of a boat person. But h...
How does the window manager adjust ptMaxSize and ptMaxPosition for multiple monitors?
Very carefully.
How can I tell if a file is an image of some type?
The perceived type tells you what kind of file it is, for a very general sense of the word "kind".
Is the atom returned by RegisterClass(Ex) a "real" atom?
A customer was debugging some code that calls on a class that's already been registered. In this case, it was registered by another DLL in the same process. Normally, this wouldn't be a problem, because each DLL passes its own instance handle to so that there are no name collisions. However, in this case, both DLLs are passing the flag, which means that collisions can occur after all. The customer found that the call to , which makes sense in the case of a collision in the global class table. The code then calls to look up the class name, but fails, saying, "No such atom." Does this mean that the class at...
Access to a file's attributes is controlled by two things
We saw some time ago that permission to delete a file is granted either File attributes behave in an analogous way. Permission to read a file's attributes is granted either If you want the file's attributes, you could always get it by reading the directory, because one of the pieces of information you get from is the file attributes. Therefore, having permission to read a directory implicitly gives you permission to read the attributes of any file in that directory. (Note, of course, that write permission on attributes is another story.)
Wow, they really crammed a lot into those 410 transistors
Just an order of magnitude. Or three. Or more.
How do I extract the path to Control Panel from this shortcut so I can launch it?
You don't need to.
Why can't I have variadic COM methods?
COM methods cannot be variadic. Why not? Answer: Because the marshaler doesn't know when to stop. Suppose variadic COM methods were possible. And then you wrote this code: How would COM know how to marshal this function call? In other words, suppose that is a pointer to a proxy that refers to an object in another process. The COM marshaler needs to take all the parameters to , package them up, send them to the other process, then unpack the parameters, and pass them to the implementation. And then when the implementation returns, it needs to take the return value and any output parameters, package them u...
How did the scopes for the CryptProtectMemory function end up in a strange order?
Incremental functionality.
It rather involved being on the other side of this airtight hatchway: Invalid parameters from one security level crashing code at the same security level (yet again)
You never crossed the boundary.
What was the starting point for the Panther Win32 kernel?
That one started from Windows NT.
How to find the IP address of a hacker, according to CSI: Cyber
According to television.
Why are there both TMP and TEMP environment variables, and which one is right?
Parallel evolution.
Why did the original code for FIND.COM use lop as a label instead of loop?
An old puzzle.
When I set the "force X off" policy to Disabled, why doesn't it force X on?
A customer was using one of the many "force X off" policies, but instead of using it to force X off, they were trying to use it to force X on by setting the policy to Disabled. For example, there is a "Hide and disable all items on the desktop". The customer was setting this policy to Disabled, expecting it to force all icons visible on the desktop, removing the option on the desktop View menu to hide the icons. As we discussed some time ago, group policy is for modifying default behavior, and interpreting them requires you to have a degree in philosophy. In particular, a policy which forces X off has three st...
In the Seattle area, people treat you nicer once they learn your last name is Gates
Go figure.
After I encrypt memory with CryptProtectMemory, can I move it around?
Yes.
On the ways of creating a GUID that looks pretty
Don't just make up something. There are rules.
If more than one object causes a WaitForMultipleObjects to return, how do I find out about the other ones?
Just the one you are told about.
Why is the System.DateCreated property off by a few seconds?
Legacy time/date format.
The details of the major incident were not clearly articulated, but whatever it is, it's already over
When a server is taken offline, be it a planned unplanned outage or an unplanned unplanned outage or something else, the operations team send out a series of messages alerting customers to the issue. Some time ago, I received a notification that went like this: From: Adam Smith Subject: Nosebleed Service : Major Incident Notification - Initial Date: mm/dd/yyyy 1:16AM Major Incident Notification dfdsfsd Affected Users fdfsdfsdf Incident Duration: 1 hour 15 minutes Impact fsdfdsfsdf Continued Notifications fdsfsdf Information & Support Thank you, Adam Smith IT Major Incident Mana...
Opening the classic folder browser dialog with a specific folder preselected
Call me, honey.
Why is CreateToolhelp32Snapshot returning incorrect parent process IDs all of a sudden?
It was always incorrect, you just didn't know it.
It appears that some programmers think that Windows already ships with that time machine the Research division is working on
Make sure the object of your action exists before you try it.
Under what circumstances will a dialog box not use the caption specified in the resource file?
Who's changing it?
What was the relationship between Outlook and Outlook Express?
None.
I want you to chase your sisters until they throw up
Heaven for little boys.
How do I make a boldface item on a context menu?
The menu default item.
Flaw reported in Windows 95
And a note from Mom.
Switching on a tuple: Sneaky trick
Data packing.
What's the difference between PathIsSystemFolder and Protected Operating System Files?
The way to detect weird directories that should be excluded from the user interface is to check for the and attributes being set simultaneously. This is the mechanism used when you uncheck Hide protected operating system files in the Folder Options dialog. (Programmatically, you detect whether the user wants to see protected operating system files by checking the member of the structure.) Michael Dunn suggested using to detect these special directories, but that is not quite right. is for marking a directory as "This directory has a nondefault UI behavior attached to it. Please consult the file for mo...
A Venn diagram demonstrating the dining options in one of the new cafeterias
Spelling out the options.
CancelIoEx can cancel I/O on console input, which is kind of nice
Stop that input.
Finding the constructor by scanning memory for the vtable
Reversal of fortune.
Sure, we have RegisterWindowMessage and RegisterClipboardFormat, but where are DeregisterWindowMessage and DeregisterClipboardFormat?
It not going away.
Travel tip: Don't forget your car on the ferry
One of my colleagues lives on Bainbridge Island and has quite a long commute to work each day. From his house, he walks to the bus stop, then takes the bus to the Winslow ferry terminal, then takes the ferry to the Seattle ferry terminal, then takes the bus to Microsoft. And at the end of the day, he does the trip in reverse. One day, for whatever reason, he drove to work instead of taking the bus. He drove to the ferry terminal, took the ferry across, then drove to work. And at the end of the day, he drove to the ferry, but when the ferry arrived at its destination, he forgot that he had driven his car and wa...
Microspeak: Headcount, req, and related personnel terms
Jargon from the personnel side of the business.
Does the CLR really call CoInitializeEx on the first call to unmanaged code, even if you don't deal with COM at all and are just calling native code via p/invoke?
Some time ago, I called out this part of the documentation regarding managed and unmanaged threading: On the first call to unmanaged code, the runtime calls CoInitializeEx to initialize the COM apartment as either an MTA or an STA apartment. You can control the type of apartment created by setting the System.Threading.ApartmentState property on the thread to MTA, STA, or Unknown. Commenter T asks, "Does it do this even if you don't deal with COM at all and call native code through a P/Invoke?" Well, the documentation says it does, and we can confirm with an experiment: Run this program with...
Debugging walkthrough: Access violation on nonsense instruction, episode 2
Dueling debuggers.
Under what conditions will the IUnknown::AddRef method return 0?
When it's lying.
Dubious security vulnerability: Copying a program and running the copy
Code execution results in code execution.
The more times you use the word "simply" in your instructions, the more I suspect you don't know what that word means
I was helping somebody look up how to enable frobbing for widgets, and I found one set of instructions on a blog somewhere. To be honest, this happened long enough ago that I forgot what it was exactly, but here's something that captures the general spirit: First, check whether your widget supports frobbing. To do this, simply run this command where is the voodoo code for your widget. It will say "frob supported" if your widget supports frobbing. If you don't know your widget's voodoo code, you can get a list of the voodoo codes and enchantment numbers for all the widgets connected to your computer by s...
How can I programmatically resize a listview column to fit its contents?
ListView_SetColumnWidth.
A question about the FileTimeToLocalFileTime function turned out to be something else
Negative time.
Modifying the CS_NOCLOSE style does affect all windows of the class, just not necessarily in an immediately noticeable way
It's there, you just can't see it.
Why are the dimensions of a maximized window larger than the monitor?
So you don't see the borders.
Setting up a new computer often results in leftover slot covers, so what do you do with the slot covers?
Doorstop.
Connecting some blocks: Tell me more about the current image in my wallpaper slide show
Click.
Solving the problem rather than answering the question: How can a non-administrator modify a registry key that requires administrator permission?
Design so you don't need administrative privileges.
RegNotifyChangeKeyValue sucks less
No longer tied to a specific thread.
Why does the mouse cursor jump a few pixels if you click on the very bottom row of pixels on the taskbar?
Because that's where you wanted it to be.
Nice job, you got an A minus from Bill
That's as high as it goes.
Further adventures in trying to guess what encoding a file is in
Today's candidate: IMultiLanguage2::DetectCodepageInIStream
Non-capturing C++ lambdas can be converted to a pointer to function, but what about the calling convention?
Nothing to see, so nothing to pass.
What's the point of using a custom timer queue if there is a default one already?
A customer observed that when you create a timer via , you have the option of passing either to get the default timer queue or a handle to a custom timer queue created by the function. Why would you want to create a custom timer queue? If you create a custom timer queue, then you know that all the timers in the queue are yours. For example, there might be another component in the process that creates a lot of timers in the default timer queue. If you had put your timers in the default timer queue, then your timers will risk starvation. It's the same sort of logic that might lead you to create a custom heap in...
When asking about the capacity of a program, you also need to consider what happens when you decide to stop using the program
It'll fit as long as you need it.
Microspeak: Light up
Enabling functionality when available.
The 2015/2016 Seattle Symphony subscription season at a glance
The pocket reference guide for 2015/2016.
Reading the word under the cursor via UI Automation
Grab and go.
What is this inconsistent heap state that MSDN warns me about during DLL_PROCESS_DETACH?
Following through on consequences of TerminateThread.
Who is this rogue operative that filled my object with 0xDD, then sent me a message?
Not really dead.
Why was the replacement installer for recognized 16-bit installers itself a 32-bit program instead of a 64-bit program?
It's the right thing to do.
Staying cool is one of the skills of a corporate president
Didn't break a sweat.
Using thread pool cleanup groups to clean up many things at once
Take out the whole group.
Use GFlags to catch the silent killer (silent but deadly)
Silent Process Exit.
The SuspendThread function suspends a thread, but it does so asynchronously
Yes, I heard you, but I'm kind of busy right now.
If you wonder why a function can't be found, one thing to check is whether the function exists in the first place
One of my colleagues was frustrated trying to get some code to build. "Is there something strange about linking variadic functions? Because I keep getting an unresolved external error for the function, but if I move the function definition to the declaration point, then everything works fine." "With the above code, the linker complains that cannot be found. But if I move the implementation of to the top of the file, then everything builds fine." "I tried putting an explicit calling convention in the declaration, I tried using , nothing seems to help." We looked at the resulting object file and observed...
Another way to make sure nobody sends you feedback
Boing.
Customizing item enumeration with IShellItem, the old-fashioned way
Driving it manually.
Got errands? Now is the time
Everybody else is watching the game.
Creating a shared memory block that can grow in size
The SEC_RESERVE flag.
Color-aware ClearType requires access to fixed background pixels, which is a problem if you don't know what the background pixels are, or if they aren't fixed
ClearType is a technology that blends text pixels with background pixels with the goal of reducing visual artifacts during text rendering.¹ If you go for the full-meal version of ClearType, it uses knowledge about the physical properties of LCD screens in order to carry out its work. Some time ago, I noted one catch with this model, which is that overdraw gives the ClearType algorithm the wrong background pixels. Another gotcha is that if you don't know what the background pixels are at all, then you can't use ClearType. For example, you might be rendering a semi-transparent bitmap that will be drawn on to...
The compiler can make up its own calling conventions, within limits
Global optimizations.
Tip for trying to boost morale: Don't brag about your overseas trips
Once upon a time, a senior manager held a team meeting to address low team morale. Attempting to highlight how important the project was, he opened by saying, "I just got back from ⟨faraway country⟩, meeting with some of our important clients, and..." This remark had exactly the opposite effect from what the manager intended. Instead of revitalizing the team, the team became even more despondent. "Here we are, working late and coming in on weekends, and this senior manager is telling us about his recent overseas junket." (After he left, I heard that he still pulled this stunt with his new team. "Over ...
Customizing item enumeration with IShellItem
Have it your way.
Helper functions to make shell bind contexts slightly more manageable
Setting the options.
The wonderful world of shell bind context strings
A generic options parameter.
Why does my synchronous overlapped ReadFile return FALSE when the end of the file is reached?
That's what the documentation says, in a way that could be made more clear.
Why does the copy dialog give me the incorrect total size of the files being copied?
It's all a misunderstanding.
Why does Outlook use a semicolon to separate multiple recipients by default?
In triplicate, please.
Why does a single integer assignment statement consume all of my CPU?
Alignment fixups.
Why does CreateFile take a long time on a volume handle?
Flush that volume.
Where can I find the standard asynchronous stream?
Not that sense of the word standard.
Microspeak: landing (redux)
Settled.
Limiting the bottom byte of an XMM register and clearing the other bytes
More SSE tweaking.
Finding the leaked object reference by scanning memory: Example
Digging through the haystack.
What happens if I don't pass a pCreateExParams to CreateFile2?
The final parameter to the function is optional. What happens if I pass ? If you pass as the parameter, then the function behaves as if you had passed a pointer to this structure:
Why is there a BSTR cache anyway?
It was useful, once.
No good deed goes unpunished: Marking a document as obsolete
Stop looking at me.
More notes on calculating constants in SSE registers
All at the top or bottom.
How do you prevent the linker from discarding a function you want to make available for debugging?
Put it outside the linker's knowledge.
Horrifically nasty gotcha: FindResource and FindResourceEx
The old switcheroo.
2014 year-end link clearance
Another round of the semi-annual link clearance.
Even the publishing department had its own Year 2000 preparedness plan
On December 31, 1999, Microsoft Product Support Services were ready in case something horrible happened as the calendar rolled over into the new year. I'm told that Microsoft Press also had its own Year 2000 plan. They staffed their helpline continuously from Friday evening December 31, 1999 all the way through Sunday, January 2, 2000. They did this even though Microsoft Press did not normally staff its helpline ouside normal business hours, and even though all sample code in all publications come with a disclaimer that they are provided "as is" with no warranty. I do not know if they took any calls, but I sus...
How did that program manage to pin itself to my taskbar when I installed it?
Occasionally, somebody will notice that upon installing a program, it managed to pin itself to the taskbar. But just like there is no function, there is also no function, and for the same reason: Because applications would abuse it and auto-pin themselves because they are so awesome, and so that the developer could get a nice bonus. In spite of these roadblocks, some applications manage to pin themselves to the taskbar anyway, typically by programmatically driving the shortcut context menu. The developer then collects their bonus and goes out and gets drunk. There is no real way of blocking this behavior ot...
Integer signum in SSE
The signum function is defined as follows: There are a couple of ways of calculating this in SSE integers. One way is to convert the C idiom The SSE translation of this is mostly straightforward. The quirk is that the SSE comparison functions return −1 to indicate , whereas C uses +1 to represent . But this is easy to take into account: Substituting this into the original function, we get In assembly: With intrinsics: This pattern extends mutatus mutandis to , , and . Another solution is to use the signed minimum and maximum opcodes, using the formula In assembly: With intrinsi...
Debugging walkthrough: Access violation on nonsense instruction
A colleague of mine asked for help puzzling out a mysterious crash dump which arrived via Windows Error Reporting. Well that's a pretty strange instruction. Especially since it doesn't match up with the source code at all. There is no bit-toggling in the actual code. The method calls to , , and are all interface calls and therefore should be vtable calls. We are clearly in a case of a bogus return address, possibly a stack smash (and therefore cause for concern from a security standpoint). My approach was to try to figure out what was happening just before the crash. And that meant figuring out how we ...
My pants are fancy!
During the development of Windows, the User Research team tried out an early build of some proposed changes on volunteers from the general community. During one of the tests, they invited the volunteer to just play around with a particular component, to explore it the way they would at home. The usability subject scrolled around a bit, admired the visuals, selected a few things, and then had an idea to try to customize the component. He fiddled around a bit and quickly discovered the customization feaure. To celebrate his success, he proudly announced in a sing-song sort of way, "My pants are fancy!" That cl...
How can I let my child use an app that I bought from the Windows Store?
If you buy an app from the Windows Store, you can make it available to other users on the same Windows PC. This is useful if you, say, buy an app for your child to use. Here's how you do it. (This is all explained on the Windows Store blog, but I've converted it into a step-by-step and updated it for Windows 8.1.) First, sign on as yourself and install the app under your own account. Next, sign on as the child (or whatever other account you want to share the app with), and launch the Store from that second account. In the Store app, go to the top of the screen and hit Account, then My account. From the My ac...
The Softsel Hot List for the week of December 22, 1986
Look at all that stuff people bought.
Setting, clearing, and testing a single bit in an SSE register
Today I'm going to set, clear, and test a single bit in an SSE register. Why? On Mondays I don't have to explain why. First, we use the trick from last time that lets us generate constants where all set bits are contiguous, and apply it to the case where we want only one bit. We start by setting all bits in . We then shift both 64-bit lanes right by 63 positions, putting 1 in each lane. If the bit we want is in the upper half, then we shift the entire value left 8 bytes (64 bits). This clears the bottom 64 bits and leaves the upper 64 bits with all bits set. (Similarly, if the bit we want is in the...
How did protected-mode 16-bit Windows fix up jumps to functions that got discarded?
Commenter Neil presumes that Windows 286 and later simply fixed up the movable entry table with jmp selector:offset instructions once and for all. It could have, but it went one step further. Recall that the point of the movable entry table is to provide a fixed location that always refers to a specific function, no matter where that function happens to be. This was necessary because real mode has no memory manager. But protected mode does have a memory manager. Why not let the memory manager do the work? That is, after all, its job. In protected-mode 16-bit Windows, the movable entry table was ignored....
How can I query the location of the taskbar on secondary monitors?
A customer wanted to know how to get the location of the taskbar on secondary monitors. "I know that will tell me the location of the taskbar on the primary monitor, but how do I get its location on secondary monitors?" We asked the customer what their actual problem is, where they think that determining the taskbar location on secondary monitors is the solution. The customer was kind enough to explain. Our application shows a small window, and sometimes users move it behind the taskbar. They then complain that they can't find it, and they have to move their taskbar out of the way in order to find it again. We...
It's not too late (okay maybe it's too late) to get this gift for the physicist who has everything
A LEGO set to measure Planck's constant.
It rather involved being on the other side of this airtight hatchway: Account vulnerable to Active Directory administrator
A security vulnerability report came in that went something like this: Disclosure of arbitrary data from any user An attacker can obtain arbitrary data from any user by means of the following steps: There's no point continuing, because the first step assumes that you are on the other side of the airtight hatchway. If you have compromised the domain controller, then you control the domain. From there, all the remaining steps are just piling on style points and cranking up the degree of difficulty. A much less roundabout attack is as follows: No, wait, I can make it even easier. You are the dom...
If you set up roaming profiles, you are expected to set up each machine identically, for the most part
A customer discovered the following behavior when they set up roaming user profiles on their domain. Consider two machines, 1 and 2. An application A is installed on machine 1, but not machine 2. A user with a roaming profile logs onto machine 1 and pins application A to the taskbar. That user then logs off of machine 1 and logs onto machine 2. Now things get interesting: The taskbar on machine 2 initially shows a white icon on the taskbar, representing the nonexistent application A. A short time later, that icon vanishes. When the user logs off of machine&n...
When corporate policies meet precision scientific equipment
One of my colleagues used to work as an IT consultant, and one of his clients was a tobacco company. Since they were a tobacco company, the company policy on smoking was "You can smoke anywhere, any time." "Anywhere" includes the labs. The labs with very expensive precision scientific equipment. My colleague told me that this policy meant that the company regularly replaced $50,000 pieces of equipment after only a few months, thanks to smoke damage. But the company couldn't change their smoking policy. Imagine the public relations disaster if a tobacco company had a no-smoking policy! Starting next year, cigar...
Notes on calculating constants in SSE registers
There are a few ways to load constants into SSE registers. Load them from memory. Load them from general purpose registers via . Insert selected bits from general purpose registers via . Try to calculate them in clever ways. Loading constants from memory incurs memory access penalties. Loading or inserting them from general purpose registers incurs cross-domain penalties. So let's see what we can do with clever calculations. The most obvious clever calculations are the ones for setting a register to all zeroes or all ones. These two idioms are special-cased in the processor and execute faster th...
Detecting whether a SID is well-known SID
You might think that the function would tell you whether a SID is well-known, but it doesn't. Rather, it tells you whether a SID exactly matches the well-known SID you specified. For example, you can ask, "Is this the Authenticated Users SID?" or "Is this the Everyone SID?" But you can't ask, "Is this any type of well-known SID?" I guess you could enumerate through all the well-known SIDs, and check if your SID matches any of them, but that's getting kind of ugly. If what you're interested in is whether this is a machine-relative SID (or a domain-relative SID, which is the special case where the machine is ...
What states are possible in a DRAWITEMSTRUCT structure?
The structure has an member which contains a number of bits describing the state of the item being drawn. How do those states map to the underlying control? Most of the states are rather obvious. For a list box item to be selected, it means that the item is part of the selection. But what does selected mean for a button? Since people like tables, I'll put the answer in a table: Okay, now that it's all in a table, how do I read the table? A box is blank if the corresponding flag is not currently used by the control type. (No guarantees about the future.) For example, as of this writing, button controls do ...
If you get a procedure address by ordinal, you had better be absolutely sure it's there, because the failure mode is usually indistinguishable from success
A customer reported that the function was behaving strangely. We have this code in one of our tests: Recently, this test started failing in bizarre ways. When we stepped through the code, we discovered that ends up calling instead of . The first time we try to test , we get stack corruption because has a different function prototype from , and of course on top of that the test fails horribly because it's calling the wrong function! When trying to narrow the problem, we found that the issue began when the test was run against a version of the DLL that was missing the function entirely. The line wa...
The psychology of confirmation, or something, I don't know what to call it
There is probably a name for this phenomenon. I will illustrate it below. "Is there a way to configure the system to do X?" — Go to the Y dialog and select Z. "It doesn't work." — I just tried it. It works for me. I'm using ⟨configuration details⟩. "Thanks. It's working."
Creating double-precision integer multiplication with a quad-precision result from single-precision multiplication with a double-precision result
Suppose you want to multiply two double-word values producing a quad-word result, but your processor supports only single-word multiplication with a double-word result. For concreteness, let's say that your processor supports 32 × 32 → 64 multiplication and you want to implement 64 × 64 → 128 multiplication. (Sound like any processor you know?) Oh boy, let's do some high school algebra. Let's start with unsigned multiplication. Let x = A × 2³² + B and y = C × 2³² + D, where A, B, C, and D are all in the range 0 … 2³² − 1. Each of the multiplications (not counting the power-of-two multiplications) is a 32 × 3...
Killing a window timer prevents the WM_TIMER message from being generated for that timer, but it doesn't retroactively remove ones that were already generated
Calling to cancel a window timer prevents messages from being generated for that timer, even if one is overdue. In other words, give this sequence of operations: no message is ever generated. Even though a timer became due during the , no timer message was generated during the sleep because timer messages are generated on demand, and nobody demanded one. Killing the timer then removes the ability to demand a timer message, and the result is that no message ever appears. In general, this means that once you kill a timer, you will not receive any messages for that timer. Unless you demanded one while ...
If my WM_TIMER handler takes longer than the timer period, will my queue fill up with WM_TIMER messages?
A customer was worried that they may have a problem with their message queue filling with messages. "If my handler takes longer than the timer period, will my queue fill up with messages?" As we should know by now, timer messages are generated on demand: The WM_TIMER message is a low-priority message. The GetMessage and PeekMessage functions post this message only when no other higher-priority messages are in the thread's message queue. Here's the basic algorithm. (I'm ignoring filtering and I'm assuming that messages are removed.) Notice that the generated messages are generated on demand ...
What happens if I don't paint when I get a WM_PAINT message?
Suppose your window procedure doesn't paint when it gets a message. What happens? It depends on how you don't paint. If you have an explicit handler for the message that does nothing but return without painting, then the window manager will turn around and put a new message in your queue. "And try harder this time." Remember that the rules for the message are that the window manager will generate a message for any window that has a dirty region. If you fail to remove the dirty region in your message handler, well, then the rules state that you get another message. (The most common way of clearing the ...
Microspeak: Redlines
To the outside world, redline can mean to mark something for removal, or it could mean the maximum safe speed of an engine. But in the world of Microsoft design, the term redlines (pronounced as if it were written as the two words red lines, but the accent is on the red) refers to a diagram showing the exact position of visual elements. They typically take the form of a proposed screen shot, with arrows and lines superimposed to indicate the distances between items, which items align with each other, and so on. They also contain indications as to the exact colors to use for different elements. Originally the li...
Counting array elements which are below a particular limit value using SSE
Some time ago, we looked at how doing something can be faster than not doing it. That is, we observed the non-classical effect of the branch predictor. I took the branch out of the inner loop, but let's see how much further I can push it. The trick I'll employ today is using SIMD in order to operate on multiple pieces of data simultaneously. Take the original program and replace the function with this one: Now, this program doesn't actually use any parallel operations, but it's our starting point. For each 32-bit value, we load it, compare it agains the boundary value, and accumulate the result. The func...
A user's SID can change, so make sure to check the SID history
It doesn't happen often, but a user's SID can change. For example, when I started at Microsoft, my account was in the SYS-WIN4 domain, which is where all the people on the Windows 95 team were placed. At some point, that domain was retired, and my account moved to the REDMOND domain. We saw some time ago that the format of a user SID is The issuing entity for a local account on a machine is the machine to which the account belongs. The issuing entity for a domain account is the domain. If an account moves between domains, the issuing entity changes, which means that the old SID is not valid. A new SID...
Some light reading on lock-free programming
Today is a holiday in the United States, so I'm going to celebrate by referring you to other things to read. I'm going to start with a presentation by Bruce Dawson at GDC 2009, which is basically multiple instances of the question "Is this code correct?", and the answer is always "No!" Although the title of the talk is Lockless Programming in Games, the information is relevant to pretty much everybody. I can't find a recording of the presentation, but you can download the PowerPoint slides or view them in your browser. But I recommend downloading the PowerPoint slides and reading the notes, because the notes e...
If 16-bit Windows had a single input queue, how did you debug applications on it?
After learning about the bad things that happened if you synchronized your application's input queue with its debugger, commenter kme wonders how debugging worked in 16-bit Windows, since 16-bit Windows didn't have asynchronous input? In 16-bit Windows, all applications shared the same input queue, which means you were permanently in the situation described in the original article, where the application and its debugger (and everything else) shared an input queue and therefore would constantly deadlock. The solution to UI deadlocks is to make sure the debugger doesn't have any UI. At the most basic level, the ...
What is the difference between Full Windows Touch Support and Limited Touch Support?
In the System control panel and in the PC Info section of the PC & Devices section of PC Settings, your device's pen and touch support can be reported in a variety of ways. Here is the matrix: The meaning of No touch and Single touch are clear, but if a device supports multiple touch points, what makes the system report it as having Limited versus Full touch support? A device with Full touch support is one that has passed Touch Hardware Quality Assurance (THQA). You can read about the Windows Touch Test Lab (WTTL) to see some of the requirements for full touch support. If you have a touch device without ...
The crazy world of stripping diacritics
Today's Little Program strips diacritics from a Unicode string. Why? Hey, I said that Little Programs require little to no motivation. It might come in handy in a spam filter, since it was popular, at least for a time, to put random accent marks on spam subject lines in order to sneak past keyword filters. (It doesn't seem to be popular any more.) This is basically a C-ization of the C# code originally written by Michael Kaplan. Don't forget to read the follow-up discussion that notes that this can result in strange results. First, let's create our dialog box. Note that I intentionally give it a huge font ...
Is it wrong to call SHFileOperation from a service? Revised
My initial reaction to this question was to say, "I don't know if I'd call it wrong, but I'd call it highly inadvisable." I'd like to revise my guidance. It's flat-out wrong, at least in the case where you call it while impersonating. The registry key is bound to the current user at the time the key is first accessed by a process: The mapping between HKEY_CURRENT_USER and HKEY_USERS is per process and is established the first time the process references HKEY_CURRENT_USER. The mapping is based on the security context of the first thread to reference HKEY_CURRENT_USER. If this security context does not have a...
A library loaded via LOAD_LIBRARY_AS_DATAFILE (or similar flags) doesn't get to play in any reindeer module games
If you load a library with the flag, then it isn't really loaded in any normal sense. In fact, it's kept completely off the books. If you load a library with the , , or flag (or any similar flag added in the future), then the library gets mapped into the process address space, but it is not a true module. Functions like , , and will not see the library, because it was never entered into the database of loaded modules. These "load library as..." flags don't actually load the library in any meaningful sense. They just take the file and map it into memory manually without updating any module tracking databases...
Distinguishing between normative and positive statements to help people answer your question
Often, we get questions from a customer that use the word should in an ambiguous way: Our program creates a widget whose flux capacitor should have reverse polarity. Attached is a sample program that shows how we create the widget with . However, the resulting widget still has a flux capacitor with standard polarity. Can you help us? The phrase should have reverse polarity is ambiguous. The question could be We would like to create a widget whose flux capacitor has reverse polarity. Attached is a sample program that shows how to create a widget whose flux capacitor has standard polarity. How should we modify...
File version information does not appear in the property sheet for some files
A customer reported that file version information does not appear on the Details page of the property sheet which appears when you right-click the file and select Properties. They reported that the problem began in Windows 7. The reason that the file version information was not appearing is that the file's extension was . Older versions of Windows attempted to extract file version information for all files regardless of type. I believe it was Windows Vista that changed this behavior and extracted version information only for known file types for Win32 modules, specifically , , , , , and . If the file's ex...
How do I enumerate drives the same way that the NET USE command does?
If you use the Remote Desktop Connection client to connect to another computer, you have the option of making your local drives available to the remote computer. A customer wanted to know how to enumerate all the drives on the local machine. The were able to get the volumes mapped to drive letters, but they also wanted to get the redirected drives injected by Terminal Services. (Mind you, these aren't volumes that are assigned drive letters, so it's not clear why they are interested in them, but whatever.) With the command, they see the Terminal Services volumes in Explorer, and they can be browsed via : ...
How to view the stack of a user-mode thread when its kernel stack has been paged out
Suppose you have a machine that has crashed, and your investigation shows that the reason is that there is a critical section that everybody is waiting for. While waiting for that critical section, work piles up, and eventually the machine keels over. Suppose further that this crash is given to you in the form of a kernel debugger. In case it wasn't obvious, by "you" I mean "me". Okay, so the critical section that is the cause of the logjam is this one: "Great," you say. "I just need to look at thread 0x4228 to see why it is stuck. Woo-hoo, there's the thread. Now I just need to switch to its context ...
When does GetTickCount consider the system to have started?
The and functions return "the number of milliseconds that have elapsed since the system was started." (The 32-bit version wraps around after around 50 days.) But when exactly is the system considered to have started? Is it when power is applied to the computer? When the BIOS completes POST? When the user picks the operating system from the boot menu? When the kernel switches to protected mode? It isn't defined exactly when the timer starts. Because that's not its purpose. The purpose of is to let you measure intervals of time. It provides a common clock source so that multiple components can coordinate their...
How can I wait until all startup applications have finished launching?
A customer wanted to know how to detect that all startup applications have finished launching. They wanted to wait until everything settled down before proceeding with some task. What if two programs did this? Suppose two programs both wanted to detect that all startup applications have finished launching. Each one would sit there waiting for the other, because this is one of those I want to be the last to do something, even laster than the other guy who wants to do something last things. If you want to wait until the system is idle to perform some task, you can use the Task Scheduler to create an idle-time t...
A little cheat in my Tiger Beat photo homage
One thing nobody has called out in my tribute to the Bill Gates Tiger Beat photo, either because it was too subtle or too obvious, is that the photo is actually a mirror image. The arrangement of furniture in the room was not correct: The big table was on the wrong side of the room. It was also too heavy to move around, so we cheated. We staged the entire picture as a mirror image, flipping the Windows screen shot. And then back in the virtual darkroom, Ariel flipped the photo to put the furniture on the correct side of the photo. Here are the clues in the photo: Chatter: The day after I put this article in...
Kicking around a function that formats stuff
Today's "Little Program" is really a "Little Puzzle" that got out of hand. This started out as a practical question: This code fragment screams out for some sort of simplification. (I've changed the names of the classes.) Clearly, the pattern is Everything here is pretty straightforward, except for the part. Can we write a function that takes a and formats it in a somewhat flexible manner? Let's start with the -and- cases. We might try something like this: But then we'd run into trouble, because there is no constraint on , so the compiler will complain, "I don't know how to get a or a from an ."...
Why does an attempt to create a SysLink control in my plug-in sometimes fail?
A customer had written a plug-in for some application, and they found that their plug-in was unable to create a SysLink control via the function. The same code in a standalone application works fine, but when the code is placed in their plug-in, the code fails. Debugging showed that the call to succeeded, but the call failed with "Cannot find window class." The customer is another victim of not keeping their eye on the activation context. They attached a manifest to their DLL so that the call to maps to the version of the common controls library that supports the SysLink control. But they did nothing to e...
Raymond, why did you stop studying Chinese? It has no grammar!
It does; you just don't realize it.
How do I get a handle to the primary monitor?
There are various ways of getting a monitor. You can get the monitor from a point, from a rectangle, or from a window. But how do you get the primary monitor? The primary monitor is defined to be the one which has (0, 0) as its origin. Therefore, one solution is The desktop window by convention is deemed to reside primarily on the primary monitor, so you could also use this: Or you could just pass the null window handle. This is technically an illegal parameter, but by specifying , you are saying, "If anything goes wrong, give me the primary monitor." In this case, we are intentionally going astray b...
Passing the incorrect object type for a handle, how bad is it?
A customer asked a somewhat strange question: "We are calling but passing the handle to a waitable timer. Application Verifier reports, "Incorrect object type for handle." But the code works well. We want to know the risks of passing the wrong object type to . Is the recommendation only to pass handles of type "Event" to ? Let's answer those questions in reverse order. Yes, the recommendation is only to pass handles of type "Event" to , just as the recommendation is only to pass handles of type "Semaphore" to , and more generally, only to pass valid parameters to functions. What is the risk of passing the wro...
Microspeak: Line of sight
I first encountered this term in a meeting I attended. Q: We would like to be able to reverse the polarity of the neutron flow without requiring a reboot. A: Yes, that is something we've been thinking about, but we don't have line of sight to having that feature before the end of the month. From context, having line of sight to a result means something like "Have made it part of our immediate plans to achieve that result." This appears to be extending the idiom on the horizon. Literally, something on the horizon. is at the edge of what can be seen. Figuratively, then, something that is on the horizon is a...
Applying a filter to the contents of an Explorer Browser
Today's Little Program hosts an Explorer Browser but filters the contents to remove DLL files. You can, of course, substitute your own filter. (For example, maybe you want to show only files that changed since the last time the user ran your program, or you might want a view of My Computer but filtered to show only removable drives.) Remember that Little Programs do little to no error checking, and they don't necessarily demonstrate the best programming style. They're just quick demonstrations. Today's smart pointer library is… (rolls dice) … WRL! Start with our minimal explorer browser progra...
The case of the file that won't copy because of an Invalid Handle error message
A customer reported that they had a file that was "haunted" on their machine: Explorer was unable to copy the file. If you did a copy/paste, the copy dialog displayed an error. Okay, time to roll up your sleeves and get to work. This investigation took several hours, but you'll be able to read it in ten minutes because I'm deleting all the dead ends and red herrings, and because I'm skipping over a lot of horrible grunt work, like tracing a variable in memory backward in time to see where it came from.¹ The Invalid file handle error was most likely coming from the error code . Some tracing of ha...
Why is the FAT driver called FASTFAT? Why would anybody ever write SLOWFAT?
Anon is interested in why the FAT driver is called FASTFAT.SYS. "Was there an earlier slower FAT driver? What could you possibly get so wrong with a FAT implementation that it needed to be chucked out?" The old FAT driver probably had a boring name like, um, FAT.SYS. At some point, somebody decided to write a newer, faster one, so they called it FASTFAT. And the name stuck. As for what you could possibly get so wrong with a FAT implementation that it needed to be improved: Remember that circumstances change over time. A design that works well under one set of conditions may start to buckle when placed under al...
The contents of the Start page are not programmatically accessible
A customer wanted to know if is possible for an application to edit the user's Start page. No, there is no interface for editing the user's Start page or even knowing what is on it. The Start page is the user's personal space and applications should not be messing with it. Imagine if it were possible. Every application would edit the Start page to put themselves at the front! It turns out that the customer wanted their application to make some changes to the user's Start page when it was installed. Specifically, they wanted to hunt down tiles belonging to their competitors and delete them, then insert a tile f...
A question about preventing the system from going to the idle state turns out to be misguided
A customer asked how they could have their program prevent the system from going to the idle state. Specifically, when the system goes idle, the application gets into a weird state where it starts leaking memory like crazy. The program normally uses around 100MB of memory, but when the system goes idle, something funky happens and the program's memory usage shoots up to 4GB. To avoid this problem, they want to prevent the system from entering the idle state. Now, if your application is a special-purpose program running on a dedicated computer, then blocking the entry into the idle state might be acceptable. Aft...
Enumerating the ways of distributing n balls into k boxes
Suppose you had n indistinguishable balls and k distinguishable boxes. Enumerate the ways of distributing the balls into boxes. Some boxes may be empty. We can represent each distribution in the form of n stars and k − 1 vertical lines. The stars represent balls, and the vertical lines divide the balls into boxes. For example, here are the possible distributions for n = 3, k = 3: This visualization is known in combinatorics circles as stars and bars. From this visualization, we see that what we are doing is taking n + k − 1 slots, and in each slot placing a star or a bar, subject to the const...
Debugging a hang: Chasing the wait chain inside a process
Today we're going to debug a hang. Here are some of the (redacted) stacks of the process. I left some red herrings and other frustrations. Since debugging is an exercise in optimism, let's ignore the stacks that didn't come out properly. If we can't make any headway, we can try to fix them, but let's be hopeful that the stacks that are good will provide enough information. Generally speaking, the deeper the stack, the more interesting it is, because uninteresting threads tend to be hanging out in their message loop or event loop, whereas interesting threads are busy doing something and have a complex stack ...
How can I detect programmatically whether the /3GB switch is enabled?
A customer was doing some diagnostic work and wanted a way to detect whether the switch was enabled. (Remember that the switch is meaningful only for 32-bit versions of Windows.) The way to detect the setting is to call and look at the . Compile this as a 32-bit program and run it. On 32-bit systems, this reports the system-wide setting that specifies the maximum user-mode address space, regardless of how your application is marked. Note, however, that your application must be marked in order to take advantage of the space above 2GB. On the other hand, when you run a 32-bit application on 64-bit Wi...
How do I disable Windows 8 touch contact visualizations for my application?
You might have an application (like a game) where the default touch contact visualizations are a distraction. In WinRT, you can disable the contact visualizations by simply saying In Win32, you use the function. To demonstrate that, let's take our scratch program and make this simple change: The touch visualizations are white and the default window color is white, so the visualizations are hard to see in the scratch program. Let's change the color to something that the visualizations will be more visible against. Run the program, and you'll see that if you touch the window and drag your finger around,...
The great thing about regular expression languages is that there are so many to choose from!
Before you ask a question about regular expressions, you should make sure you and your audience agree on which regular expression language you are talking about. Here is a handy table of which features are supported by which regular expression language. You can use that table to solve this customer's problem: I have a regular expression that works just fine when I test it in ⟨insert regular expression testing tool, like RegExr or RegexPlanet⟩, but I can't get it to work in real life. My goal is to find all lines that contain an not followed anywhere by a .
Scripting an Internet Explorer window
Today's Little Program takes a random walk through MSDN by starting at the page and randomly clicking links. The exercise is not as important as the technique it demonstrates. (I'm assuming the reader can figure out what language this script is written in. If you have to ask, then you probably won't understand this article at all. I am also not concerned with random number bias because Little Program.) To talk a random walk through MSDN, we ask for all the links in the element. Note that I'm taking an undocumented dependency on the structure of MSDN pages. This structure has changed in the past, so be awa...
When are global objects constructed and destructed by Visual C++?
Today we're going to fill in the following chart: The C++ language specification provides some leeway to implementations on when global static objects are constructed. It can construct the object before begins, or it construct the object on demand according to complicated rules. You can read [basic.start.init] for the gory details. Let's assume for the sake of discussion that global static objects are constructed before begins. For global objects in the EXE, constructing them is no big deal because the C runtime startup code linked into the EXE does a bunch of preparation before calling the formal entry...
If only DLLs can get DllMain notifications, how can an EXE receive a notification when a thread is created (for example)?
When a DLL is loaded, it receives a notification, and when it is unloaded (or when the process terminates), it gets a notification. DLLs also receive notifications when a thread is created and notifications when a thread exits. But what if you are an EXE? EXEs don't have a , so there is no way to receive these notifications. The trick here is to hire a lackey. Create a helper DLL, called, say, . Your EXE links to the lackey, and the lackey's job is to forward all notifications back to your EXE. The DLL would naturally have to have a way for your EXE to provide the callback address, so you might have a f...
The GetCurrentThread function is like a check payable to Bearer: What it means depends on who's holding it
The function returns a pseudo-handle to the current thread. The documentation goes into significant detail on what this means, but I fear that it may have fallen into the trap of providing so much documentation that people decide to skip it. Okay, so first of all, what is a pseudo-handle? a pseudo-handle is a sentinel value for that is not really a handle, but it can act like one. The pseudo-handle returned by means, "The thread that this code is running on." Note that this is a context-sensitive proposition. All the text in MSDN is explaining the consequences of that sentence. In a sense, the functi...
Is there a way to disable a specific balloon notification without disabling all of them?
There is a group policy called Turn off all balloon notifications, but what if you want to turn off only one specific notification? The taskbar does not offer fine-grained policy control over balloon notifications. All you have is the giant sledgehammer that turns off all of them. If there is a specific balloon you want to disable, you have to check with the specific program that is raising them, or the specific product feature, to see if it offers a way to turn the balloon off. For example, there is a setting to disable the low disk space checks and another one to disable notifications that tell you when you...
Enumerating notification icons via UI Automation
Walking the tree.
Some parts of an interface can change but others can't
When I wrote about asking the compiler to answer calling convention questions, some people were concerned about whether this was a reliable mechanism or whether it was relying on something that can change in the future. This is a special case of the question, "What parts of an interface can change, and what can't?" And it all boils down to compile-time versus run-time. Assuming you are interested in binary compatibility (as opposed to merely source compatibility), then a decision made at compile-time can never be changed because the decision is already hard-coded into the application. For example, if you ha...
Why is there a 64KB no-man's land near the end of the user-mode address space?
We learned some time ago that there is a 64KB no-man's land near the 2GB boundary to accommodate a quirk of the Alpha AXP processor architecture. But that's not the only reason why it's there. The no-man's land near the 2GB boundary is useful even on x86 processors because it simplifies parameter validation at the boundary between user mode and kernel mode by taking out a special case. If the 64KB zone did not exist, then somebody could pass a buffer that straddles the 2GB boundary, and the kernel mode validation layer would have to detect that unusual condition and reject the buffer. By having a guaranteed in...
Standard handles are really meant for single-threaded programs
When I discussed the conventions for managing standard handles, Sven2 noted that I implied that you need to call with a new handle if you close the current handle and asked "Wouldn't it make more sense to call it the other way round? I.e., first set the new handle, then close the old one? It would ensure that any other thread that runs in parallel won't get an invalid handle." Yes, that would make more sense, but only by a little bit. If you have one thread changing a standard handle at the same time another thread tries to use it, you still have the race condition, as Cesar noted, where the thread that gets ...
Microspeak: All-up
In other words: All-inclusive.
Enumerating cyclical decompositions with Stirling numbers
This whole enumeration nightmare-miniseries started off with Stirling numbers of the second kind. But what about Stirling numbers of the first kind? Those things ain't gonna enumerate themselves! The traditional formulation of the recursion for Stirling numbers of the first kind (unsigned version, since it's hard to enumerate negative numbers) goes like this: c(n + 1, k) = n · c(n, k) + c(n, k − 1). although it is more convenient from a programming standpoint to rewrite it as c(n, k) = (n − 1) · c(n − 1, k) + c(n − 1, k − 1). The Wikipedia article explains ...
Why is 0x00400000 the default base address for an executable?
Rewind to 1987.
In the red corner, EXCEPTION_INT_DIVIDE_BY_ZERO and STATUS_INTEGER_DIVIDE_BY_ZERO; and in the blue corner, EXCEPTION_INT_OVERFLOW and STATUS_INTEGER_OVERFLOW
The exception code (and its doppelgänger ) is raised, naturally enough, when the denominator of an integer division is zero. The x86 and x64 processors also raise this exception when you divide by , or more generally, when the result of a division does not fit in the destination. The division instructions for those processors take a 2N-bit dividend and an N-bit divisor, and they produce N-bit quotient and remainder. Values of N can be 8, 16, and 32; the 64-bit processors also support 64. And the division can be signed or unsigned. Therefore, you can get this exception if you try to divide, say, 2³&s...
You can name your car, and you can name your kernel objects, but there is a qualitative difference between the two
A customer reported that the appeared to be unreliable. We have two threads, one that waits on an event and the other that signals the event. But we found that sometimes, signaling the event does not wake up the waiting thread. We have to signal it twice. What are the conditions under which will ignore a signal? // cleanup and error checking elided for expository purposes void Thread1() { // Create an auto-reset event, initially unsignaled HANDLE eventHandle = CreateEvent(NULL, FALSE, FALSE, TEXT("MyEvent")); // Kick off the background thread and give it the handle CreateThread(..., Thread2, event...
Why does misdetected Unicode text tend to show up as Chinese characters?
Do the math.
Simulating media controller buttons like Play and Pause
Today's Little Program simulates pressing the Play/Pause button on your fancy keyboard. This might be useful if you want to write a program that converts some other input (say, gesture detection) into media controller events. One way of doing this is to take advantage of the function, since the default behavior for the message is to pass the message up the parent chain, and if it still can't find a handler, it hands the message to the shell for global processing. Remember, don't fumble around. If you want to send a message to a window, then send a message to a window. Don't broadcast a message to every wi...
Marshaling won't get in your way if it isn't needed
I left an exercise at the end of last week's article: "Why is the error raised only sometimes?" COM subscribes to the principle that if no marshaling is needed, then an interface pointer points directly at the object with no COM code in between. If the current thread is running in a single-threaded apartment, and it creates a COM object with thread affinity (also known as an "apartment-model object"; yes, the name is confusing), then the thread gets a pointer directly to the object. When you call , you are calling directly into the implementation provided by the object. This principle has its pluses and mi...
If a process crashes while holding a mutex, why is its ownership magically transferred to another process?
A customer was observing strange mutex ownership behavior. They had two processes that used a mutex to coordinate access to some shared resource. When the first process crashed while owning the mutex, they found that the second process somehow magically gained ownership of that mutex. Specifically, when the first process crashed, the second process could take the mutex, but when it released the mutex, the mutex was still not released. They discovered that in order to release the mutex, the second process had to call twice. It's as if the claim on the mutex from the crashed process was secretly transferred to th...
What is the story of the mysterious DS_RECURSE dialog style?
There are a few references to the dialog style scattered throughout MSDN, and they are all of the form "Don't use it." But if you look in your copy of , there is no sign of anywhere. This obviously makes it trivial to avoid using it because you couldn't use it even if you wanted it, seeing as it doesn't exist. "Do not push the red button on the control panel!" — There is no red button on the control panel. "Well, that makes it easy not to push it." As with many of these types of stories, the answer is rather mundane. When nested dialogs were added to Windows 95, the flag to indicate that a dial...
The grand ambition of giving your project the code name Highlander
There can be only one, but will it be you?
Receiving a notification any time the selection changes in an Explorer window
Today's Little Program merely prints a message whenever the user changes the selection on the desktop. I chose the desktop for expediency, since it saves me the trouble of coming up with a way for the user to specify which Explorer window they want to track. Also, all I do is print a message saying "Selection changed!"; actually getting the selection was covered earlier in both C++ and script. Remember that Little Programs do little to no error checking. Our simply prints the message whenever it receives a event. Sure, this program isn't useful on its own, but you can incorporate into a program that ...
I marked my parameter as [optional], so why do I get an RPC error when I pass NULL?
Not that kind of optional.
The stream pointer position in IDataObject::GetData and IDataObject::GetDataHere is significant
An oft-overlooked detail of the and methods is the position of the stream pointer when the result is a stream. These rules are buried in the documentation, so I'm going to call them out louder. Let's look at first. If returns a stream, then the stream pointer must be positioned at the end of the stream before the stream is returned. In other words, the last thing you do before returning the stream is seek it to the end. The contents of the data object are assumed to extend from the start of the stream to the stream's position as returned by . (And no, I don't know why this rule exists.) I messed this ...
The citizenship test is pass/fail; there’s no blue ribbon for acing it
Six out of ten is all you need.
Poor man's comments: Inserting text that has no effect into a configuration file
Consider a program which has a configuration file, but the configuration file format does not have provisions for comments. Maybe the program has a "list of authorized users", where each line takes the form or , where is a group or user. For example, suppose we have that goes like this: This is the sort of file that can really use comments because people are going to want to know things like "Why does Bob have access?" One way of doing this is to embed the comments in the configuration file in a way that has no net effect. You can do this to add separator lines, too. Assuming that you don't have any u...
Microspeak: spend
Remember, Microspeak is not merely for jargon exclusive to Microsoft, but it's jargon you need to know. We don't encounter the term spend much in the engineering side of the company, but it's in common use among those who regularly deal with money and budgets. We are in line with company standards with regard to spend for this type of event. Q4 spend will be higher as a result of widget recolorization. Our corresponding spend will increase significantly if we adopt this proposal. From the above citations, it is apparent that the word spend is shorthand for expenditure. And then there's this citation: I'...
Enumerating all the ways of making change
Today's Little Program enumerates all the ways of making change for a particular amount given a set of available denominations. The algorithm is straightforward. To make change for a specific amount from a set of available denominations, you can take one denomination and decide how many of those you want to use. Then use the remaining denominations to make change for the remainder. For example, if the available coins have values [1, 5, 10, 25] and you want to make change for 60 cents, you first decide how many 25-cent pieces you want to use. If you use none, then you need to make change for 60 cents using ju...
What did Windows 3.1 do when you hit Ctrl+Alt+Del?
Figuring out what is messed up.
A lie repeated often enough becomes the truth: The continuing saga of the Windows 3.1 blue screen of death (which, by the way, was never called that)
Not quite Truthiness, but getting close.
The history of Win32 critical sections so far
The structure has gone through a lot of changes since its introduction back oh so many decades ago. The amazing thing is that as long as you stick to the documented API, your code is completely unaffected. Initially, the critical section object had an owner field to keep track of which thread entered the critical section, if any. It also had a lock count to keep track of how many times the owner thread entered the critical section, so that the critical section would be released when the matching number of calls was made. And there was an auto-reset event used to manage contention. We'll look more at that eve...
I wrote the original blue screen of death, sort of
It was blue, but it wasn't completely deadly.
Steve Ballmer did not write the text for the blue screen of death
Mixing up different dialog screens, all blue in color.
The wisdom of seventh graders: The emergency survival kit
As a precursor to reading a story about survival, seventh grade students were asked to come up with a list of things they would want to have in their emergency survival kit. Students were specifically instructed to limit themselves to things that were readily available (so no Apache helicopters), and the complete kit had to be something you could comfortably carry in a student backpack. As always, there are students who chose a very sensible collection of things to put in their emergency survival kit: water purification tablets, a flashlight (with batteries), a first-aid kit. Those students are not the subject ...
Piping to notepad
In honor of NotepadConf's new KickStarter video, today's Little Program takes its stdin and puts it in a Notepad window. The comments pretty much lay out the steps. The part that may not be obvious is the part that deals with UI Automation: We take the main Notepad window, then ask UI Automation to find Document element inside it. From that element, we extract the window handle, then drop to Win32 and send a message to jam the text into the Notepad window. If you save this program under the name , then you can do and it will open a Notepad window with a directory listing inside it. Change one line...
You can use a file as a synchronization object, too
A customer was looking for a synchronization object that had the following properties: Can be placed in a memory-mapped file. Can be used by multiple processes simultaneously. Bonus if it can even be used by different machines simultaneously. Does not leak resources if the file is deleted. It turns out there is already a synchronization object for this, and you've been staring at it the whole time: The file. File locking is a very old feature that most people consider old and busted because it's just one of those dorky things designed for those clunky database systems that use tape drives like they hav...
Aha, I have found a flaw in the logic to detect whether my program is running on 64-bit Windows
Some time ago, I described how to detect programmatically whether you are running on 64-bit Windows, and one of the steps of the algorithm was "If you are a 64-bit program, then you are running on 64-bit Windows, because 32-bit Windows cannot run 64-bit programs." Every so often, somebody will claim that they found a flaw in this logic: "This algorithm may work today, but it assumes that the only version of Windows that can run 64-bit applications is 64-bit Windows. What if a future non-64-bit version of version of Windows runs 64-bit applications? Then your algorithm will incorrectly say that it is running on...
Why does the timestamp of a file increase by up to 2 seconds when I copy it to a USB thumb drive?
We saw some time ago that the FAT file system records timestamps in local time to only two-second resolution. This means that copying a file to a FAT-formatted device (typically a floppy drive or a USB thumb drive) can increase the timestamp by up two seconds. And even after the file is copied, the timestamp is not stable. The timestamp changes depending on the time zone employed by the computer that accesses the drive. In particular, if you are in a part of the world which changes clocks during the summer, then the timestamp on the file moves by an hour every spring and then moves in the opposite direction ev...
Who wrote the text for the Ctrl+Alt+Del dialog in Windows 3.1?
Steve.
It’s a trap! Employment documents that require you to violate company policy
Required to commit actions that are grounds for termination.
How can I detect that a user's SID has changed and recover their old data?
A customer maintained a database which recorded information per user. The information in the database is keyed by the user's SID. This works out great most of the time, but there are cases in which a user's SID can change. "Wait, I thought SIDs don't change." While it's true that SIDs don't change, it is also true that the SID associated with a user can change. Since SIDs encode the domain to which they belong, a user which moves from one domain to another within an organization, will need to be assigned a new SID. But wait, does that mean that the user lost access to all their stuff? After all, all their stu...
Taking advantage of the fact that the handle returned when you create a kernel synchronization object has full access regardless of the actual ACL
A customer wanted some help deciding what security attributes to place on an event object intended to be used by multiple security contexts. We have two processes, call them A and B, running in different security contexts. I have an event that process A creates and shares with process B. The only thing process A does with the event is signal it, and the only thing process B does with the event is wait on it. Our question is what ACLs you recommend for the event. For now, we're using O:BAD:(A;;GR;;;WD)(A;;GA;;;LS)(A;;GA;;;BA). (In case it matters, process A is usually running as a service with Local System priv...
Where does the Installed Updates control panel get the install date from?
A corporate customer wanted to know where the Installed Updates control panel gets the Installed On information from, because they found that the values were always set to the current date regardless of when the update was actually installed. The algorithm goes roughly like this: First, ask MSI what date the update was installed by calling and asking for the . If that doesn't work, then go to the registry key under and look for a value called (surprise) . (Note that 32-bit updates on 64-bit machines will be redirected into a key.) If that still doesn't work, then it's time to guess: Windows XP uses th...
It's time we face reality, my friends: We're not rocket scientists
During the development of Windows 95, it was common for team members to pay visits to other teams to touch base and let them know what's been happening on the Windows 95 side of the project. It was during one of these informal visits that the one of my colleagues reported that he saw that one of the members of the partner team had a Gary Larson cartoon from The Far Side depicting a group of scientists studying a multi-stage rocket ship they just assembled, but the stages are connected all crooked. One of the scientists says, "It's time we face reality, my friends. … We're not exactly rocket s...
How do I read the "Double-click to open an item (single-click to select)" setting in Folder Options?
Today's Little Program reports whether the Double-click to open an item (single-click to select) option is selected in the Folder Options dialog. A customer wanted to know how to do this, presumably so that their program would respect the setting and adjust its user interface to match. The flag and member name is kind of weird. The ability to single-click to open an item was introduced as part of the Windows Desktop Update which came with Internet Explorer 4. This update made Explorer more Web-like, with single-click to activate and underlines appearing on hover. (This was back in the day when making eve...
Dispelling the myths, rumors, and innuendo surrounding the QueryPerformanceCounter function
The function has been the subject of much rumor and innuendo. In response to all the confusion, the kernel folks put together a page which tries to settle the controversy once and for all. It discusses the history of QPC over the ages, the problems it had on earlier versions of Windows or older firmware (which is probably where a lot of the myths started), its interaction with hypervisors, offers guidance on how to use it and its alternatives, and includes a very nice Q&A.
Why does the OpenThread function behave differently when the target thread belongs to another process?
A customer discovered strange behavior in the function and wondered whether it was expected. We use the function to obtain a thread handle with , passing in a valid thread ID. We later pass this handle to to get the thread exit code. We have found that the function succeeds if the thread in question belongs to another process, provided the thread is still running (has not yet exited). On the other hand, if the thread belongs to our own process, then the call always succeeds regardless of whether the thread is running or not. Is this expected behavior? And can we assume that if fails with , then it means that...
Some reasons not to do anything scary in your DllMain, part 3
In the same week, the shell team was asked to investigate two failures. The first one was a deadlock in Explorer. The participating threads look like this: The shell extension caused this problem because it ignored the rule against calling shell and COM functions from the entry point, as specifically called out in the documentation as examples of functions that should not be called. The authors of this shell extension may never have caught this problem in their internal testing (or if they did they didn't understand what it meant) because hitting this deadlock requires that a race window be hit: The shell ...
If you're looking for the code that displays a particular dialog box, the most directly way to find it is to look for the dialog box
Suppose you are working in a large or unfamiliar code base and you want to know where the code is that displays a particular dialog box or message box or something. Probably the most direct way of figuring this out is to look for the strings. Say there is a message box that asks for user confirmation. "Are you sure you want to frobulate the flux capacitor?" Search for that string in your source code. It will probably be in a resource file. Great, now you have the string ID for that message. You can perform a second search for that ID. If the thing you are searching for is a dialog box or menu item, then ...
My friend and his buddy invented the online shopping cart back in 1994
Back in 1994 or so, my friend helped out his buddy who worked as the IT department for a local Seattle company known as Sub Pop Records. Here's what their Web site looked like back then. Oh, and in case you were wondering, when I said that his buddy worked as the IT department, I mean that the IT department consisted of one guy, namely him. And this wasn't even his real job. His main job was as their payroll guy; he just did their IT because he happened to know a little bit about computers. (If you asked him, he'd say that his main job was as a band member in Earth.) The mission was to make it possible for fan...
News flash: Big houses cost more to maintain
In 2005, we learned that big houses cost more to heat. In 2006, we learned that big houses cost more to cool. But then the research into big houses seems to have stalled. No worries. The research journal The Wall Street Journal recently released a paper concluding that big houses cost more to maintain.
Deleting elements from an JavaScript array and closing up the gaps
Today's Little Program is an exercise that solves the following problem: Given a JavaScript array and an unsorted array (possibly containing duplicates), calculate the result of deleting all of the elements from the original array as specified by the indices. For example, suppose and . The indices specify that elements 2 (charles), 4 (eve), 2 (charles again, redundant), and 0 (alice) should be deleted from the array, leaving bob and david. Now, if you had to delete only one element from the array, it is pretty simple: The trick with removing multiple elements is that deleting one element shifts th...
The scope of the C# checked/unchecked keyword is static, not dynamic
C# has operators and to control the behavior of the language in the face of integer overflow. There are also and statements which apply the behavior to blocks of statements rather than single expressions. Why, then, doesn't this code below raise an overflow exception? (Mini-exercise: Why couldn't I have just written ?) The answer is that the scope of the or keyword is static, not dynamic. Whether a particular arithmetic is checked or unchecked is determined at compile time, not at run time. Since the multiplication in the function is not explicitly marked checked or unchecked, uses the overflow co...
Customers not getting the widgets they paid for if they click too fast -or- In C#, the += operator is not merely not guaranteed to be atomic, it is guaranteed not to be atomic
In the C# language, operation/assignment such as are explicitly not atomic. But you already knew this, at least for properties. Recall that properties are syntactic sugar for method calls. A property declaration is internally converted to the equivalent of Accessing a property is similarly transformed. Note that the only operations you can provide for properties are and . There is no way of customizing any other operations, like . Therefore, if you write the compiler has no choice but to convert it to If all you have is a hammer, everything needs to be converted to a nail. Since the read and w...
Keep your eye on the code page: C# edition (the mysterious third code page)
A customer was having trouble manipulating the console from a C# program: We found that C# can read only ASCII data from the console. If we try to read non-ASCII data, we get garbage. Observe that this program is unable to read the Å and ö characters. They come back as garbage. Although there are three code pages that have special treatment in Windows, the CLR gives access to only two of them via . CharSet.Ansi = CP_ACP CharSet.Unicode = Unicode (which in Windows means UTF16-LE unless otherwise indicated). Unfortunately, the console traditionally uses the OEM code page. Since the ...
Keep your eye on the code page: C# edition (warning about DllImport)
Often, we receive problem reports from customers who failed to keep their eye on the code page. Does the function support files with non-ASCII characters in their names? We find that the function either fails outright or returns question marks when asked to provide information for files with non-ASCII characters in their name. If we ask for the display name, the function fails even though the file does exist. If we also pass the flag to force the system to act as if the file existed, then it returns the file name but with question marks where the non-ASCII characters should be. The function supports ...
Revival of the Daleks: Act One, Scene One
In 2009, a group of volunteers on a routine cleanup of a pond in Hampshire, England discovered a Dalek. (Later in the episode, the story may introduce a scientist who is thawing out a 30,000-year-old-virus.)
If you want to set a thread's apartment model via Thread.CurrentThread.ApartmentState, you need to act quickly
Welcome to CLR Week 2014. Don't worry, it'll be over in a few days. A customer wanted to know why their was displaying the infamous Current thread must be set to single thread apartment (STA) mode before OLE calls can be made error. "Even though we set the to , the apartment state is still . Curiously, if we put the above code in a standalone test program, it works fine." The problem is that the customer is changing the apartment state too late. On the first call to unmanaged code, the runtime calls CoInitializeEx to initialize the COM apartment as either an MTA or an STA apartment. You can...
The case of the orphaned LpdrLoaderLock critical section
A customer found that under heavy load, their application would occasionally hang. Debugging the hang shows that everybody was waiting for the critical section. The catch was that the critical section was reported as locked, but the owner thread did not exist. How can a critical section be owned by thread that no longer exists? There are two ways this can happen. One is that there is a bug in the code that manages the critical section such that there is some code path that takes the critical section but forgets to release it. This is unlikely to be the case for the loader lock (since a lot of really smart ...
The latest technologies in plaintext editing: NotepadConf
On November 13, 2014 November 14, 2014, Saint Paul, Minnesota will be the home to NotepadConf, which bills itself as "the premier technology conference for Notepad.exe users and text enthusiasts." I'm still not sure whom Microsoft will send to the conference, but maybe that person could give a talk on how you can use Notepad to take down the entire Internet. Update: The conference has been rescheduled to Friday the 14th.
Since clean-up functions can't fail, you have to soldier on
Clean-up functions can't fail, so what do you do if you encounter a failure in your clean-up function? You have to keep cleaning up. Some people like to follow this pattern for error checking: And some like to put it inside a cute flow control macro like or even Whatever floats your boat. But you have to be careful if using this pattern in a clean-up function, because you might end up not actually cleaning up. For example: What if there is an error disconnecting the doodad? (Maybe you got because the doodad lives on a remote server which crashed.) The cleanup code treats this as an error and...
Why does Explorer say "File too large" for my custom file system, when the problem has nothing to do with the file being too large (heck it's not even a file)
When Explorer copies files around, it doesn't really know what the maximum file size supported by any file system happens to be. (That information is not reported by .) So it guesses. If the file system name is or , then Explorer assumes that the maximum file size is 4GB − 1. Also, if a file operation fails with the error , and Explorer can't figure out why the parameter is invalid, it assumes that the reason is that the file has exceeded the maximum allowed file size. Why does Explorer map "invalid parameter" to "file size too large"? Because some file systems use to report that a file is too large in...
Microspeak: 1 – 1 is not zero
In his reddit AMA, Joe Belfiore wrote i have regular 1-1 meetings with my counterparts in Office, Skype, Xbox. The little bit of jargon there is 1-1 meeting. This is an abbreviation for one-on-one meeting, a common business practice wherein two people, typically a manager and a direct report, have a face-to-face meeting with no one else present. In the case Joe used, the meeting is not between a manager and a direct report but between two peers. The term is also abbreviated 1:1, which like 1 − 1 also looks like a bit of mathematical nonsense. But it's not zero or one. It's just an abbreviation for bu...
Enumerating the ways of choosing teams in a group of players
Suppose you have a bunch of people, and you want to break them up into m teams of size n. (Therefore you have a total of nm people.) Today's Little Program will enumerate the ways this can be done. Formally, let's say that you have a collection of size nm, and you want to enumerate the ways of partitioning the collection into m subsets, each subset of size n. The order of elements within each subset does not matter, and the order of the subsets doesn't matter. That's saying that a team of Alice and Bob is the same as a team of Bob and Alice, and Alice-Bob versus Charlie-David is the same as Charlie-David versu...
Before claiming that a function doesn't work, you should check what you're passing to it and what it returns
Before claiming that a function doesn't work, you should check what you're passing to it and what it returns, because it may be that the function is behaving just fine and the problem is elsewhere. The function does not appear to support directories with Unicode characters in their names. The correct directory name is obtained if it contains only ASCII characters in its name, but it truncates the string at the first non-ASCII character. If you step through the code in the debugger, you'll see that the function is working just fine. The buffer is filled with the current directory, including the non-ASC...
What is the strange garbage-looking string in the "command" value of a static verb?
A customer from a major software vendor asked, "What is the significance of the value that can be found under . It appears to be a copy of the default value, but with the program name replaced with apparent garbage. We've seen this both with Microsoft products as well as products by other companies. There is no mention of this value in the documentation on static verbs." The customer didn't explain why they were interested in this particular registry value. Maybe they thought it was enabling some super magical powers, and they wanted to get in on that action. (If that was the case, then they failed to noti...
If you want to be notified when your app is uninstalled, you can do that from your uninstaller
A customer had a rather strange request. "Is there a way to be notified when the user uninstalls any program from Programs and Features (formerly known as Add and Remove Programs)?" They didn't explain what they wanted to do this for, and we immediately got suspicious. It sounds like the customer is trying to do something user-hostile, like seeing that a user uninstalled a program and immediately reinstalling it. (Sort of the reverse of force-uninstalling all your competitors.) The customer failed to take into account that there are many ways of uninstalling an application that do not involve navigating to the...
Did the Windows 95 interface have a code name?
Commenter kinokijuf wonders whether the Windows 95 interface had a code name. Nope. We called it "the new shell" while it was under preliminary development, and when it got enabled in the builds, we just called it "the shell." (Explorer originally was named Cabinet, unrelated to the container file format of the same name. This original name lingers in the window class: CabinetWClass.)
Finding the shortest path to the ground while avoiding obstacles
Today's Little Program solves the following problem: Consider a two-dimensional board, tall and narrow. Into the board are nailed a number of horizontal obstacles. Place a water faucet at the top of the board and turn it on. The water will dribble down, and when it hits an obstacle, some of the water will go left and some will go right. The goal is to find the shortest path to the ground from a given starting position, counting both horizontal and vertical distance traveled. ⬤ • • • • • • • • • • &bu...
How do I obtain the computer manufacturer's name from C++?
Some time ago, I gave a scripting solution to the problem of obtaining the computer manufacturer and model. But what if you want to do this from C++? I could translate the script into C++, or I could just point you to Creating a WMI Application Using C++ in MSDN. In particular, one of the WMI C++ Sample Applications does exactly what you want: Example: Creating a WMI Application. The only things you need to do are
When I send a WM_GETFONT message to a window, why don't I get a font?
A customer reported that the message was not working. Specifically, they sent the message to a window, and they can plainly see that the window is rendering with a particular font, yet the message returns 0. Why isn't the window returning the correct font handle? The and messages are not mandatory. A window may choose to support them, or it may choose not to, or it may even choose to support one but not the other. (Though if it supports , it probably ought to support .) For example, our scroll bar program creates a custom font for the items in the list, but it does not implement the or messages. If you t...
When will GetSystemWindowsDirectory return something different from GetWindowsDirectory?
Most of the time, the returns the Windows directory. However, as noted in the documentation for : With Terminal Services, the GetSystemWindowsDirectory function retrieves the path of the system Windows directory, while the GetWindowsDirectory function retrieves the path of a Windows directory that is private for each user. On a single-user system, GetSystemWindowsDirectory is the same as GetWindowsDirectory. What's going on here, and how do I test this scenario? When Terminal Services support was being added to Windows NT 4.0 in the mid 1990's, the Termi...
Microspeak: Tell Mode / Ask Mode
As a product nears release, the rate of change slows down, and along the way, the ship room goes through stages known as Tell Mode and Ask Mode. In Tell Mode, any changes to the product do not require prior approval, but you are required to present your changes to the next ship room meeting and be prepared to explain and defend them. The purpose of this exercise is to get teams accustomed to the idea of having to present their changes to the ship room as a warm-up for Ask Mode. There is also the psychological aspect: If you have to present and defend your changes, you are going to be more careful about deciding ...
The alternate story of the time one of my colleagues debugged a line-of-business application for a package delivery service
Some people objected to the length, the structure, the metaphors, the speculation, and fabrication. So let's say they were my editors. Here's what the article might have looked like, had I taken their recommendations. (Some recommendations were to text that was also recommended cut. I applied the recommendations before cutting; the cuts are in gray.) You tell me whether you like the original or the edited version.
How can I get the URL to the Web page the clipboard was copied from?
When you copy content from a Web page to the clipboard and then paste it into OneNote, OneNote pastes the content but also annotates it "Pasted from ...". How does OneNote know where the content was copied from? As noted in the documentation for the HTML clipboard format, Web browsers can provide an optional property to specify the Web page the HTML was copied from. Let's write a Little Program that mimics what OneNote does, but just in plain text, because I don't want to try to parse HTML. This is much easier to do in C#, because the BCL provides most of the helper functions. First, we get the text fro...
The time one of my colleagues debugged a line-of-business application for a package delivery service
Back in the days of Windows 95 development, one of my colleagues debugged a line-of-business application for a major delivery service. This was a program that the company gave to its top-tier high-volume customers, so that they could place and track their orders directly. And by directly, I mean that the program dialed the modem (since that was how computers communicated with each other back then) to contact the delivery service's mainframe (it was all mainframes back then) and upload the new orders and download the status of existing orders.¹ Version 1.0 of the application had a notorious bug: Ninet...
Outdoor Trek: Mirror, Mirror starts this weekend
As previously noted, Outdoor Trek will be staging live performances of the Star Trek episode Mirror, Mirror. The schedule is up. Three weekends starting this Saturday at Blanche Lavizzo Park. Saturday performances are 7pm; Sunday performances are 2pm. Admission is free. Attend if you dare.
What does it mean when GetQueuedCompletionStatus return ERROR_SEM_TIMEOUT?
A customer asked for assistance interpreting a failure of the function. We are observing that is intermittently behaving as follows: That's all the information we have in our log files. We don't know the value of or , sorry. We realize that this is a rather vague question, but when this problem hits our machines, it causes our internal logic to go into a reset state since it doesn't know what the error means or how to recover. Resetting is expensive, and we would prefer to handle this error in a less drastic manner, if only we knew what it meant. The error code is a rather bad translation of the un...
How do I configure Windows Update programmatically?
First of all, normal programs shouldn't be messing with Windows Update configuration. That's something the user (or the user's administrator) decides. If you're an IT administrator, then you can use Group Policy to configure Windows Update on your network. But maybe you're a special case where the above remarks don't apply. Say you're a data center and all the systems are running inside of virtual machines and you don't want them installing updates or rebooting without your permission, so you want to run a script when you set up the image to disable updates. You can use the object, known to native code as ...
Why does Outlook map Ctrl+F to Forward instead of Find, like all right-thinking programs?
A feature request.
Enumerating integer compositions (the return of the binomial coefficients)
In number theory, a composition of an integer is an ordered sequence of positive integers which sum to the target value. For example, the value 3 can be written as 3, 1+2, 2+1, or 1+1+1. You can think about the target number as a string of stars, and a composition is a way of breaking the stars into groups. For example, here are the compositions of 3: How would you generate all compositions of a particular length? In the above example, the compositions of length 2 would be 1+2 and 2+1. Let's take a look at the last star in the composition. If it is immediately preceded by a space, then removing it results i...
If I duplicate a handle, can I keep using the duplicate after closing the original?
A customer asked whether it was okay to use a duplicated handle even after the original handle was closed. Yes. That's sort of why you would duplicate it. Duplicating a handle creates a second handle which refers to the same underlying object as the original. Once that's done, the two handles are completely equivalent. There's no way to know which was the original and which is the duplicate. Either handle can be used to access the underlying object, and the underlying object is not torn down until all handles to it have been closed. One tricky bit here is that since you have two ways to refer to the same thing...
Using the REFIID/void** pattern for returning COM objects for future-proofing and to avoid problems with dependencies
Suppose you have a function that creates a reference to a COM object: There are a few issues with this design. First of all, it requires that whoever uses your header file must have included first, since that's where is defined. You could solve that problem by putting at the top of , but that creates its own problems. For example, many header files alter their behavior based on symbols that have been d, and including that other header file as part of means that it's going to use the settings that were active at the time was included (which may not be what the clients of your header file are expecting)....
Why are only some of the Windows 7 system notification icons colorless?
Diminishing returns.
How do I turn off email reminders for my Windows Live calendar, and disable the birthday calendar while I'm at it?
You have to find the right check box.
Customing the standard color-picker dialog
A custom template, or possibly a custom hook function.
Communication between moving vehicles during the narrow window of the late 1990s
The long holiday weekend in the United States means that there are probably going to be a lot of people on road trips. Back in the old days before mobile phones, if you had multiple cars traveling together on a long trip, you had to stay within visible range of each other so that you didn't get separated. And if the car at the end of the convoy needed to pull over to take a bathroom break or something, they needed to rush to the front of the group and pantomime through the window to the passengers in the lead car to tell them what they were going to do, and then everybody would pull over together. I still remem...
It rather involved being on the other side of this airtight hatchway: Surreptitious file access by administrator
A security report was received that went something like this: A user can bypass file sharing locks by opening a read-only handle to the physical volume containing the file in question. This allows the user to extract the contents of protected files by reading the corresponding sectors directly from the disk. Since this operation requires administrator access, any user with administrator access can extract data from files that are normally inaccessible due to file locks, such as the SAM database. Yes, that's right. An attacker who gains administrator privileges can extract data from any file on the computer. B...
Redirecting the Favorites folder is technically legal, but you wouldn't like it
A customer liaison asked for assistance in debugging why Internet Explorer frequently stops responding at their customer's site. "We have tried a number of things like clearning the temporary Internet files, disabling add-ons, and resetting Internet Explorer settings. Please let me know if you can provide guidance based on the dump files provided below to indicate what could be causing Internet Explorer to hang here." The dump file showed 23 threads, and all of them seemed to be normal, except for one which looked like this: (Remember, you can get symbols for operating system binaries.) General debuggin...
What is the default size of the Recycle Bin, and how can an administrator control the size of the Recycle Bin?
A customer was setting up a file server to which they intended to redirect all their employees' documents. They were concerned about the amount of disk space used by all the Recycle Bins on that server. Is there a fixed default size for the Recycle Bin, or is it based on the size of the disk? Is there a way we can change the default size for the Recycle Bin? The customer is concerned that a user with a small quota on a large drive may end up filling their quota with Recycle Bin content and have no space left for their documents. For example, suppose you have a 1TB drive and each user has a 15 GB quota...
2014 mid-year link clearance
Another round of the semi-annual link clearance. James Mickens section January 2014: This World of Ours I have seen a video called “Gigantic Martian Insect Party,” and I have seen another video called “Gigantic Martian Insect Party 2: Don’t Tell Mom,” and I hated both videos, but this did not stop me from directing the sequel “Gigantic Martian Insect Party Into Darkness.” March 2014: To Wash It All Away Clearing the cache to fix a Web browser is like when your dad was driving you to kindergarten, and the car started to smoke, and he tried to fix the car by bangi...
Getting the location of the Close button in the title bar, from Windows 2000 or Windows XP
Today's Little Program locates the × button in the corner of the window and displays a balloon tip pointing at it. We did this some time ago with the help of the message, which is new for Windows Vista. But what if you don't have that message available, say, because you're running on Windows 2000 or Windows XP or (gasp) Windows 98? You can use the classic Accessibility interface to enumerate the buttons in the title bar and see which one the window reports as the Close button. Let's take the program from last time and change the function: We obtain the interface for the title bar and ...
Undefined behavior can result in time travel (among other things, but time travel is the funkiest)
The rules of logic no longer apply when you cross the line.
For Honor, For Excellence, For Pizza
Hacker News member citizenlow recalls the time I went over after hours to help out the Money team debug a nasty kernel issue. They were running into mysterious crashes during their stress testing and asked for my help in debugging it. I helped out other teams quite a bit, like writing a new version of Dr. Watson for the Windows 98 team or writing a new version of the MSConfig tool based on a sketch on a bar napkin. And for a time, I followed the official policy for moonlighting to make sure everybody understood that I was doing work outside the boundaries of my official job duties. When the Money folks ...
Getting past the question to solving the problem, episode 2014.06.25
Today is another example where the right thing to do is not to answer the customer's question but rather to solve the customer's problem. A customer liaison asked, "What do the registry keys X and Y do? We noticed that they are both read from and written to when you open a common file dialog. Just curious." I replied, "I'm curious as to your curiousity. I'm afraid that you are curious because your customer is curious, and then the customer will start relying on the keys in a strange and unsupported way." The format of those keys has varied from one version of Windows to another, so there is nothing there applic...
The social interactions in two preschool classes, in graphic form
Each preschooler at my daughter's school was asked a few simple questions, and the answers were printed in the yearbook. Among other things, the preschoolers were asked to complete the sentence, "I like to play with (person)." This is the type of question that leads to tears and hurt feelings. Whatever. Their parents are going to be stuck with the therapy bills. (My daughter is not a preschooler at the school, so I avoided a therapy bill. At least not over this.) From this data, I created a graph. Each arrow points from a student to the person they said they like to play with. This class breaks up into four ...
Finding the "Run as administrator" command, a game of hide-and-seek
Back in the old days, the "Run as administrator" menu option was placed on the extended menu. To get the extended menu, you hold the shift key when you right-click on the shortcut. In Windows 7, the "Run as administrator" option was moved to the primary menu, so you no longer need to hold the shift key to get it. Well, except that sometimes you still need to hold the shift key. The deal is that there are two "Run as administrator" commands. One of them is for running shortcuts to regular applications as administrator. The other is for running shortcuts to MSI applications as administrator. Shortcuts to M...
Adding a sound to the Alt+Tab window
Today's Little Program plays a sound when the Alt+Tab window appears and disappears. The program registers an accessibility event hook for the and events. The Start event fires when an Alt+Tab operation begins, and the End event fires when an Alt+Tab operation completes. As noted in the documentation, you can get spurious End events, so we keep track of our current state to avoid any surprises. In addition to adding an annoying sound to the Alt+Tab window, let's also add an annoying sound each time you move focus to a new item. Okay, this was a pretty annoying program, but maybe you can use it for som...
Once you go input-idle, your application is deemed ready to receive DDE messages
Feel free to stop using DDE. There was one customer who confessed that they were still using DDE, and they asked for help debugging a DDE problem. They found that sometimes, when their application was launched for DDE, it never received the message. Instead, the function returned . If launched from Explorer, the error message shown to the user was "There was a problem sending the command to the program." It took a long time to figure out what was going on, and there were a number of dead ends, but I'll cut to the chase: The problem was that one of the features they added to their program included code that r...
What happened to the Shut Down menu in classic Task Manager?
The great thing about open comments is that anybody can use them to introduce their favorite gripe as long as it shares at least four letters of the alphabet in common with the putative topic of the base article. xpclient "asks" why the Shut Down menu was removed from Task Manager. I put the word "asks" in quotation marks, because it's really a complaint disguised as a question. As in "Why do you guys suck?" The first thing to understand is that classic Task Manager went into a state of sustained engineering since Windows 2000. In other words, the component is there, but there is no serious interest in i...
10 is the new 6
While it may no longer be true that everything at Microsoft is built using various flavors of Visual C++ 5.0, 6.0, and 7.0, there is still a kernel of truth in it: A lot of customers are still using Visual C++ 6.0. That's why the unofficial slogan for Visual C++ 2010 was 10 is the new 6. Everybody on the team got a T-shirt with the slogan (because you don't have a product until you have a T-shirt).
Who would ever write a multi-threaded GUI program?
During the development of Windows 95, the user interface team discovered that a component provided by another team didn't work well under multi-threaded conditions. It was documented that the function had to be the first call made by a thread into the component. The user interface team discovered that if one thread called , and then used the component, then everything worked great. But if a second thread called , the component crashed whenever the second thread tried to use it. The user interface team reported this bug back to the team that provided the component, and some time later, an updated version o...
Enumerating bit strings with a specific number of bits set (binomial coefficients strike again)
Today's Little Program prints all bit strings of length n subject to the requirement that the string have exactly k 1-bits. For example, all bit strings of length 4 with 2 bits set are 0011, 0101, 0110, 1001, 1010, and 1100. Let's write BitString(n, k) to mean all the bit strings of length n with exactly k bits set. Let's look at the last bit of a typical member of BitString(n, k). If it is a zero, then removing it leaves a string one bit shorter but with the same number of bits set. Conversely every BitString(n − 1, k) string can be extended to a BitString(n, k) string by adding a zero to the end. ...
Non-classical processor behavior: How doing something can be faster than not doing it
Consider the following program: The program generates a lot of random integers in the range 0..9 and then counts how many are less than 0, less than 1, less than 2, and so on. It also prints how long the operation took in QPC units. We don't really care how big a QPC unit is; we're just interested in the relative values. (We print the number of items found merely to verify that the result is close to the expected value of .) Here are the results: To the untrained eye, this chart is strange. Here's the naïve analysis: When the boundary is zero, there is no incrementing at all, so the entire running...
Can we continue to call FindNextFile() with the same handle that returned an error last time?
A customer wanted to know whether it was okay to call with the same handle that returned an error last time. In other words, consider the following sequence of events: The customer elaborated: Suppose that the directory contains four files, A, B, C, and D. We expect the following: After returns an error, can we continue to search with the same handle? Or should we close the handle and get a new one from ? If it depends on the type of error that occurred, the customer would like to know more details about when the search can be continued and when it cannot. We asked the customer what problem they're ...
Why do network servers sometimes show up as a Recycle Bin Location?
A customer wanted to know why some of their users showed network servers among the locations shown in the Recycle Bin property sheet. Answer: Because those users are using Folder Redirection. In particular, if you redirect the My Documents folder, then a network Recycle Bin location is created to hold the files deleted from My Documents. The Recycle Bin folder in the user interface shows the union of all the recycled files in the individual Recycle Bin locations.
Microspeak: Brownbag
Remember, Microspeak is not merely for jargon exclusive to Microsoft, but it's jargon that you need to know. The term brownbag (always one word, accent on the first syllable) refers to a presentation given during lunch. The attendees are expected to bring their lunch to the meeting room and eat while they listen to the presentation. A brownbag could be a one-off presentation, or it could be a regular event. The speaker could be an invited guest, or the presenters may come from within the team. In general, the purpose of a brownbag is to familiarize the audience with a new concept or to share information with th...
Improving the performance of CF_HDROP by providing file attribute information
The clipboard format is still quite popular, despite its limitation of being limited to files. You can't use it to represent virtual content, for example. For all of you still using , you can improve the performance of drag/drop operations by adding a little more information to your data object. Observe that the clipboard format is just a list of paths. Some drop targets care about whether the paths refer to directories or to files, and since does not provide this information, the drop targets are forced to access the disk to get the answer. (This can be expensive for network locations.) To help this c...
Link-time code generation invalidates a lot of classical assumptions about linking
It goes beyond special relativity, beyond general relativity... into TIME TRAVEL.
Closing over the loop variable is just as harmful in JavaScript as it is in C#, and more cumbersome to fix
Prerequisite reading: Closing over the loop variable considered harmful. JavaScript has the same problem. Consider: The most common case where you encounter this is when you are hooking up event handlers in a loop, so that's the case I used as an example. No matter which button you click, they all alert , rather than the respective button number. The reason for this is given in the prerequisite reading: You closed over the loop variable, so by the time the function actually executed, the variable had the value , since that's the leftover value after the loop is complete. The cumbersome part is fixing...
Why did it take so long for Windows to support a taskbar on more than one monitor?
Mark wants to know why Windows has never supported having a taskbar on more than one monitor. (The question was asked before Windows 8 multi-monitor taskbar support became publically-known.) The feature has always been on the list, but it's a long list, and specifically the cost of designing, implementing, testing, performing usability tests, then redesigning the feature (because you will definitely need to redesign something as significant as this at least once) historically prevented it from escaping the minus-100-point deficit. Features do not exist in a vacuum, and decisions about features necessaril...
As long as your file names meet operating system requirements, you can use whatever you like; the rest is up to you
A customer had a question about the MSDN documentation on rules for legal file names: My employees keep naming documents with hyphens in the name. For example, they might name a file . It is my position that hyphens should not be used in this way, and the document should be named . Please advise on the use of hyphens within file names. Hyphens inside file names are legal, and you can use as many as you like, subject to the other rules for file names. If you are having an argument with your employees about file naming conventions, that's something you just need to work out among yourselves. Whatever you decid...
Obtaining information about the user's wallpaper on multiple monitors
Today we're going to dump information about the user's wallpaper settings on multiple monitors. The idea is simple. You use the interface on the object to get information about the desktop wallpaper. It will tell you the wallpaper positioning information, whether a single image is being used for all monitors, where those monitors are, and which image is on which monitor. The program proceeds in a few basic steps. We create the object. That object will give us the answers to our questions. Our first question is, "Is the same wallpaper being shown on all monitors?" To determine that, we call and speci...
Why does GetFileVersionInfo map the whole image into memory instead of just parsing out the pieces it needs?
Commenter acq responds (with expletive deleted), "the whole file is mapped into the process' memory only for version info that's certainly only a few kilobytes to be read?" Why not map only the parts that are needed? "I don't understand the necessity to map the whole file except that it was easier to write that code without thinking too much." That was exactly the reason. But not because it was to avoid thinking. It was to make things more secure. Back in the old days, the function did exactly what acq suggested: It parsed the executable file format manually looking for the file version information. (In other ...
Get your hex wrench ready, because here comes the Ikea bicycle
Ikea säljer elcyklar. Click through for two-image slide show. Ikea selling electric bicycles Forget furniture. Ikea is now launching, that's right, an electric bicycle. It goes under the name People-Friendly and costs around 6000 SEK ($900 USD). But only in Älmhult, Småland. People-Friendly has already received three design awards, including the IF Design Award, according to Ikea's press release. What distinguishes it from other electric bicycles is that the battery is hidden in the frame. That makes it look like a regular bicycle as well as lowering the center of gravity and makes t...
It rather involved being on the other side of this airtight hatchway: Denial of service by high CPU usage
You already can do that without doing anything sneaky.
How to take down the entire Internet with this one weird trick, according to Crisis
According to television.
Cargo-cult registry settings and the people who swear by them
Two customers (so far) wanted to know how to increase the duration of taskbar balloon notifications on Windows Vista. (By the way, I gave the answer some time ago.) They claimed that on Windows XP, they were using the registry key , setting the value to a specifying the number of seconds the balloon should appear. They wanted to know if this still worked in Vista. Heck, it didn't work even in Windows XP! That undocumented registry key actually controls whether the Windows XP taskbar should show the "To see the hidden icons, click this button" tip. It has nothing to do with how long the balloo...
Only senior executives can send email to the All Employees distribution list, but mistakes still happen
Some time ago, a senior executive sent email to the All Employees distribution list at Microsoft announcing that a particular product was now available for dogfood. The message included a brief introduction to the product and instructions on how to install it. A few hours later, a second message appeared in reply to the announcement. The second message came from a different senior executive, and it went I got your note and tried it out. Looks good so far. Oopsie. The second senior executive intended to reply just to the first senior executive, but hit the Reply All button by mistake. This would normally have...
Find the index of the smallest element in a JavaScript array
Today's Little Program isn't even a program. It's just a function. The problem statement is as follows: Given a nonempty JavaScript array of numbers, find the index of the smallest value. (If the smallest value appears more than once, then any such index is acceptable.) One solution is simply to do the operation manually, simulating how you would perform the operation with paper and pencil: You start by saying that the first element is the winner, and then you go through the rest of the elements. If the next element is smaller than the one you have, you declare that element the new provisional winner. Ano...
Why is the debugger telling me I crashed because my DLL was unloaded, when I see it loaded right here happily executing code?
A customer was puzzled by what appeared to be contradictory information coming from the debugger. We have Windows Error Reporting failures that tell us that we are executing code in our DLL which has been unloaded. Here's a sample stack: But if we ask the debugger what modules are loaded, our DLL is right there, loaded as happy as can be: In fact, we can view other threads in the process, and they are happily running code in our DLL. What's going on here? All the information you need to solve this problem is given right there in the problem report. You just have to put the pieces together. Let's ta...
Eventually, we may find out where notes eight through twelve came from
CBC Radio's Tom Allen investigates the origin of the opening four notes of the classic Star Trek theme. He traces it to the opening of Mahler's First Symphony, then further back to Brahms's Second Symphony and Beethoven's Fourth Symphony. In college, one of my classmates (the same one that is now the conductor of an orchestra) identified the source of the trumpet fanfare in the Star Trek theme, also known as notes five through seven: Mahler's Seventh Symphony. Skip to timecode 11:05. Eventually, we may find out where notes eight through twelve came from. If the trend keeps up, we may discover that it came fr...
Why does my radio button group selection get reset each time my window regains activation?
A customer reported (all incomplete information and red herrings preserved): We have an issue related to two radio buttons in a window. The code programmatically checks the second button by sending the message. We observe that if the user clicks somewhere else on the screen (so that our application loses focus), and then clicks on the taskbar icon to return to our application, the first radio button spontaneously gets selected. We watched all the messages in Spy++, and it appears that the radio button is receiving a followed by a . Is this by design? If not, what should I be looking for in my code that i...
Dialog boxes return focus to the control that had focus when you last switched away; how do I get in on that action for my own windows?
You start typing.
The code names for various subprojects within Windows 95
Most people know that Windows 95 was code-named Chicago. The subprojects of Windows 95 also had their code names, in part because code names are cool, and in part because these projects were already under way by the time somebody decided to combine them into one giant project. Even when they were separate projects, the first three teams worked closely together, so the names followed a pattern of ferocious cats. My guess is that when the user interface team chose their code name, they heard that the other guys were naming themselves after cats, so they picked a cat, too. I don't know whether they did ...
Creating a simple shell item, just as fake as a simple pidl
Continuing from Creating a simple pidl: For the times you care enough to send the very fake: Instead of creating a simple pidl, we'll create a simple shell item. The idea is the same. We build a file system bind context containing the information about the fake file, and we pass that bind context to the function. Take that program that creates a simple pidl and make these changes: Instead of creating a simple pidl, we create a simple shell item and then extract the same information from it it as before, just doing it the way.
An extensible interlocked arithmetic function (via lambdas)
Some time ago, I noted that you can build other interlocked operations out of . Here's an example: (There's a corresponding C++ version, which I leave as an exercise.) This function atomically updates a "highest value seen so far" variable. It follows the usual pattern: Capture the starting value. Do a computation based on that value. Compare-exchange the new value in. If the compare-exchange failed, then start over. (For bonus points, add an early-out if the operation should be abandoned.) You can make this function extensible by use of lambdas, so that you can update the old value with any computat...
Is WriteProcessMemory atomic?
How could it be?
The mystery of the icon that never appears
A customer reported a problem showing an icon on their dialog box. We verified that this code does execute during the handling of the message. No assertion fires, yet no icon appears either. Our dialog template says The customer did some helpful preliminary troubleshooting: Verify that the code does indeed execute. It sounds obvious, but some people forget to check this. They get distracted trying to figure out why a function isn't working, when in fact the root cause is that you forgot to call the function in the first place. Verify that the call succeeded. That rules out t...
How do I change among the three levels of play in Space Cadet Pinball?
Many many years ago, a customer presumably was taking advantage of the unlimited support part of their support contract when they asked In the documentation for Space Cadet Pinball, it says... The game is divided into three levels of play: basic, intermediate, and advanced. The objective of all levels is to achieve the highest point total. The more advanced the level of play, the greater the point reward. How does one advance to the next level of play? The documentation doesn't explain. The level of play being described in the documentation refers not to any particular in-game option or accomplishment. I...
Enumerating bit sequences with isolated zero-bits via the Fibonacci recurrence
Today's Little Program enumerates bit sequences of a particular length subject to the constraint that you cannot have consecutive 0-bits. This may sound kind of arbitrary, but it is important in magnetic media storage, because you cannot go too long without a flux reversal (traditionally represented by a 1); otherwise, the read head's clock starts to drift and gets out of sync with the data. (The read head uses flux reversals both for signaling and for clock synchronization.) Let's say that an allowable bit sequence is one that contains no consecutive 0-bits. The recurrence for enumerating these types of co...
Even if you're the President, your mother still has the power to embarrass you
Last year, in honor of Mother's Day (the United States version), the John F. Kennedy Library shared a letter sent by President Kennedy to his mother. Mrs. Kennedy had contacted Premier Khrushchev asking for an autographed photo, copies of which were subsequently forwarded to the White House so that the President could sign them as well. President Kennedy tries to express in the politest language he can muster that the mother of a sitting president directly contacting a foreign dignitary is "subject to interpretations", and that in the future, it would be greatly appreciated if she would let the White House clea...
When was the WM_COPYDATA message introduced, and was it ported downlevel?
Gabe wondered when the message was introduced. The message was introduced by Win32. It did not exist in 16-bit Windows. But it was there all along. The The message was carefully designed so that it worked in 16-bit Windows automatically. In other words, you retained your source code compatibility between 16-bit and 32-bit Windows without having to do a single thing. Phew, one fewer breaking change between 16-bit and 32-bit Windows. As Neil noted, there's nothing stopping you from sending message in 16-bit Windows with a window handle in the and a pointer to a in the . Since all 16-bit applications ra...
How can you use both versions 5 and 6 of the common controls within the same module?
Commenter Medinoc was baffled by the statement that the decision to use the visual-styles-enabled version of the common controls library is done on a window-by-window basis. " Isn't it rather on a per-module basis, depending on each module's manifest? If it is indeed on a per-window basis, how does one choose?" Whether a particular call to (or one of its moral equivalents) gets the classic version of the control or the visual-styles-enabled version of the control depends on which activation context is active at the point of the call. If an activation context with version 6 of the common controls is active, th...
Why does saving a file in Notepad fire multiple FindFirstChangeNotification events?
Many people have noticed that the and functions (and therefore their BCL equivalent and WinRT equivalent ) fire multiple events when you save a file in Notepad. Why is that? Because multiple things were modified. Notepad opens the file for writing, writes the new data, calls to truncate any excess data (in case the new file is shorter than the old file), then closes the handle. Two things definitely changed, and a third thing might have changed. It's therefore not surprising that you got two events, possibly three. Remember the original design goals of the function: It's for letting an application ca...
Letting the boss think your project is classier than it really is
Once upon a time, there was a team developing two versions of a product, the first a short-term project to ship soon, and the other a more ambitious project to ship later. (Sound familiar?) They chose to assign the projects code names Ren and Stimpy, in honor of the lead characters from the eponymous cartoon series. Over time, the two projects merged, and the code name that stuck was Ren. When the project came up in a meeting with Bill Gates, it was mentioned verbally but never spelled out, and since Bill wasn't closely tuned into popular culture, he mapped the sound /rɛn/ not to the hairless Mexican dog...
Warehouse holding 1000 cans of surströmming burns to the ground, insert punch line here
A warehouse in Sweden holding 1000 cans of surströmming burned to the ground last week. No people were injured. The cans of surströmming, already prone to violent decompression under normal conditions, exploded over a period of six hours. Some of them turned into projectiles and shot through the air. No information on what effect this will have on the supply of surströmming ice cream. I knew you were wondering.
Getting the location of the Close button in the title bar
Today's Little Program locates the × button in the corner of the window and, just to show that it found it, displays a balloon tip pointing at it. Let's start with the program from last week, the one that displays a balloon tip, then make these changes: Instead of positioning the balloon at the cursor position, we put it at the center of the Close button. We use the message to obtain information about the window title bar, specifically checking information about the Close button. After verifying that it is visible and on-screen and enabled, we calculate its center point and return success. The me...
If a lot of settings are ignored when set in a DLL, why bother even letting you set them on a DLL?
There are many settings that are ignored when set in a DLL. . and . There are plenty of others. Commenter 640k asks why these settings even exist for DLLs if they has no effect. Because they are settings for PE modules in general. If there were separate file formats for EXEs and DLLs, then there would have to be two different module loaders, one for EXEs and one for DLLs. This creates extra work for no particular benefit aside from satisfying some anal-retentive compulsion that nothing be wasted. As far as I can tell, all operating systems use a common file format for both executables and libraries. If it...
How do I extract an icon at a nonstandard size if IExtractIcon::Extract tells me to go jump in a lake?
Commenter Ivo notes that if you ask to extract an icon at a particular size, the function can return which means "Go jump in a lake do it yourself." But how can you do it yourself? The and functions don't let you specify a custom size, and doesn't work with icon indices (only resource IDs). The function comes to the rescue. This takes all the parameters of (plus a bonus flags parameter), and it will actually do an extraction. Let's extract an icon from Explorer at 48×48, just for illustration. As usual, start with our scratch program, then make these changes: Run the program, and observe th...
The StartRunNoHOMEPATH policy affects whether the user's HOME path is the current directory when you use Start.Run, but make sure you read that carefully
A customer (via the customer liaison) discovered that even though they had set the policy, they found "if the user creates a Notepad file, the file is searched in the user's HOME directory, in contradiction of policy," I asked the liaison to confirm: "The steps you describe are rather vague. Are you saying that the problem occurs when the user opens the Run dialog and types ?" The customer liaison replied, "I believe the scenario is close to what you describe. The user opens the Run dialog, types , then types some text into Notepad and then does a Save As. I will confirm with the customer." A few days later...
Why does the common file save dialog create a temporary file and then delete it?
When you call , the common file save dialog will ask the user to choose a file name, and just before it returns it does a little create/delete dance where it creates the file the user entered, and then deletes it. What's up with that? This is a leftover from the ancient days of 16-bit Windows 3.1, back when file systems were real file systems and didn't have this namby-pamby "long file name" or "security" nonsense. (Insert sound effect of muscle flexing and gutteral grunting.) Back in those days, the file system interface was MS-DOS, and MS-DOS didn't have a way to query security attributes because, well, ...
Showing a balloon tip at a specific position, then removing it
Today's Little Program shows a balloon tip at a specific position, then manually removes it. Start with our scratch program and make these changes: When our main window is created, we also create a balloon-style tooltip and add a tracking tool. Normally, the tooltip control appears and disappears automatically, at a position of the tooltip's choosing. Tracking tooltips are managed manually, so you can specify exactly when and where they appear, and you also manually remove them from the screen. At startup, we add the tool but do not show the balloon tooltip yet. When the user presses the space bar, we get...
A discovered quirk is just few steps away from becoming a feature
Commenter Cherry wonders who invented all those strange syntaxes, like to show all environment variables, including the hidden ones. An interesting historical note is the origin of the convention in unix that files whose names begin with a dot are hidden by default (here's the relevant portion). That article highlights how a discovered quirk is just a few steps away from becoming a feature. As Master Yoda might put it: Discovery leads to dissemination. Dissemination leads to adoption. Adoption leads to entrenchment. Entrenchment creates a compatibility constraint. As I've noted many times, the batch la...
I thought you could use SWP_FRAMECHANGED to force a control to recalculate its properties after a change in styles
Simon Cooke dug back into his memory and asked, "Doesn't calling with cause a recreate and re-apply of the styles?" The flag does not recreate anything, but it does reapply the styles, as far as it knows. Recall that the bits in the window style break into two parts. There are the styles managed by the window manager, which are in the upper 16 bits, and there are the styles that are specific to each control, which are in the lower 16 bits. The window manager knows about the styles that it manages, but it has no clue about the styles that are specific to each control. It has no idea that the style control...
How do I programmatically create folders like My Pictures if they were manually deleted?
A corporate customer had a problem with their employees accidentally deleting folders like Videos and Pictures and are looking for a way to restore them, short of blowing away the entire user profile and starting over. They found some techniques on the Internet but they don't always work consistently or completely. What is the recommended way of recreating these missing folders? It turns out that the customer was asking a question that I answered many years ago, but looking at it from the other side. To recreate a folder, call with the flag , or call and pass . If you are targeting Windows Vista or higher,...
Le Chatelier's Principle in action: Administrative overrides
Today we have another example of Le Chatelier's Principle as interpreted by John Gall: Every system resists its proper functioning. There was a video card manufacturer which was using the key so that they could inject their DLL into every process. I have no idea why. Perhaps to get a nice bonus. In Windows Vista, the registry key was deactivated for both engineering and security reasons. Oh no! Undeterred, the video card manufacturer issued an update to their driver so that in addition to adding themselves to , they also set the administrative override switch that re-enabled the feature. Boom, they probab...
How can I get information about the items in the Recycle Bin from script?
Today we'll do a scripting version of an old C++ program: Printing information about the items in the Recycle Bin. (How you wish to act on the information is up to you.) This is a pattern we've seen a lot. Bind to a folder, enumerate its contents, extract properties. Wow, that was way easier than doing it in C++! Just for fun, I'll do it in C#, first as a straight port: We have to cast to because the default interface for the method is , but is a method on . We didn't have to do this explicit cast in JavaScript because JavaScript is a dynamically-typed language. So let's use the keyword to mimi...
Raymond's house rules for Easter Egg Hunts
One of my colleagues frustrates his family by hiding the eggs for the annual Egg Hunt way too well. "Apparently, drawers and freezers are out of bounds in the traditional egg hunt." Here are my house rules for Easter Egg Hunts: Personally, I like to hide eggs in plain sight. It's surprising how long it can take somebody to find a yellow egg resting brazenly on the lap of a yellow teddy bear.
How do I set a breakpoint on a function whose name contains spaces or other special characters?
If you use one of the command line debuggers based on the Debugger Engine, you can set a breakpoint on a function whose name contains spaces or other special characters by quoting the symbol name. The trick here is that you do not quote the entire string; you quote only the symbol name. Note that the quotation marks do not go around the part. They go only around the symbol. (Otherwise, the debugger thinks you are setting a breakpoint action.) Another trick for setting breakpoints is using tab autocompletion for symbols. If you type and then hit Tab repeatedly, you will cycle through all the matches. (It ...
How can I get the Windows 8 touch keyboard to display autocomplete suggestions like the Bing app?
A customer observed that if you use the Windows 8 Bing app with the touch keyboard, the top of the touch keyboard includes autocomplete suggestions for quick access. They wanted to know how to enable this in their own application. In the illustration below, it's the two boxes immediately above the keyboard with the words "aol" and "amazon". The ones that slide into view. | a| SUGGESTIONS aol amazon att.net autotrader ask.com american airlines aol amazon q w e r t y u i o p 	...
There is no complete list of all notifications balloon tips in Windows
A customer wanted a complete list of all notifications balloon tips in Windows. There is no such list. Each component is responsible for its own balloon tips and is not required to submit their list of balloon tips to any central authority for cataloging. In order to create such a list, somebody would have to go contact every component team and ask them for a list of all their balloon tips, and that component team would probably undertake a search of their code base looking for balloon tips. And figuring out the text of each balloon tip can be tricky since the text may be built dynamically. (And the customer did...
The gradual erosion of the car trip experience, part 2
When I learned that my nieces were heading out on a road trip, I asked, "Are you going to sing songs?" My eldest niece looked at me as if I were from Mars, then replied, "No, we bring electronics."
Microspeak: bar check
A bar check sounds like the sort of thing you receive at the end of a long evening of drinking, but that's not what a bar check is. Among the things that happen at ship room meetings is reviewing each bug that has a proposed fix and deciding whether to accept or reject the fix. Another thing that happens at ship room meetings is the bar check: The person representing the bug describes the issue and what is known about it so far and asks for a preliminary assessment from the ship room as to whether this is the sort of bug they would approve if a fix were available, in other words, whether it meets the bug bar....
The geeky thrill of discovering that two things are really the same thing, just with different labels
Today's post about binomial coefficients was intended to be a warm-up for Catalan numbers, but it turns out Eric Lippert already covered them, first in the context of binary trees, then in the context of arbitrary trees and forests, and then again in the context of matched parentheses. Another way of seeing the correspondence between forests and matched parentheses is simply to consider each as an XML open-tag and each as an XML end-tag. One thing to take away from the enumeration of objects controlled by Catalan numbers is that when you see multiplication in a recurrence relation, that typically correspo...
Enumerating subsets with binomial coefficients
Inspired by the Little Program which enumerates set partitions, I decided to do the binomial coefficients this week. In other words, today's Little Program generates all subsets of size k from a set of size n. As before, the key is to interpret a recurrence combinatorially. In general, when a recurrence is of the form A + B, it means that at the recursive step, you should do A, followed by B. In our case, the recurrence is C(n, k) = C(n − 1, k) + C(n − 1, k − 1). The combinatorial interpretation of the recurrence is to look at how you can go from a set of size n to a set of size n − 1 ...
Windows is not a Microsoft Visual C/C++ Run-Time delivery channel
There's a DLL in the system directory called , and from its name, you might think that it is the Microsoft Visual C/C++ Run-Time library. That is a perfectly reasonable guess. But it would also be wrong. The Microsoft Visual C/C++ Run-Time libraries go by names like or or or , and the debugging versions have a in there, too. And like MFC, these binaries might be on your machine as a side effect of the implementation of a particular Windows component, but they are not contractual. If your program requires the Visual C/C++ Run-Time library, then your program needs to install the appropriate version. (Ther...
Why does PrintWindow hate CS_PARENTDC? redux
Why does hate ? Because everybody hates ! Commenter kero claims that it's "easy to fix" the problem with and . You just remove the style temporarily, then do the normal , then restore the style. The question is then why simply doesn't do this. The question assumes that the described workaround actually works. It may work in limited situations, but it certainly doesn't work in general. Since the style is a class style, removing the style affects all windows of that class, not merely the window you are trying to print. Suppose there are two windows of the class running on different threads, and you remov...
What happens to my COM server-side object when clients die unexpectedly?
They get cleaned up eventually.
Why is Rundll32 called Rundll32 and not just Rundll?
There is an oft-abused program named . Why does its name end in ? Why not just call it ? (I will for the moment ignore the rude behavior of calling people stupid under the guise of asking a question.) Because there needed to be a way to distinguish the 16-bit version from the 32-bit version. Windows 95 had both (the 16-bit version) and (the 32-bit version). Of course, with the gradual death of support for 16-bit Windows, the 16-bit is now just a footnote in history, leaving just the 32-bit version. But why did the two have to have different names? Why not just use the same name () for both, putting t...
Using WM_SETREDRAW to speed up adding a lot of elements to a control
Today's Little Program shows one way you can implement a better version of . Our first version doesn't use at all. Start with the scratch program and make the following changes: Most of this program was stolen from my scroll bar series. The interesting new bits are that you can add one new item by hitting 1, or you can add ten thousand items by hitting 2, or you can add ten thousand items with redraw disabled by hitting 3. I drew the items in reverse order so that adding an item forces everything to change position, so that the effect of the redraw is more noticeable. Observe that adding one item is f...
It's bad enough for a guest to demolish the host's house; demolishing an unrelated person's house is taking it to a whole new level
"How do I destroy a window that belongs to another process?" The function will not destroy windows that belong to another thread, much less another process. The best you can do is post a message to the window to ask it nicely. The function response to the message by destroying the window, but the window is free to add a custom handler for the message which rejects the request. (If you are thinking of posting the message, then you're the sort of person who prank-calls somebody pretending to be the police.) If you want to distinguish between user-initiated requests to close the window (say, by clickin...
Why does the access violation error message put the operation in quotation marks? Is is some sort of euphemism?
When an application crashes with an access violation, the error message says something like The instruction at "XX" referenced memory at "YY". The memory could not be "read". Why is the operation in quotation marks? Is this some sort of euphemism? The odd phrasing is a consequence of globalization. The operation name is a verb in the infinitive ("read", "write"), but depending on how the containing message is localized, it may need to take a different form. Since the kernel doesn't understand grammar, it just puts the words in quotation marks to avoid having to learn every language on the planet. Imagine if i...
It rather involved being on the other side of this airtight hatchway: Invalid parameters from one security level crashing code at the same security level (again)
A few years after I posted this story, the security team received something very similar. If have found that if you call the XYZ function (whose last parameter is supposed to be a pointer to a ) and instead of passing a value pointer to a , you pass , then you can trigger an access violation in the XYZ function. The XYZ function does not check whether the input parameter is . This is a denial of service attack against the system. Okay, first of all, even if the XYZ function checked that the final parameter is non-, that wouldn't prevent a caller from passing an invalid non- pointer, so adding a check doesn...
Buggy milk cartons, beeping computers, and other silliness
Some time ago, there was a performance-related bug that went something like this: mm/dd/yy Created by bob The attached file contains a dataset that takes a very long time to process. The engineer who fixed the problem decided to take the cryptic approach: mm/dd/yy Resolved as fixed by alice It got better. It was a common practice during highly stressful periods to file humorous bugs in the defect tracking system, and once the initial bug was filed, it turned into a sort of collaborative performance effort. For some reason, milk is often a trigger. Many years ago, the vendor who supplies milk to Microsof...
A puzzle involving dynamic programming, or maybe it doesn't
Here's a programming challenge: Evaluate the following recurrence relation efficiently for a given array [x0, …, xn−1] and integer k. Hint: Use dynamic programming. In words: If the array has only two elements, then the result is the average of the two elements. If the array has more than two elements, then then the result is the sum of the following: Half the value of the function evaluated on the array with the first element deleted and the second parameter incremented by one. Half the value of the function evaluated on the array with the l...
The dangers of buffering up posted messages and then reposting them later
A customer wanted to check that their idea for solving a re-entrancy problem doesn't have any hidden gotchas. We have a window which processes incoming work. One of our work items enters a modal loop, and if new work gets posted to the window while the modal loop is running, our work manager gets re-entered, and Bad Things happen. Our proposed solution is to alter the modal loop so that it buffers up all messages destined for the worker window. (Messages for any other window are dispatched normally.) When the modal loop completes, we re-post all the messages from the buffer, thereby allowing the worker wind...
Functions that return GDI regions rarely actually return regions
For reasons I don't quite understand, the only functions in GDI and USER which create GDI regions are the functions with in their name, like or . All the other functions which return a region require you to pass an existing region to use as the output. I can see this being useful for , because you can set your output region to be equal to one of the input regions in order to update a region in place. But for all of the functions, having to create an output region is usually just an annoyance. I guess it lets you reuse a single dummy region over and over again, but in practice, you're just going to des...
Can CoCreateGuid ever return GUID_NULL?
A customer asked whether the function can ever return . Their code uses for special purposes, and it would be bad if that was ever returned as the GUID for an object. "Can we assume that never returns ? Or should we test the return value against , and if it is equal, then call and try again?" Some people started running a bunch of times and observing that it was spitting out type 4 GUIDs, which will always have a 4 in the version field. Then other people started wondering whether the use of Algorithm 4 was contractual (it isn't). Then still other people went back to read the RFCs which cover UUIDs...
Geeky t-shirt alert: Windows 7's so-called God Mode
Back in 2010, the so-called God Mode was the hit discovery of the Internet, at least until the next cute cat video made the rounds. If you had stopped by the Microsoft Visitor Center during that meme's brief moment in the sun, and wandered into the gift shop, you could have picked up a t-shirt that said on the front. Of course, if you actually wore that shirt, you would also get stuffed into a locker and have your lunch money stolen from you.
Enumerating set partitions with Bell numbers and Stirling numbers of the second kind
Just for fun, today's Little Program is going to generate set partitions. (Why? Because back in 2005, somebody asked about it on an informal mailing list, suggesting it would be an interesting puzzle, and now I finally got around to solving it.) The person who asked the question said, Below we show the partitions of [4]. The periods separate the individual sets so that, for example, 1.23.4 is the partition {{1},{2,3},{4}}. I replied with a hint, saying, "This page explains what you need to do, once you reinterpret the Stirling recurrence as an enumeration." Only now, writing up this post, did I real...
Different senses of scale create different travel expectations
A friend of mine had a business meeting near London, and he decided to extend it to a tour of Scotland and England once the meetings were over. (This is the same friend who took me on the emergency vacation many years ago.) His plan was to rent a car early one morning and drive from the meeting location all the way up to Aberdeen at one go, then slowly work his way back south, enjoying the sights along the way. He sanity-checked his plan against his colleagues from Great Britain. "I looked it up on multiple online mapping sites, and they all say that the trip from London to Aberdeen is doable in a day. I take m...
Why can’t I __declspec(dllexport) a function from a static library?
You can, but the function needs to be linked in.
When visitors to the United States underestimate the size of the country
A friend of mine who is from Lebanon (but now lives in Seattle) invited his grandmother to come visit for the summer. When she arrived, he asked her, "Grandma, is there anywhere in particular you would like to visit?" His grandmother replied, "I'd like go to to Washington, DC." "Okay, Grandma. Let me buy some plane tickets." "No, let's drive." "You want to drive all the way to Washington, DC? Here, let me show you on a map how far away it is." Grandma replied, "Let's do it." My friend said, "Okay, Grandma, we're going on a road trip!" He got the rest of the family on board with the plan, packed up the car, ...
Going for the facts: Who is displaying this message box?
A customer wanted to know whether had a problem with Unicode. A problem with it? Quite the contrary. loves Unicode! In fact, if you call the ANSI version, it converts the strings to Unicode and then finishes the work in Unicode. Okay, here's the customer's problem. We have a custom application written in managed code. When we launch the process from unmanaged code via , we sometimes get a bogus error message: WARNING! The specified path, file name, or both are too long. The fully qualified file name must be less than 260 characters, and the directory name must be less than 248 characters. The filena...
I think this person's monitor is broken: It doesn't know how to render text in capital letters
Some time ago, somebody asked a question about why, when they do 1 and 2, they get extra thing 3. "The extra 3 is there because of the 456 feature. BUT DO NOT DISABLE THE 456 FEATURE JUST BECAUSE YOU DON'T LIKE 3. The 456 feature is important, because it ensures that 2 runs to completion. Otherwise, you risk data loss." The person wrote back, "I disabled the 456 feature, and that fixed it. Thanks!" It appears that that person's monitor is broken: It doesn't know how to render text in capital letters.
Raymond's highly scientific predictions for the 2014 NCAA men's basketball tournament
Once again, it's time for Raymond to come up with an absurd, arbitrary criterion for filling out his NCAA bracket. This year, I look at the number of followers of of the basketball team's official Twitter account, or one tenth of the number of followers of the school's athletic department if the school's basketball team does not have its own dedicated Twitter account. The fraction 1/10 is completely arbitrary, but that's what makes this algorithm highly scientific. And yes, counting fans also includes people who hatewatch the team. I accept this, because if a lot of people hate a team, it's probably because...
Why do I have to hit an arrow key before a keyboard-initiated Move operation will follow the mouse?
TehShrike wonders why you have to hit an arrow key before a keyboard-initiated Move operation will follow the mouse. I don't know, but I think it's just a bug. Mind you, it's a bug with extraordinary seniority (probably going as far back as Windows 1.0). The Move and Size commands from the system menu are operated by the same common function, and the keyboard-initiated Size command requires you to hit an arrow in order to specify which edge you are trying to resize. The Move command doesn't need to let you pick a side (since moving is independent of sides), but the common helper function waits for the arr...
How do I show the contents of a directory while respecting the user's preferences for hidden and super-hidden files as well as the user's language preferences?
A customer was writing a program in (and this is what they said) "32 bit C++ .Net 4.0" which displayed the contents of a directory, and they wanted to filter out items such as hidden files and protected operating system files (also known as super-hidden files) based on the user's current Explorer preferences. Furthermore, they wanted to show localized folder names, such as Usarios instead of Users, again, the same way Explorer does. They are currently using . The way to do this is to use , the same way Explorer does. Don't pass or , and you will get the default enumeration that filters out hidden items based ...
How do I create an IShellItemArray from a bunch of file paths?
The interface accepts bulk operations in the form of an . So how do you take a list of file names and convert them into an ? There is no function, but there is a , and we know how to convert a path to an ID list, namely via . So lets snap two blocks together. The template function takes an array of paths and starts by creating a corresponding array of ID lists. (If you're feeling fancy, you can use a file system bind context to make simple ID lists.) It then pumps this array into the function to get the item array. Using a template allows you to pass an array of anything as the array of paths, as lo...
Why does the Directory.GetFiles method sometimes ignore *.html files when I ask for *.htm?
The documentation for the method says When using the asterisk wildcard character in a searchPattern, such as "*.txt", the matching behavior when the extension is exactly three characters long is different than when the extension is more or less than three characters long. A searchPattern with a file extension of exactly three characters returns files having an extension of three or more characters, where the first three characters match the file extension specified in the searchPattern. A searchPattern with a file extension of one, two, or more than three characters returns only files havin...
Operations jargon: Internet egress
As I've noted before, the operations team has their own jargon which superficially resembles English. Some time ago, they sent out a message with the subject A New Internet Egress Path Is Coming. Translation: We're changing the way computers access the Internet. Bonus jargon: traffic on the edge. This does not refer to traffic that is on the verge of a nervous breakdown. It merely refers to traffic that crosses the boundary between intranet and Internet.
On live performances of Star Trek
Spock's Brain is generally considered to be the worst episode of Star Trek. That may be why in 2009 Mike Carano decided to perform it as a theatrical production. Here is the opening scene, and here's Carano talking about the show's genesis. In the second video, skip ahead to 2:40 to see more clips from the show, or go to 4:35 for the fight scene. Whereas Carano played the show for laughs, the folks at Atomic Arts in Portland (yes, that Portland) played it straight for their Trek in the Park series, but they still get laughs because Star Trek. And yes, when the Enterprise is hit, everybody jerks to the lef...
How do I disable zone markers for downloaded files, so that Explorer stops being a nag about running downloaded files and just trusts me to do the right thing?
My Little Program about manipulating the zone identifier for downloaded files appears to have struck a nerve with commenter Tess, who launched into some sort of diatribe about how Microsoft should stop being a busybody and warning users about opening files that they downloaded. You are welcome to disable the feature if it offends you so. In the Group Policy editor, go to User Configuration, Administrative Templates, Windows Components, Attachment Manager, and enable Do not preserve zone information in file attachments. For bonus points, you can set a bunch of other policies to make your computer even more dan...
Why Johnny can't read music
In the book He Bear, She Bear, the musical instrument identified as a tuba is clearly a sousaphone. (For those who are wondering what the title has to do with the topic of musical instrument identification: It's a reference to the classic book Why Johnny Can't Read.)
Programmatically uploading a file to an FTP site
Today's Little Program uploads a file to an FTP site in binary mode with the assistance of the Wininet library. This program has sat in my bag of tools for years. The program accepts five command line arguments: site (no "ftp://" in front) userid password path for the file to upload location to place the uploaded file For example, I might say ftpput ftp.contoso.com admin seinfeld newversion.zip subdir/newversion.zip
Converting from a UTC-based SYSTEMTIME directly to a local-time-based SYSTEMTIME
Last year, I presented this commutative diagram A 2-by-2 grid of boxes. The top row is labeled FILETIME; the bottom row is labeled SYSTEMTIME. The first column is labeled UTC; the second column is labeled Local. The upper left box is labeled GetSystemTimeAsFileTime. There is an outgoing arrow to the right labeled FileTimeToLocalFileTime leading to the box in the second column labeled None. There is an outgoing arrow downward labeled FileTimeToSystemTime leading to the box in the second row, first column, ...
We’re currently using FILE_FLAG_NO_BUFFERING and FILE_FLAG_WRITE_THROUGH, but we would like our WriteFile to go even faster
Actually, those flags make it go slower.
Why do I have to add 1 to the color index when I set it as the hbrBackground of a window class?
Our scratch program sets the background color to by setting the class background brush as follows: What's with the ? Okay, first of all, let's backtrack a bit. The real first question is, "What's the deal with taking an integer () and casting it to a and expecting anything sane to happen?" The window manager wants to provide multiple ways of setting the class background brush. The application can request that no automatic background drawing should occur at all. The application can request custom background drawing and provide that custom drawing by handling the message. The application...
What order does the DIR command arrange files if no sort order is specified?
Whatever order it likes.
What two-year-olds think about when they are placed in time-out
My niece (two years old at the time) was put in the corner as punishment for some sort of misdeed. At the expiration of her punishment, her grandfather returned and asked her, "你乖唔乖?" (Are you going to be nice?) She cheerfully replied, "仲未乖!" (Still naughty!) In an unrelated incident, one of my honorary nieces was being similarly punished. She told her aunt who was passing nearby, "In a little while, my daddy is going to ask me if I'm sorry. I'm not really sorry, but I'm going to say that I am."
Adventures in automation: Dismissing all message boxes from a particular application but only if they say that the operation succeeded
Suppose you have a program that is part of your workflow, and it has the annoying habit of showing a message box when it is finished. You want to automate this workflow, and part of that automation is dismissing the message box. Let's start by writing the annoying program: This annoying program pretends to do work for a little while, and then displays a message box saying whether or not it succeeded. (Let's say it succeeds 80% of the time.) Our Little Program will automate this task and respond based on whether the operation succeeded. This is just a small extension of our previous program which logs the...
How can I detect that my program was run from Task Scheduler, or my custom shortcut, or a service, or whatever
Suppose you want your program to behave differently depending on whether it is launched from the Start menu, or by clicking the pinned icon on the taskbar, or by Scheduled Task, or from a service, or whatever. How can a program detect and distinguish these scenarios? The answer is you don't. And you shouldn't try. Instead of trying to guess how your program was executed, you should have the launcher tell you how they are executing your program. You do this by registering a different command line for each of the scenarios, and then checking for that command line in the program. (We saw a variation of this a lit...
What does the SEE_MASK_UNICODE flag in ShellExecuteEx actually do?
Somebody with a rude name wonders what the flag does. It does nothing. The flag was introduced when porting the Windows 95 shell to Windows NT. It happened further back in history than I have permission to access the Windows source code history database, but I can guess how it got introduced. One of the things that the porting team had to do was make Unicode versions of all the ANSI functions that Windows 95 created. Sometimes this was done by creating separate A and W versions of a function. Sometimes this was done by having separate A and W versions of an interface. Sometimes by adding a...
Why are leading digits converted to language-specific digit shapes, but not trailing digits, and how do I suppress the conversion entirely?
If you have a string like , and you render it on an Arabic system, you might get ٠١٢٣٤ABCDE67890. The leading digits are rendered as Arabic-Indic digits, but the trailing digits are rendered as European digits. What's going on here? This is a feature known as contextual digit substitution. You can specify whether European digits are replaced with native equivalents by going to the Region control panel (formerly known as Regional and Language Options), clicking on the Formats tab, going to Additional settings (formerly known as Customize this format), and looking at the options under...
A simple email introduction: Fan mail
One of my former colleagues on the Windows kernel team wasn't afraid to make changes all across the system when necessary. If the engineering team decided to upgrade to a new version of the C++ compiler, my colleague was the one who gave it a test-drive on the entire Windows source code, and fixed all the warnings and errors that kick up as well as ensuring that it passed the build verification tests before updating the compiler in the official toolset. Beyond that, my colleague also ran around being a superhero, writing tools that needed to be written, fixing tools that were broken, and generally being somebo...
Nieces sometimes extrapolate from insufficient contextual data
My brother-in-law enjoys greeting his nieces when they come over to visit by throwing them into the air and asking, "叫聲我?" (Who am I?) The nieces happily reply, "舅舅." (Uncle.) He then tosses them up into the air a second time and says, "大聲啲!" (Louder!) And the nieces happily shout, "舅舅!" One time, my wife was talking with her brother at a normal volume, and his niece came into the room and said to my wife, "大聲啲! 舅舅聽唔到!" (Louder! Uncle can't hear you!) Update: Per Frank's suggestion b...
Logging the contents of every message box dialog via automation
Today's Little Program logs the contents of every message box dialog, or anything that vaguely resembles a message box dialog. (Since there's no way for sure to know whether a dialog box is a message box or not.) This is the same pattern as the program we wrote last week, but with different guts when the window opens. This time, we see if the class name is , which UI Spy tells us is the class name for dialog boxes. (That this is the numerical value of is no coincidence.) If we have a dialog, then we look for a child element whose automation ID is , which UI Spy tells us is the automation ID for the text ...
How can I make sure my program is launched only from my helper program and no other parent?
Say you have a collection of programs which work together. One of them is the "master" program that runs the show, and it has a bunch of "assistant" programs that it launches to accomplish various subtasks. These assistants are not meant to be run by themselves; they are meant to be run only by the master program. How do you design the assistant so that it can only be run by the master? There's nothing you can do to force the assistant to be run only by the master, since anything you do to detect the case can be faked out by an attacker. (Worst case is that they just run your program under the debugger and patch...
What is the programmatic equivalent to unchecking the box to prevent a file from having its contents indexed?
A customer wanted to know how they could write a program that automatically checked and unchecked the box that appears on a file's property sheet on the General tab, clicking the Advanced button, and then checking or unchecking the item whose name keeps changing: The checkbox maps to the file attribute formally known as , and informally known as (pronounced like the word fancy). Checking the box clears the attribute, and unchecking the box sets the attribute. The customer liaison replied, "Thanks for your assistance. The customer was able to use the method with the values in the enumeration to manipulate t...
When will the static control automatically delete the image loaded into it, and when is it the responsibility of the application?
If you create a static control with initial contents (for example, by creating a or control in a dialog template), then the static control will load the contents upon creation and destroy the contents upon destruction. So at least in the case where you don't touch the static control, things will work automatically. But once you touch it, things get confusing. If you send the message to a static control, this does a few things (assuming your parameters are all valid): The previous image is replaced by the new image you passed. The message returns a handle to the previous image. The static control turns o...
If you cancel an operation while it's in progress, then it's not surprising that it's only half-done
A customer (via their customer liaison) started by asking why they were seeing an unexpected access control entry in the security descriptor of an object. The ACEs on the parent grant access to Administrators, CREATOR OWNER, SYSTEM, and Users, but the ACEs on the child object (which should simply have been inherited from the parent) include an extra entry for Bob. How did Bob get access to the child object? When we view the details of the ACEs, it lists the Bob entry as Inherited from parent. But there is no Bob entry in the parent! I observed, "Probably because Bob is the CREATOR OWNER." Thanks for the expla...
The Grand Duke's monocle is an affectation
In the Disney adaptation of Cinderella, the Grand Duke wears a monocle. The monocle moves from eye to eye during the course of the story. The Grand Duke's monocle is an affectation. Either that, or he needs a full pair of glasses, but is very frugal.
Writing automation to wait for a window to be created (and dismiss it)
Today's Little Program uses UI Automation to cancel the Run dialog whenever it appears. Why? Well, it's not really useful in and of itself, but it at least provides an example of using UI Automation to wait for an event to occur and then respond to it. Okay, let's see what's going on here. The program registers a delegate with UI automation which is called for any event that is an immediate child () of the root (). This will catch changes to top-level unowned windows, but not bother firing for changes that occur inside top-level windows or for owned windows. Inside our handler, we check if the window's t...
When someone proposes marriage, bear in mind that there is a question that needs to be answered
A colleague of mine was at a restaurant, and he spotted a young couple at the next table. The woman fawned over a classic diamond engagement ring, and when she put it on her finger, he decided that it was safe to ask them about it. They had gotten engaged earlier that day, and the man told the story of the proposal, up to the point where he asked her to marry him. My colleague then turned to the woman and teasingly asked, "And what did you say?" The woman chuckled, then suddenly her eyes opened wide with the realization that she had skipped over this important technical detail. She became dead serious and very...
Debugging: Diagnosing why malloc is failing
A customer had some code which was experiencing memory allocation failures when calling (which maps to ). The function returns , and reports . However, there was still plenty of memory free: The customer was continuing their investigation but was looking for some pointers since the bug took a day to emerge. Could it be heap fragmentation? (The program is uses the regular C runtime heap and does not enable the low-fragmentation heap.) One of the suggestions was to run the VMMap utility to see if the problem was exhaustion of virtual address space. And lo and behold, that was indeed the cause. The code had ...
When something gets added to a queue, it takes time for it to come out the front of the queue
SendInput puts it at the end.
The heavy metal umlaut encroaches into Seattle real estate
The heavy metal umlaut is creeping into Seattle real estate. I submit for your consideration the condominium known as Bleü. I can't even tell what language they are trying to pretend to be. There are other properties in Seattle with dots, but at least the dots aren't gratuitous. Hotel Ändra in Belltown takes its name from the Swedish word meaning to change. (The hotel is consistent with its use of the dots, but outsiders frequently omit them, changing the hotel's name to Andra, which means "Others".) Hjärta Condos takes its name from the Swedish word meaning heart. Hjärta is in the Ballar...
What is this extra thread in my process?
A customer liaison asked: After applying Service Pack 2 to Windows Server 2003, my customer found that a simple MFC application (just using the template, no customization) has two threads when it is supposed to have only one. After five minutes, one of the threads exits. This doesn't happen on Windows Server 2003 RTM or Windows Server 2003 Service Pack 1. Here is a stack trace of the extra thread: The parameters to seem to be consistent with . Assuming that's the case, the parameters are Can you explain what the purpose of this thread is? Did this behavior change as a result of the update? ...
Microspeak: Party, in various forms
To use with abandon.
Excuses I learned from babies
I was visiting a friend of mine, and his young daughter was being unusually cranky. He explained, "Oh, she's teething." I filed that away as an excuse I could use the next time I felt cranky. "Sorry about that. I'm teething." Here's another excuse you might want to use: "No, I'm not drunk. I simply lost interest in remaining upright."
Execute a file as if it were a program, even though its extension is not EXE
Today's Little Program executes a file as if it were a program, even though its extension is not EXE. The idea here is to prevent somebody from running your program by accident, so you give it an extension like . This is great for preventing somebody from running the program by mistake, but how do you do it on purpose? We're merely using the member of the structure to force the file to be interpreted as the type we specify, overriding the default type inference code.
VirtualLock locks your memory into the working set, even if your threads are blocked
Today, a correction to an earlier article on . When you lock memory with , it will remain locked even if all your threads are blocked. As noted in the Follow-up section at the end of the referenced article, the behavior of the operating system never changed. Virtually-locked pages were never unlocked in practice. What changed is that an implementation detail was elevated to contract. The intention when was originally designed was that virtually-locked pages were potentially unlockable if the application is not running. However, the memory manager folks never got around to implementing that part. At some point,...
The United States Team uniforms for the opening ceremony is rather hideous, and illegal, and a bit anachronistic
By the time you read this, the opening ceremony for a large sporting event organized by a lawsuit-happy organization may already have taken place. As part of the ceremony, the team representing the United States entered wearing ugly uniforms. They're so ugly that even the hideous Christmas sweater in your closet, the one with the reindeer and wreaths and candy canes, actually steps out, points, and laughs, saying "Ha ha, what an ugly sweater!" If you study the picture carefully, you will observe a number of things. First of all, the incorporation of the flag into the sweater pattern (and once in the pants) v...
If an asynchronous I/O completes synchronously, is the hEvent in the OVERLAPPED structure signaled anyway?
Yes. When an I/O completes (whether synchronously or asynchronously), the event is signaled and completion status notifications are queued. The function can be used to wait on an I/O that has already completed; it will merely return immediately. If you ask whether the I/O has completed, and the I/O completed synchronously, it will correctly report, "Yeah, of course it completed. Heck, it completed a long time ago!" In other words, you can logically treat the case of an asynchronous I/O request completing synchronously as if it had completed asynchronously. It just completes asynchronously before you even blin...
How do I prevent folders like My Pictures from being recreated?
Another converse of How do I programmatically create folders like My Pictures if they were manually deleted? and Why do folders like "My Pictures" come back after I delete them? is How do I prevent folders like My Pictures from being recreated? Starting in Windows 7, there is a group policy called Disable Known Folders which lets you specify a list of known folders which should be disabled. If somebody tries to create a known folder programmatically, the call will fail with . Note that this policy only blocks creation of the folder. If the folder already exists, then the policy has no effect. (You're l...
Racing email against a snail
The Windows team double-dogfoods Windows Server and Exchange Server, and while this is good for both products, it can be quite frustrating when something goes wrong. I remember back in the early days of the Windows 95 project, the mail servers once got so messed up that some email messages were not delivered for several days. After a colleague told me that he had just received an email message that I had sent several days earlier, I went to the library to look up the typical speed of a garden snail. (This was back in the days when you had to use an actual library to look up facts, and cat videos were avail...
The new research citation format, if students got to design it
References ¹ The Internets. ² Ibid. ³ Ibid.
How can I make a WNDPROC or DLGPROC a member of my C++ class?
Continuing my discussion of How can I make a callback function a member of my C++ class? Common special cases for wanting to use a member function as a callback function are the window procedure and its cousin the dialog procedure. The question, then, is where to put the reference data. Let's start with window procedures. The function and its close friend let you pass your reference data as the final parameter, prototyped as . As noted in the documentation, that value is passed back to the window procedure by the and messages as part of the structure. One of the first messages passed to a window is , s...
Why chicken wings dominate Super Bowl snack time
This upcoming Sunday is the biggest sports day of the year in the United States: The championship game for the professional American Football league. The entire country grinds to a halt. The most famous secondary effect of the game is the commercials. So many people watch the game that television advertisement costs are the highest for the Super Bowl, which means that companies will produce spectacular ads specifically for the Super Bowl, which means that more people watch the Super Bowl just for the ads. Another secondary effect of the Super Bowl is the spike in chicken wing sales. The United States chicken ...
Non-psychic debugging: If somebody's complaining that a collection should be empty but isn't, you might want to see what's in there
A programmer on the GHI team (yes, the same GHI team) reported that they were hitting an assertion failure using an internal library and asked for help debugging it. "Can somebody help me figure out which factory it is that did not get unregistered?" I didn't work on this internal library, but on the other hand I'm not afraid to look inside. Let's see what a looks like. No psychic powers needed here. I just followed my nose. The assertion says that a list is not empty. Therefore, we should look to see what is on the list. As a general rule, code is not intentionally written to be impossible to un...
Can process IDs be greater than 64000? Because we're seeing process IDs greater than 64000
A customer asked what to me was a very strange question. Can process IDs be greater than 64000? Because we're seeing process IDs greater than 64000. This is a strange question because the answer is right there: You're seeing process IDs greater than 64000 with your very own eyes. Do you doubt the evidence right there in front of you? It's like asking, "Is it possible to have an orange with no seeds? Because I have an orange with no seeds." We saw some time ago that process IDs can get very high indeed, although the kernel tries to keep the numbers small purely for cosmetic reasons. The customer explai...
One of my favorite error codes: Optional parameter missing
The error Optional parameter missing sounds awfully paradoxical, doesn't it. I mean, if the parameter is optional, why are you complaining that it's missing? This KB article explains why, specifically, the part that says, "If a parameter is omitted, the calling program must…". For those who don't want to click through, here's the deal: Methods described in a type library can declare parameters as optional. Optional parameters must come at the end of the parameter list, of course. The catch is how you programmatically invoke a method that contains optional parameters. If you want to call a method that h...
Why does my setup program detect the operating system incorrectly the second time I run it?
A customer reported that when their application called the function, it sometimes reported incorrect values. Specifically, the logs collected from clients shows that the first time the program was run on a Windows 7 machine, the operating system was correctly reported as 6.1.7600 (Windows 7), but the second time it was run, the operating system was erroneously reported as 6.0.6000 (Windows Vista). This was definitely strange behavior, and upon further questioning, the customer admitted that their application was a setup program. The fact that it was a setup program was the missing ingredient. What h...
The 2014/2015 Seattle Symphony subscription season at a glance
The pocket reference guide for 2014/2015.
How can I make a callback function a member of my C++ class?
Instead of a Little Program today, I'm going to answer a Little Question. This is a common beginner question, but I figure I'll just spell it out right here for posterity. First of all, you probably noticed that you can't do this: That's because the is declared as a so-called free function, but member functions are not free. Neither are function objects (also known as functors) so you can't use a as a window procedure either. The reason is that member functions and functors need to have a hidden parameter, but free functions do not have a hidden parameter. On the other hand, static methods are free fu...
Jan-Keno Janssen decides to rent a bicycle to get around Las Vegas; this is what happens
A different kind of run-around.
Non-psychic debugging: Looking for leaked objects by their vtable
A programmer on the GHI team reported that they were hitting an assertion failure using an internal library and asked for help debugging it. I didn't work on this internal library, but on the other hand I'm also not afraid to look inside and around. The assertion failure said, "Assertion failed: All widgets from a factory must be destroyed before you can unregister the factory." The factory does not keep a list of all the widgets it created. It merely keeps a count and asserts that the count is zero when the factory is unregistered." A good start would be to find the widgets that are still outstanding, ...
The Visual Effects dialog box just tells you what you want to hear
The Visual Effects dialog box has three options, "Let Windows choose what's best for my computer," "Adjust for best appearance," and "Adjust for crappiest appearance best performance." Some people have discovered the registry key where the Visual Effects dialog box remembers which radio button was most recently checked, but they found that when they programmatically manipulate the registry key, there is no effect on the actual visual settings. What's going on? What's going on is that the registry key is just there to tell you what you want to hear. It remembers which radio button you clicked, so that when you r...
Commissioner Bud Selig was named the first recipient of the Commissioner Bud Selig Leadership Award
In what was sure to have been a stunning surprise, last night, the first annual Commissioner Bud Selig Leadership Award was given out. And the winner was... Allan H. "Bud" Selig! I wonder who will win next year. Or who will win the Bud Selig Lifetime Achievement Award. Perhaps just to save time, they will name Bud Selig the Bud Selig Leadership Award Recipient For Life.
What clock do MSG.time and GetMessageTime use?
The structure has a field called which is a . There is also a function which returns a . Both are documented as returning the time the message was generated, but the types are different. Are these time units comparable? Yes, they are the same thing. They all use the 32-bit timer provided by the function. Sorry about the inconsistency in signed/unsigned-ness. Feel free to cast between them; they are fundamentally the same thing. Whether you prefer the signed or unsigned version depends on what you intend to do with the calculation, specifically, how you want to treat the case where the events occurred out...
When the Web page says that a tool is not supported, it means that if you find a problem and contact technical support, they're just going to point you back to the Web page
I file this under the category of People refuse to read what is right in front of them. There used to be a number of utilities available for download which all go by the name PowerToys. And they all contain text like this: Note: We take great care to ensure that PowerToys work as they should, but they are not part of XYZ and are not supported by Microsoft. For this reason, Microsoft Technical Support is unable to answer questions about PowerToys. This sentence isn't exactly in the fine print either. It's right there at the top of the page. This nevertheless does not stop a customer from contacting their su...
Hello Kitty takes a rather inefficient trip to the United States
In the book Hello Kitty Takes a Trip, the title character travels to New York, Florida, Vermont, and Hawaii, in that order. Now, sure, the Traveling Salesman Problem is NP-hard, but you're not even trying.
How do I get a high resolution icon for a file?
Jumbo size.
Psychic debugging: Why messages aren't getting processed by your message pump
The second parameter to the is an optional window handle that is used to tell the function to retrieve only messages that belong to the specified window. A filtered is nearly always a bad idea, because your program will not respond to messages that don't meet the filter. Unlike a filtered (which simply returns "no messages satisfy the filter"), blocks your thread and does not return until a satisfactory message arrives. Instead, they just pile up like newspapers on your doorstep. A common mistake I encounter is using a filtered as the main message pump: I don't know for sure, but I'm guessing that t...
The curse of the leading zero
Remember octal? I don't.
There are so many things that call themselves message queues
There are a whole bunch of things in Windows that call themselves message queues, and none of them have anything to do with each other. There is the window manager message queue, which holds window messages. And there is the Microsoft Message Queue (MSMQ) which is a networking technology for allowing multiple computers to communicate with each other by sending and reading messages. The Windows Mobile folks didn't want to feel left out, so they created their own Message Queue Point-to-Point message queue system. These are all unrelated technologies. Trying to, say, read window messages from a MSMQ message ...
How do I hit the Win+PrintScreen hotkey if my tablet doesn't have a PrtSc key?
Windows 8 added a new hotkey: Win+PrtSc takes a snapshot of your screen and puts it into the Screenshots folder of your Pictures library. But what if you are on a tablet with no PrtSc key? On tablets, you can perform the same operation by pressing Windows button + Volume down. Both of these are the hardware buttons on the tablet, not on any keyboard.
The Dead Grandmother/Exam Syndrome
A statistical analysis.
Creating a listview with checkboxes on some items but not others
Today's Little Program creates a listview with checkboxes on some items but not other. The extended style is really just a convenience style. Everything it does you could have done yourself, with a bit more typing. It creates a state image list consisting of an unchecked box (state 1) and a checked box (state 2). You could have done this yourself with followed by a few calls to . When you hit the space bar or click on the check box, the state image toggles between 1 and 2. You could have done this yourself by responding to (for the space bar), and the mouse notific...
How do I manually recalculate ACLs on a file based on the containing directory?
A customer wanted to move a file and have it forget all its old ACLs and instead inherit its ACLs from its new location. They found an old article of mine that said If you use to move a file and pass the flag, then it will not preserve the original ACLs on the moved files but will rather recalculate them from the destination's inheritable properties. (If you want to do the same thing in your own code, you can call the function, specifying that you want an empty, unprotected DACL.) They were having trouble implementing the recommendation in parentheses. We set the file to have an SDDL of in order to give ...
Can you dllexport/dllimport an inline function?
Yes, but it won't actually do much.
The case of the missing context menu verbs
A customer reported that when they right-clicked a batch file, a bunch of commands were missing. For example, Open was gone! Okay, there really isn't much of a story here, because some direct debugging quickly identified the culprit. The customer had installed a third party shell extension which returned a huge value from its method. Explorer told the shell extension, "Hey, like I've got room for 30,000 menu items. How many do you need?" The shell extension replied, "I'll take 29,995 of them." And so the shell extension sucked up nearly all the menu IDs, and by the time the Open command handler came along, ...
The case of the mysterious Alternate Data Stream query
A customer was running Windows Server 2003 ("Still in support until 2015!") and they have some custom application that monitors all disk accesses. They noticed that there were a lot of failed Alternate Data Stream queries coming from Explorer, and that was causing the custom application's logs to fill with largely useless information. These Alternate Data Stream queries are being made in order to extract file metadata for the pop-up infotip. (Windows later abandoned the use of Alternate Data Streams for file metadata since Alternate Data Streams were so fragile and were easily damaged or lost.) The customer fou...
Excuses college students use for missing assignments
My father recently retired after over 40 years as a college professor. During that time, he has seen all sorts of lame excuses students offer for missing homework assignments. Eventually, he got tired of dealing with them, so he instituted the following homework policy: There are nine homework assignments in this class, broken into three groups of three. I will take the best score from each group and drop the other two. Therefore, you can turn in as few as three homework assignments and still get full credit for homework. Late homework will be graded so you can learn from your mistakes, but the score will not c...
How do I obtain the computer manufacturer's name via C++?
The way to get the computer manufacturer and other information is to ask WMI. WMI is much easier to use via scripting, but maybe you want to do it from C++. Fortunately, MSDN takes you through it step by step and even puts it together into a sample program. But I'm going to write the code myself anyway. Today's Little Program extracts the computer name, manufacturer, and model from WMI. Remember that Little Programs do little or no error checking. And the smart pointer library we'll use is (rolls dice) ! Those include files and macros set things up so we can use to access WBEM interfaces. The fir...
What happened in real-mode Windows when somebody did a longjmp into a discardable segment?
During the discussion of how real-mode Windows handled return addresses into discarded segments, Gabe wondered, "What happens when somebody does a into a discardable segment?" I'm going to assume that everybody knows how traditionally works so I can go straight to the analysis. The reason is tricky is that it has to jump to a return address that isn't on the stack. (The return address was captured in the .) If that segment got relocated or discarded, then the jump target is no longer valid. It would have gotten patched to a return thunk if it were on the stack, but since it's in a , the stack walker didn'...
If the cursor clip rectangle is a global resource, how come I can't change it with ClipCursor?
A customer reported that the function was not working. "The cursor clip rectangle is a shared global resource, so I should be able to change it any time I like. My app installs a global mouse hook and sets the clip cursor inside the hook function, but the change doesn't have any effect. Why can't I change the clip cursor inside a mouse hook?" Sure, you can change the clip cursor inside a mouse hook. But remember, a shared global resource cuts both ways. Since anybody can change it, your app can change it any time it likes. But since anybody can change it, another app can also change it any time they like. In t...
We know your job is hard, you don't have to show us
Some years ago, I attended a internal presentation where one group was teaching another group how to use their new feature. This particular feature was a "Just plug in the things you want, click the Apply button, and sit back and relax while we figure out how to do what you asked" type of feature. The presentation leader showed some examples of the feature in action, and gave some clear, concise guidance on how the feature should be used, guidance like "Use Pattern A when the user is faced with a choice between two clear options, but use Pattern B when the situation is more open-ended." So far so good....
2013 year-end link clearance
Another round of the semi-annual link clearance. And, as always, the obligatory plug for my column in TechNet Magazine: The retirement of TechNet Magazine also spells the end of the Windows Confidential column, so this is the last of the obligatory plugs, at least until I have some other obligatory thing to plug.
New Year's Eve is sometimes a stressful occasion
Today is New Year's Eve, another opportunity for to mark that an approximately-integral number of revolutions of the earth have occurred since some point in time that wasn't even calculated correctly in the first place. (We retain it for backward compatibility.) December 31, 1999 was a particularly anxious day in the technology sector. Microsoft's Director of Y2K Readiness and vice president of Product Support Services described some of the steps that were being taken to prepare for any timekeeping-related issues that would arise as the calendar ticked over to 2000. We've analyzed phone capacity, IT systems ba...
There's no seating up there, so you just have to hang on for dear life
I dreamed that through a friend, I got to join a handful of other people atop Prince Charles's carriage as it wound its way through London. There was no seating up there, so you just have to hang on for dear life. When we reached Buckingham Palace, the assembled crowd and reporters swarmed the carriage for an opportunity to meet the Prince. This provided a sufficient diversion to allow us to climb down from the roof and sneak into the palace undetected. We've come to the end of the year, so that's all for Monday dream blogging. For those of you who hated it: You can uncover your eyes now.
How can I get the list of programs the same way that Programs and Features gets it?
A customer wanted to get the list of programs the same way that the Programs and Features folder gets it. Here, here's an idea: Instead of trying to mimic the Programs and Features folder, just ask the Programs and Features folder for its contents! That way, no matter what changes are made to how the Programs and Features folder obtains its contents (and those changes occur pretty often), your program will always match it, because you're just showing the same thing. Here's the basic idea, in scripting language since it's quicker: Okay, first of all, how did I get that magic string for the Programs and Feat...
Brief Q&A on the HeapEnableTerminationOnCorruption heap information flag
Question: What type of heaps are controlled by the flag? Answer: Any user-mode heap created by the function. This includes the process heap () but not the managed heap. Some components use under the hood. If so, then those heaps would also be affected. Question: What versions of Windows support ? Answer: The flag was introduced in Windows Vista and Windows Server 2008. It is also available on Windows XP Service Pack 3. In table form: Question: For operating systems that support it, under what conditions will termination on corruption be enabled? Answer: Question: What is the effect of setting the su...
I think we're going to be getting frozen leftovers for lunch today
There are a few times a year when a large fraction of employees are out on vacation at the same time, such as a single work day wedged between a holiday and a weekend (as happened this year on July 5). The most extreme case of this is the week between the Christmas holiday and New Year's Day, where the offices are practically empty. On these days of low demand, many services are scaled back and some choose to close entirely so that they can do inventory, perform routine maintenance, or upgrade equipment. One of the most visible service reductions is in food service. Smaller locations (such as snack bars) a...
Why is GetWindowLongPtr returning a garbage value on 64-bit Windows?
A customer was running into problems with their application on 64-bit Windows 8. They claimed that on Windows 8, the is returning a garbage pointer, which causes their program to crash. The same program works fine on 64-bit Windows 7. They asked the Windows team why they broke . An investigation of the customer's code quickly turned up the issue: See if you can spot the problem. The error is in the line that calls . It takes the 64-bit pointer value and casts it to a , which is a 32-bit integer type. This truncates the pointer and throws away the upper 32 bits of data. Therefore, when re...
The chain of stories triggered by seeing a package of Ahoj-Brause
While surfing the Web aimlessly doing valuable background research, I happened across a page that had a picture of a package of Ahoj-Brause (pronounced ahoy browse-uh). Seeing that package triggered a bunch of memories. My emergency vacation from several years ago included a visit to a friend spending the year at Uppsala University in Sweden. The following year, he invited one of his classmates (a student from Germany) to the United States to join his family for the Christmas holiday season. She brought with her some small gifts, among them a package of Ahoj-Brause. On its own, Ahoj-Brause is just a drink mix...
Essays from the funniest man in Microsoft Research
James Mickens has written a number of essays for ;login: magazine. The wall-of-text presentation is kind of scary, and the first time I encountered them, I skimmed the essays rather than reading them through. As a result, my reaction was, "I got tired." But if you follow the path and read the essays through, you realize that they are all brilliant. You can't just place a LISP book on top of an x86 chip and hope the hardware learns about lambda calculus by osmosis. and in the "so funny because it's true that it wraps around and isn't funny any more, but then wraps around a second time and is funny again, but ...
That doesn't sound like South Frisian to me
I dreamed that I was back in college taking a course in South Frisian, but I suspected something was up because the words didn't sound Germanic at all, and we were taught the words to a Christmas carol as Nom Yom Hear What I Hear? Also, because the course was taught by known prevaricator/exaggerator Robert Irvine.
Creating custom tasks on a jump list
Today's Little Program adds a custom task to the application's jump list. Take the scratch program and make the following changes. (Remember, Little Programs do very little error checking because that's how they roll.) This helper function creates an in-memory shell link object with the specified title, command line arguments, and icon. The underlying executable is assumed to be the running executable. When our window is created, we get the destination list for our application and ask it for an object collection so we can fill it with tasks. We empty the existing collection and add a single shortcut call...
Wouldn't the Recycle Bin sample program have been simpler without COM?
Steve Wolf suggests that the sample program would have been much simpler had the shell extension model been a flat Win32 interface. Okay, let's try it. Since this is an extension model, each extension needs to specify the callbacks for each namespace operation. Perhaps it could have been done like this: This would be the function that allows a third party to create a shell folder implementation. You pass it a bunch of flat callback functions, one for each operation that a shell folder supports, so that when the application tries to perform that operation on your custom folder, the operating system can as...
How do I display an RTL string in a notification balloon on an LTR system?
Suppose you have a program that is written in Arabic or Hebrew and you want to render some text. No problem. You just call and pass the flag to say, "Please render this string in an RTL context." Many other text-rendering functions have a similar flag, such as for . But what if you don't control the call to or or whatever other function is being used to render the text. If you don't control the call, then you can't pass along the magic "Please render this string in an RTL context" flag. If you're lucky, the component that is doing the rendering has some analogous flag that tells it to render in RTL cont...
Whether your application should display its content in RTL should be based on the content
A customer had the following puzzle: We have a small bootstrapper application that consists of a dialog box and a few message boxes. The problem is that we want our application to work properly on Arabic and Hebrew systems, and we can't come up with a good way to determine text direction of the underlying system. We found this article by Michael Kaplan that tells us how not to do it, which is great, but what's the recommended way of actually doing it? You already know whether you should be displaying your application's UI in LTR or RTL: If this is the Arabic-localized or Hebrew-localized version of your app...
Tales from "The Box": A survey of crackpots in physics
David Dixon, assistant professor of physics at Saddleback College, gave a presentation while he was at California Polytechnic State University titled Tales from "The Box", in which he presents selected contents of The Box, an archive of what is charitably describe as "unsolicited materials", but which is in more plain language "stuff sent to us by crackpots." (Warning: Sound quality is terrible.) He describes the various types of crackpots, common themes, behaviors that set off red flags in professional scientists, and how crackpot theories can be used in instruction. In the talk, he excerpts A Little Bit of ...
Why doesn't the New Folder command work in the root of a redirected drive resource in a Remote Desktop session?
When you connect to another computer via Remote Desktop, you have the option of injecting your local drives into the remote computer, known as Device and Resource Redirection. These injected drives are available under the UNC where X is a drive letter on the local machine. The name combines a bunch of internal technical terminology, so it makes perfect sense to the people who wrote it, but not as much to outsiders. (They may have chosen this name just to make themselves look smart.) The letters TS stand for Terminal Services, which was the former name of the technology now known as Remote Desktop. And the wo...
That fee was so that we wouldn't have to raise our prices
I dreamed that I got screwed by Ticketmaster. I was relieved when I woke up and found out it was only a dream. Bonus chatter: The economics of Ticketmaster. It reminds me of a company who added a service fee to an existing rate plan, and in their FAQ for the service fee, they explained, "That fee was so that we wouldn't have to raise our prices." This is some sort of bizarro-world logic. Yes, I know that this is so that the company can continue to advertise an artifically low "price" in all their marketing materials, and then make up the difference by tacking on a boatload of fees. A colleague of mine was pu...
Disabling the PrtSc key by blocking input
A customer asked how to disable the PrtSc key in the On-Screen Keyboard. There is no way to disable the PrtSc key in the On-Screen Keyboard. The On-Screen Keyboard shows a keyboard, and you can click any virtual key you like. There is no policy to remove specific keys from the On-Screen Keyboard. But this was a case of a customer breaking down a problem and asking a question about a specific part of the problem instead of presenting the entire problem so that a solution to the overall problem could be developed. The customer's real goal was to disable the PrtSc key in general. They had figured out how to d...
Turning off the disco lights on the Start screen
Blinky blinky.
How do you intercept taskbar notification balloons?
A customer wanted to know how they could monitor and intercept taskbar notification balloons. In particular, they wanted to intercept the clicks on a particular balloon and take alternative action. There is no supported mechanism for intercepting taskbar notification balloons or redirecting clicks on them. Imagine if that were possible: Fabrikam would intercept notification balloons for Contoso. If they had access to the balloon text itself, they might change the message from "Contoso products are back in stock. Click here to place your order." to "Special offer for Contoso customers: Take 10% off your first or...
Some vice presidents forget that not everybody attends the same meetings that they do
There are some vice presidents who forget that not everybody attends the same meetings that they do. When they send email to the entire division, they use buzzwords and acronyms that are not widely-understood. For example, they may mention the great progress that the Nosebleed team is making with DOXLA,¹ but that doesn't mean much to people who aren't on the Nosebleed team. Meanwhile, the people on the Nosebleed team probably don't know what the vice president is talking about when they compliment the Bunion team's recent breakthough in MT1 alignment.¹ When that happens, I like to send email back to t...
Mysterious email, possible social engineering, whatever it was, it didn't work
A colleague of mine got a strange piece of email. It went something like this, although I've substituted a fictitious nation and fictitious company name to protect the guilty(?). Subject: St. George's Island Embassy Trade Mission: Meeting request on behalf of Contoso Corporation Dear ⟨name⟩, I am contacting you following the advice of ⟨senior executive⟩, CTO of Microsoft Pangaea. The St. George's Island Embassy Trade Mission is currently assisting a local company, Contoso. Contoso would like to present ⟨technology⟩ to Microsoft. Details are in the attached document. Would...
This was only a test; if this had been an actual concert…
I dreamed that there was a fire in Benaroya Hall during a concert. The flames swirled overhead up by the ceiling. The exit doors had been blocked by security, so people flowed from door to door looking for a way out. Ha-ha, it was just a drill, and the flames were pyrotechnics. This dream brought to you by Great Ideas in Public Safety.
Destroying all child processes (and grandchildren) when the parent exits
Today's Little Program launches a child process and then just hangs around. If you terminate the parent process, then all the children (and grandchildren and great-grandchildren, you get the idea) are also terminated. The tool for this is the Job Object. Specifically, we mark the job as "kill on job close" which causes all processes in the job to be terminated when the last handle to the job is closed. We must therefore be careful not to allow this handle to be inherited, because that would create another handle that needs to be closed before the job is terminated. And of course we need to be careful not to...
Is it wrong to call SHFileOperation from a service?
A customer had a simple question: "Is it wrong to call from a service?" I don't know if I'd call it wrong, but I'd call it highly inadvisable. Update: See Is it wrong to call SHFileOperation from a service? Revised.
What’s up with the registry key HKEY_CLASSES_ROOT\CLSID\CLSID?
It's the class moniker.
What's the difference between the wParam of the WM_NOTIFY message and the idFrom in the NMHDR structure?
The message takes the following parameters: Notice that the identifier of the control sending the message appears in two places, once in the and again in the . What's the difference? There is no difference. It's just a convenience. The same value is passed in both places, and you can check whichever one is easier for you. You might use the because it avoids having to dereference a pointer. You might use the because that way you have only one thing to pass to your helper function. Whatever floats your boat. Passing the same information multiple ways is hardly new. The message also passes redundant inf...
Sir, is this your high-speed ferry?
The Victoria Clipper is a high-speed ferry that runs primarily between Seattle and Vancouver Victoria, BC. Early Sunday morning, a man scaled a fence and drove off with one of the boats. The issue was resolved without major incident and only minimal damage, which means that it is now open season on jokes! "Why yes, officer, this is my ferry. I must have left the registration in my other pants." According to the vessel superindendent, "There is a joystick and he thought it was like an Xbox," ending up driving the boat in circles. You can see the GPS track here (photo 19). Of course, if the thief had had a K...
How do I configure the timeout used by UI0Detect (Interactive Services Detection service)?
Windows Vista introduced Session 0 Isolation which enforces the rule that services should not display UI. If a service tries to display UI, another service known as the Interactive Services Detection service detects this situation and signals the user that a service wants to display UI and gives the user an opportunity to switch to the service desktop, respond to the UI, and then switch back. If the user ignores the service for about one minute, it switches back automatically, on the assumption that something went bad with the detection and the service is actually finished with its UI. (That way, the user ...
The walls of my friend's house sometimes randomly got corrupted
One evening, I had a series of three dreams. In each one, I visited an unusual home. In the third dream, I visited the home of a friend of mine. He lived in a white stucco split-level, a stereotypical suburban home. What made the house interesting was that if you did things just right, dark dots would appear on the wall and slowly consume it. My friend explained, "This house is running a very old build of DirectX, and sometimes it just does that." We set up a repro and calculated that when the dots appeared, stack usage was exactly 5124 bytes. This was a 16-bit house, and the stack overflow into the heap cause...
Logging the foreground process as it changes
Today's Little Program simply logs all changes to the foreground window by recording the path to the application the user switched to. You might use this as part of a usability study to monitor what applications users spend most of their time in. Most of this code is just taking things we already know and snapping them together. Using accessibility to monitor events, specifically to monitor foreground changes. to get the process ID from a window. to get a handle to a process given the process ID. to get the path to the application from the handle. (For Windows XP, yo...
Notes on gift card and gift certificates in the state of Washington
Today is the unofficial start of the holiday shopping season. One of my colleagues read the fine print of a gift card he received: A monthly maintenance fee of $3 applies but is waived for the first twelve months after the card is issued. Thereafter, monthly maintenance fees are waived for an additional three months if the card is used in any given month. This seems kind of backwards. They charge a maintenance fee if you don't create any work for them. Shouldn't the maintenance fee be charged when you use the card, rather than when you don't? This "maintenance fee" is really just an "account inactivity fee". ...
Why can't I create my dialog with DialogBox, DialogBoxParam, CreateDialog, CreateDialogParam, or the indirect versions of same?
One of the purposes of my dialog manager series was to help people diagnose problems with their dialog boxes. But since I embedded the tips inside the series body, it's hard for people to find them, and I still end up answering the same questions over and over. So here it is in a separate article that hopefully people can find. Why your call to or is failing. This also goes for , but perhaps extra so because the MFC source code says even though the problem is rarely due to an error in the template. A wrong comment is worse than no comment at all.¹ I've decided to put the reasons in most-likely-e...
Things that can happen when your kitchen gets taken over by others
Today is the Thanksgiving holiday in the United States, one of the the major holidays for family get-togethers. (Another big one is Christmas.) One year, it was our family's turn to host Thanksgiving, and when that happens, it means that the kitchen is overrun by relatives cooking all the dishes and hunting through the cabinets and drawers of an unfamiliar kitchen. One year, I learned that a pastry blender can be used as a potato masher and that a cheese planer can be used as a pie server. This is what happens when other people use your kitchen. It could also mean that my kitchen has too many froofy gadgets. ...
If you try to declare a variadic function with an incompatible calling convention, the compiler secretly converts it to cdecl
Consider the following function on an x86 system: The function declares itself as , which is a callee-clean convention. But a variadic function cannot be callee-clean since the callee does not know how many parameters were passed, so it doesn't know how many it should clean. The Microsoft Visual Studio C/C++ compiler resolves this conflict by silently converting the calling convention to , which is the only supported variadic calling convention for functions that do not take a hidden parameter. Why does this conversion take place silently rather than generating a warning or error? My guess is that it's...
The case of the DLL that refuses to load
A customer reported that they had a problem that occurred only on some machines but not others. Their application called and the call succeeded on some machines, but failed on others with error ("The specified module could not be found"). The path was a fully-qualified path to a file that was confirmed to exist and be readable. If the command was used in the debugger to break when the DLL loads, the breakpoint does fire, but a breakpoint on Contoso's is never hit. "I think this means that the problem is not that Contoso failed to initialize, but what does it mean?" If you get a break from but no brea...
Why did Raymond bring a knitting bag to every meeting?
I stopped knitting a few years ago, but back when I knitted regularly, I tended to bring my knitting bag with me everywhere I went. There are a lot of idle minutes in your typical day. Waiting for the bus, waiting in line for the ATM, waiting for a meeting to start. There's not enough time in those idle minutes to do anything substantial, but it's enough time to sneak in a little bit of knitting. But there's another reason I brought a knitting bag to every meeting. Nothing says "I don't care about this meeting" like knitting.
My friend lived in an apartment inside a museum
One evening, I had a series of three dreams. In each one, I visited an unusual home. In the second dream, I visited the home of a friend of mine. She lived in a modern luxury apartment inside an art museum. It was a little tricky, because you could visit her only during museum hours. If you stayed past closing time, then you were locked inside the museum, and you were spending the night whether you liked it or not. On the other hand, it meant that you could go out an view the art to your heart's content without any crowds. And no, the museum did not come to life. You just got free run of a museum for the nigh...
Extracting GPS coordinates from a photo and plotting it on a map
Today's Little Program extracts GPS coordinates from a photo and plots it on a map. Remember, Little Programs do little to no error checking, because that's how they roll. We start with a simple function that takes a latitude and longitude and opens a Web page that highlights that coordinate. In a real program, you probably would do something more interesting with the coordinates, but I'm opening a Web page just to do something. The class is an incredibly lame wrapper around for RAII purposes. The function is where the real work happens. GPS latitude and longitude are encoded in the shell property sy...
How do I get the effect of CW_USEDEFAULT positioning on a window I've already created?
A customer wanted to know how to get the effect of positioning on a window that already exists. In particular, they wanted to be able to reposition a dialog box to get the cascade effect, but since you can't actually pass in a dialog template, the repositioning has to be done after the fact. (Presumably in the handler, which runs before the dialog is visible, so that there is no visible flicker.) The solution here is simple: Create a temporary invisible window with as its position and the same height and width as your dialog box. See where the window manager puts that temporary window and move your dialog...
How do I get the path to the default user's profile?
A customer wanted to know how to get the path to the default user's profile. On older versions of Windows, the default location of the default user's profile was . Then it moved to . Now it's in . And the location may have been customized, so in principle it could be anywhere. The function to get the default user profile's directory is is the deviously-named . But the reason I'm writing this article is not to call your attention to the function, but rather to something in the function documentation. The documentation for the function includes the strings and , so all somebody had to do was type either of ...
Why don't all of my documents show up when I arrange my Documents library by Name?
A customer reported that when they opened their Documents library on Windows 7, some files were missing if they selected Arrange by: Name or Arrange by: Author or in fact any arrangement other than Arrange by: Folder. What's going on? When you arrange the Documents library by anything other than Folder, the Documents library uses the content indexer to obtain results quickly, rather than kicking off a recursive disk search (ugh). (The Folder arrangement does not require a recursive search, so it can use the traditional / loop to get the results. A member of the search indexer team suggested that a common ...
Why is the Program Files directory called Program Files instead of just Programs?
Some people suggest that one thing Microsoft Research could do with that time machine they're working on is to go back in time and change the name of the Program Files directory to simply Programs. No, it really should be Program Files. Program Files are not the same as Programs. Programs are things like Calc, Notepad, Excel, Photoshop. They are things you run. Program Files are things like and . They are files that make programs run. If the directory were named Programs, then people who wanted to run a program would start digging into that directory and seeing a page full of weird DLL names and wonder "W...
My friend lived in a tiny house with an enormous garage
One evening, I had a series of three dreams. In each one, I visited an unusual home. In the first dream, I visited the home of a friend of mine. But instead of living in his condominium in the city, he lived in a house built into the side of a cliff. The house commanded a breathtaking view of the valley below, but the living quarters weren't very large. This was to his liking. "Moving in didn't take long." The top floor was a single room the size of a typical bedroom. The bottom floor was half that size. There was a six-inch-square mesh of wire covering the downstairs walls. "That lets the dog roam freely down...
How can I launch an unelevated process from my elevated process and vice versa?
Going from an unelevated process to an elevated process is easy. You can run a process with elevation by passing the verb to or . Going the other way is trickier. For one thing, it's really hard to munge your token to remove the elevation nature properly. And for another thing, even if you could do it, it's not the right thing to do, because the unelevated user may be different from the elevated user. Let me expand on that last bit. Take a user who is not an administrator. When that user tries to run a program with elevation, the system will display a prompt that says, "Hey, like, since you're not an ad...
Restoring symbols to a stack trace originally generated without symbols
Has this ever happened to you? Ugh. A stack trace taken without working symbols. (There's no way that is a deeply recursive 60KB function. Just by casual inspection, you know that the symbols are wrong.) To see how to fix this, you just have to understand what the debugger does when it has no symbols to work from: It uses the symbols from the exported function table. For every address it wants to resolve, it looks for the nearest exported function whose address is less than or equal to the target value. For example, suppose has the following exported symbols: Look at it this way: The debugger is gi...
Why is my FormatMessage call crashing trying to read my insertion parameter?
A customer was looking for assistance in debugging a crash in their product. The stack trace looked like this: The string being formatted is , and the insertion is a long (but valid) string. A unit test which passes a similarly long object name to does not crash. What is the problem? There are clues in the stack trace. The natural place to start is the function that calls to see what parameters are being passed in. And that's where you see something strange: (The clue in the stack trace was the word fallback in the function name, which suggests that if the formatting attempt fails, it'll try again som...
A possibly unbeatable record for the shortest amount of time between an email message and its resend
I occasionally bring up the issue of people who ask a question and then repeat the question, especially people who repeat the question with some impatience. At the time, the record for the shortest time between the message and its repeat was eight minutes. But I think I have something unbeatable. From: X To: ABC Team I hit this crash in ABC. Can somebody take a look at it? A half hour later, somebody replied: From: A To: X, ABC Team This looks like the problem is really in the DEF component. You should have the DEF team look at it. Person X waited a few hours, then got impatient. From: X T...
Microspeak: Spinning up or kicking off a build
Round and round.
How did Raymond discover his carrier-screaming talent? And his homemade Marauder's Map
George wonders, "I am curious how Raymond found about his talent. Maybe it will be an interesting post." This isn't like a superhero who discovers as a young adult that he has powers beyond that of mortal men. And there was no radioactive spider. It was a simple case of problem-solving. The basic way of checking whether the mainframe was up was to go into the lab and see if the terminals responded. But of course this meant having to hang around in the lab building all day. The next way of checking whether the mainframe was up was to stay in your dorm room doing some other work while listening to a portable ...
What's the point of the various …WhenCallbackReturns functions?
The thread pool provides a number of functions named . What's the point of all these functions? Why can't you just do the operation yourself immediately before returning? We saw last time. What's the point of the others? Basically, the same thing as . It's a way to release a resource after execution has left the function and the callback is marked as complete. In the case of a synchronization resource, that resource may be what's keeping somebody from unloading your DLL, or it might protect a race condition between the callback function and a function that tries to cancel the callback.
Partially eliminating the need for SetThreadpoolCallbackLibrary and reducing the cost of FreeLibraryAndExitThread
Update: Daniel points out that there is still a race condition here, so this trick won't work. Rats. The documentation for the says This prevents a deadlock from occurring when one thread in DllMain is waiting for the callback to end, and another thread that is executing the callback attempts to acquire the loader lock. If the DLL containing the callback might be unloaded, the cleanup code in DllMain must cancel outstanding callbacks before releasing the object. Managing callbacks created with a that specifies a callback library is somewhat processor-intensive. You should consider other options for en...
CoUninitalize will ask a DLL if it is okay to unload now, but the answer is a foregone conclusion
The entry point is exported by COM in-proc servers. COM host applications call periodically to ask COM to do DLL housecleaning, and in response, COM asks each DLL if it is okay to be unloaded. If so, then COM unloads the DLL. What is not well-known is that COM also does DLL housecleaning when you shut down the last apartment by calling . When that happens, COM will still go around asking each DLL whether it's okay to be unloaded, but the question is merely a formality, because regardless of your answer, COM will unload you anyway. The story here is that COM is being shut down for the process, so COM knows ...
What is the point of FreeLibraryAndExitThread?
The function seems pointless. I mean, all the function does is Who needs such a trivial function? If I wanted to do that, I could just write it myself. And then you discover that occasionally your program crashes. What's going on? Let's rewind and look at the original problem. Originally, you had code that did something like this: This worked great, until somebody did this to your DLL: This code fragment calls your function and then immediately unloads the DLL, presumably because all they wanted to do was call that one function. Now you have a problem: That call frees your DLL, while your i...
The complexity of modern voting, or at least modern dream voting
I dreamed that I arrived at my polling station just before it closed, but the ballot was not what I expected. Instead of voting on political candidates or referenda, I was voting on music from the 1980's. I ended up voting for an Anne Murray song because it was the only one I recognized, and it wasn't a bad song.
Manipulating the zone identifier to specify where a file was download from
When you download a file via Internet Explorer, the file is tagged with a little bit of information known as a zone identifier which remembers where the file was downloaded from. This is what tells Explorer to put up the "Yo, did you really want to run this program?" prompt and which is taken into account by applications so that they can do things like disable scripting and macros when they open the document, just in case the file is malicious. Today's Little Program is really three Little Programs: One to read the zone identifier, one to set the zone identifier, and one to clear it. The first program takes...
On the various ways of getting the current time and date in Win32
There are a number of functions in Win32 that obtain the current date and time. Here's how they fit together: The starting point is . This returns the current time in UTC in the form of a structure. This also happens to be the time format used internally by the system, so this value can be retrieved with a minimum of fuss. You can also call which returns the current UTC time in the form of a structure. To do this, the operating system takes the current and then calls the moral equivalent of , which does a boatload of gnarly math to decompose the into year, month, day, hour, minute, second, and milliseco...
The guide to trading candy
Important information to know this evening.
If there is no 16-bit emulation layer in 64-bit Windows, how come certain 16-bit installers are allowed to run?
Because they are emulated.
Distinguishing between asking for help with a product and asking for help with a product's installation
Internally at Microsoft, we have a programmer's tool which I will call Program Q. On the peer-to-peer mailing list for Program Q, somebody asked the following question: What's the best way to look at all tables created in the past week? I want to repeat this command across multiple table repositories. Somebody chimed in with the answer. You are looking for something like . If you want to repeat across multiple table repositories, you would say , replacing with the table repository server name. This seemed to work, but there was a follow-up question: What's the best way to get the repository se...
Help me optimize this code which enumerates all possible GUIDs
Um, not really.
The financial acumen of sea turtles
I dreamed that I was attending some sort of "how to be awesome" seminar where the presenter said, among other things, that a sea turtle, when left to thrive undisturbed, amasses $1 million in personal wealth within one year.
Using GetLogicalProcessorInformationEx to see the relationship between logical and physical processors
Today's Little Program uses the function to print the mapping of logical processors to physical processors, as well as the mapping of logical processors to packages. (A dual-core processor is a single package with two cores. If those cores are themselves dual-hyperthreaded, then you have four logical processors total.) The helper function takes a typed pointer and adds a byte offset to it. This is just a typing-saver function. Enumerating logical processor information is complicated due to the variable-size structures, so I wrap it inside this helper enumerator class. Construct it with the relationshi...
My, those threads start up really fast nowadays
Here's a little puzzle inspired by an actual bug: Can the assertion at the start of ever fire? Naturally, the answer is Yes, otherwise it wouldn't be a very interesting article. The assertion can fire if the worker thread starts running before the call the returns. In that case, the caller hasn't yet received the handle or ID of the newly-started thread. The new thread calls , which returns since hasn't been initialized yet. The actual bug was something along the lines of this: If the new thread started up so quickly that the original thread doesn't get a chance to receive the new thread ID and p...
When should I use the FIND_FIRST_EX_LARGE_FETCH flag to FindFirstFileEx?
Windows 7 introduces a new flag to the function called . The documentation says that it "uses a larger buffer for directory queries, which can increase performance of the find operation." This is classic MSDN-style normative documentation: It provides "just the facts". Far be it for MSDN to tell you how to write your application; the job of function-level documentation is to document the function. If you want advice, go see a therapist. If the reason why you're calling is to enumerate through the entire directory and look at every entry, then a large buffer is a good thing because it reduces the number o...
It rather involved being on the other side of this airtight hatchway: Planting DLLs into directories on the PATH for applications whose current directory is always System32
Big PATH attack.
The hierarchy of user education, as interpreted by a vice president
One of my colleagues told me a story from his days on the Windows team. He had to give a presentation to his vice president on his feature, and he prepared his presentation and demo obsessively to make sure it went smoothly. At the meeting, there were three presentations on the schedule, all of them with features targeting IT professionals. The first presenter got up and walked through their feature. Upon reaching a particular tricky part of the feature, the vice president asked, "How are customers going to know how to set up those parameters?" The presenter explained, "We'll have a whitepaper explaining how to...
Using a toy cash register as a keyboard doesn't add up
I dreamed that I was composing a blog entry about one of my dreams, but I had to do it on a toy cash register which had been paired to my computer. It turns out that this is difficult for a number of reasons. For one thing, the cash register has only ten letters of the alphabet on it. You have to switch to the alternate keyboard for the rest. Also, there is a backspace key but no other editing keys. Finally, there is a key labeled ≔ which changs the formatting to multi-person mode. Okay, this doesn't actually make typing more difficult, but it's still something unusual.
Opening and manipulating Internet Explorer windows programmatically
Today's Little Program takes the JavaScript application from a few years ago and converts it to C#. This was inspired by a customer who started with the question, "How can I close all Internet Explorer windows programmatically?" This was a strange request. After all, the user may be rather upset that their Amazon shopping spree was suddenly terminated mid-stream. Upon closer questioning, the customer explained that they had a business process which, among other things, opened a bunch of Internet Explorer windows, and when the operation was over, they wanted to close the windows. Okay, so they didn't reall...
The case of the redirected standard handles that won't close even though the child process has exited (and a smidge of Microspeak: reduction)
A customer had a supervisor process whose job is to launch two threads. Each thread in turn launches a child process, let's call them A and B, each with redirected standard handles. They spins up separate threads to read from the child processes' stdout in order to avoid deadlocks. What they've found is that even though child process A has exited, the threads responsible for monitoring the output of child process A will get stuck in the until child process B also exits. The customer further reported that if they added a brief call between creating the thread that launches child proces...
What is the inverse of AdjustWindowRect and AdjustWindowRectEx?
We saw over a decade ago (my goodness I've been doing this way too long) that the and functions do not take menu wrapping into account because they don't take a window handle parameter, so they don't know what menu to test for wrapping. Still, they are useful functions if you aren't worried about menu wrapping because they let you do window size calculations without a window handle (say, before you create your window). But those functions take a proposed client rectangle and return the corresponding non-client rectangle by inflating the rectangle by the appropriate borders, caption, scroll bars, and other n...
Why does my window get a WM_ACTIVATE message when it isn't active?
Say you launch a program, and for whatever reason the program takes a long time to start up, so you start doing something else, say launching Calculator and balancing your checkbook. Eventually, the program you launched a while back gets itself off the ground and creates its main window. And the window sits in the background (since the window manager won't let it steal foreground activation), but the caret is blinking in the edit control, and the program seems to think it's the active window. If you write a test program to do this, say by sticking a at the start of your , you'll see that your window gets a mes...
Just because I don't deny something doesn't make it true
There are a number of tricks people try to pull, and I hate them. Today's trick is one of the many varieties of the BCC trick (sometimes less surreptitiously—but still annoyingly—done as a CC trick). Occasionally, I will be quietly added to an email discussion, typically via BCC, without any indication as to why I was added. After reading the discussion (which can be quite lengthy), I realize that they are pulling the "Raymond didn't deny this, so I'll assume this is true" trick. They are adding me as a way of obtaining my approval for a claim made in the discussion. "The Widget does not immediatel...
The imaginary experience of dining at an underground restaurant
I dreamed that my brother complained, "Dude, you didn't leave room for my car in the garage." Well yeah, because I didn't know you were coming. We decide to go out for dinner, and I see that he squeezed a third car into our two-car garage. We back out, and I watch the car fit through a gap of two feet between my car and the garage door. We drive around and decide to eat at an underground restaurant at the home of my retired next-door neighbors (across the street in real life at my old house). At this point, my dinner partner changes to a former work colleague. Without prompting, she tilts her head back, and he...
Filtering the folders that appear in the Browse for Folder dialog
IFolderFilter.
C++ corner case: You can implement pure virtual functions in the base class
In our discussion , we saw that you can declare a pure virtual function with the syntax, and if you try to call one of these functions from the base class, you will get the dreaded R6025 - pure virtual function call error. In that article, I wrote that a pure virtual function is "a method which is declared by the base class, but for which no implementation is provided." That statement is false. You can provide an implementation for a pure virtual method in C++. "That's crazy talk," I hear you say. Okay, let's start talking crazy: What happens when the function constructs a ? Trick question, becau...
Happy 110th birthday, Professor Alyea
Professor Hubert Alyea would be 110 years old today, if he were still among us. (He passed away in 1996 at the ripe age of 93.) LIFE magazine called him the science teacher you wish you had for his engaging (and often explosive) chemistry demonstrations. He was called an "international grand master of lecture demonstrations" by Bassam Shakhashiri, noted chemist and author of several books on chemical demonstrations. I had the immense good fortune to attend one of his lectures. As he prepared his equipment, he casually popped a piece of dry ice in his mouth. (DO NOT TRY THIS AT HOME.) You can see a demonstrat...
How do I find out what size the window manager would have chosen for my window?
We saw some time ago how the window manager decides where to place a newly-created window if you pass the values when creating the window. But what if you want to filter the values first? If you pass an explicit upper left corner but pass for the width and height, then the bottom right corner will be down near the bottom right corner of the screen. Given that your code is buggy, is there a way I can ask how big you would have made the window, so I can go in and fix your mistake? If I try to resize it after the fact, there's an ugly flicker. I'm kind of disgusted that something this simple still doesn't work ...
Using the TAB key to navigate in non-dialogs, redux
You want to use the TAB key to navigate through a non-dialog, so you call in your message loop, but it doesn't work! The problem here is that you are passing the wrong window handle to . The first parameter to is the dialog-like window you want to be able to navigate through. But the code above passes the window that received the message, so you are basically telling the control to do TAB navigation within itself. And naturally, the result of that is that focus stays where it is, because if you ask a button, "Hey, could you move to your next tab stop?" the button is going to say, "Dude, I'm the only tab st...
I wrote my thesis on an airplane, for heaven's sake
As I wrote today's story, I recalled that I wrote the bulk of my thesis on an airplane. In longhand. Microsoft flew me out for an interview, so I had to endure two cross-country plane trips. I scheduled the interview on a Monday so that I would miss only one day of class, and among the things I brought with me was a notepad, which started the trip blank. I wasn't sure why I brought it, but I was sure it'd come in handy. And then I realized that I had a lot of time to kill, what with spare moments on the ground, in the air, back on the ground, waiting for my next interview, whatever. And during that time, I wro...
I wrote FAT on an airplane, for heaven’s sake
When you wrote code for 16-bit Windows, one of the things you spent time doing as part of performance tuning was deciding which functions should be grouped together in which segments. Code in 16-bit Windows executed out of code segments, each of which could be up to 64KB in size. When a code segment was loaded from disk, the entire segment was loaded, and when it was discarded, the entire segment was discarded. This meant that you could affect your application's performance in significant ways by choosing which functions go in which segments. For example, it was to your advantage to keep functions that are call...
But instead, they decided to build the Great Wheel
I dreamed that Seattle was building its own version of the Eiffel Tower. Just like the original, except that it was also a thrill ride similar to Round Up but you are seated. It turns out that the city of Seattle accepted my subconscious's instructions to replicate another city's famous landmark, but the message wasn't received loud and clear. Instead of making an Eiffel Tower knock-off, we decided to make a London Eye knock-off.
Printing the contents of the clipboard as text to stdout
The takes its stdin and puts it on the clipboard. But how do you get it out? That's today's Little Program. (I guess we could call it .) Okay, what do we have here? We open the clipboard and try to get the Unicode text on it. We then look for the null terminator within the first 0x10000000 bytes. Why do I stop at 256MB? Because I'm lazy and this lets me avoid worrying about integer overflow. This is a Little Program, remember. If you pass the command line switch, then the output is printed to stdout as the Unicode string itself. If you pass the command line switch, then the output is converted to AN...
What's the difference between CopyIcon and DuplicateIcon?
There are two functions that can be used to create one icon that is identical to another. One of them is . The other is . What's the difference? There isn't any difference. Both functions clone an icon. In fact, their implementations are basically line-for-line identical. Originally, there was just one function to clone an icon: . Windows 3.0 introduced Program Manager, and the developers of Program Manager wrote their own function called . Why? I have no idea. My guess is that they didn't realize that such a function already existed, so they inadvertently reinvented the wheel. Windows NT 3.1 came a...
The relationship between module resources and resource-derived objects in 32-bit Windows
Last time, we saw how 16-bit Windows converted resources attached to an EXE or DLL file (which I called module resources for lack of a better term) to user interface resources. As a refresher: During the conversion from 16-bit Windows to 32-bit Windows, some of these rules changed. Specifically, icons, cursors, and accelerator tables are no longer references to the resource. Instead, the resource is treated as a template from which the actual user interface resource is constructed. Uh-oh, what's up with those asterisks? Let's start with accelerator tables. In order to simulate the reference semantics of 16-...
The relationship between module resources and resource-derived objects in 16-bit Windows
As we saw last time, in 16-bit Windows, resources attached to an EXE or DLL file (which I called module resources for lack of a better term) were recorded in memory as discardable global memory blocks, and the window manager accessed them directly as needed. For example, if you had an icon or a cursor, the or was really a resource handle, and when the window manager needed to draw the icon or cursor, it would cast the icon or cursor handle to a global handle (since that's what it was under the hood), then call to access the raw resource data in order to copy the pixels onto the screen. Similarly, accelerator...
The management of memory for resources in 16-bit Windows, redux
Some time ago, I briefly ran down how 16-bit Windows managed memory for resources. But there's a detail that I neglected to mention: Ownership. As we saw, a resource handle was really a pointer to the resource directory entry of the resource from the corresponding module. This could be done with a 16-bit pointer because the segment portion of the pointer could be inferred from the module the resource belonged to. In fact, since modules could be relocated in memory at run time due to compaction, you had better not try to remember the segment portion of the pointer since it could change! The function located t...
Sometimes my dreams are entirely uneventful
I dreamed that I was washing dishes with my lovely wife.
Playing a sound every time the foreground window changes
Today's Little Program plays a little sound every time the foreground window changes. One of my colleagues wondered if such a program was possible, "so that I stop accidentally typing the second halves of paragraphs into windows that pop up and steal focus." It's not clear whether this program will actually solve the bigger problem, but it was fun writing the program, and maybe you can use it for something. This program installs an accessibility hook that listens for changes to the system foreground. And when it happens, we play a little sound. I chose the Windows 7 Speech Misrecognition sound because ...
2013 Q3 link clearance: Microsoft blogger edition
It's that time again: Linking to other Microsoft bloggers, and once again, the links are all from the excellent NT Debugging blog.
How can I determine how responsive my application is to input?
A customer was adding diagnostics to their application and wanted to know if there was a way to detect that the application was being slow in processing its input. These sorts of delays manifest themselves to the end user as a sluggish application which is slow to respond to input events. They already had a watchdog timer that was reset every time their call returned a message, so they could capture stack traces if their application stopped processing messages for more than X milliseconds. They wanted to extend this diagnostic information to input delays. Fortunately, there's an easy way to tell. The wil...
Don't forget, Unicode includes formatting characters which can be used to influence output formatting
Consider this simple function: Depending on your screen resolution and font choices, this may end up displaying like this: That line break was awfully unfortunate, stranding the number 2 on a line by itself. (In publishingspeak, this is known as a orphan.) You can't control where the function will insert line breaks, but you can try to influence it with the use of Unicode formatting characters. Here, we can change the space before the 2 to a Unicode non-breaking space, U+00A0. The result is slightly less awful. Unfortunately, I haven't had much luck with the soft hyphen, but the zero-width space...
How can I tell that somebody used the MAKEINTRESOURCE macro to smuggle an integer inside a pointer?
Many functions and interfaces provide the option of passing either a string or an integer. The parameter is formally declared as a string, and if you want to pass an integer, you smuggle the integer inside a pointer by using the macro. For example, the function lets you load an resource specified by integer identifier by passing the identifier in the form . You can tell that it was the resource-loading functions who created the macro in the first place, since the name of the macro is "make integer resource." But other functions use the convention, too. The function lets you obtain a function exported by ord...
Punctuation is becoming increasingly decorative and less functional
The "Blog" of "Unnecessary" Quotation Marks calls out abuse of the quotation mark. For some reason, quotation marks are being increasingly used as a form of emphasis (a usage which remains controversial), by people unaware that such use, when interpreted as scare quotes, serves to undermine their original point. Mind you, the emphasis theory doesn't explain all misuses of quotation marks I've seen. I'm led to believe that some people simply enjoy seeing quotation marks and place them around randomly-selected words. Apostrophes are another commonly-misused punctuation mark. So much so that the city of Birmin...
Wait, so does moving a file recalculate inherited permissions or doesn't it?
A customer had a question about whether moving a file recalculated inherited permissions. They found that on their Windows Server 2008 R2 machine, if they moved a file between directories with different inheritable ACEs, then the security descriptor is recalculated to match the destination folder, if they perform the move from the machine itself. The same thing happens if they go to a machine running Windows 7, However, if they repeat the experiment from a machine running Windows XP or Windows Server 2003, then the security descriptor is preserved across the move. The customer is confused. Why doe...
I dreamed that I was in an alternate-universe Samuel L. Jackson movie
I dreamed that I was part of the crew of an underwater spaceship, and we had to deal with an alligator that got on board. How the alligator got on board was never explained, but now is not the time to ask questions because, you know, alligator. The plan was to flood the ship and wash the alligator out. There were only enough air pills for the female crew members. The men would have to hold their breath and hope for the best, with the expectation that not all would make it. But before we could execute the plan, the door caved in and the ship began to fill with water. At this point, I transferred to another dream...
Providing a custom autocomplete source for an edit control
Today's Little Program shows a custom source for autocomplete. It's nothing exciting, but at least's it's something you can use as a starting point for your own customizations. We start with a dialog template, whose edit control will be the target of a custom autocomplete. Just for fun, I wrote the program in ATL. Instead of complaining that my code is hard to understand because I didn't use an application framework, people can now complain that my code is hard to understand because I used the wrong application framework. To save some typing, I define a shorthand name for "the predefined ATL object for e...
How can I tell that I have a shell folder that represents My Computer?
You have in your hands an , and you want to know whether this is an that represents My Computer. There are a few ideas that may occur to you. One is to ask the folder for its current location and compare it to . Okay, we have a lot of moving parts here. Let's look at them one at a time. The function takes an object and asks what folder it represents. Since we don't actually use any methods on the object beyond what is provided by , we weaken the parameter requirement to simply . The function compares two absolute ID lists according to the criteria specified by the . The combines these two function: It...
Raymond's subjective, biased, unfair, and completely wrong characterization of the sounds of several East Asian (and one Southeast Asian) languages
Hokkien: This is the language I learned first, so to me it sounds perfectly normal and is in fact how languages should sound. I find it odd that people describe it as one of the more difficult languages to learn. I mean, sure it has a large tone repertoire (eight theoretical, though only seven in practice) and extensive tone sandhi, but that's what makes it beautiful and smooth. And what's so hard about having unvoiced aspirated consonants, unvoiced unaspirated consonants, and voiced consonants? Mandarin: Mandarin is the German of East Asian languages: It is harsh and unforgiving. There are only four formal ton...
When a program is launched via DDE, and there are multiple servers, which one is used?
Although you are more than welcome to stop using DDE (please oh please stop using it), there are still many applications which still use it (cough), and as a result, customers still have questions about it. One customer wanted to know why, if multiple copies of a DDE-based application are running, Windows 7 will send the command to the earliest-launched copy of the program, whereas Windows XP will send the command to the most-recently-used copy. "Our employees were used to forcing the document to open in a specific window by switching to that window, thereby making it most-recently-used, then switchin...
SubtractRect doesn't always give you the exact difference
The function takes a source rectangle and subtracts out the portion which intersects a second rectangle, returning the result in a third rectangle. But wait a second, the result of subtracting one rectangle from another need not be another rectangle. It might be an L-shape, or it might be a rectangle with a rectangular hole. How does this map back to a rectangle? The documentation for says that the function performs the subtraction when they "intersect completely in either the x- or y-direction." But I prefer to think of it as the alternate formulation offered in the documentation: "In other words, the resul...
Facilities jargon: Energize
Over in the product engineering groups, we aren't often exposed to the jargon employed by our Facilities group. But once in a while, it leaks through and then we get to puzzle it out. Emergency Electrical Outage and Restoral Due to a transformer failure, power to building NNN was shut down from 6:00am to 6:30am on MMMM-DD. Occupants may need to re-energize their office equipment. From what we can gather, re-energize is just a fancy way of saying turn on. Bonus jargon: Restoral.
Entering the world of competitive Ring-Around-the-Rosie
I dreamed that a friend and I were in line at some sort of summer camp to get into the cafeteria. We noticed a glass cabinet with food out in the dining area and asked about it. Turns out that it was available for people to eat, as an alternative to standing in line. We decided to go for it. (Another example of how being lucky is observing what you weren't expecting.) The plates on top of the cabinet were nearly empty, but it never occurred to anybody to open the cabinet door to get the food inside. We opened the door and moved food to the top of the cabinet, as a crowd slowly formed as people noticed, "Hey, lo...
Forcing a file handle closed when it has been opened remotely
Today's Little Program closes a file handle that was opened remotely. It builds on previous discussion on how to use the functions. Forcing a network file handle closed does not actually close the handle. This makes it very different from the various "force handle closed" utilities out there. Rather, forcing a network file handle closed is accomplished by simulating a network failure, so that when the remote machine tries to use the handle again, it's told, "Wha? I'm sorry, we must have a bad connection, because I'm not sure what you're talking about." Since programs which access network resources must dea...
How does InterlockedIncrement work internally?
The Interlocked family of functions perform atomic operations on memory. How do they do it? It depends on the underlying CPU architecture. For some CPUs, it's easy: The x86, for example, has direct support for many interlocked operations by means of the prefix (with the bonus feature that is implied for the opcode.) The ia64 and x64 also have direct support for atomic load-modify-store operations. Most other architectures break the operation into two parts, known as Load-link/store-conditional. The first part (load-link) reads a value from memory and instructions the processor to monitor the memory add...
It rather involved being on the other side of this airtight hatchway: Creating problematic files in a directory that requires administrative access
You have to get there first.
Why does Internet Explorer put tab stops at 8-character intervals instead of 4, like all right-thinking people?
When you embed a TAB character (U+0009) in a <PRE> block (or more precisely, an element whose CSS property is computed to be or ), Internet Explorer will move the current position to the next multiple of eight characters. Many people prefer four. (Some insist that only four is the correct value and anybody who disagrees with them is simply wrong.) Why eight? Because that's what the standard says. All tabs (U+0009) are rendered as a horizontal shift that lines up the start edge of the next glyph with the next tab stop. Tab stops occur at points that are multiples of 8 times the width of a space (U+0020...
Early versions of Aero Peek: Aladdin, Bat Signal, and Squeegee
The feature now known as Aero Peek wasn't born that way. It went through several iterations before becoming what eventually shipped in Windows 7. At the MIX09 conference, Stephan Hoefnagels showed some of the precursors to Aero Peek. Here are the highlights, and the corresponding time codes if you want to jump straight to the demos. Thumbnails in the taskbar (time code 30:20) How it worked: Instead of labeled icons, the taskbar showed miniatures of the windows themselves. How it got its name: Um, it was just named after what it was. Why it failed: When shrunk to taskbar s...
Mom and dad's event-filled first day of school
I dreamed that my wife and I had dropped our daughter off at her new school for the first time, and I made a wrong turn and ended up going the wrong way. We got off at an exit for highway I-5, and the on-ramp turned into a two-lane highway hundreds of feet in the sky. To keep people from going too fast, the road rolled back and forth: First it tilted to the right, then to the left, and so on. (Imagine your hand making the "so-so" gesture.) You just had to drive carefully. The road dead-ended at a building, so we parked the car and got out. It was a tiny gift shop with puppets and marionettes. The attendant came...
Programmatically editing the metadata of an audio file
Today's Little Program edits the metadata of an audio file, ostensibly to correct a spelling error, but really just to show how it's done. Today's smart pointer class library is... (rolls dice)... CComPtr! We open with two helper functions which encapsulate the patterns Get property from property store Call Convert into desired final type Destroy the Set property in property store Create a Call Destroy the Both functions use a lambda to do the type-specific work. Here are some functions that will use the helpers: The function returns an array of po...
How to rescue a broken stack trace on x64: Recovering the stack pointer
No threading, just return addresses.
Why are my posted messages getting lost when the user drags my window around?
This question was inspired by an actual customer question, but I changed a lot of it around to make for a more interesting story. (Trust me, the original story was even more boring.) A customer's background thread posted a message to the main UI thread to signal something (details not important). They found that the posted message was never received if the user was in the process of dragging the main window around at the time the message was posted. Why would dragging a window cause posted messages to be lost? "We used to post a thread message, but then we saw that thread messages are eaten by modal loops, so...
How permanent is the "Remove from this list" action on the Start menu?
From Windows XP to Windows 7, the Start menu showed the programs it thinks you've run most frequently, by employing a conceptually simple but complicated-in-practice algorithm. You can right-click an item on the menu and select Remove from this list. What exactly does this option do? Does it reset the points back to zero, or does it ban the program from the Start menu for all eternity, or something in between? It resets the points back to zero and marks the program as has never been run by the user. This causes it to vanish from the frequently-used list, but if you start running it, it will start ea...
If your product is client-managed, how do you sell the server?
A friend of mine told me about a project he worked on two decades (and three employers) ago. Let's call it Project Nosebleed. Their project used a client-managed database: You have a central file server that houses the database files, which were in a proprietary file format that only the clients understood. All the client applications open the database files, coördinating¹ access among themselves by using file and record locking primitives. All you needed the server for was a place to house the files. It could have been a NAS server for all anybody cared. (Well, except that the concept of NAS hadn't tak...
If you had to deal with preschoolers all day, you'd need a nap too
Today, I'm turning it around: This is a dream that one of my friends had about me! She dreamed that she took her camera to school to take some pictures, possibly for the yearbook. She was somewhat surprised to discover that I was the new preschool teacher. When she popped in to my classroom to get a couple of pictures of me, she wasn't able to take any: Apparently, my new position was so exhausting that I'd had to take a nap on the king-size classroom bed...
What is the official name of the most popular work visa in the United States?
The most popular work visa in the United States is the H1-B visa. But have you looked at its official name? H-1B Specialty Occupations, DOD Cooperative Research and Development Project Workers, and Fashion Models (Today is Labor Day, a holiday in the United States which celebrates the end of summer. Not really, but that's what it has turned into.)
Can an x64 function repurpose parameter home space as general scratch space?
We saw some time ago that the x64 calling convention in Windows reserves space for the register parameters on the stack, in case the called function wants to spill them. But can the called function use the memory for other purposes, too? You sort of already know the answer to this question. Consider this function: How would a naïve compiler generate code for this function? Observe that after spilling the register parameters into their home locations onto the stack, the function modified the local variable, which updated the value in the home location. Since a function can arbitrarily modify a par...
How can I write to a file only as long as nobody's looking?
A customer wanted to know how to detect that the user has opened Notepad to view a particular file. They had come up with method based on polling and sniffing the Notepad title bar, but they found that it consumed a lot of CPU. (They hadn't noticed yet that it doesn't localize, and that it can trigger false positives since Notepad shows only the file name and not the full path in the title bar.) Okay, let's step back and make sure we understand the problem, because this sounds like the sort of thing where the customer is looking for an answer rather than a solution. After all, why Notepad? What about some other ...
The format of data and custom resources
Continuing the highly-sporadic series of Win32 resource formats, today we'll look at the format of resources, which are declared in resource files as . Also the format of custom resources, which are declared in resource files by just giving the custom resource name or ordinal as the second word on the declaration. The format is very simple: It's just raw binary data. If you ask for a 16-bit integer followed by an ANSI string, then you get a 16-bit integer followed by an ANSI string. If you ask for the data to be inserted from a file, then the contents of the file become the resource data. No processing is done...
How can I find out which process and user is modifying a file?
When troubleshooting a problem, you may discover that a file is being modified that shouldn't, and you figure out would be nice if there were some way of finding out which process is modifying the file (so you can get it to stop). Enter the security auditing system. Every securable object has an associated system access control list (SACL) which controls what audit events are raised when a request is made to access the object. You can say, for example, "Log an event in the security event log if somebody tries to open this file for writing but is denied access," or "Log an event in the security event log if some...
The challenge of improvisational historical comedy
I dreamed that one of my friends signed me up for some sort of combination Punk'd/Thank God You're Here improv show without my knowledge, and I had to explain how her husband had unwittingly coined some nonspecific Internet meme.
Why doesn't the "Automatically move pointer to the default button in a dialog box" work for nonstandard dialog boxes, and how do I add it to my own nonstandard dialog boxes?
The Mouse control panel has a setting called Automatically move pointer to the default button in a dialog box, known informally as Snap to default button or simply Snap To. You may have discovered that it doesn't work for all dialog boxes. Why not? The Snap To feature is implemented by the dialog manager. When the window is shown and the setting is enabled, it will center the pointer on the default button. If your application does not use the dialog manager but instead creates its own custom dialog-like windows, then naturally the code in the standard dialog manager will not run. If you want your nonstandard...
If I attach a file to an existing completion port, do I have to close the completion port handle a second time?
There are two ways of calling the function. You can pass a null pointer as the parameter, indicating that you would like to create a brand new completion port, associated with the file handle you passed (if you passed one). Or you can pass the handle of an existing completion port, and the file handle you passed will be associated with that port, in addition to whatever other file handles are already associated with that port. In both cases, the return value on success is a handle to the I/O completion port, either the brand new one or the existing one. The question from a customer was, "In the case where I...
All I/O on a synchronous file handle is serialized; that's why it's called a synchronous file handle
File handles are synchronous by default. If you want asynchronous file handles, you need to pass the flag when you create the handle. And all operations on a synchronous file handle are serialized. You'd think this was a simple and obvious rule, but "Someone" finds it "very surprising that operations can block which only handle file metadata." Imagine if synchronous file handles were not serialized for metadata operations. First of all, it means that the documentation for synchronous file handles suddenly got a lot more complicated. "Some operations on synchronous file handles are serialized, but not others. S...
Adding a confirmation dialog to every drag/drop operation does not solve the problem
A customer wanted to know how to enable a confirmation dialog whenever the user inadvertently perform a drag/drop operation in Explorer to move files within a volume. For example, if I have an S drive mapped to \\server\share, I would like to display the confirmation dialog when users inadvertently drag and drop a file or folder within the S drive. Okay, first of all, the problem statement doesn't match the question. But that's good, because the question was misguided. The question was "How do I add a confirmation dialog to every drag/drop operation?" But the problem statement was "We have users who inadverte...
Microspeak: The train
Hop on board, don't be late, or you'll have to catch the next one.
A dream about forgetting to deploy the backup brake pads
I dreamed that that I was driving through a parking garage when my brakes suddenly failed. I tried executing turns to bleed off speed, but it was largely ineffective. I managed to avoid hitting a parked police car (which had arrived to investigate some other accident), but was unable to avoid another parked car. An insurance adjuster who was on the scene for the first accident looked at my car and discovered that my primary brake pads were completely missing, so the calipers were grabbing air. And in my panic, it never occurred to me to use my left foot to push the button which hot-installs the secondary brake p...
The tiny table sorter – or – you can write LINQ in JavaScript
I had a little side project that displayed status information in a table, and I figured, hey, let me add sorting. And it was a lot easier than I thought. I just put the header row in the and the table contents in the , then I could use this code to sort the table: Each cell can have an optional custom attribute which specifies how the item should sort. If there is no , then I just use the cell's . (My table was constructed at runtime from an , so adding the to the date fields was not difficult.) One handy thing about the functions in the prototype is that as a rule, they do not actually require that the...
If I signal an auto-reset event and there is a thread waiting on it, is it guaranteed that the event will be reset and the waiting thread released before SetEvent returns?
Let's go straight to the question: I have two programs that take turns doing something. Right now, I manage the hand-off with two auto-reset events. In Thread A, after it finishes doing some work, it signals Event B and then immediately waits on Event A. Thread B does the converse: When its wait on Event B completes, it does some work, then signals Event A and then immediately waits on Event B. This works great, but I'm wondering if I can save myself an event and use the same event to hand control back and forth. Is it guaranteed that when Thread A signals Event ...
How do I control the order of the pages in property sheets from my shell extension?
A customer wanted to know whether a shell extension can control the order of the property sheet pages in a property sheet. The interface lets you add pages and replace pages, but nothing about rearranging them. Naturally a shell extension can control the relative order of its own pages (by changing in the order in which it calls ) but how can it affect the order of pages from other shell extensions? Imagine if that were possible. Every shell extension would set itself to be first! The customer was kind enough to explain what they were doing. "We were more concerned about consistency, because our tab appears ...
What's the point of letting you change the GCL_CBCLSEXTRA if it has no effect?
The documentation for the function mentions GCL_CBCLSEXTRA: Sets the size, in bytes, of the extra memory associated with the class. Setting this value does not change the number of extra bytes already allocated. What's the point of letting the application change a value if it has no effect? The class long grants access to the value that was originally passed in the structure when you called , or the Ex-versions mutatus mutandis. The intent is for it to be used with so you can read the value back, in case you forgot, or if you are inspecting somebody else's class (for example, because you wa...
Generally speaking, yanking the power plug unexpectedly should not be part of your business process
A customer had a complex process for setting up their computers, and the process recorded information in the registry so that applications could record their state across reboots. They then noticed that if they yanked the power cord instead of going through the normal Shutdown process, that the registry keys were not reliably updated. They were wondering if there was a function they can call to force the registry to be flushed to disk even if the system doesn't go through a normal shutdown. Patient: "Doctor, it hurts when I do this." Doctor: "Don't do that." You could call the function each time you update th...
Please don't wade across the Strait of Juan de Fuca
I dreamed that I was visiting a scenic location near the Canadian border. A central large body of water had the mainland to the south and east. A river ran southeast, spanned by a footbridge. To the northwest was another land mass, which had gained the nickname "Alaska" even though we were nowhere near Alaska. There was a gift shop on "Alaska", and from there you could either travel further northwest to hike the snowy terrain, or you could take a shuttle train east over the water to the mainland. I had finished a hike on pretend-Alaska and was planning my return. The ringleader of my group was a friend of mine k...
How do I convert a synchronous file handle into an asynchronous one?
Say you opened a file in synchronous mode, and then you realize that you want to issue asynchronous I/O on it, too. One way to do this is to call a second time with the , but this requires you to know the file name, and the file name may not be readily available to the function that wants to do the conversion, or it may not even be valid any longer if the file has been renamed in the meantime. Enter . This basically lets you do a based on another handle rather than a file name. It differs from because it actually goes and opens the file again (as opposed to merely creating another reference to the same file...
Each time I move, my mailbox moves further away
When I was growing up, the mailman letter carrier came right to our front door. The mailbox was mounted on the front of the house right next to the front door. You could check the mail without even getting dressed; just open the door a crack and stick out your hand. Approximate distance from front door to mailbox: less than 1 foot. In the next house I lived in, the mailbox was no longer mounted on the house. Instead, it stood at the end of the driveway. Approximate distance from front door to mailbox: 55 feet. My next house was in a neighborhood which grouped its mailboxes in clusters. The cluster of ...
Why does the CLR report a NullReferenceException even if the referenced access is not exactly the null pointer?
We saw some time ago that before invoking a method on an object, the CLR will generate a instruction to force a null reference exception to be raised if you are trying to invoke a method on a null reference. But why does the CLR raise a if the faulting address is almost but not quite zero? When run, this program raises a rather than an . On the other hand, if you change the address to , then you get the expected . With a little bit of preparation, the CLR optimizes out null pointer checks if it knows that it's going to access the object anyway. For example, if you write then the CLR doesn't need to...
On partially-constructed objects, additional remarks, not as interesting
Don't worry. Our long national nightmare of CLR week is almost over. I had originally planned to write an article about partially-constructed objects, but in the time since I queued up the topic (back in November 2005) to the time I got around to writing it up, I found that Joe Duffy had already written it for me! On partially-constructed objects Read it. Okay, here are some follow-up remarks. One place where people get caught out by partially-constructed objects is when they try to maintain a cache of objects (perhaps with a little bit of action) and stash the objects into the cache before they a...
The mathematical card game Krypto and reaching a level of proficiency where the rules break down
Solving it faster than the rules considered possible.
Weak references have no effect on object lifetime
The class lets you retain a reference to an object while still permitting the object to be garbage collected. When that happens, then the property is and the property is . (Related discussion.) Note, however, that weak references do not alter the decision of the garbage collector whether or not an object is garbage. It merely lets you observe the garbage collector's decision. Some people think that means "Treat this as a regular (strong) reference most of the time, but if there is memory pressure, then you can reclaim the object." This type of reference is called a in Java, but the CLR has no analogous co...
Sometimes sports-rule lawyering comes true: The strikeout with only one thrown pitch
Some time ago, I engaged in some sports-rule lawyering to try to come up with a way the losing team could manage to salvage a win without any remaining at-bats. It involved invoking a lot of obscure rules, but astonishingly one of the rules that I called upon was actually put into effect a few days ago. The Crawfish Boxes provides an entertaining rundown of the sequence of events. Here is the boring version: During his plate appearance, Vinnie Catricala was not pleased with the strike call on the first pitch he received. He exchanged words with the umpire, then stepped out of the batter's box to adjust his e...
The mysterious ways of the params keyword in C#
If a parameter to a C# method is declared with the keyword, then it can match either itself or a comma-separated list of um itselves(?). Consider: This program prints The first call to does not take advantage of the keyword and passes the array explicitly (formally known as normal form). The second call, however, specifies the integers directly as if they were separate parameters. The compiler generates a call to the function in what the language specification calls expanded form. Normally, there is no conflict between these two styles of calling a function with a parameter because only one form act...
A practical reason for shutting down for the Mayan apocalyse
I dreamed that Costco announced that they were closing for the Mayan apocalypse and would reopen two weeks later. Not because they believed in it. Rather, because that was their estimate as to how long it would take people to get through their stockpiles and be ready to go shopping again. Curiously, I had this dream several weeks after the apocalypse date had passed.
Why does BitConverter.LittleEndian return false on my x86 machine?
Welcome to CLR Week 2013, returned from its two-year hiatus. A customer reported that when they checked with the debugger, reported even though they were running on an x86 machine, which is a little-endian architecture. The bytes are extracted in little-endian order, despite the claim that the machine is big-endian. "I don't get it." I didn't know the answer, but I knew how to use a search engine, and a simple search quickly found this explanation: Reading a member from the debugger merely reads the value of the member from memory. That simple statement hides the answer by saying what happens and l...
It rather involved being on the other side of this airtight hatchway: Open access to the application directory
You can't just let anybody into your safety bubble.
The case of the auto-hide taskbar
A customer reported that their taskbar would sometimes spontaneously go into auto-hide mode. What made this particularly insidious was that they had deployed a group policy to prevent users from changing the auto-hide state (because they never wanted the taskbar to auto-hide), so when the taskbar went into auto-hide mode, there was no way to get it out of that mode! The customer's first investigation was to find out where the auto-hide state was recorded. A little bit of registry spelunking (because as far as these people are concerned, everything is in the registry) showed that a single bit in the registry v...
Why does Explorer sometimes show my server name in parentheses?
A customer wanted to know why Explorer showed one of their servers in the folder list the normal way: ⊞ servername but another server showed up "where the server name is parentheses and the node name is in front." ⊞ nodename (servername) "Where is Explorer getting that information, and why are the two servers showing up in different ways?" It's all in the server comment. From the command line, you can view the server comment by typing . For example, You can set the comment with the command line If a server has a comment, then the comment is shown to the user on the expectation tha...
Sometimes people can be so helpless: Finding the owner of a Web page
Internal to Microsoft are thousands of Web sites. This is a story about one of them. On an internal discussion list, somebody asked We just created a new Flurb. Does anyone know how to get listed on http://internalsite/newflurbs? I hadn't heard of that site before, but I checked it out. Neat, it's basically a blog which announces new Flurbs. I can see how somebody would want their Flurb to be listed there. I also saw lots of pieces of information on the page which the person appears not to have noticed. I replied, Um, how about the Email link in the navigation bar? Or did you try that and it didn't work? ...
I'm sure that Star Trek-themed parties exist, so why has no one ever scheduled one as a Microsoft holiday party?
I dreamed that I was attending a Star Trek-themed company party. Nobody was dressed as a Starfleet officer or anything exotic. Half of the people ignored the party theme and came in cocktail attire, and half were dressed in Renaissance or Elizabethan clothes, but they represented Star Trek aliens because they were not all white Europeans, and some of them had funny hair. And because we were told that it was a Star Trek-themed party, and in dreams you don't question this sort of thing. I recognized some of the aliens as staff members from the previous Star Trek-themed party and concluded that most of the aliens w...
A program for my nieces: The ABCs, part 4
Disabling autorepeat in my ABC program was largely sufficient to keep my nieces happy, given their instructions to press only one key at a time. Once in a while, though, they would hit the context menu key in the bottom right corner of the keyboard, and then they'd get stuck because they didn't know how to dismiss it. So let's disable that key outright. Well, that was awfully anticlimactic, wasn't it.
From Microsoft’s mail room to the board room
I think it was a Chevy.
What is the default cursor for a thread?
When we looked at the process by which the cursor is set, we neglected to discuss the case where nobody bothers to set the cursor. What is the ultimate default cursor? Let's write a program that refuses to set the cursor. Take the scratch program and add these lines: What we did was make the window explicitly refuse to set the cursor by making it do nothing and return , which means, "It's all good. I set the cursor!" (Liar, liar, pants on fire.) Run this program, move the cursor over the window, and what do you get? The hourglass. Now, this is clearly some sort of pathological case, where there is a...
Nighttime pictures of London and Tokyo
Some eye candy for you: Stunning pictures of London from above at night, more of London from above at night. Tokyo at night, though from ground level, one of a series of photo walks.
Windows 7 no longer tries to guess application size and other information
Back in the old days, if an application did not provide information like its Estimated Size or Install Date, then the Add/Remove Programs control panel tried to guess the values by searching your hard drives for files and directories that bore a superficial resemblance to the application. (Note that I use the word drives in the plural. It actually searched all of your drives, because some applications may have been installed to secondary drives. I can imagine the bug report that led to this extended search. "I installed LitWare 2000 to my D: drive, and the Add/Remove Programs control panel shows no information f...
Office Office Office Malkovich Office Office Office
Some years ago, a colleague of mine received a message from our IT department. It began like this: You are receiving this notification because our records show that the machines below are still running a pre-release version of Office 2010. All pre-release versions of Office 2010 will expire on Office 31, 2010. Either the Office team managed to name a month after themselves, or the IT department had a bit too much Office on their mind.
At least it's clear who will NOT be bunking together
I dreamed that I was on a business trip with two colleagues. We discussed Canadian science broadcaster David Suzuki and how in photos of him as a teenager, he looked like Elvis Presley. (Note: Not actually true as far as I know. Remember, this is a dream.) Fortunately, the hotel room we booked had three beds. But if Michael Jackson hadn't canceled, then two of us would have had to double-up, and we briefly discussed who would be bunking together. Possibly my two colleagues together, or me with the first colleague, or me with the second colleague. It went without saying, however, that had Michael Jackson actuall...
A program for my nieces: The ABCs, part 3
One problem I discovered when my nieces ran my initial ABC program was that they had a habit of holding down a key, thereby triggering autorepeat. I had instructed them not to mash the keyboard but rather to press only one key at a time, and while they were good at adhering to the "one key at a time" rule, they also interpreted it as "type really slowly" and ended up autorepeating a lot. So let's disable keyboard autorepeat. Of course, one way to do this would be to change the system keyboard autorepeat setting, but that would be using global state to manage a local problem. Instead, we just filter the aut...
Nasty gotcha: STGM_READ | STGM_WRITE does not grant read/write access
You might think that if you want to get read/write access, you could pass . You would be wrong. You have to pass . The three flags , , and are mutually exclusive. If you try to combine them, you get a weird mess. In particular, since the numerical value of is zero, passing is numerically equivalent to passing , which grants write-only access. The documentation for the constants specifically says "It is not valid to use more than one element from a single group," and and belong to the Access group (as does ). These values date back to the days of MS-DOS, where function 3Dh (Open File) passed an access mo...
If you're not using the command line interpreter, then the command line interpreter metacharacters mean nothing
A customer observed that the parameters passed to were not being interpreted correctly. The process is created successfully, but it prints the message ERROR: The system was unable to find the specified registry key or value.. Why aren't the parameters being parsed correctly by ? They work fine if I paste them into a command prompt. This is a variation of the problem we saw a few years ago. Back then, we had a string with command line redirection metacharacters, but since we were passing them directly to , the command interpreter never got a chance to interpret them. Here, we have a string that contains an...
Why is LOCALE_SDURATION so dorky-looking?
For formatting time spans, you can use the format string, but the result is a dorky format. Why isn't there a format that is fancier like ? You have the complexities of natural language to thank. In the general case, there is not enough information to provide the appropriate grammatical context in order to know the correct format. This isn't a big deal in English, since English words typically do not inflect for case (pronouns and genetive being the most commonly-encountered exceptions), but in many other languages, choosing the exact form of the word "hours" depends on grammatical information that cannot be...
Microspeak: Landing, especially the heated kind
Work on Windows occurs in several different branches of the source code, and changes in one branch propagate to other branches. When talking about a feature or other task becoming visible in a branch, the preferred jargon word at Microsoft is landing. In its purest form: We expect the feature to land in the trunk early next week. The term land when used in this way is typically used to describe a feature arriving in a branch different from its home branch. From this basic meaning, extended usages arise. The term landing is often accompanied by additional aviation adjectives to describe how smoothly the fea...
Watch out for those out-of-control Canadian tour buses
I don't remember the details, but I dreamed about a bunch of things, including careening through Canada on a tour bus trying to catch a ferry while people worried about their cell phone roaming charges, an episode of Friends shot in the style of ER, and one of my friends in an orange jumpsuit sneaking around.
A program for my nieces: The ABCs, part 2, choosing a font
I added a feature to my ABC program that it turns out I never actually used: Change the font. I added this in case my nieces were somehow unhappy with the font I chose, and this was a little escape hatch to let me select a different one. The real work happens in the function. All I have to do is call it. I tell the common font dialog to initialize itself from the I passed in, which I initialize from the font itself. If the user picks a font, the function puts the result in the same , and I use that to create the new font and swap it into the edit control. The rest is just hooking up this function. ...
If you want to track whether the current thread owns a critical section, you can use the critical section itself to protect it
You may find yourself in the situation where you want to keep track of the owner of a critical section. This is usually for debugging or diagnostic purposes. For example, a particular function may have as a prerequisite that a particular critical section is held, and you want to assert this so that you can catch the problem when running the debug build. After we successfully enter the critical section, we mark the current thread as the owner and increment the entry count. Before leaving the critical section, we see if this is the last exit, and if so, we clear the owner field. Note that we update the owner...
Where is this CRC that is allegedly invalid on my hard drive?
If you're unlucky, your I/O operation will fail with , whose description is "Data error (cyclic redundancy check)." Where does NTFS keep this CRC, what is it checking, and how can you access the value to try to repair the data? Actually, NTFS does none of that stuff. The CRC error you're getting is coming from the hard drive itself. Hard drives nowadays are pretty complicated beasts. They don't just plop data down and suck it back. They have error-checking codes, silent block remapping, on-board caching, sector size virtualization, all sorts of craziness. What's actually happening is that the file system asks...
Why is the syntax for touching a file from the command prompt so strange?
The magic incantation for updating the last-modified date on a file is What strange syntax! What's with the plus sign and the commas, anyway? The formal syntax is the much more straightforward This means to start with the file , then append the files , , and , treating them all as binary files. If you omit the part, then you get This means "Start with A, then append nothing." The side effect is that the last-write time gets updated, because the command processor opens for append, writes nothing, then closes the handle. That syntax has worked since at least MS-DOS 2.1 (the earliest version ...
The credit card with a half-million-dollar credit limit
High as the sky.
It really wasn't that fancy a Swedish sentence
I dreamed that I was on vacation with my family at a cabin in the woods. I went downstairs with my elder child, and in the playroom I saw another family who are good friends of ours. I guess they chose to vacation at the same place. They had hired a Swedish-speaking nanny to help with the kids. The nanny asked me a simple question, and I gave a straightforward answer. "Hon är den äldre av mina två barn." The nanny was all so impressed that I was using like super-fancy-pants Swedish grammar. Spoiler alert: It isn't particularly fancy.
A program for my nieces: The ABCs, part 1
I'm going to spend the next few weeks developing a Little Program in several parts. This is a program I wrote for my nieces, who always wanted to play with my laptop (instead of playing with me). Initially, I fired up Notepad and maximized it, and cranked the font size, but that became cumbersome, because I had to reset the font size and Word Wrap setting when they were done. On top of that, my eldest niece complained that some of the the letters were "wrong": The shape of the capital J in the font that I use does not match the shape of the capital J that my niece was taught. (The top serif didn't match.) Ha...
It rather involved being on the other side of this airtight hatchway: Disabling Safe DLL searching
The Microsoft Vulnerability Research team discovered a potential current directory attack in a third party program. The vendor, however, turned around and forwarded the report to the Microsoft Security Response Center: Our investigation suggests that this issue is due to a bug in Microsoft system DLLs rather than our program. When a process is launched, for example, when the user double-clicks the icon in Explorer, a new process object is created, and the DLLs are loaded by a component known as the Loader. The Loader locates the DLLs, maps them into memory, and then calls the DllMain function for each of t...
Why was the Windows source code trunk called the Blue Line?
The nickname doesn't get used much at all any more, but back in the day, the Windows source code trunk was called the Blue Line. Where did it get that name? From the color of the whiteboard pen. When the branching structure was worked out, the trunk was drawn with a blue pen. If you were in that meeting, and you wanted to raise a point about the diagram, you might say, "But when the red line meets the blue line…", or "How do changes get from the green line to the blue line?" Everybody called the trunk the "blue line" in the meeting, and that nickname carried forward into the internal documentation. Of...
Why don't elevated processes inherit their environment variables from their non-elevated parent?
As a general rule, child processes inherit the environment of their parent. But if the parent is non-elevated and the child is elevated, then this inheritance does not happen. Why not? There are two answers to this question. For the kernel-color glasses answer, I defer to Chris Jackson, the App Compat Guy. It's interesting to see how it all works, but it doesn't explain why the mechanism was designed to block environment variable inheritance. The reason for the design is that allowing an elevated process to inherit the from a non-elevated process creates an attack vector. The non-elevated process sets its t...
I didn't go to //build/ in San Francisco, but I'll be at RAMP in Budapest
Larry went to //build/, but I didn't. On the other hand, I will be at RAMP in Budapest. I will be presenting (in English) on the evolution of Windows, specifically on the lessons learned over the first two decades of Windows that led to the design of WinRT, the Windows Runtime. Although the conference has sold out, you can register for free to view the sessions online via live streaming. I'm on at 12:15 (Budapest local time) on July 12. It's the last session before lunch, so everybody will be hungry and anxious for my talk to be over. To whet your appetite, here's a screen shot from my presentation: Althou...
You can read as well as I can, or maybe not
Occasionally, somebody will ask for help on a distribution list, and it turns into a really annoying case of hand-holding. From: X I'm using the XYZ toolset to do some document management, and I want the server to run a script whenever somebody tries to modify the master template, so it can run validations before accepting the update, such as verifying that the person making the change has received the proper approvals. Is that possible? It turns out that this is something the XYZ toolset already knows how to do. From: Raymond You can create a configuration file which adds a condition that validate...
I wonder what sort of efficiency that house gets on the Autobahn
I dreamed that I discovered a path behind my house that led to a playground. It also led to the house of one of my friends. To access to the path from her house, you had to swing the stove away from the wall, exposing a secret door. Also, she drove her house to Europe. ("No need to pack your suitcases, kids. We're taking the whole house!")
Building on our program that draws content at a fixed screen position regardless of window position
Today's Little Program uses the technique we saw last week of drawing content at a fixed screen position, regardless of window position, but adds a little physics to it. Start with our scratch program and make these changes: The class simulates damped motion. Ask a physicist how it works. The rest point is the center of the window. To schedule the painting of a new frame, we invalidate our window and cancel any outstanding animation timer (because the timer is no longer needed now that a paint has been scheduled). If the window changes its rest point while it is vislble, then move the origin of ...
2013 mid-year link clearance
Another round of the semi-annual link clearance. And, as always, the obligatory plug for my column in TechNet Magazine:
It’s the address space, stupid
Nowadays, computers have so much memory that running out of RAM is rarely the cause for an "out of memory" error. Actually, let's try that again. For over a decade, hard drive have been so large (and cheap) that running out of swap space is rarely the cause for an "out of memory" error. In user-mode, the term memory refers to virtual memory, not physical RAM chips. The amount of physical RAM doesn't affect how much memory a user-mode application can allocate; it's all about commit and swap space.¹ But swap space is disk space, and that is in the hundreds of gigabytes for hard drives. (Significantly le...
Once you return from the WM_ENDSESSION message, your process can be terminated at any time
A customer had a program which performed some final I/O operations as it exited. Various C++ objects deleted files or flushed buffers as part of their destructors. The customer found that if their program was left running when the user shut down Windows, then the files never got deleted, and the buffers were never flushed. On the other hand, if they inserted an artificial delay into the shutdown procedure, so that it waited ten seconds after the program exited before continuing with shutdown, then the files did indeed get cleaned up and the buffers were indeed flushed. The customer confirmed that the program did ...
The default error mode (SetErrorMode) is not zero
A customer put the following code at the start of their program: // If this assertion fires, then somebody else changed the error mode // and I just overwrote it with my error mode. ASSERT(SetErrorMode(SEM_FAILCRITICALERRORS) == 0); The customer wanted to know whether it was a valid assumption that the initial error mode for a process is zero. No it is not, and this is called out in the documentation for SetErrorMode: Remarks Each process has an associated error mode that indicates to the system how the application is going to respond to serious errors. A child process inherits the error m...
Where did the names of the fonts Marlett and Verdana come from?
Commenter BAA says that the -lett part of Marlett comes from the designer Virginia Howlett. BAA adds, "I forget the 'Mar' but I believe it was a co-creator." If so, then that co-creator was Suzan Marashi, if Vincent Connare is to be trusted. On page 17 of the PDF document From The Dark Side..., Connare identifies the authors of the font as Virginia Howlett, Rom Impas, Suzan Marashi, and Alison Grauman-Barnes. He also identifies Eliyezer Kohen as the person whose idea it was to use a special-purpose font. According to Virginia Howlett, the original name for the font Verdana was Ventana, which means window i...
Wait, this is not my regular bicycle commute home
I dreamed that I finished biking home and decided not to take the stairs. Instead I took my bicycle into the elevator to go to my dream-land 31st-floor high-rise condo. (As if.) For "security reasons" there were no buttons in the elevator. You had to open a secret panel and flip a circuit-breaker switch corresponding to the floor you want to go to. If you open the wrong panel, you are instead faced with a stack of hot-swappable SATA drives with labels like "Windows 95" and "Windows 95 OSR 2". And yes, I know that SATA didn't exist in 1995.
Drawing content at a fixed screen position, regardless of window position
Today's Little Program draws content at a fixed screen position. The idea is that the window is really a viewport into some magical world. Unfortunately, our magical world just has a sign that says "Booga booga." Creating a more interesting magical world is left as an exercise. Start with our scratch program and make these changes: void OnMove(HWND hwnd, int x, int y) { InvalidateRect(hwnd, 0, TRUE); } void PaintContent(HWND hwnd, PAINTSTRUCT *pps) { POINT ptOrigin = { 0, 0 }; ClientToScreen(hwnd, &ptOrigin); POINT ptOrg; SetWindowOrgEx(pps->hdc, ptOrigin.x, ptOrigin.y, &ptOrg); TextOut(pp...
Of what use is the RDW_INTERNALPAINT flag?
For motivational purposes, let's start with a program that displays a DWM thumbnail. Start with the scratch program and add the following: #include <dwmapi.h> HWND g_hwndThumbnail; HTHUMBNAIL g_hthumb; void UpdateThumbnail(HWND hwndFrame, HWND hwndTarget) { if (g_hwndThumbnail != hwndTarget) { g_hwndThumbnail = hwndTarget; if (g_hthumb != nullptr) { DwmUnregisterThumbnail(g_hthumb); g_hthumb = nullptr; } if (hwndTarget != nullptr) { RECT rcClient; GetClientRect(hwndFrame, &rcClient); if (SUCCEEDED(DwmRegisterThumbnail(hwndFrame, g_hwndThumbnail,...
Solving the problem rather than answering the question: Why does somebody want to write an unkillable process?
Via their customer liaison, a customer wanted to know how to create a process that runs with the context of the user, but which the user cannot terminate without elevating to administrator. The customer is engaging in the futile arms race between programs and users (which is more properly a walls and ladders scenario). And we saw that Windows has decided to keep users in control of their own programs and data and let them kill any process that belongs to them. (For one thing, allowing a process running in a user's context to protect itself from termination would mean that malware could make itself unkillable ...
AttachThreadInput is like taking two threads and pooling their money into a joint bank account, where both parties need to be present in order to withdraw any money
Consider this code: // Code in italics is wrong foregroundThreadId = ::GetWindowThreadProcessId(::GetForegroundWindow(), 0); myThreadId = GetCurrentThreadId(); if (foregroundThreadId != myThreadId) { AttachThreadInput(foregroundThreadId, myThreadId, TRUE); BringWindowToTop(myWindowHandle); If you try to step over the AttachThreadInput call in the debugger, both the debugger and the application being debugged will freeze. Why is that? This should look familiar because it's basically the same code that I warned you about several years ago. The code grabs the curren...
Microspeak: to family well
If you hang out with designers, you may hear the word family used as a verb, usually with the adverb well. The old icons now look dated and do not family well with the Web site. We renamed the feature from Auto Shape to Instant Shape so that it families well with other features like Instant Color. The authenticity certificate on the side of the box should family well with the design on the front of the box. From context, it appears that to family well basically means to be harmonious or consistent with.
I wonder if the Queen of England ever pulls this sort of prank in real life
I dreamed that I was playing doubles tennis. My partner was Boris Becker. Our opponents were the Queen of England and a policeman on a horse. The horse served his horseshoe, which I returned poorly. As the horseshoe bounced across the ground, it made huge divots. The game was called due to poor ground conditions. The Queen played a game with the crowd by pretending to sit down (allowing everybody to sit), then faking them out and standing (making everybody stand up again).
Displaying a property sheet for multiple files
Today's Little Program will show a property sheet that covers multiple files, just like the one you get from Explorer if you multi-select a bunch of files and right-click them all then select Properties. In fact, that description of how you do the operation interactively maps directly to how you do the operation programmatically! #define UNICODE #define _UNICODE #define STRICT_TYPED_ITEMIDS #include <windows.h> #include <ole2.h> #include <shlobj.h> #include <atlbase.h> #include <atlalloc.h> HRESULT GetUIObjectOf( IShellFolder *psf, HWND hwndOwner, UINT cidl, PCU...
A big little program: Monitoring Internet Explorer and Explorer windows, part 3: Tracking creation and destruction
Last time, we listener for window navigations. Today we'll learn about tracking window creation and destruction. The events to listen to are the DShellWindowsEvents. The WindowRegistered event fires when a new window is created, and the WindowRevoked event fires when a window is destroyed. The bad news is that the parameter to those events is a cookie, which is not useful for much, so we just use the events to tell us that it's time to kick off a new enumeration to see what changed. This will also catch the case where something fell out of sync because a window closed without unregister...
A big little program: Monitoring Internet Explorer and Explorer windows, part 2: Tracking navigations
Okay, it's been a while since we set aside our Little Program to learn a bit about connection points and using dispatch interfaces as connection point interfaces. Now we can put that knowledge to use. Internet Explorer and Explorer windows fire a group of events known as DWebBrowserEvents, so we just need to listen on those events to follow the window as it navigates around. Take our scratch program and make these changes: #define UNICODE #define _UNICODE #define STRICT #define STRICT_TYPED_ITEMIDS #include <windows.h> #include <windowsx.h> #include <ole2.h> #include <c...
Dispatch interfaces as connection point interfaces
Last time, we learned about how connection points work. One special case of this is where the connection interface is a dispatch interface. Dispatch interfaces are, as the name suggests, COM interfaces based on IDispatch. The IDispatch interface is the base interface for OLE automation objects, and if you want your connection point interface to be usable from script, you probably should make it a dispatch interface. I'm assuming you know how IDispatch works. The short version is that script that wants to invoke a method or property calls GetIDsOfNames to get the dispatch ID for the method or ...
An introduction to COM connection points
Last time, we saw how to enumerate all the Internet Explorer and Explorer Windows and see what they are viewing. But that program printed static information. It didn't track the changes to the windows if the user clicked to another Web page or navigated to a different folder. In order to hook that up, we need to understand the connection point model and the way events are expressed in dispatch interfaces. First, let's look at the connection point model. These topics confused me when I first met them (in part because I didn't do a good job of mentally separating them into two topics and instead treated it as o...
Unexpected complexity of Swedish pronouns, and escaping the resulting embarrassment
I dreamed that Swedish had separate third-person-plural pronouns based on gender. They were formed from han and hon by adding a common suffix, but the pattern broke down for det, and I got stuck trying to finish a sentence without knowing the correct word. I was able to escape from this embarrassing situation by using a technique available only in dreams: I woke up.
A big little program: Monitoring Internet Explorer and Explorer windows, part 1: Enumeration
Normally, Monday is the day for Little Programs, but this time I'm going to spend a few days on a single Little Program. Now, this might very well disqualify it from the name Little Program, but the concepts are still little; all I'm doing is snapping blocks together. (Plus, it's my Web site, so you can just suck it.) The goal of our Little Program is to monitor Internet Explorer and Explorer windows as they are created, navigate to new locations, and are destroyed. (In principle, other Web browsers can participate in this protocol, but I don't know of any that do, so I'll assume that only Explorer and Intern...
Sharing an input queue takes what used to be asynchronous and makes it synchronous, like focus changes
As I noted earlier in the series, attaching input queues puts you back into the world of coöperative multitasking, where the two attached threads need to work together to get anything done. Back in the old 16-bit days, when input was synchronous, there was only one active window, only one focus window, only one window with capture, only one caret, only one cursor show count, only one keyboard state, only one input state. Furthermore, if you called , you had to wait until the previous focus window responded to the message before your call returned. With asynchronous input, these sorts of operations ar...
A pathological program which ignores the keyboard, and understanding the resulting behavior based on what we know about the synchronous input
Today, we'll illustrate the consequences of the way the window manager synchronizes input when two or more threads decide to share an input queue. Since I need to keep separate state for the two windows, I'm going to start with the new scratch program and make the following changes: #include <strsafe.h> class RootWindow : public Window { public: virtual LPCTSTR ClassName() { return TEXT("Scratch"); } static RootWindow *Create(); void AppendText(LPCTSTR psz) { ListBox_SetCurSel(m_hwndChild, ListBox_AddString(m_hwndChild, psz)); } void LogMessage(const MSG *pmsg) { TCH...
When you share an input queue, you have to wait your turn
Now that we've had a quick introduction to asynchronous input, let's look at some of the details. Remember, this is a peek under the hood at how the sausage is made. The algorithm described here is not part of the API contract and it can change at any time, as long as it services the overall goal of serializing input. Let's start by looking at how things worked in the 16-bit world. Even though 16-bit Windows didn't use the term thread (since each application was single-threaded), I will still use the term since that makes the transition to the 32-bit world more straightforward. As a point of terminology, I...
Asynchronous input vs synchronous input, a quick introduction
One of the topics I covered at my PDC talk was the asynchronous input model. I don't think I ever discussed it on this Web site, so I guess I'll do it now, so that I can point people at it in the future. In the old days of 16-bit Windows, input was synchronous. All input went into a system-wide input queue, and the intuitive rule for input processing is that input messages are dispatched in chronological order. If the user clicked on one window, and then clicked on some other window, the first window must receive and process its click message before the second window will receive its own click message. This...
When a CD gets stuck on infinite repeat during the night
One night, the CD player got stuck due to a scratched disc and ended up repeating the same track over and over again. I dreamed that the song was O(n²) in length,¹ with each new verse one bar longer than the previous one, but unlike a cumulative song,² the location of the inserted bar varied randomly from verse to verse. Moral of the story: Don't use CDs that skip for falling-asleep music. ¹ Also known as O(√n) in complexity. ² "However, the last two lines of every stanza starting from the second stanza onwards except for the last stanza and the last four lines of the last...
How do I make it more difficult for somebody to take a screenshot of my window?
Ultimately, you can't stop somebody from ignoring the words Confidential at the top of a document and whipping out a digital camera and taking a picture of the screen. But at least starting in Windows 7 you can make it a little more difficult. Take our scratch program and add this one line: ... SetWindowDisplayAffinity(hwnd, WDA_MONITOR); ShowWindow(hwnd, nShowCmd); ... Assuming you have the Desktop Window Manager enabled, you will find that attempting to capture our scratch program in a screenshot or via the Snipping Tool will result in black pixels. Remember, this is just an obst...
Posted messages are processed ahead of input messages, even if they were posted later
Regardless of which interpretation you use, it remains the case that posted messages are processed ahead of input messages. Under the MSDN interpretation, posted messages and input messages all go into the message queue, but posted messages are pulled from the queue before input messages. Under the Raymond interpretation, posted messages and input messages are kept in separate queues, and the message retrieval functions will look first in the posted message queue before looking in the input queue. Let's run an experiment to see posted messages get processed ahead of input messages. Start with the new scrat...
The posted message queue vs the input queue vs the message queue
There are multiple ways of viewing the interaction between posted messages and input messages. MSDN prefers to view posted messages and input messages as part of one giant pool of messages in a message queue, with rules about which ones get processed first. I, on the other hand, prefer to think of posted messages and input messages as residing in different queues that are processed in sequence. By analogy, consider a business with a policy that loyalty program members are served ahead of regular customers. One way of organizing this is to form a single queue, but sorting them so members go to the front. To c...
What’s the point of SecureZeroMemory?
The function zeroes out memory in a way that the compiler will not optimize out. But what's the point of doing that? Does it really make the application more secure? I mean, sure the data could go into the swap file or hibernation file, but you need to have Administrator access to access those files anyway, and you can't protect yourself against a rogue Administrator. And if the memory got swapped out before it got zeroed, then the values went into the swap file anyway. Others say that it's to prevent other applications from reading my process memory, but they could always have read the memory before I called . ...
Why don’t hotkeys for items on my Start menu work when I am in a fullscreen application?
You can set a hotkey on the shortcuts in your Start menu, and Explorer will launch that shortcut when you press the hotkey, but not if you are in a fullscreen application, like when you set Paint into fullscreen mode, or when you are displaying a PowerPoint presentation. Why are shortcut hotkeys ignored when a fullscreen application is running? This feature was added by customer request. The issue is that you're playing a game like World of Warcraft or Unreal Tournament, and you're mashing your keys like crazy, and whoops you slip and hit Ctrl+Alt+C instead of Ctrl+Shift+C, and now you inadvertently launched...
What are the scoping rules for variables in nested courtyards?
I dreamed that I had to fix a bug caused by variable redeclaration inside a nested courtyard. Had to move the horses out of the way first. And then it got weird. I won't go into the orchestra rehearsal that turned out to be just a recording played on a loudspeaker in an empty concert hall. Because you wouldn't believe that part.
How do I customize the console properties for a shortcut to a console application?
You already know how to create a shortcut: #include <windows.h> #include <tchar.h> #include <shlobj.h> #include <atlbase.h> // class CCoInitialize incorporated here by reference int __cdecl _tmain(int argc, TCHAR **argv) { // error checking elided for expository purposes CCoInitialize init; CComPtr<IShellLink> spsl; spsl.CoCreateInstance(CLSID_ShellLink); spsl->SetPath(TEXT("C:\\Windows\\system32\\cmd.exe")); CComQIPtr<IPersistFile>(spsl)->Save(L"Here.lnk", TRUE); return 0; } If you double-click the resulting shortcut from Explorer, it will run the command p...
What happens if I manually post an auto-generated message into my message queue?
As we well know, the window manager generates various messages on-demand rather than posting them into the queue at the time the event occurs. But what happens if you manually post one of these messages, like ? Does that clear the internal flag that says "This window needs a paint message?" Nope. The window manager does not have a prank call detector. If you post a fake message, then a fake message shows up in the message queue. The part of the window manager which manages the "Does this window need to be repainted?" does not wiretap every telephone call to see if somebody is prank-calling a window with ...
Even though mouse-move, paint, and timer messages are generated on demand, it’s still possible for one to end up in your queue
We all know that the generated-on-demand messages like , , and messages are not posted into the queue when the corresponding event occurs, but rather are generated by or when they detect that they are about to conclude that there is no message to return and the generated-on-demand message can be returned. When this happens, the window manager creates the message on the fly, posts it into the queue, and hey, how about that, the or function now has a message to return! Note that this auto-generate can happen even though the queue is not empty, because the message filters control what messages in the queue ...
How do I get a window back on the screen when it moved far, far away? Windows 7 (and 8) edition
Some time ago, I showed how to get a window back on the screen when it moved far, far away. That technique still works in Windows 7 and 8, but there's an easier shortcut that takes advantage of window arrangement features added in Windows 7. First, you switch to the application by whatever means. Then hit Win+UpArrow to maximize the window. That should put the window on-screen, albeit at the wrong size. Now you just grab the title bar of the window with the mouse and drag it off the top edge of the screen. Bingo, the window returns to its original position, and you can use the mouse to put it wh...
A question about proper disposal of unwanted items with an unhelpful answer
On an internal mailing list about home maintenance and ownership, somebody asked: I have a handful of items that I need to get rid of and probably should not toss into the regular garbage. Any thoughts? The best reply was an unhelpful one. You've pretty much got all the components you need to build a bomb. Why dispose of them?
The importance of remembering parity in a back-and-forth race on your flying bicycle
I dreamed that one of my friends had made the U.S. cycling team. (Perhaps because everybody else got busted for doping.) Even more implausibly, I also made the team. To celebrate, he challenged me to a short race. The path ran along a river, in which a medium-sized boat was setting sail. Our bicycles somehow could fly (which we considered perfectly normal) and we were flying over the boat, just about keeping pace with it. The boat reversed direction many times, and we reversed along with it. At one of the reversals, I thought, "I could take a shortcut if I kept going straight," but I must've lost even/odd co...
Copying a file to the clipboard so you can paste it into Explorer or an email message or whatever
Today's Little Program takes a fully-qualified file name from the command line and puts that file onto the clipboard. Once there, you can paste it into an Explorer window, or into an email message, or a word processing document, or anybody else who understands shell data objects. #include <windows.h> #include <shlobj.h> #include <atlbase.h> #include <shlobj.h> class COleInitialize { public: COleInitialize() : m_hr(OleInitialize(NULL)) { } ~COleInitialize() { if (SUCCEEDED(m_hr)) OleUninitialize(); } operator HRESULT() const { return m_hr; } HRESULT m_hr; }; // GetUIObjectOfFile in...
Who sends the initial WM_UPDATEUISTATE message?
Last time, we looked at the confusingly-named WM_UPDATEUISTATE and WM_CHANGEUISTATE messages. But how does the whole indicator thingie get off the ground? The default state for a window is to show all indicators. But as a special trick, the dialog manager will send a WM_UPDATEUISTATE message with UIS_INITIALIZE after the dialog has been initialized, which turns off the indicators if the last input event was a mouse event. This is its way of inferring whether the dialog box was triggered by a mouse or keyboard action and setting the initial indicators accordingly. (Note that if th...
Your electric fan is trying to kill you, and other cultural superstitions
In Korea, it is generally believed that leaving a fan on in an enclosed room can be fatal. Ken Jennings looks at cultural superstitions and wrote a Slate article focusing on the scourge of Korean fan death. My mother told me that handling cellophane tape makes you sterile. Though that may have just been her way of getting me to stop playing with cellophane tape. What strange cultural superstitions exist in your part of the world? (Of course, this is a bit of an unfair question, because if you genuinely believe it, then you won't recognize it as a strange cultural superstition!) Clarification: Please re...
Untangling the confusingly-named WM_UPDATEUISTATE and WM_CHANGEUISTATE messages
I always get confused by the and messages, and I have to go figure them out each time I need to mess with them. So this time, I'm going to write it down so I don't forget. Because the act of writing it down helps me to remember. It's like in school, where the teacher says, "This is a closed-book, closed-notes exam, but you are allowed to bring one piece of standard 8½″×11″ paper with you, on which you can write anything you like. No funny business." You work really hard to create the ultimate sheet of paper to bring to the exam, and then it turns out that during the exam, you barely r...
Hey look, now I’m Director of Strategic Planning, oh, and my name also changed to Oliver Lee
It looks like the Visio blog populated a sample organizational chart with pictures of Microsoft employees, and I am now Oliver Lee, Director of Strategic Planning. My secret identity has been revealed. I'm moonlighting at Contoso.
What does GDI use biXPelsPerMeter and SetBitmapDimensionEx for?
What does GDI use and for? Nothing. The and are completely ignored by GDI when loading a bitmap. The values are there for the benefit of image-editing programs who want to record additional information about the bitmap, but GDI ignores them. Similarly, the and functions update a structure associated with each bitmap, but GDI does nothing with the values, aside from initializing them to zero when the bitmap is created. The value is there so that, for example, a program which puts a bitmap on the clipboard can specify the recommended physical dimensions of the bitmap, in order to help another prog...
Microspeak: booked
Remember, the term Microspeak is not tightly scoped to mean jargon used only at Microsoft. It's jargon used at Microsoft more often than in general usage. Today, it's a term that you really need to master if you want to talk with others about project planning. To book a feature is to commit to implementing the feature, including assigning resources to get it done. This means finding designers to design the feature, developers to implement it, and testers to test it, as well as (the hardest part) finding time in the schedule to do it. The resource that is in shortest supply is usually time, since there is no wa...
The secret lair of Administrative Assistants
I dreamed that a colleague and I were looking for a copy of a TN3270 emulator in order to investigate a bug. The search took us into an abandoned-looking Building 5. But upon entering, we discovered that Building 5 was actually the secret lair of all the Administrative Assistants. Oh, and we eventually found the bug in TN3270. It was an application bug that caused it to leave the laser on for too long in one spot, causing it to burn your thumb.
How can I display a live screenshot of a piece of another application?
Today's Little Program takes a rectangular portion of another application and continuously replicates it in its own client area. You might want to do this if you want to monitor a portion of an application like a custom progress bar, and the application doesn't use the Windows 7 taskbar progress indicator feature. (Maybe it's an old application.) Take our scratch program and make the following changes: #define STRICT #include <windows.h> #include <windowsx.h> #include <ole2.h> #include <commctrl.h> #include <shlwapi.h> #include <stdio.h> #include <dwmapi.h> HI...
If you want to use a name for your file mapping, don’t just use the name of the file itself
The original question from the customer was why they couldn't get named file mappings to work at all, but it turns out that the reason is that they were using the full path to the file as the name, even though backslashes have special meaning in file mapping names. Okay, that problem can be solved by changing the backslash to some character legal in file mapping names but not legal in file names; say, a question mark. But that only solves part of the problem: Getting the name past the object manager. The next problem is in the answer to the question, What if two programs did this? If two programs did thi...
Why am I getting LNK2019 unresolved external for my inline function?
More than once, I've seen somebody confused by how inline functions work. I have implemented a few inline functions in one of my cpp files, and I want to use it from other cpp files, so I declare them as extern. But sometimes I will get linker error 2019 (unresolved external) for the inline functions. // a.cpp inline bool foo() { return false; } // b.cpp extern bool foo(); bool bar() { return foo(); } Yup, that's right. The C++ language says in section 3.2(3) [C++03, C++11], and repeats in section 7.1.2(4) [C++03, C++11], An inline function shall be defined in every translation unit in which it is us...
Mathematical formulas are designed to be pretty, not to be suitable for computation
When you ask a mathematician to come up with a formula to solve a problem, you will get something that looks pretty, but that doesn't mean that it lends itself well to computation. For example, consider the binomial coefficient, traditionally written nCk or C(n, k), and in more modern notation as ( nk ). If you ask a mathematician for a formula for the binomial coefficient, you will get the elegant reply (That took forever to format. I will use the traditional notation from now on purely for typographical expediency.) This is a very beautiful formula, but it's horrible for actual computati...
How to tell the poseurs from the actual Windows developers
Poseurs will call Windows versions by their programmatic version numbers. For example, they will call Windows Vista "NT6" and Windows 7 "NT6.1". Trust me, nobody on the Windows team calls the products by their programmatic version numbers. Whenever anybody says "NT6" I have to go to Wikipedia and look up what they're actually talking about. If I even care to bother, and usually I don't. Actually, since I work in the client division, I also have to go look up what Windows Server 2008 and Windows Server 2008 R2 corespond to. People will ask question about client-related issues on server, and we have to go b...
Extending process attribute inheritance beyond its current boundaries
I dreamed that I had to fix a bug in where it failed to inherit the parent process's assault weapons.
Reading mouse input from a console program, and programmatically turning off Quick Edit mode
Today's Little program shows how to read mouse input from a console program. You might use this if you are writing a console-mode text editor with mouse support, or maybe you want to want to add mouse support to your roguelike game. But I'm not going to implement the game itself. Instead, I'm just going to print mouse coordinates to the screen. #define UNICODE #define _UNICODE #include <windows.h> #include <tchar.h> #include <stdio.h> int __cdecl _tmain(int argc, PTSTR argv[]) { HANDLE hConsole = GetStdHandle(STD_INPUT_HANDLE); BOOL fContinue = TRUE; DWORD dwEvents; INPUT_RECORD input...
Creating a simple pidl: For the times you care enough to send the very fake
I'll assume that we all know what pidls are and how the shell namespace uses them. That's the prerequisite for today. A simple pidl is an item ID list that refers to a file or directory that may not actually exist. It's a way of playing "what if": "If there were a file or directory at this location, here is what I would have created to represent it." For the times you care enough to send the very fake. We've seen these things in action with the SHGFI_USEFILEATTRIBUTES flag, which tells the SHGetFileInfo function, "Pretend that the file/directory exists with the attributes I specifi...
Any setting you expose to the user you implicitly expose to applications
Often, in response to some sort of design decision, people will say, "Well, sure, you made this decision because it would allow applications to do Bad Thing, but why not expose it as a setting the user can select? For example, let the user pick a Topper Than Topmost Awesome Top Window Super Top (Extra Super edition), and keep that window on top regardless of what any application does." Because anything the user can do, an application can do. Suppose there was a new context menu item for a window called Make this Topper Than Topmost Awesome Top Window Super Top (Extra Super edition). Well, an application coul...
I wrote two lines of code yesterday
They were both wrong.
How do I get the current value of the RSP register from a C/C++ function? (No answer, but a solution.)
A customer using Visual Studio wanted to know how to obtain the current value of the x64 RSP register from a C/C++ function. They noted that on the x86, you can drop to inline assembly, and on the ia64, you can use the intrinsic to retrieve the value of any register. There is no corresponding intrinsic on x64. There's no really good way of doing this. The customer can sort of get close with . Other approximations would be to call , or to call a helper function which allocates a local variable and returns its address. Now, if you were the one answering this question and you stopped there, then you'd be guil...
The most expensive notepads in Microsoft history
Many years ago, I visited the office of a colleague who worked on Internet Explorer in order to work on some problem or other. As we investigated the issue, we took notes on a 5"×7" tear-off notepad which bore the logo Forms³. My colleague then pointed out to me that we were taking notes on the most expensive notepads in Microsoft history. Forms³ (pronounced "forms-cubed") was the code name for the project that was the precursor to Trident, the layout engine that powers Internet Explorer. As I recall the story as it was told to me, project management thought it would be cool to have custom n...
Dentistry in the Brazil-like future
I dreamed that I was living in a nursing home in some Brazil-like dystopic future. In this future, people had become so horribly disfigured that they wore flesh-colored suits under their clothes all the time just so they would look good "naked". This vanity extended only to people under the age of around 40. The old people in the home were just your average old people, with spotted, wrinkly skin. Nothing particularly ugly about them; just your average old people. In the dream, I was my current age, but I was living in the home anyway, probably because I became prematurely senile. A dentist spontaneously app...
Getting the display name for a shell property
Today's Little Program takes the symbolic name for a shell property and returns a string suitable for display to the end-user, translated into the user's specified display language. #include <windows.h> #include <ole2.h> #include <propsys.h> #include <propkey.h> #include <atlbase.h> #include <atlalloc.h> int __cdecl wmain(int argc, PWSTR argv[]) { CCoInitialize init; if (SUCCEEDED(init) && argc == 2) { CComPtr<IPropertyDescription> spdesc; if (SUCCEEDED(PSGetPropertyDescriptionByName( argv[1], IID_PPV_ARGS(&spdesc)))) { CComHeap...
Fake film project tries to create real film to hide fakeness (and fails)
In 2010, a group of scam artists pretended that they were making a film, appropriately titled A Landscape of Lies. They did this so that they could claim over £2.7 million in tax credits intended to boost the British film industry. Her Majesty's Revenue and Customs began to suspect something was up when no apparent progress was being made on the project and the film company's "office" was an empty room. The scammers tried to make the project look legitimate by actually making a movie for £84,000 and releasing it on DVD. (You can watch the trailer here.) The fake movie was convincing enough to tri...
Another way to create a process with attributes, maybe worse maybe better
Adam Rosenfield noted that "those sure are a lot of hoops you have to jump through to solve this unusual problem" of specifying which handles are inherited by a new process. Well, first of all, what's so wrong with that? You have to jump through a lot of hoops when you are in an unusual situation. But by definition, most people are not in an unusual situation, so it's an instance of the Pay for Play principle: The simple case should be easy, and it's okay for the complicated case to be hard. (It's usually difficult to make the complicated case easy; that's why it's called the complicated case.) The complexity...
If you’re going to use an interlocked operation to generate a unique value, you need to use it before it’s gone
Is the InterlockedIncrement function broken? One person seemed to think so. We're finding that the InterlockedIncrement is producing duplicate values. Are there are any know bugs in InterlockedIncrement? Because of course when something doesn't work, it's because you are the victim of a vast conspiracy. There is a fundamental flaw in the InterlockedIncrement function that only you can see. You are not a crackpot. LONG g_lNextAvailableId = 0; DWORD GetNextId() { // Increment atomically InterlockedIncrement(&g_lNextAvailableId); // Subtract 1 from the current value to get th...
Dark corners of C/C++: The typedef keyword doesn’t need to be the first word on the line
Here are some strange but legal declarations in C/C++: int typedef a; short unsigned typedef b; By convention, the typedef keyword comes at the beginning of the line, but this is not actually required by the language. The above declarations are equivalent to typedef int a; typedef short unsigned b; The C language (but not C++) also permits you to say typedef without actually defining a type! typedef enum { c }; // legal in C, not C++ In the above case, the typedef is ignored, and it's the same as just declaring the enum the plain boring way. enum { c }; Other weird things you can do with typedef ...
Microspeak: Tenet
In standard English, a tenet is a fundamental belief held by a group of people. At Microsoft, the term tenet is used as a generalization of what we previously called taxes: Things that everybody has to do in order to be a good software citizen. While taxes are typically very low-level and specific, like supporting roaming user profiles or multiple monitors, tenets are broader concepts like reliability or compatibility or API design and documentation. The word doesn't escape the halls of Microsoft very often. Most of the citations I have are internal, but here's a case where Jon DeVaan let it slip into a k...
Dreaming about games based on Unicode
I dreamed that two of my colleagues were playing a game based on pantomiming Unicode code points. One of them got LOW QUOTATION MARK, and the other got a variety of ARROW POINTING NORTHEAST, ARROW POINTING EAST, ARROW POINTING SOUTHWEST. I wonder how you would pantomime ZERO WIDTH NON-JOINER.
Getting the current selection from an Explorer window
Today's Little Program prints the current selection in all open Explorer windows. (This is an alternative to the C++ version that involves a ridiculous amount of typing.) var shellWindows = new ActiveXObject("Shell.Application").Windows(); for (var i = 0; i < shellWindows.Count; i++) { var w = shellWindows.Item(i); WScript.StdOut.WriteLine(w.LocationName); var sel = w.Document.SelectedItems(); for (var j = 0; j < sel.Count; j++) { var item = sel.Item(j); WScript.StdOut.WriteLine(item.Name); WScript.StdOut.WriteLine(item.Path); } } I have no idea why you would want to do this, but there you ...
Technically not lying, but not exactly admitting fault either
I observed a spill suspiciously close to a three-year-old's play table. I asked, "How did the floor get wet?" She replied, "Water." It's not lying, but it's definitely not telling the whole story. She'll probably grow up to become a lawyer.
Why does CoCreateInstance work even though my thread never called CoInitialize? The curse of the implicit MTA
While developing tests, a developer observed erratic behavior with respect to : In my test, I call and it fails with . Fair enough, because my test forgot to call . But then I went and checked the production code: In response to a client request, the production code creates a brand new thread to service the request. The brand new thread does not call , yet its call to succeeds. How is that possible? I would expect the production code to also get a error. I was able to debug this psychically, but only because I knew about the implicit MTA. The implicit MTA is not something I can find very much docum...
How can I figure out which user modified a file?
The function will tell you when a file was last modified, but it won't tell you who did it. Neither will , , or , or . None of these the file system functions will tell you which user modified a file because the file system doesn't keep track of which user modified a file. But there is somebody who does keep track: The security event log. To generate an event into the security event log when a file is modified, you first need to enable auditing on the system. In the Local Security Policy administrative tool, go to Local Policies, and then double-click Audit Policy. (These steps haven't changed since Window...
If you don’t know what you’re going to do with the answer to a question, then there’s not much point in making others work hard to answer it
A customer asked the following question: We've found that on Windows XP, when we call the XYZ function with the Awesome flag, the function fails for no apparent reason. However, it works correctly on Windows 7. Do you have any ideas about this? So far, the customer has described what they have observed, but they haven't actually asked a question. It's just nostalgia, and nostalgia is not a question. (I'm rejecting "Do you have an ideas about this?" as a question because it too vague to be a meaningful question.) Please be more specific about your question. Do you want to obtain Windows 7-sty...
Dangerous setting is dangerous: This is why you shouldn’t turn off write cache buffer flushing
Ignoring the warnings and then complaining that the bad thing that happens happened.
Your tenant and your lover, in your dreams
I dreamed that a friend of mind said, "Between your tenant and your lover, you should get along with at least one of them."
Using opportunistic locks to get out of the way if somebody wants the file
Opportunistic locks allow you to be notified when somebody else tries to access a file you have open. This is usually done if you want to use a file provided nobody else wants it. For example, you might be a search indexer that wants to extract information from a file, but if somebody opens the file for writing, you don't want them to get Sharing Violation. Instead, you want to stop indexing the file and let the other person get their write access. Or you might be a file viewer application like ildasm, and you want to let the user update the file (in ildasm's case, rebuild the assembly) even though you're v...
The phenomenon of houses with nobody living inside, for perhaps-unexpected reasons
In London, some of the most expensive real estate is in neighborhoods where relatively few people actually live. According to one company's estimate, 37% of the the residences have been purchased by people who merely use them as vacation homes, visiting only for a week or two per year and leaving the building empty the remainder of the year. In other words, the people who can afford to live there choose not to. This same phenomenon is reported in other cities. For example, only 10% of the condos in the Plaza Hotel are occupied full-time. Another example of a house with nobody living inside is the case wher...
Is it legal to have a cross-process parent/child or owner/owned window relationship?
A customer liaison asked whether it was legal to use to create a parent/child relationship between windows which belong to different processes. "If I remember correctly, the documentation for used to contain a stern warning that it is not supported, but that remark does not appear to be present any more. I have a customer who is reparenting windows between processes, and their application is experiencing intermittent instability." Is it technically legal to have a parent/child or owner/owned relationship between windows from different processes? Yes, it is technically legal. It is also technically legal...
The importance of having a review panel of twelve-year-old boys, episode 2
Microsofties love their acronyms, but you have to remember to send every potential name through a review panel of twelve-year-old boys to identify the lurking embarrassments. When it came time in Windows 7 to come up with the names of the various subteams, two of the proposed names were Core OS eXperience and Find and Use eXperience, using the trendy letter X to abbreviate the trendy capitalization of the word eXperience. The naming system was promptly reconsidered. One of the subteams of Windows 8 is known as User-Centered Experience. The original name of the subteam was the You-Centered Ex...
The problem with adding more examples and suggestions to the documentation is that eventually people will stop reading the documentation
I am a member of a peer-to-peer discussion group on an internal tool for programmers which we'll call Program Q. Every so often, somebody will get tripped up by smart quotes or en-dashes or ellipses, and they will get an error like C:\> q select table –s “awesome table” Usage: q select table [-n] [-s] table Error: Must specify exactly one table. After it is pointed out that they are a victim of Word's auto-conversion of straight quotes to slanted quotes, there will often be a suggestion, "You should treat en-dashes as plain dashes, smart quotes as straight quotes, and fancy-ell...
On giving a name at the register to be called when your order is ready
Shultzy's Sausage describes itself as "Seattle's Wurst Restaurant since 1989!" It's a local hangout for sausage, beer, chili, and advanced dishes like sausage with beer or sausage with chili. In the early 1990's, Shultzy's expanded to a second location just a few blocks from Microsoft's main campus in Redmond, at a location known to my circle of friends as the location of death. Many neighborhoods have a location of death: It's the location where there's a restaurant that can never manage to stay open. First it's a gyro restaurant. After a few months the gyro restaurant shuts down and a crêpe restaura...
Another meaning of the word leptoceratops
I dreamed that a number of the form (10ⁿ−1)/9 was called a "leptoceratops." And it had to be tied up with a squid.
The managed way to retrieve text under the cursor (mouse pointer)
Today's Little Program is a managed version of the text-extraction program from several years ago. It turns out that it's pretty easy in managed code because the accessibility folks sat down and wrote a whole framework for you, known as UI Automation. (Some people are under the mistaken impression that UI Automation works only for extracting data from applications written in managed code. That is not true. Native code can also be a UI Automation provider. The confusion arises because the name UI Automation is used both for the underlying native technology as well as for the managed wrappers.) using Syste...
How do I wait until all processes in a job have exited?
A customer was having trouble with job objects, specifically, the customer found that a WaitForSingleObject on a job object was not completing even though all the processes in the job had exited. This is probably the most frustrating part of job objects: A job object does not become signaled when all processes have exited. The state of a job object is set to signaled when all of its processes are terminated because the specified end-of-job time limit has been exceeded. Use WaitForSingleObject or WaitForSingleObjectEx to monitor the job object for this event....
Don’t forget, the fourth parameter to ReadFile and WriteFile is sometimes mandatory
The ReadFile and WriteFile functions have a parameter called lpNumberOfByteRead, which is documented as __out_opt LPDWORD lpNumberOfBytesRead, // or __out_opt LPDWORD lpNumberOfBytesWritten, "Cool," you think. "That parameter is optional, and I can safely pass NULL." My program runs fine if standard output is a console, but if I redirect standard output, then it crashes on the WriteFile call. I verified that the handle is valid. int __cdecl main(int, char **) { // error checking removed for expository purposes HANDLE hStdOut = GetStdHandle(STD_OUTPUT_HANDLE); ...
How can I move an HTREEITEM to a new parent?
Suppose you have a TreeView control, and you created an item in it, and you want to move the to a new parent. How do you do that? You can't, at least not all in one motion. You will have to delete the and then re-create it in its new location. If you want to move an within the same parent (say, to reorder it among its siblings), then you can use and pass a custom sort function that rearranges the children into the order you want.
Where did the research project RedShark get its name?
Project code names are not arrived at by teams of focus groups who carefully parse out every semantic and etymological nuance of the name they choose. (Though if you read the technology press, you'd believe otherwise, because it turns out that taking a code name apart syllable-by-syllable searching for meaning is a great way to fill column-inches.) Usually, they are just spontaneous decisions, inspired by whatever random thoughts jump to mind. Many years ago, there was an internal user interface research project code named RedShark. Not Red Shark but RedShark, accent on the Red. Where did this strange name come...
The joke’s on you, because PATH goes to Penn Station, not Grand Central!
I dreamed that I was asked to develop a hill-avoiding bike route from my childhood home. Along the way, I rode through a daycare playroom (twice, due to a spiral path), met Madonna, the ghost of Alec Baldwin's wife, a team from The Amazing Race trying to figure out which PATH train goes to Grand Central (trick question!) and waited for the next train with a supervillain who demonstrated his powers by using his stretchy arms to punch one of my colleagues who was standing ten feet away and who electrocuted another colleague's pacemaker by force of will. Yes, I know that Alec Baldwin is not a widower, and my colle...
Some trivia about the //build/ 2011 conference
Nothing important.
2013 Q1 link clearance: Microsoft blogger edition
It's that time again: Linking to other Microsoft bloggers.
How do I convert a method name to a method index for the purpose of INTERFACEINFO?
The IMessageFilter::HandleIncomingCall method describes the incoming call by means of an INTERFACEINFO structure: typedef struct tagINTERFACEINFO { LPUNKNOWN pUnk; IID iid; WORD wMethod; } INTERFACEINFO, *LPINTERFACEINFO; The wMethod is a zero-based index of the method within the interface. For example, IUnknown::QueryInterface has index zero, IUnknown::AddRef has index one, and IUnknown::Release has index two. If you want to filter on a method in an interface, you need to know its index. One way of doing this would be to sit and count the methods, but this is erro...
The C language specification describes an abstract computer, not a real one
If a null pointer is zero, how do you access the memory whose address is zero? And if C allows you to take the address one past the end of an array, how do you make an array that ends at , since adding one to that value would wrap around? First of all, who says that there is a byte zero? Or a byte ? The C language does not describe an actual computer. It describes a theoretical one. On this theoretical computer, it must be possible to do certain things, like generate the address of one item past the end of an array, and that address must compare greater than the address of any member of the array. But how...
“Adjust visual effects for best performance” should really be called “Adjust visual effects for crappiest appearance”
In the Performance Options control panel, on the tab labeled Visual Effects, there is a radio button called Adjust for best performance. If you select it, then all the visual effects are disabled. But the name of that radio button has been wrong for a long time. It doesn't actually adjust your visual effects for best performance. It just adjusts them for crappiest appearance. Starting in Windows Vista, a lot of visual effects were offloaded to the graphics card. Consequently, the impact on system performance for those visual effects is negligible, and sometimes turning off the effect actually makes your syst...
There’s no law that says two people can’t have the same thing to eat
Some time ago, my group went out for a team lunch. It was to a restaurant we were not familiar with, so there was quite a bit of time studying the menu. As everybody looked over the menu, discussion naturally turned to "So what are you going to have?" "I think I'll have the salmon sandwich." One of my colleagues replied, "Oh, rats. I was thinking of having that." I remarked, "There's no law that says two people can't order the same thing." My colleague disagreed. Not if you ask my wife. Whenever we go out to eat, she'll ask me what I'm having, and then she'll say "Oh, rats. I was thinking of having ...
Dreaming about a rather unusual guitar rehearsal
I dreamed that I watched a long-time colleague of mine rehearse the guitar in preparation for the new "hot pants" competition of the Miss Universe pageant. The scary thing is that the pageant may actually do it.
Using accessibility to monitor windows as they come and go
Today's Little Program monitors windows as they come and go. When people contemplate doing this, they come up with ideas like installing a WH_CBT hook or a WH_SHELL hook, but one of the major problems with those types of hooks is that they are injected hooks. Injection is bad for a number of reasons. It forces the hook to be in a DLL so it can be injected. Hook activities need to be marshaled back to the main program. Your DLL will capture events only in processes of the same bitness, because you cannot load a 32-bit DLL into a 64-bit process or vice versa. You can inject into an elevated process o...
When will GetMessage return -1?
A source of great consternation is the mysterious return value from : If there is an error, the return value is −1. For example, the function fails if is an invalid window handle or is an invalid pointer. That paragraph has caused all sorts of havoc, because it throws into disarray the standard message pump: But don't worry, the standard message pump is safe. If your parameters are exactly then will not fail with . Originally, the function did not have a failure mode. If you passed invalid parameters, then you invoked undefined behavior, and you probably crashed. Later, somebody sai...
Does this operation work when file system redirection is disabled? The default answer is NO
A customer reported that when their program called to get the icon for a folder, the call failed. "It works on some machines but not others. We don't know what the difference is between the working and non-working machines." They included the offending function from their program, but everything in the function looked good. The problem was something outside the function itself. Eventually, the customer confessed that they had called the function to disable file system redirection, and the call to took place while redirection was disabled. "We found that if we re-enable file system redirection before calling ...
The x86 architecture is the weirdo: Structured exception handling
If your reference architecture is x86, then you will think that everything it does is normal and the rest of the world is weird. Except it's the other way around: The x86 architecture is the weirdo. I was reminded of this when commenter 640k complained, on the subject of what I think is table-based structured exception handling, "It would be interesting to know why this 'invention' was introduced in 64-bit Windows when no other version of Windows requires it." (The original text was "when no other OS requires it", but I'm assuming that this was in the context of Windows-based OS, since unix doesn't have struc...
Raymond’s highly scientific predictions for the 2013 NCAA men’s basketball tournament
Once again, it's time for Raymond to come up with an absurd, arbitrary criterion for filling out his NCAA bracket. This year, I look at the number of fans of the basketball team's official Facebook page, or one tenth of the number of fans of the school's athletic department, whichever is greater. The fraction 1/10 is completely arbitrary, but that's what makes this algorithm highly scientific. Notes on this year's algorithm: Once the field has been narrowed to four teams, the results are determined by a coin flip. (I should have done this when the field reduced to eight teams rather than four, b...
Microspeak: Science project
A science project is a feature that is really cool and challenging from a technological standpoint but is way overkill for the end-user scenario at hand. Back in the late 1990's, a bunch of us cooked up this idea for a networked screen saver that ran at night after most people had gone home from work. You told it the physical location and compass orientation of everybody's monitor. The networked screen saver created a virtual red bouncing ball that traveled around the building in three dimensions. The screen saver showed a viewport into the three-dimensional virtual world that contained the bouncing ball. Th...
It may be your birthday, but why stop at just the day? Think big!
I had the pleasure of meeting a friend of a friend who is an odd, quirky sort, in a wholly endearing sort of way. When her birthday comes around, she isn't satisfied to have just one day of celebration. Or even a week. No, she takes the entire month. The entire month of March is open season for taking her to dinner, getting her a gift, or otherwise celebrating what an awesome person she is. Every year I receive an automated reminder, "X's birthday: all day." And I say to myself, "What, just the day?" Bonus chatter: Her father is from Turkey, and her mother is Swiss (so she's a deli sandwich, half turkey, hal...
Manipulating the positions of desktop icons
Just putting together the pieces you already have.
Playing with the Windows Animation Manager: Moving lots of stuff around
We saw last time a sample program that moved a circle around. Today I'll try to build the classic demo of animating a lot of objects in a list. This isn't the prettiest code, but I wanted to make as few changes as possible. Start with the Timer-Driven Animation, and make these changes to the MainWindow.h header file. struct Item { IUIAnimationVariable *m_pAnimationVariableX; IUIAnimationVariable *m_pAnimationVariableY; Gdiplus::Color m_color; }; class MainWindow { ... // HRESULT ChangeColor( // DOUBLE red, // DOUBLE green, // DOUBLE blue // ); ...
Playing with the Windows Animation Manager: Fixing a sample
Windows 7 provides a component known as the Windows Animation Manager, known to some people by its acronym WAM, pronounced "wham". There are some nice sample programs for WAM on MSDN, but for some reason, the authors of the samples decided to animate the three color components of a resultant color. Because apparently the authors of those sample programs can look at a color and say, "Oh, clearly the red component of this color increases gradually at first, then speeds up its rate of increase, and then slows back down until it reaches its final value; while simultaneously the blue component is doing the o...
Closing holes in the update notification pattern
Suppose you have a function that is registered to be called the next time something gets updated, and suppose that the notification is a one-shot notification and needs to be re-armed each time you want to wait for the next notification. (For example, the RegNotifyChangeKeyValue function behaves this way.) Consider the following code fragment: void onUpdateThing() { // get the updated properties of the thing getThingProperties(); // ask to be called back the next time it updates registerUpdateCallback(onUpdateThing); } mainProgram() { // get the thing's initial properties // and re...
How do I hide Public Libraries on all computers in my organization?
A customer wanted to know how to hide the libraries named Public (Documents), Public Pictures, and Public Videos on all computers in their organization. It turns out that this is already documented in TechNet under the topic Administrative How-to Guides (I found this page by issuing a Web search for ⟨library-ms⟩.) The customer is specifically interested in the section titled How to Customize and Deploy Libraries. I'll let you read that Web page for the details. I'm just posting this here so that the next customer won't burn an expensive support call on something that's already documented on Tec...
Redistributing computers among offices for heating purposes
Some time ago, I joked about the people who rearrange computers in their house during the winter in order to use them as space heaters. Turns out this happens a lot at Microsoft. One of my friends said that one of his coworkers used a small heater in her office to keep warm. On the other hand, his office always ran warm because of all the computers in it. They hit upon a simple solution to both problems: "Now she's using a 12 core/24 thread space heater that's a lot quieter than her old one." At one point in time, I had a large number of computers in my office, including an Itanium prototype. (You knew it w...
Derive the age of the planet Jupiter from the properties of liquid hydrogen and the planet’s surface temperature
I dreamed that my homework assignment was to derive the age of the planet Jupiter. The professor hinted that physical properties of liquid hydrogen and the current Jupiter surface temperature would be useful. My classmate Ted, on the other hand, had to extend a C++ base class to record a GUID name. The two of us were taking a class together where we watched a reality show about two ditzy celebrities, and the professor said, "The next episode is so stupid, I don't even want anybody to watch it. But they do learn about Sirens of Greek mythology, so can you guys write up a quick one-pager to get everybody up t...
How can I see what files and shares are being accessed remotely, and the general usage pattern for the NetXxx functions
Today's Little Program is a command line version of the Shared Folders MMC snap-in. Why? Because it illustrates the usage pattern for the NetXxx family of functions. (It's also a clone of the networking portion of the openfiles tool.) The NetXxx family of functions generally work like this: You pass in some parameters that describe what you want. Server name, that sort of thing. You pass a "level" parameter that describes what information you want. The function allocates memory to hold the results you requested, and it returns a pointer to that memory through a bufptr para...
Microsoft-internal Chuck Norris facts
A colleague of mine forwarded me some status mail from his team's internal bug push. (This is a push to fix bugs, not a push to introduce new bugs.) Apparently, one of the ways the developers lifted the tension was to discover some new Chuck Norris Facts, two of which were shared in the status mail: Chuck facts today: Happy birthday, Chuck! (Remember, don't let the facts get in the way of a good story.) Bonus: Google-internal Chuck Norris facts.
Why do Explorer and the command prompt interpret file times differently?
A customer observed that if they use Explorer to view the timestamp on a file, it is not always in agreement with the value shown if they run a plain in a command prompt. They are sometimes off by an hour. Why is that? Whenever you hear the phrase "off by an hour" you should immediately think "Daylight Saving Time". The formatting of file timestamps shown by Explorer has changed over time. The most recent algorithm (at the time of this writing) is to use the time zone that was in effect at your current location at the time the timestamp was created. For example, a file created at noon in June 22 will show ...
What are the conventions for managing standard handles?
Consider this function: void ChangeConsoleColor(WORD wColor) { HANDLE h = GetStdHandle(STD_OUTPUT_HANDLE); if (h != INVALID_HANDLE_VALUE) { SetConsoleTextAttribute(h, wColor); CloseHandle(h); } } "When I call this function, it works the first time, but when I call it a second time, GetStdHandle returns a handle numerically identical to the one returned by the first call, but the handle is now invalid, presumably because I closed it. I closed it because I was taught to clean up after myself. Is this a case where I shouldn't?" Yes, you should clean up after yourself, but you should also have...
What are the dire consequences of not selecting objects out of my DC?
The convention when working with device contexts is to restore them to the way you found them. If a drawing function selects a bitmap into a device context, then it should select the original bitmap into the device context before returning. Same for fonts, pens, all that stuff. But what if you decide to violate that convention? For example, maybe you create a memory DC, select a bitmap into it, and just leave the bitmap selected there, selecting it out only when you get around to destroying the DC. Is that really so bad? It sort of depends. The danger of leaving objects selected into a DC for an extended ...
Space Mountain as if the lights were on, and other Disneyland/World secrets
Many years ago, some friends of mine went to Disneyland and got to experience Space Mountain in an unusual way. They went through the ride the normal way, but when the car returned to the load/unload area, the cast member (because that's what Disney calls them) asked, "Do you want to go again?" Everybody in the car enthusiastically shouted, "Yes!" (Presumably they were falling behind on the loading and unloading, and waving a car through saved them a bit of time they could use to catch up.) The second time through the ride was qualitatively different: Their eyes had already acclimated to the dark, so ...
Inadvertently creating dress-like-Steve day
Even if you haven't been paying much attention, you may have noticed that Steve Sinofsky has developed a bit of a uniform for himself. You can pretty much count on him wearing a T-shirt with a V-neck sweater. (There appears to be some sort of alphabetic theme there, but I'm not going to check if he's also wearing a G-string.) Some time ago, I realized as I was heading in to work that for the second day in a row, I happened to be wearing the Steve Sinofsky uniform. Was I subconsciously mirroring the boss? As fate would have it, later that morning, I happened to run into Steve as we both headed from one buildi...
Around and around and back and somewhere else
I dreamed that I was navigating through an enormous house, with lots of twists and turns. I eventually became convinced that the house was only locally Euclidean. Yes, I sometimes have topology dreams.
Marking a shortcut to say that it should not be placed on the Windows 8 Start page upon installation or treated as a newly-installed application
Today's Little Program creates a shortcut on the Start menu but marks it as "Do not put me on the front page upon installation." This is something you should do to any secondary shortcuts your installer creates. And while you're at it, you may as well set the "Don't highlight me as a newly-installed program" attribute used by Windows 7. (Remember, Little Programs do little to no error checking.) #define UNICODE #define _UNICODE #define STRICT #include <windows.h> #include <shlobj.h> #include <atlbase.h> #include <propkey.h> #include <shlwapi.h> int __cdecl wmain(int, wchar_t...
The source of much confusion: “backed by the system paging file”
Perhaps one of the most misunderstood sentences in the Win32 documentation is this little bit in the documentation for : If hFile is INVALID_HANDLE_VALUE, the calling process must also specify a size for the file mapping object in the dwMaximumSizeHigh and dwMaximumSizeLow parameters. In this scenario, CreateFileMapping creates a file mapping object of a specified size that is backed by the system paging file instead of by a file in the file system. When people read the underlined portion, they interpret this to mean "The data in the file mapping object will be written to the ...
What does 1#J mean? A strange corner case of the printing of special values
As a puzzle, commenter nobugz asks, "What kind of infinity is 1.#J?" double z = 0; printf("%.2f", 1/z); Now, the division by zero results in IEEE positive infinity, would would normally be printed as 1#INF. But the catch here is that the print format says "Display at most two places after the decimal point." But where is the decimal point in infinity? The Visual C runtime library arbitrarily decided that all of the exceptional values have one digit before the decimal (namely, the "1"). Actually, it turns out that this puzzle might be an answer to Random832's question, "What's the 1 for?" Maybe the 1 is the...
Is there a way to specify an icon to appear next to a menu item via the resource template?
The structure lets you specify a bitmap to appear next to the menu item. Is there a way to do this from a menu resource template? No. If you look at the format of menu templates, you'll see that there is nowhere to specify a bitmap. Which kind of makes sense, because it is the responsibility of the application to destroy the bitmap referenced by the member when the menu is destroyed, but if you created the menu from a template, you don't know what that handle is, so you can't destroy it either!
When the option becomes so second-nature you forget that it’s an option
A user of the imaginary Program Q program wanted to write an automated test that created a table, then ran various sub-test which communicated among each other by updating that table. When my test tries to create a table, the program asks the following question: q install server -r testdb Setting up this machine to be a registered table server... Registered table servers must adhere to Microsoft information security policies. See http://programq/policy for details. If you have questions, contact mailto:qpolicy. Do you agree to adhere to Microsoft policies regarding registered table servers (y/n/q)...
This code would be a lot faster if it weren’t for the synchronization
This is a story from a friend of a friend, which makes it probably untrue, but I still like the story. One of my colleagues jokingly suggested that we could speed up our code by adding these lines to our project #define EnterCriticalSection(p) ((void)0) #define LeaveCriticalSection(p) ((void)0) I replied, "You think you're joking, but you're not." According to legend, there was a project whose product was running too slow, so they spun off a subteam to see what architectural changes would help them improve their performance. The subteam returned some time later with a fork of the project that they had "t...
Dreaming up strange inventions: The combination urinal/bidet/washing machine
I dreamed that a friend of mine was showing me her new appliance: A combination urinal/bidet/washing machine. As we loaded clothes into it, she said, "You okay in there, Stephanie?" A muffled voice emerged from within: "Just let me know when you're ready."
Display a custom thumbnail for your application (and while you’re at it, a custom live preview)
Mini-me.
Now that version 4 of the .NET Framework supports in-process side-by-side runtimes, is it now okay to write shell extensions in managed code?
Many years ago, I wrote, "Do not write in-process shell extensions in managed code." Since I originally wrote that article, version 4 of the .NET Framework was released, and one of the features of that version is that it supports in-process side-by-side runtimes. Does that mean that it's now okay to write shell extensions in managed code? The answer is still no. The Guidance for implementing in-process extensions has been revised, and it continues the recommendation against writing shell extensions and Internet Explorer extensions (and other types of in-process extensions) in managed code, even if you're us...
Isn’t the CompletionKey parameter to CreateIoCompletionPort superfluous?
When you associate a file handle with an I/O completion port with the function, you can pass an arbitrary pointer-sized integer called the which will be returned by the function for every I/O that completes against that file handle. But isn't that parameter superfluous? If somebody wanted to associated additional data with a file handle, they could just extend the structure to contain that additional data. Yes, they could, so in a purely information-theoretical sense, the parameter is superfluous. And heated seats in your car are superfluous, too. But they sure are nice! From a purely information-...
What does -1.#IND mean?: A survey of how the Visual C runtime library prints special floating point values
As every computer scientist knows, the IEEE floating point format reserves a number of representations for infinity and non-numeric values (collectively known as NaN, short for not a number). If you try to print one of these special values with the Visual C runtime library, you will get a corresponding special result: Positive and negative infinity are generated by arithmetic overflow, or when the mathematical result of an operation is infinite, such as taking the logarithm of positive zero. (Don't forget that IEEE floating point supports both positive and negative zero.) For math nerds: IEEE arithmetic uses...
You can ask the compiler to answer your calling convention questions
If you want to figure out some quirks of a calling convention, you can always ask the compiler to do it for you, on the not unreasonable assumption that the compiler understands calling conventions. "When a __stdcall function returns a large structure by value, there is a hidden first parameter that specifies the address the return value should be stored. But if the function is a C++ instance method, then there is also a hidden this parameter. Which goes first, the return value parameter or the this pointer?" This is another case of You don't need to ask me a question the compiler can answer more accurately...
Microspeak: bubble up
Bubble up is the name of a soft drink, but at Microsoft, it means something else. (Remember, Microspeak is not just terms used exclusively within Microsoft, but also terms used at Microsoft more often than in the general population.) To bubble up information is to expose the information at a higher reporting level. For example, you might have a local team report that goes into detail over all the work items the team is responsible for and the corresponding status of each item. The data from this report may bubble up into a group report, which summarizes the work item status across all teams. As another exam...
I speak German better in my dream than I do in real life
I dreamed that I was at a large trade show, where everybody had cleared the center of the main floor to make room for an impressive real-time holography demo. After the demo was over, everybody moved their chairs back, but the German delegation had difficulty returning their chairs to the exact position they took them from, because everybody else (not being German) just put the chairs in rows without regard for their original row and seat number. Next came dinner, and I had to help interpret for a German attendee (who in retrospect may have been Angela Merkel with dark hair) who had taken two appetizers and ...
Display control buttons on your taskbar preview window
A tiny control surface.
Debug session: Why is an LPC server not responding?
A particular scenario was hanging, and the team responsible for the scenario debugged it to the point where they saw that their X component was waiting for their Y component, which was waiting for Explorer, so they asked for help chasing the hang into Explorer. The team was kind enough to have shared what they've learned so far: kd> !alpc /m 9c14d020 Message 9c14d020 MessageID : 0x0274 (628) CallbackID : 0xCCA5 (52389) SequenceNumber : 0x00000016 (22) Type : LPC_REQUEST DataLength : 0x0094 (148) TotalLength : 0x00AC...
If you can’t find the function, find the caller and see what the caller jumps to
You're debugging a program and you want to set a breakpoint on some function, say, netapi32!DsAddressToSiteNameW, but when you execute the bp netapi32!DsAddressToSiteNameW command in the debugger, the debugger says that there is no such function. The Advanced Windows Debugging book says that the bp command should set a breakpoint on the function, but the debugger says that the symbol cannot be found. I used the x netapi32!* command to see that the debugger did find a whole bunch of symbols, and it says that the symbols were loaded (from the public symbol store), but ne...
How do I launch a file as if it were a text file, even though its extension is not .txt?
You might have a program that generates log files or other text content with an extension other than . You naturally might want to open these documents in the user's default text editor. You might decide to ask the Windows developer support team, "How can I figure out what program is the handler for text files?" The idea being that once you get this program name, you can then run it yourself, with the document on the command line. And you would also be running into the trap of looking for the answer to a question rather than a solution to a problem. For one thing, the default handler for the file type might ...
What’s the story of the onestop.mid file in the Media directory?
If you look in your folder, you'll find a MIDI file called . What's the story behind this odd little MIDI file? Aaron Margosis considers this file a security risk because "if an attacker can cause that file to be played, it will cause lasting mental pain and anguish to everybody within earshot." Despite Wikipedia's claims[citation needed], the file is not an Easter Egg. The file was added in in Windows XP with the comment "Add cool MIDI files to replace bad old ones." So as bad as is, the old ones must have been even worse! Okay, but why were they added? For product support. The product support...
Let me take this shortcut across Lake Saskatchewan
I dreamed that I had to drive from Los Angeles to Berkeley to catch my flight home. To do this, I used a product from a local startup company: A computerized map of the Bay Area. There were two routes across Lake Saskatchewan. The southern route is highway I-70, and the northern route is an elevated highway that goes right past the head of the Canadian Statue of Freedom, a 300-foot-tall statue carved from a single rock. This shows that computer nerds are horrible cartographers: Berkeley has an airport, Los Angeles is on the peninsula just south of San Francisco, and the Bay Area is in Canada. Sure, this is ...
Display an overlay on the taskbar button
Today's "Little Program" displays an overlay on the taskbar button. I've seen some people call this a "badge", but "overlay" is the official term. Start with our scratch program and make the following changes: #include <comip.h> #include <comdef.h> #include <shlobj.h> #include <shellapi.h> _COM_SMARTPTR_TYPEDEF(ITaskbarList3, __uuidof(ITaskbarList3)); I decided to shake things up and use a different smart pointer library: com_ptr_t. (That'll teach you to complain that I don't use a smart pointer library in my samples. Now you get to complain that I use the wrong smart pointer libr...
The Essential Guide To Dim Sum
The folks over at BuzzFeed Food have put together this marvelous Essential Guide To Dim Sum. The field guide includes pictures of dim sum offerings, organized by food preparation style, then sub-categorized by physical appearance. Each dish is accompanied by its name in three languages (English, Mandarin Chinese, and Cantonese), along with symbolic information similar to a clothing care tag that encodes information like recommended method of eating. Save some radish cakes for me. Via Tony Chor.
For the Nitpickers: Enhanced-mode Windows 3.0 didn’t exactly run a copy of standard-mode Windows inside the virtual machine
Generally speaking, Enhanced-mode Windows 3.0 ran a copy of standard-mode Windows inside the virtual machine. This statement isn't exactly true, but it's true enough. Commenter Nitpicker objected, "Why are you threatening us with the Nitpicker's Corner for asking about this issue instead of explaining it once and linking it everywhere?" Okay, first of all, as far as I can tell, you're the first person to ask about the issue. So you can't say "Everybody who asks about the issue is threatened with the Nitpicker's Corner" because up until you made your comment, nobody ever asked. Okay, well, technically you c...
Once you know something can be done, doing it is much easier
Unfortunately, I don't remember the name of the star of this story, but I'm told that there was a notable mathematician who believed the Perfect Graph Conjecture to be false and spent many years trying to prove it one way or another. Meanwhile, another mathematician (presumably László Lovász) announced that he had found a proof (in the affirmative). Upon hearing the news that the open question had been resolved, the first mathematician was able to produce a proof within 90 minutes. Once again showing that it's much easier to do something once you know it can be done.
How can I register my context menu command for all file types *except* one, or other complex conditionals?
Advanced Query Syntax to the rescue.
The curious pattern of pre-emptively rejecting the solution to your problem
A frustrating pattern that shows up occasionally in customer questions is the case where the customer poses a problem, and pre-emptively rejects the mechanism explicitly designed to solve that problem. How can we change the widget color without using IWidget::SetColor? Um, the whole point of IWidget::SetColor is to change the color of a widget. Why are you rejecting the mechanism whose sole purpose in life is to solve the very problem you are having? Usually, if you press hard enough, they will cough up the reason why they think they cannot use the solution specifically designed to do what they w...
Optimizing the Chili’s dining experience
Back in the days of Windows 95, one of my colleagues paid a visit to his counterparts over in the Windows NT team as part of a continuing informal engagement to keep the Windows NT developers aware of the crazy stuff we've been doing on the Windows 95 side. One particular time, his visit occurred in late morning, and it ran longer than usual, so the Windows NT folks said, "Hey, it's lunchtime. Do you want to join us for lunch? It's sort of our tradition to go to Chili's for lunch on Thursdays." My colleague cheerfully accepted their offer. The group were shown to their table, a...
Old trace logs in your dreams
I dreamed that I was archiving old data. Some came off an old CP/M floppy disc. Another was an IntelliTrace debug log from the 1980's. Back then, IntelliTrace recorded the history onto index cards, which were stored in trays like in a library card catalog. Made jumping back and forth really easy, but setting breakpoints was a pain.
Obtaining the parsing name (and pidl) for a random shell object
The parsing name for a shell item is handy, because it lets you regenerate the item later. Actually, the pidl for the shell item is even better, because that is the official way of saving and restoring objects. It's the pidl that gets saved in a shortcut, and since shortcuts can be copied around from machine to machine, pidls must be transportable and forward compatible. (A shortcut file created on Windows XP needs to keep working on all future versions of Windows.) Here's a handy little tool for grabbing the parsing name and pidl for a random shell object. Start with our scratch program, and add in the ...
The annual sporting event involving a football that dare not speak its name and a digression into the sportsmanship of wasting time in nonproductive activity
I always wonder about people who are so protective of the name of their event that they don't even allow people to mention it by name. One of the most notorious examples is the organization which runs a major international gathering of athletes which takes place every four years (or every two years if you consider warm-weather sports and cold-weather sports). Another example is that you aren't allowed to refer to the championship game of the major professional American football league by its actual name without permission. You have to use some alternate phrasing like the big game. I propose that all media organi...
Psychic debugging: Why your IContextMenu::InvokeCommand doesn’t get called even though you returned success from IContextMenu::QueryContextMenu
A customer was having trouble with their IContextMenu implementation. They observed that their IContextMenu::QueryContextMenu method was being called, but when the user selected their menu item, IContextMenu::InvokeCommand was not being called. Given what you know about shell context menus, you can already direct the investigation. I'll let you read up about it first, especially the part about composition, then we can see how much you've learned. Welcome back. (Okay, I know you didn't actually do the reading, but I'm welcoming you back anyway.) Your first theory as to why IC...
The somewhat misguided question of whether MapViewOfFile or WriteProcessMemory is faster
A customer asked, "Which is faster for copying data from one process to another; or ?" This is one of those "Huh?"-type questions, where the customer has solved half of a problem and is looking for help with the other half, the half that makes no sense. First of all, the question is malformed because does not copy any data at all. It takes existing data and maps it into a process. No copy takes place; both processes are seeing the same memory block, and if the memory is modified via one mapping, the change will be visible in other mappings. It's like asking "Which company has better wireless telephone ...
Why doesn’t HeapValidate detect corruption in the managed heap?
A customer had a program that was corrupting the managed heap by p/invoking incorrectly. The problem didn't show up until the next garbage collection pass, at which point the CLR got all freaked-out-like. "According to Knowledge Base article 286470, the tool is supposed to catch heap corruption, but it doesn't catch squat." Depending on your point of view, this is either a case of the customer not understanding what things mean in context or of the KB article author looking at the world through kernel-colored glasses. The tool, pageheap, full pageheap, and the function all operate on heaps, but the sen...
Poisoning your own DNS for fun and profit
When you type a phrase into the Windows Vista Start menu's search box and click Search the Internet, then the Start menu hands the query off to your default Internet search provider. Or at least that's what the Illuminati would have you believe. A customer reported that when they typed a phrase into the Search box and clicked Search the Internet, they got a screenful of advertisements disguised to look like search results. What kind of evil Microsoft shenanigans is this? If you looked carefully at the URL for the bogus search "results", the results were not coming from Windows Live Search. They were c...
Please hold your head perfectly still while you write up that memo
I dreamed that the original Volkswagen Beetle factory was so cramped that the office workers had to move their desks to the factory floor, with heavy equipment swinging around just inches from their faces. To prevent serious injuries, a template passed through every so often to make sure nothing was out of place.
Finding a printer, and then creating a shortcut to that printer
Today's "Little Program" does two things: It looks for a printer in the Printers folder, and then once it finds it, it creates a shortcut to that printer. As is common with "Little Programs", I don't bother with error checking. I'll leave you to do that. Second part first, since it is handy on its own: Creating a shortcut to an arbitrary item in the shell namespace, provided either in the form of an ID list or a shell item. (The ID list is the thing that identifies an item in the shell namespace.) void CreateShortcutToIDList(PCWSTR pszName, PCUIDLIST_ABSOLUTE pidl) { CComPtr<IShellLink> spsl; spsl....
When you have a SAFEARRAY, you need to know what it is a SAFEARRAY *of*
A customer had a problem with SAFEARRAY, or more specifically, with CComSafeArray. CComSafeArray<VARIANT> sa; GetAwesomeArray(&sa); LONG lb = sa.GetLowerBound(); LONG ub = sa.GetUpperBound(); for (LONG i = lb; i <= ub; i++) { CComVariant item = sa.GetAt(i); ... use the item ... } The GetAt method returns a VARIANT&, and when it is copy-constructed into item, the DISP_E_BADVARTYPE exception is raised. On the other hand, if the offending line is changed to CComQIPtr<IAwesome> pAwesome = sa.GetAt(i).punkVal; then the problem goes away. Your initial reaction to this c...
STRICT_TYPED_ITEMIDS is the shell namespace version of the STRICT macro used by USER and GDI
Starting with the Windows Vista PlatformSDK, defining the symbol before including shell header files changes declarations that previously had simply used now use one of various types which are more clear about what type of ID list is being used. Think of it as the macro for the shell. The more precise names emphasize the form of the ID list: These new types were introduced to help catch common programming errors when using the shell namespace. For example, if you try to pass an array of absolute pidls to , you will get a type mismatch compiler error because that method takes an , and the thing you ...
Eliot Chang’s list of things Asians hate
Where are you really from?
Why was WHEEL_DELTA chosen to be 120 instead of a much more convenient value like 100 or even 10?
We saw some time ago that the nominal mouse wheel amount for one click (known as a "detent") is specified by the constant , which has the value 120. Why 120? Why not a much more convenient number like 100, or even 10? Because the value 120 made it easier to create higher-resolution mouse wheels. As noted in the documentation: The delta was set to 120 to allow Microsoft or other vendors to build finer-resolution wheels (a freely-rotating wheel with no notches) to send more messages per rotation, but with a smaller value in each message. Suppose the original wheel mouse had nine clicks around its ci...
Heads-up: Phone scammers pretending to be JPMorgan Chase MasterCard security
Recently, a round of phone scammers have been dialing through our area with a caller-ID of (000) 000-0000, which should already raise suspicions. When you answer, a synthesized voice says that they are calling from JPMorgan Chase MasterCard security. They claim that your credit card has been disabled due to suspicious activity, and in order to reactivate it, you need to enter your 16-digit credit card number. I decided to see how far I could take the robot voice for a ride, so I entered 16 random digits. No luck, the robot voice knew about the checksum and asked me to enter it again. I did a quick search for...
Microspeak: pivot
A great word to use at Microsoft to make it sound like you're one of the cool insiders is pivot. Mostly because the meaning of the word varies from place to place, so you can use it to mean whatever you like while still sounding hip and jargony. In Windows Phone, the term pivot is a technical term which refers to a type of control that lets users switch easily from page to page. The term is used metonymically to mean the pages themselves. In the Calendar, on the To-Do pivot, you can press and hold on a to-do item and select postpone a day. In Excel, the term pivot refers to a type of table or chart that...
The 2013/2014 Seattle Symphony subscription season at a glance
The pocket reference guide for 2013/2014.
The changing name of the Microsoft event held in conjunction with Martin Luther King, Jr. Day
Today is Martin Luther King, Jr. Day, a federal holiday in the United States honoring the civil rights leader and formally serving as a day to reflect on the principles of racial equality and nonviolent social change and more generally to honor Dr. King's legacy through service. At Microsoft, the day has been recognized with an event whose name is, um, well, the name keeps changing. Here are the names from recent years: I like to think this is done intentionally just to keep people on their toes. Ironically, although the event "celebrates diversity and inclusion," the email announcing the event ina...
What is this rogue version 1.0 of the HTML clipboard format?
At least as of the time this article was originally written, the HTML clipboard format is officially at version 0.9. A customer observed that sometimes they received HTML clipboard data that marked itself as version 1.0 and wanted to know where they could find documentation on that version. As far as I can tell, there is no official version 1.0 of the HTML clipboard format. I hunted around, and the source of the rogue version 1.0 format appears to be the WPF Toolkit. Version 1.0 has been the version used by since its initial commit. If you read the code, it appears that they are not generating HTML c...
A brief history of the GetEnvironmentStrings functions
The GetEnvironmentStrings function has a long and troubled history. The first bit of confusion is that the day it was introduced in Windows NT 3.1, it was exported funny. The UNICODE version was exported under the name GetEnvironmentStringsW, but the ANSI version was exported under the name GetEnvironmentStrings without the usual A suffix. A mistake we have been living with for over two decades. This is why the winbase.h header file contains these confusing lines: WINBASEAPI LPCH WINAPI GetEnvironmentStrings( VOID ); WINBASEAPI LPWCH WINAPI GetEnvironment...
How do I create a TaskDialog with a progress bar but no cancel button?
A developer from another group within Microsoft wanted to create a with a progress bar, but they couldn't figure out how to get rid of the Cancel button. "Is there a way to remove all the buttons from a Task Dialog?" Um, users hate it when you give them a window that cannot be closed or cancelled. What should the user do if the reticulation server stops responding? Shut down the computer? (Hey, at least shutting down the computer will actually work.) "The process usually takes around two seconds, and we time out after ten. In the case of timeout, we replace the progress dialog with a failure dialog w...
If there were some sort of award for alternative commuting, we would’ve been eligible
A few projects ago, I worked on a team whose members came to work by a wide variety of modes. If there were some sort of award for alternative commuting, we would've been eligible. One of the full-time telecommuters was based in Spain, which was handy because he was available to deal with issues that cropped up while everybody in Redmond was sleeping. Perhaps to compensate for all the gasoline being saved by his employees, our manager drove an oversized pick-up truck to work.
State law requires you to watch this video of a singing hippo
I did it briefly a few years ago, but I'm going to make it a regular Monday feature, at least for this year: Blogging my dreams. I dreamed that I was back in my high school English class, and due to some new state law, everybody was required to watch this video of a singing hippo. The hard part was walking four miles to the nearest viewing location, seeing as we didn't even have a TCP/IP standard yet, much less YouTube. To think that this is the culmination of the technological advances of the last three decades: Being able to watch a singing hippo on demand.
How can I write a script that finds my top-rated photos?
I'm not sure if I'll be able to keep it up, but I'm going to see if I can make Monday "Little Programs" day, where I solve simple problems with little programs. Today's little program is a script that goes through your Pictures folder and picks out your top-rated photos. The key step here is extracting the rating, which goes by the name System.Rating in the shell property system. The method which does the extraction is ShellFolderItem.ExtendedProperty. var shell = new ActiveXObject("Shell.Application"); var picturesFolder = shell.Namespace(39); // CSIDL_MYPICTURES var items = picturesFolde...
Understanding errors in classical linking: The delay-load catch-22
Wrapping up our week of understanding the classical model for linking, we'll put together all the little pieces we've learned this week to puzzle out a linker problem: The delay-load catch-22. You do some code cleanup, then rebuild your project, and you get LNK4199: /DELAYLOAD:SHLWAPI ignored; no imports found from SHLWAPI What does this error mean? It means that you passed a DLL via the /DELAYLOAD command line switch which your program doesn't actually use, so the linker is saying, "Um, you said to treat this DLL special, but I don't see that DLL." "Oh, right," you say to yourself. "I got rid of a c...
Understanding the classical model for linking: Sometimes you don’t want a symbol to come along for a ride
Continuing our study of the classical model for linking, let's take another look at the trick of taking symbols along for the ride. The technique of taking symbols along for the ride is quite handy if that's what you want, but sometimes you don't actually want it. For example, a symbol taken along for the ride may create conflicts or create unwanted dependencies. Here's an example: Suppose you have a library called stuff.lib where you put functions that are used by various modules in different projects. One of the files in your library might look like this: // filedatestuff.cpp BOOL GetFileCreationTimeW(...
The enduring cultural fascination with Queen’s Bohemian Rhapsody
Bohemian Rhapsody was not part of my world growing up, so I view the continuing cultural fascination with the piece with detached confusion. The hallmark of cultural preoccupation is the fact that the Wikipedia entry deconstructs the piece moment by moment, clocking in at over 2000 words, far in excess of the Wikipedia recommendation of a 60-word summary for a 6-minute piece (10 words per minute). And longer than the entire Wikipedia page for Ruth Bader Ginsburg.
Understanding the classical model for linking: You can override an LIB with another LIB, and a LIB with an OBJ, but you can’t override an OBJ
If you study the classical model for linking, you'll see that OBJ files provided directly to the linker have a special property: They are added to the module even if nobody requests a symbol from them. OBJs bundled into a library are pulled into the module only if they are needed to resolve a needed symbol request. If nobody needs a symbol in the OBJ, then the OBJ doesn't get added to the module. On the other hand, OBJs handed directly to the linker get added to the module whether anybody wants them or not. Last time, we learned about the along for the ride technique which lets you pull components into a modu...
Understanding the classical model for linking: Taking symbols along for the ride
Last time, we learned the basics of the classical model for linking. Today, we'll look at the historical background for that model, and how the model is exploited by libraries. In the classical model, compilers and assemblers consume source code and spit out an OBJ file. They do as much as they can, but eventually they get stuck because they don't have the entire module at their disposal. To record the work remaining to be done, the OBJ file contains various sections: a data section, a code section (historically and confusingly called text), an uninitialized data section, and so on. The linker resolves symbol...
Understanding the classical model for linking, groundwork: The algorithm
The classical model for linking goes like this: Each OBJ file contains two lists of symbols. Provided symbols: These are symbols the OBJ contains definitions for. Needed symbols: These are symbols the OBJ would like the definitions for. (The official terms for these are exported and imported, but I will use provided and needed to avoid confusion with the concepts of exported and imported functions in DLLs, and because provided and needed more clearly captures what the two lists are for.) Naturally, there is other bookkeeping information in there. For example, for provided symbols, not only is the...
What’s the guidance on when to use rundll32? Easy: Don’t use it
Occasionally, a customer will ask, "What is Rundll32.exe and when should I use it instead of just writing a standalone exe?" The guidance is very simple: Don't use rundll32. Just write your standalone exe. Rundll32 is a leftover from Windows 95, and it has been deprecated since at least Windows Vista because it violates a lot of modern engineering guidelines. If you run something via Rundll32, then you lose the ability to tailor the execution environment to the thing you're running. Instead, the environment is set up for whatever Rundll32 requests. You get the idea. Note also that Rundll32 ass...
Why does my program run really slow or even crash (or stop crashing, or crash differently) if running under a debugger?
More than once, a customer has noticed that running the exact same program under the debugger rather than standalone causes it to change behavior. And not just in the "oh, the timing of various operations changed to hit different race conditions" but in much more fundamental ways like "my program runs really slow" or "my program crashes in a totally different location" or (even more frustrating) "my bug goes away". What's going on? I'm not even switching between the retail and debug versions of my program, so I'm not a victim of changing program semantics in the debug build. When a program is running under ...
A few stray notes on Windows patching and hot patching
Miscellaneous notes, largely unorganized.
If NTFS is a robust journaling file system, why do you have to be careful when using it with a USB thumb drive?
It's a case of filesystem-colored glasses.
2012 year-end link clearance
It goes again.
Why can't you rename deleted items in the Recycle Bin?
I misread a question from commenter Comedy Gaz, so let's try it again. (Good thing I held one last Suggestion Box Monday of the year in reserve.) Why can't you rename deleted items in the Recycle Bin? Okay, first of all, "Why would you want to do this?" I see no explanation for how this could possibly escape the 100-point hole every feature starts out in. I mean, these are items you deleted. Why do you care what their names are? Are you renaming it so you can find it again later? Why would you go to the effort of locating an item in the Recycle Bin, and then not bother recovering it? It's like calling the ...
What do HeapLock and HeapUnlock do, and when do I need to call them?
You never need to call the and functions under normal operation. Assuming the heap is serialized (which is the default), all the standard heap functions like and will automatically serialize. In fact, the way they serialize is by calling the¹ and functions! Nearly all heap operations complete in a single call. If your heap is serialized, this means that the heap operation takes the heap lock, does its work, and then releases the heap lock and returns. If all heap operations were like this, then there would be no need for or . Unfortunately, there is also the function, which does a little bit o...
What is so special about the instance handle 0x10000000?
A customer wanted to know what it means when the function returns the special value . Um, it means that the library was loaded at ? Okay, here's some more information: "We're trying to debug an application which loads DLLs and attempts to hook their registry accesses when they call . It looks like when the special handle is returned from , the registry writes go through and bypass the hook. On the other hand, when a normal value is returned by , the hook works." There is nothing special about the value . It's an address like any other address. At this point, your psychic powers might start tingling. Everybod...
What celebration of Kwanzaa would be complete without Sandra Lee's infamous Kwanzaa cake?
For those unfamiliar with Sandra Lee, her gimmick is that the ingredients in her recipes are primarily prepared foods, a food-preparation technique (I'm reluctant to call it cooking) which she calls "semi-homemade." First, the creation one critic called "an edible hate crime." Next, the apology from the creator. I guess I imagined something more refined. And I know the Corn Nuts were disgusting, but she didn't. As a matter of fact, the more tasteless the recipes got the more she liked them, the faster she approved them.
A question about endian-ness turns out to be the wrong question
Via a customer liaison, we received what seemed like a simple question: "How can I detect whether a Windows machine is big-endian or little-endian?" You could actually answer this question (say by coughing up a code fragment that stores a 16-bit value to memory and then takes it apart into bytes to see how it got stored, or by simply hard-coding it based on the target architecture you are compiling for), but you'd be making the mistake of answering the question instead of solving the problem. The customer liaison explained, "My customer is having a problem that is caused by a bug in the SAP BI connector. Accor...
You too can use your psychic powers: Spaces in paths
I'm going to be lazy today and make you solve the problem. Did a recent security hotfix change change the way we handle UNC paths with spaces? Normally, if we open the Run dialog and type , the folder opens. But recently it stopped working. Instead of opening the folder, we get the Open With dialog: Choose the program you want to use to open this file: File: Support Browse... OK Cancel Can you figure out what happened recently that introduced this problem? You have all the information you need...
Miss Denmark, she is dressed as a mermaid because we couldn't secure the rights from LEGO
Once again, the commentary is NSFW, but once again, they so deserve it. Miss Universe 2012 National Costumes, Part 1 my favorite is the commentary for the Dominican Republic) Miss Universe 2012 National Costumes, Part 2 Miss Universe 2012 National Costumes, Part 3 (but Venezuela wins the things on top her head category) By the way, here's your dress made of LEGO. And for completeness, because I forgot to link to it last year: Miss Universe 2011 National Costumes, Part 1 Miss Universe 2011 National Costumes, Part 2
What is the proper handling of WM_RENDERFORMAT and WM_RENDERALLFORMATS?
Contradictory documentation.
Why do BackupRead and BackupWrite require synchronous file handles?
The and functions require that the handle you provide by synchronous. (In other words, that they not be opened with .) A customer submitted the following question: We have been using asynchronous file handles with the . Every so often, the call to will fail, but we discovered that as a workaround, we can just retry the operation, and it will succeed the second time. This solution has been working for years. Lately, we've been seeing crash when trying to back up files, and the stack traces in the crash dumps appear to be corrupted. The issue appears to happen only on certain networks, and the problem goes ...
Why do I sometimes get classic buttons and sometimes themed buttons depending on the host process?
A customer reported that their printer configuration property sheet page looked different depending on the host process. In some processes, the printer configuration dialog had the classic look of Windows 2000, but in other processes it has the themed look of Windows XP and later versions. The printer driver calls the to create the property sheet page that contains the push-button, radio-button, and other controls. We've confirmed that we call the function with the same parameters each time, but the results are different depending on which program is doing the printing. We've confirmed that both appli...
Why doesn't SHGetKnownFolderPath return the customized path?
A customer reported that the function was not working correctly. They moved their Videos folder to a new location, but when they called , they got the old path rather than the new one. A quick check of the code they provided showed why: Um, you're passing the flag. That flag means "Tell me where this folder would have been if its location had never been customized." Therefore, if you pass this flag, you have no right to complain that it's returning a path different from the customized path. Because passing that flag means "I don't want the customized path."
Why was Pinball removed from Windows Vista?
The ball became a ghost.
2012 års Gävlebock gick upp i brand. Igen.
The town of Gävle in Sweden erects a large straw goat every year. The Yule Goat is a Scandinavian tradition, but the Gävle goat (Gävlebocken in Swedish) is by far the most famous, or perhaps the most notorious, because it has been the center of conflict from its very beginning, and over the years since its first appearance in 1966, it has only gained more notoriety. (For something that is supposed to bring people together, it sure does a good job of dividing them.) The first conflict is between those who want the goat to last the entire season and those who want it to be lit on fire. (And anecdota...
Like the cake, WS_EX_TRANSPARENT is a lie, or at least not the entire truth
There is an extended window style known as . Explaining what this style does is kind of difficult, but it's been on the list of future topics since 2003. Better late than never, I guess. First of all, there are two unrelated senses of transparent in play. One is visual transparency: Pixels beneath the window can show through. The other is hit-test transparency: Do clicks on this window go to the window, or do they pass through to the window beneath? And each of those senses of transparent is itself complicated. Let's look a hit-test transparency first. We saw some time ago that It's Complicated. Different h...
Why is it possible to create a toolbar with the wrong HINSTANCE? And what's the right HINSTANCE anyway?
A customer observed that all of the following code fragments are successful in creating a toolbar common control: Furthermore, the customer observed that works regardless of whether you pass the process instance or for the parameter. First of all, what's going on? And second of all, which of the three methods above is most correct? We can dispatch Fragment3 easily, because passing as the instance handle is equivalent to passing the process instance handle. Therefore, whatever happens in Fragment3 is explained by whatever happens in Fragment 1. (Treating a instance as a synonym for th...
Why is it so hard to write a program that requires UI Access privilege?
If you want your program to have the UI Access privilege, you have to jump through a few hoops. The program needs to be digitally signed, and it needs to go into the directory. Why is it so hard to get UI Access? Because UI Access bypasses User Interface Privilege Isolation (UIPI) security measures. The more valuable the target, the more substantial the security measures. UI Access allows low-integrity programs to access and interact with the user interface of high-integrity programs. This has historically been the source of security vulnerabilities. UIPI was created in part to prevent this type of security a...
How am I supposed to free the information returned by the GetSecurityInfo function?
The function returns a copy of the security descriptor for a kernel object, along with pointers to specific portions you request. More than once, a customer has been confused by the guidelines for how to manage the memory returned by the function. Let's look at what the function says: ppsidOwner [out, optional] A pointer to a variable that receives a pointer to the owner SID in the security descriptor returned in ppSecurityDescriptor. The returned pointer is valid only if you set the flag. This parameter can be NULL if you do not need the owner SID. Similar verbiage can be...
Microspeak: v-team
Virtual team. But it's a real team, nothing virtual about it.
I'll tell you what I think of the new University of California logo once it finishes loading
Why do some shortcuts not support editing the command line and other properties?
Ben L observed that some shortcuts do not permit the command line and other options to be edited. "Where is this feature controlled? Is there a way to override this mode?" This question is echoed by "Anonymous (Mosquito buzzing around)" (and don't think we don't know who you are), who in a huge laundry list of questions adds, "Why does the Game Explorer limit customizing command line, target, etc?" These questions are looking at the situation backwards. The issue is not "Why do these shortcuts block editing the command line?" The issue is "Why do some shortcuts allow editing the command line?" Recall that ...
It rather involved being on the other side of this airtight hatchway: Writing to the application directory
We received a security vulnerability report that went roughly like this: There is a security vulnerability in the X component. It loads from the current directory, thereby making it vulnerable to a current directory attack. Here is a sample program that illustrates the problem. Copy a rogue into the current directory and run the program. Observe that the rogue is loaded instead of the system one. If you actually followed the instructions, what you saw depended on your definition of "run the program." Let's assume that the program has been placed in the directory . Setting the current directory to t...
Replaying input is not the same as reprocessing it
Once upon a time, there was an application that received some input and said, "Okay, this input cancels my temporary state. I want to exit my temporary state, but I also want the input that took me out of the temporary state to go to whatever control would have received the input if I hadn't been in the temporary state in the first place." (For example, you might want the input that dismisses a pop-up window to be acted upon rather than eaten by the pop-up.) The application decided to solve this problem by regenerating the input message via , so that it goes back into the input queue. The theory, is that when the...
Why do I get notified for changes to HKEY_CLASSES_ROOT when nobody is writing to HKEY_CLASSES_ROOT?
A customer had a question about the function. We are using it to monitor the tree as follows: If I understand the documentation correctly, this registers for notifications when subkeys are added, deleted, or when values are changed. However, it seems that my event becomes signaled at many other times, for example, when I switch folders in an Explorer window. I fired up Process Monitor and confirmed that nobody (not even Explorer) is writing to . Why are we getting spurious notifications? Have we misunderstood what this function does? Everything is working as expected; it's just that your expectation...
The QuickCD PowerToy, a brief look back
One of the original Windows 95 PowerToys was a tool called QuickCD. Though that wasn't its original name. The original name of the QuickCD PowerToy was FlexiCD. You'd think that it was short for "Flexible CD Player", but you'd be wrong. FlexiCD was actually named after its author, whose name is Felix, but who uses the "Flexi" anagram as a whimsical nickname. We still called him Felix, but he would occasionally use the Flexi nickname to sign off an email message, or use it whenever he had to create a userid for a Web site (if Web sites which required user registration existed in 1994). You can still see rem...
Have you found any TheDailyWTF-worthy code during the development of Windows 95?
Mott555 is interested in some sloppy/ugly code or strange workarounds or code comments during the development of Windows 95, like "anything TheDailyWTF-worthy." I discovered that opening a particular program churned the hard drive a lot when you opened it. I decided to hook up the debugger to see what the problem was. What I discovered was code that went roughly like this, in pseudo-code: The code enumerated every file in the system directory, Windows directory, Program Files directory, and possibly also the kitchen sink and their uncle's kitchen sink. It tries to load each one as a library, and sees ...
The debugger lied to you because the CPU was still juggling data in the air
A colleague was studying a very strange failure, which I've simplified for expository purpose. The component in question has the following basic shape, ignoring error checking: There are two parts of the object. One part that is essential to the object's task, and another part that is needed only when updating. The parts related to updating are expensive, so the object sets them up only when an update is active. You indicate that an update is active by calling , and you indicate that you are finished updating by calling . There are a few race conditions here, and one of them manifested itself in a cras...
Various ways of performing an operation asynchronously after a delay
Okay, if you have a UI thread that pumps messages, then the easiest way to perform an operation after a delay is to set a timer. But let's say you don't have a UI thread that you can count on. One method is to burn a thread: Less expensive is to borrow a thread from the thread pool: But both of these methods hold a thread hostage for the duration of the delay. Better would be to consume a thread only when the action is in progress. For that, you can use a thread pool timer: The timer queue timer technique is complicated by the fact that we want the timer to self-cancel, so it needs to know its handle,...
Why are there both FIND and FINDSTR programs, with unrelated feature sets?
Jonathan wonders why we have both and , and furthermore, why the two programs have unrelated features. The program supports UTF-16, which doesn't; on the other hand, the program supports regular expressions, which does not. The reason why their feature sets are unrelated is that the two programs are unrelated. The program came first. As I noted in the article, the program dates back to 1982. When it was ported to Windows NT, Unicode support was added. But nobody bothered to add any features to it. It was intended to be a straight port of the old MS-DOS program. Meanwhile, one of my colleagues ove...
Security vulnerability reports as a way to establish your l33t kr3|)z
There is an entire subculture of l33t l4x0rs who occasionally pop into our world, and as such have to adapt their communication style to match their audience. Sometimes the adaptation is incomplete. You may have trouble finding the exploit buried in that perl script, because the perl script consists almost entirely of graffiti and posturing and chest-thumping. (You may also have noticed a bug.) Here is the script with all the fluff removed: This could've been conveyed in a simple sentence: "Create a one-byte file consisting of a single null byte." But if you did that, then you wouldn't get your chance t...
Puzzling triple rainbow clearly identifies location of pot of gold
I noted to some friends that the weather forecast for Seattle two weekends ago called for rain on Friday, rain on Saturday, and rain on Sunday. But at least on Monday, the forecast was not for rain. It was for heavy rain. One of the consequences of Seattle's annual Rain Festival (runs from January 1 to December 31) is that we get plenty of potential for rainbows. A friend of mine was lucky enough to capture a photo of a puzzling triple rainbow this past weekend. The primary and secondary rainbows we all know about, but what's that vertical rainbow shooting straight up into the sky? (And observe that the landi...
How does the window manager decide where to place a newly-created window?
Amit wonders how Windows chooses where to place a newly-opened window on a multiple-monitor system and gives as an example an application whose monitor choice appears inconsistent. The easy part is if the application specifies where it wants the window to be. In that case, the window is placed at the requested location. How the application chooses those coordinates is up to the application. On the other hand, if the application passes , this means that the application is saying, "I have no opinion where the window should go. Please pick a place for me." If this is the first top-level window created by the app...
The Hater's Guide to the Williams-Sonoma Catalog
Today is the traditional start of the holiday shopping season in the United States. If you are thinking of getting something from Williams-Sonoma, Drew Margary has selected a few items of note for your consideration (NSFW: language). (It cracks me up that the model is using the batter dispenser which "measures out uniform circles" to fill a square waffle-maker.)
When studying performance, you need to watch out not only for performance degradation, but also unexpected performance improvement
In addition to specific performance tests run by individual feature teams, Windows has a suite of automated performance tests operated by the performance team, and the results are collated across a lot of metrics. When a number is out of the ordinary, the test results are flagged for further investigation. The obvious thing that the performance metrics look for are sudden drops in performance. If an operation that used to consume 500KB of memory now consumes 750KB of memory, then you need to investigate why you're using so much memory all of a sudden. The reasons for the increase might be obvious, like "Oh, rats...
The resource compiler will helpfully add window styles for you, but if you're building a dialog template yourself, you don't get that help
A customer was having trouble with nested dialogs. They were doing something very similar to a property sheet, with a main frame dialog, and then a collection of child dialogs that take turns appearing inside the frame dialog based on what the user is doing. The customer found that if they created the child dialogs with the function, everything worked great, but if they built the template at run-time, keyboard navigation wasn't working right. Specifically, one of their child dialogs contained an edit control, and while you could put focus on it with the mouse, it was not possible to tab to the control. On the...
It rather involved being on the other side of this airtight hatchway: Silently enabling features
A security vulnerability report arrived which went roughly like this: When you programmatically enable the XYZ feature, the user receives no visual alert that it is enabled. As a result, malware can enable this feature and use it as part of an attempt to turn the machine into a botnet zombie. The XYZ feature should notify the user when it is enabled, so that to presence of malware is more easily determined. Okay, first of all, before we get to the security part of this issue, let's look at the user interface design. The proposed change is that, when the XYZ feature is enabled programmatically, the user receive...
How do I use group policy to improve security of USB thumb drives in my organization?
A customer wanted to know how they could improve the security of USB thumb drives in their organization. Specifically, they wanted to block access to removable media devices (primarily USB thumb drives), but provide a list of exceptions for specific thumb drives. Fortunately, there's a whitepaper that covers exactly this topic and explains how to set up your policies to accomplish this. Step-By-Step Guide to Controlling Device Installation Using Group Policy
Microspeak: touch base
The verb phrase touch base is in general business jargon use, but it's quite popular at Microsoft. To touch base with someone is to contact someone in a lightweight and mostly-informal sort of way. In other words, it takes the form of a piece of email or a brief office visit rather than a formal meeting with an agenda. Bob, can you touch base with the Nosebleed team to verify that this design change won't affect them? Bob is expected to contact a representative from the Nosebleed team, either by sending email, or by telephone, or by stopping by their office for a quick chat. If Bob sets up a one-hour meeting...
Raymond's podcast list (for 2011, at least)
Ry Jones wants to know what other podcasts I subscribe to. Remember, I wrote this back in 2011. Here's what I listen to. Note that I am not averse to fast-forwarding over parts that don't interest me, such as when they discuss a movie that I simply don't care about.
How do I forward an exported function to an ordinal in another DLL?
The syntax for specifying that requests to import a function from your DLL should be forwarded to another DLL is This says that if somebody tries to call from , they are really calling in . This forwarding is done in the loader. Normally, when a client links to the function , the loader says, "Okay, let me get the address of the function in and store it into the variable." It's the logical equivalent of When you use a forwarder, the loader sees the forwarder entry and says, "Whoa, I'm not actually supposed to get the function from at all! I'm supposed to get the function from !" So it loads and g...
If you're going to write your own allocator, you need to respect the MEMORY_ALLOCATION_ALIGNMENT
This time, I'm not going to set up a story. I'm just going to go straight to the punch line. A customer overrode the operator in order to add additional instrumentation. Something like this: This worked out okay on 32-bit systems because in 32-bit Windows, is 8, and is also 8. If you start with a value that is a multiple of 8, then add 8 to it, the result is still a multiple of 8, so the pointer returned by the custom remains properly aligned. But on 64-bit systems, things went awry. On 64-bit systems, is 16, As a result, the custom handed out guaranteed-misaligned memory. The misalignment went u...
Break it up, you two!: The zero width non-joiner
Preventing characters from combining.
Microsoft Money crashes during import of account transactions or when changing a payee of a downloaded transaction
Update: An official fix for this issue has been released to Windows Update, although I must say that I think my patch has more style than the official one. You do not need to patch your binary. Just keep your copy of Windows 8 up to date and you'll be fine. For the five remaining Microsoft Money holdouts (meekly raises hand), here's a patch for a crashing bug during import of account transactions or when changing a payee of a downloaded transaction in Microsoft Money Sunset Deluxe. Patch the mnyob99.dll file as follows: File offset 003FACE8: Change 85 to 8D File offset 003FACED: Change 50 to 51 File of...
Frequentists vs Bayesians
But, I mean, c'mon. Frequentists vs Bayesians? Worst. Action. Movie. Ever.
Why are taskbar live previews lost when you use Fast User Switching?
Anonymous asks a metric buttload of questions, which means that I feel compelled to answer all or none. And given the choice, I decided to answer none. Okay, I will answer one and ignore the rest. Why are taskbar live previews lost when you use Fast User Switching? When you switch away from a user via Fast User Switching, the Desktop Window Manager for that session is turned off. After all, since that session no longer has access to the screen, there's no point running all this code and consuming all this memory for something nobody can see. When the Desktop Window Manager restarts upon reactivation of a ses...
Thread affinity of user interface objects: Addendum
Some time ago, I discussed the thread affinity of device contexts, noting that the and functions must be called from the same thread. The same restriction also applies to printer DCs. Printer DCs must be created and destroyed on the same thread. The printing team imposed this additional rule in order to make it easier for printer driver vendors to author their drivers. (Printer driver developers have a habit of calling in their implementation of and in their implementation of .) Given that printer drivers are a third-party extension point, it's probably in your best interest to treat printer DCs as havin...
What does the COINIT_SPEED_OVER_MEMORY flag to CoInitializeEx do?
One of the flags you can pass to is , which is documented as : Trade memory for speed. This documentation is already vague since it doesn't say which direction the trade is being made. Are you reducing memory to increase speed, or increasing memory by reducing speed? Actually it's neither: If you pass this flag, then you are instructing COM to consume more memory in an attempt to reduce CPU usage, under the assumption that you run faster by executing fewer cycles.¹ The request is a per-process one-way transition. Once anybody anywhere in the process puts COM into speed-over-memory mode, the flag stays ...
Instead of trying to create a filter that includes everything, try just omitting the filter
The question was sent to a peer-to-peer discussion group for an internal program, let's call it Program Q. I'll add additional context so you can follow along. Hi, I'm trying to build a query that finds all issues owned by a particular user, regardless of which product the issue belongs to. I know that I can query for specific products by saying Is there a better way to do this than just running the query for every product in the database? It would be great to find all the issues at one shot instead of having to issue dozens of commands and combine the results. The person who submitted this question go...
If you're asking somebody to help you, you want to make it easy for them, not harder
A customer liaison asked a question that went roughly like this: From: Liaison My customer is having a problem with the header file winfoo.h. The environment is Windows Vista German SP1 with Visual Studio 2008 Professional German SP1 and Windows SDK 6000.0.6000 German. When they try to include the file in their project, they get an error on line 42. "The character ';' was not expected here." Can somebody help? From: Raymond Can somebody please attach a copy of the offending file? There are many versions of winfoo.h, and it's not clear which version comes with Visual Studio 2008 Professional German SP1 +...
How do I get the tabbed dialog effect on my own custom tabbed dialog?
CJ observed that the standard tabbed dialogs provide an effect on the tab pages and want to know how to get the tabbed dialog effect on custom dialogs. fds242 noted this as well and wanted to know why the automatic tabbed dialog effect doesn't kick in until you put a static control on the child dialog box. Let's look at the first question first. To get the tabbed dialog effect, you can call with the flag. The best time to do this is in the handler, but you can also do it immediately after the dialog has been created. (Basically, you want to do this before the dialog paints for the first time, so as to avo...
How do I parse a string into a FILETIME?
Public Service Announcement: Daylight Saving Time ends in most parts of the United States this weekend. Other parts of the world may change on a different day from the United States. The NLS functions in Win32 provide functions to convert a into a string, but it does not provide any functions to perform the reverse conversion. Here are few things you can try: The OLE automation conversion function converts a string into a . From there, you can convert it to some other format. If you have something in which parses CIM datetime format (which The Scripting Guys liken to Klingon) you can use the obj...
When you synthesize input with SendInput, you are also synthesizing the timestamp
A customer was reporting a problem when they used the function to simulate a drag/drop operation for automated testing purposes. I see the mouse move from one location to another, and the starting and stopping locations are correct on the screen, but the mouse moves instantaneously rather than waiting 500ms between operations. Here's how I'm sending the input. Well, yeah, all the events occur immediately because you submitted them all at once. The field in the structure is not for introducing delays in playback. Though I'm not sure what the customer thought the field was. They say that they want a 5...
The TEMP directory is like a public hot tub whose water hasn’t been changed in over a year
All sorts of germs.
The wisdom of seve^H^H^H^Hsixth graders: Living without electronics for a week
Sixth grade students (ages 11 to 12, roughly) were instructed to imagine that they have no television, computer, or telephone for a week and write an essay (in the form of a letter to their parents) on what they would do with their time and why. The assignment was given under standardized test conditions: 90 minutes with nothing but pencil and paper, with an additional hour available upon request. (In practice, few students ask for the extra hour.) Remember, these are only the funny sentences/excerpts. Do not assume that all students write like this. Stage One: Denial Stage Two: Anger Stage Three: Bargain...
Keyboard shortcut for resizing all columns in a listview control to fit
The keyboard shortcut for resizing all columns in a report-mode (also known as Details mode) list view control to fit the current content width is Ctrl+Num+. That's the + key on the numeric keypad. (If you're using Explorer, you can also right-click the column header and choose Size All Columns to Fit.) Note that this command is a verb, not a state, so it takes into account the contents of the listview at the time you press the hotkey. If the contents change and you want the columns resize based on the new contents, you'll have to press the hotkey again.
In the conversion to 64-bit Windows, why were some parameters not upgraded to SIZE_T?
James wonders why many functions kept for parameter lengths instead of upgrading to or . When updating the interfaces for 64-bit Windows, there were a few guiding principles. Here are two of them. Don't change an interface unless you really need to. Do you really need to? Changing an interface causes all sorts of problems when porting. For example, if you change the parameters to a COM interface, then you introduce a breaking change in everybody who implements it. Consider this hypothetical interface: And here's a hypothetical implementation: Okay, now it's time to 64-bit-ize this puppy. So you do...
Whether the Unicode Bidi algorithm is intuitive depends on your definition of "intuitive"
In Windows, we spend a good amount of time with the pseudo-mirrored build. And one of the things that you notice is that pseudo-mirrored text comes out looking really weird. For example, the string really? (yup). comes out pseudo-mirrored as .(really? (yup. Just for fun, here's here's how your browser renders it: really? (yup). Even stranger, the IPv6 address 2001:db8:85a3::8a2e:370:7334 comes out as db8:85a3::8a2e:370:7334:2001. (The IPv6 address was the string that prompted this article.) The result of the RTL IPv6 address is even weirder if you force a line break at a particular point. If your browser ...
Keyboard layouts aren't like Beetlejuice – they won't appear just because you say their name
A customer reported a bug in Windows Vista Home Editions: We are handling a Ctrl+V keyboard event and want to interpret it in the context of a US-English keyboard. On Windows XP and versions of Windows Vista other than Home editions, the three calls all succeed, whereas on Windows Vista Home Editions, the calls fail. On the other hand, if instead of using the US-English keyboard, we use the current keyboard layout: then Windows Vista Home Editions behave the same as Windows XP and non-Home editions of Vista. This suggests that the Home Editions of Vista supports keyboard queries only for the...
You can't use the WM_USER message in a dialog box
Today, I'm not actually going to say anything new. I'm just going to collate information I've already written under a better title to improve search engine optimization. A customer reported that they did the following but found that it didn't work: "I send the message to my dialog, but the value doesn't stick. At random times, the value resets back to zero." As we saw some time ago, window messages in the range belong to the window class. In the case of a dialog box, the window class is the dialog class, and the owner of the class is the window manager itself. An application which tries to use the mes...
Diversion: Generating a random color from JavaScript
A colleague posed a little puzzle for a fun little app he was writing in HTML: He wanted to generate a random color. If you search around the intertubes, you can find several possible attempts at a solution, like this collection, and an interesting example that has trouble with the pigeonhole principle. The original function to generate a random color went like this: Can you do better? (My solution after the jump.) That was a short jump. My first simplification was recognizing that three random 8-bit values is the same as one random 24-bit value. Next, I got rid of the function by simply settin...
How do you come up with new shortcut keys?
Anon asks, "How do you come up with new shortcut keys and how do you deal with different keyboard layouts? What is the process; is there a company-wide procedure to keep things consistent?" This is several questions (none of them really a suggestion, but I've given up on making the Suggestion Box about suggestions; now it's just the "Ask Raymond a question" page), so let's take them one at a time. (Note that if you ask multiple questions, you reduce the likelihood that I'll answer them, because I feel obligated either to answer all of them or none of them.) First question: How do you come up with new shortcut k...
Using WM_COPYDATA to marshal message parameters since the window manager otherwise doesn’t know how
Miral asks for the recommended way of passing messages across processes if they require custom marshaling. There is no one recommended way of doing the custom marshaling, although some are hackier than others. Probably the most architecturally beautiful way of doing it is to use a mechanism that does perform automatic marshaling, like COM and MIDL. Okay, it's not actually automatic, but it does allow you just give MIDL your structures and some information about how they should be interpreted, and the MIDL compiler autogenerates the marshaler. You can then pass the data back and forth by simply invoking COM me...
Why does ShellExecute return SE_ERR_ACCESSDENIED for nearly everything?
We saw a while ago that the function returns at the slightest provocation. Why can't it return something more meaningful? The short-term answer is that the return value from is both a success code and an error code, and you check whether the value is greater than 32 to see which half you're in. In particular, the error code case is if the value you got is less than or equal to 32. This already demonstrates that the error codes are limited to values less than or equal to 32. And all those error codes are already accounted for, so there's nowhere to stick "an error not on the original list of 32 possible err...
If there's a problem with a wiki, then you can fix it; that's why it's a wiki
On an internal mailing list, somebody asked a question about how to do X with Y, and I replied with a link to an internal wiki that described how to do X with Y (answer: use the Z tool). Somebody else replied, "Time to update that article because the link to the Z tool is broken." Apparently, this person forgot that one of the defining characteristics of a wiki is that it's easy to edit. (Another characteristic is that it is collaboratively-edited; there is no central authority.) In other words, if you see something wrong, fix it yourself. Don't just stand around saying somebody should do something. Be someon...
Irony patrol: Recycling bins
Microsoft has a large corporate recycling effort. Every office, every mail room, every kitchenette, every conference room has a recycling bin. The dining facilities earned Green Restaurant Certification, and there is a goal of making the cafeterias a zero-landfill facility by 2012. (Hey, that's this year!) A few years ago, I found one room in my building that didn't have a recycling bin, and you'd think it'd be one of the rooms near the top of the list for needing one. The room without a recycling bin was the copy machine room. As a result, people were throwing their unwanted cover sheets and other paper wa...
The cries of "Oh no!" emerge from each office as the realization slowly dawns
Today is the (approximate) 15th anniversary of the Bedlam Incident. To commemorate that event, here's a story of another email incident gone horribly awry. Some time ago, an email message was sent to a large mailing list. It came from somebody in the IT department and said roughly, "This is a mail sent on behalf of Person X to check if your XYZ server has migrated to the new datacenter. Please visit http://blahblah and confirm that your server name is of the form XXYYNNZZ. If not, please Reply to All." Uh-oh. The seasoned Microsoft employees (and the new employees who paid attention during new employee o...
What happens if you forget to pass an OVERLAPPED structure on an asynchronous handle?
It becomes synchronous, sort of.
Combo boxes have supported incremental searching for quite some time now
Back in August 2007, I promised to post a program the following day but it appears that I never did. Oops. I discovered this as I went through my "things to blog about" pile and figured better late than never. Though five years late is pretty bad. Here's a program which fills a combo box with some strings. Run this program and start typing: "S"-"L"-"O"-"V"-"E"... Hey, look, the combo box is performing incremental search and once you hit the "E", it selected Slovenia, the first item in the list which begins with the letters S-L-O-V-E. Wait a few seconds, and try it again. This time, type "S"-"P", and hey l...
Why does Windows Compressed Folders (Zip folders) reject paths that begin with a slash?
A customer asked, "Does NTFS support files with a null string as the name?" No, NTFS does not support files with no name. None of the commonly-used Windows file systems do. Files must have a name. But what a strange question that is. The customer was kind enough to explain why they cared. "We have a zip file that the Compressed Folders (Zip folders) feature that comes with Windows cannot deal with. When we try to extract the contents of the zip file, we get the error message 'Windows has blocked access to these files to help protect your computer.' We've attached a copy of the file." The Compressed Folders fun...
Usage guidance for a popcorn machine in the kitchenette
My colleague KC Lemson tipped me off to a sign hanging next to a popcorn machine in one of the kitchens: A friend of mine happened to have a chat with a fire fighter who used to be assigned to the fire station nearest to Microsoft main campus. According to him, the top three reasons for being called to a Microsoft building are (in no particular order) This week is Fire Prevention Week.
How does Explorer deal with recent files that were renamed?
Roni wonders how Explorer manages to keep track of files that were moved or renamed. Specifically, "opening a shortcut to a renamed file actually updates the shortcut's destination and opens the renamed file. How is this done? Is it an NTFS feature?" This feature has been around since Windows 95. If the target of a shortcut no longer exists, the shell tries to resolve the shortcut; i.e., find the object, wherever it ended up moving to. As I explained several months before the question was posted, the algorithm used by the shell varies depending on the operating system and the file system and your domain p...
How do I override the default icon selection algorithm?
The usual way of loading an icon from a resource is to use the or function and letting the window manager's icon selection algorithm decide which image to use based on the images available in the icon, the desired icon size, and the current color depth. A customer wanted to override that algorithm, because the window manager uses the current display color depth to select an image, but they were obtaining the icon for printing purposes, so they wanted to get the highest-color-quality icon rather than the one that matched the screen's color depth. How do you override the default algorithm? You basically do the...
An unexpected application of negative numbers to gift-giving
A college classmate of mine informed me that one of his colleagues had planned his wedding so far in advance that on his negative-first anniversary (i.e., precisely one year before his anticipated wedding date), he gave paper to all of his friends. Said my classmate, "It's too bad that neither of us had been born on his −50th anniversary. That would have been more lucrative."
Why does RegOpenKey sometimes (but not always) fail if I use two backslashes instead of one?
A customer reported that on Windows XP, they observed that their program would very rarely get the error when they passed two backslashes instead of one to the function: After removing C++ escapes, the resulting string passed to is The failure was very sporadic and not reproducible under controlled conditions. Well, first of all, doubled backslashes are not legal in registry key paths in the first place, so the first recommendation is stop doubling the backslashes. Once you fix that, the problem will go away. But the next question is why the error was detected sometimes but not always. When a...
How do I suppress the default animation that occurs when I hide or show a window?
A customer wanted to know how they can disable the default fade-in/fade-out animation that occurs when a window is hidden or shown. "I don't want to use because that causes my window to disappear from the taskbar. I tried but that affects the entire desktop and is too jarring. We want to suppress the effect because our program replaces one window with another, and we want the operation to be invisible to the user." Whoa, heading straight for ? That's using a global solution to a local problem. To disable the animations on a specific window, use something like this: Re-enabling the animations is left as ...
Microspeak: Granular
Today's Microspeak word is granular. Here are some citations. Please bring your cost estimates at the granularity of 3, 5 or 10 days. The archive function archives all data older than the date specified. Is there a way to get the archive to be more granular than just a date? Our database covers multiple accounts, and we'd like to choose a different date for each account. There are about 2000 warnings to be investigated. I've assigned them at component granularity. Granularity is roughly equivalent to level of detail or unit of separation. In the first example, the cost estimates should be broken down int...
What's the difference between F5 and F8 at the boot screen?
Ian B wondered what the difference is between pressing F5 and F8 while Windows is booting. I have no idea either. My strategy was to just mash on the function keys, space bar, DEL key, anything else I can think of. Keep pressing them all through the boot process, and maybe a boot menu will show up. The F5 hotkey was introduced in Windows 95, where the boot sequence hotkeys were as follows: Man, that's an insane number of boot options all buried behind obscure function keys. Boy am I glad we got rid of them. This frees up room in my brain for things like Beanie Baby trivia. Bonus chatter: The next gen...
2012 Q3 link clearance: Microsoft research edition
My Q1 and Q3 link clearances are traditionally for links to other Microsoft bloggers, but this time I'm going to link to a few Microsoft research papers I found interesting. Why do Nigerian scammers say they're from Nigeria? Short answer: Because it ensures that the replies come only from the most gullible people on earth. Bonus chatter: I received a scam email purportedly from Sir Humphrey Appleby, secretary to the Prime Minister. I could tell it was a fake because the message was comprehensible. Sketch2Cartoon: Composing Cartoon Images by Sketching Okay, I admit I haven't read the paper. But ...
Data in crash dumps are not a matter of opinion
A customer reported a problem with the function. (Gosh, why couldn't they have reported a problem with a function with a shorter name! Now I have to type that thing over and over again.) We're having a problem with the function. We call it like this: On some but not all of our machines, our program crashes with the following call stack: This problem appears to occur only with the release build; the debug build does not have this problem. Any ideas? Notice that in the line of code the customer provided, they are not calling ; they are instead calling some application-defined method with the same nam...
The Ride to Rio: Bicycling from Los Angeles to Rio de Janeiro
An acquaintance of mine remarked that he sold his bicycle in Seattle a few months ago to some guy who explained, "I'm going to ride it to South America." "Okay," my acquaintance said, probably with some degree of skepticism. But it's a real project, and they head out soon! Ride to Rio: Four riders who "share a thirst for being stupid and finding adventure" bicycling through twelve countries and finishing in Rio with very sore butts.
Why aren't environment variables being expanded in my RGS file?
A customer was having trouble with their RGS file. I want to include the below line in a .rgs file: When I do this, registering of the dll fails with 80002009. Any help? If I change it to then the registration succeeds (but of course now contains a hard-coded path). A common problem people have when asking a question is assuming that the person reading your question has knowledge that is a strict superset of what you know. As a result, people omit details like the answer to the question "How did you register your RGS file?" If all else fails read the documentation (which happens to be the #1 hit for...
Sabotaging yourself: Closing a handle and then using it
A customer reported a problem with the function: I have a DLL with an function and an function. The code goes like this: Under certain conditions, the function is called twice, and the function is correspondingly called twice. Under these conditions, if I run the code on a single-processor system with hyperthreading disabled, then everything works fine. But if I enable hypethreading, then the second call to hangs in the call. (As you can see, it's waiting for a mutex handle which was closed by the previous call to .) Why does this happen only on a hyperthreaded machine? Shouldn't the return beca...
Why can't I set "Size all columns to fit" as the default?
A customer wanted to know how to set Size all columns to fit as the default for all Explorer windows. (I found an MSDN forum thread on the same subject, and apparently, the inability to set Size all columns to fit as the default is "an enormous oversight and usability problem.") The confusion stems from the phrasing of the option; it's not clear whether it is a state or a verb. The option could mean As it happens, the option is a verb, which means that it is not part of the state, and therefore can't be made the default. (The cue that it is a verb is that when you select it, you don't get a check-mark next t...
A classification of faces with eyes open and closed in Dr. Seuss's ABC based on the nature of the character
I brought this process into the world, and I can take it out!
Clipboard Gadget wants to know why normal processes can kill elevated processes via , yet they cannot do a trivial . "Only explorer seems to be able to do so somehow." There are several questions packed into this "suggestion." (As it happens, most of the suggestions are really questions; the suggestion is "I suggest that you answer my question." That's not really what I was looking for when I invited suggestions, but I accept that that's what I basically get.) First, why can normal processes kill elevated processes? The kernel-colored glasses answer is "because the security attributes for the process grants ...
In vollen Zügen genießen
One of my friends bought me a souvenir one one of his trips to Germany. It is a beer mug from Bayerischer Bahnhof, a restaurant and brewery at the Leipzig Bayerischer Bahnhof. The mug carries the brewery's slogan In vollen Zügen genießen, which is a German idiom meaning "to enjoy to the fullest." Literally, "Das Leben in vollen Zügen genießen" means "to enjoy life in full gulps", the idea being that instead of sipping your way through life, you're taking huge gulps of it. The slogan is a pun, though, for the Bayerischer Bahnhof, because the word Zug also means train. They come from the roo...
How can I implement SAFEARRAY.ToString() without going insane?
A colleague needed some help with manipulating s. I have some generic code to execute WMI queries and store the result as strings. Normally, does the work, but doesn't know how to convert arrays (e.g. ). And there doesn't seem to be an easy way to convert the array element-by-element because expects a pointer to an object of the underlying type, so I'd have to write a switch statement for each variant type. Surely there's an easier way? One suggestion was to use the ATL template, but since it's a template, the underlying type of the array needs to be known at compile time, but we don't know the underlyin...
How do I invoke a verb on an IShellItemArray?
A customer wanted to invoke a command on multiple items at once. I have an , and I want to invoke a verb with that array as the parameter. I know that I can invoke a verb on a single by the code below, but how do I pass an entire array? The function invokes the command by extracting the pidl, then asking to invoke the command on the pidl. A limitation of is that it can invoke on only one pidl. What if you want to invoke it on a bunch of pidls at once? (Doing it all at once gives the target program the opportunity to optimize the multi-target invoke.) As noted in the documentation, passing flag tel...
Does the CopyFile function verify that the data reached its final destination successfully?
It just writes data.
The day I stole Joe Belfiore's mouse
He's now the head demo-monkey/cheerleader for Windows Phone, but back in the old days, Joe Belfiore was the head demo-monkey/cheerleader for the Windows 95 user interface design. A team-wide meeting was held to show off the new interface that they had developed. Wow look, we have a Start menu (though it wasn't known by that name yet), a taskbar (though it wasn't known by that name yet), shortcuts, a Close button (in the upper right corner), property sheets, all that good stuff. At that time, I was still developing my thermonuclear skills and in particular was cultivating the skill of asking challenging qu...
How do you deal with an input stream that may or may not contain Unicode data?
Dewi Morgan reinterpreted a question from a Suggestion Box of times past as "How do you deal with an input stream that may or may not contain Unicode data?" A related question from Dave wondered how applications that use to store data could ensure that the data is interpreted in the same code page by the recipient. "If I send a .txt file to a person in China, do they just go through code pages until it seems to display correctly?" These questions are additional manifestations of Keep your eye on the code page. When you store data, you need to have some sort of agreement (either explicit or implicit) with th...
Raymond learns about some of the things people do to get banned on Xbox LIVE
I still enjoy dropping in on Why Was I Banned? every so often, but not being a l33t Xbox haxxor, I don't understand a lot of the terminology. Fortunately, some of my colleagues were kind enough to explain them to me. (And now I'm explaining them to you so that you don't have to look as stupid asking them.) A modded lobby is a pre-game lobby (a server you connect to in order to find other people to play with or against) that has been modified (modded) with carefully-crafted parameters so that they grant people who visit them various advantages. For example, the reward for winning the game could be some absurd nu...
IShellFolder::BindToObject is a high-traffic method; don't do any heavy lifting
A customer observed that once the user visited their shell extension, Explorer ran really slowly. (Actually, it took a while just to get to this point, but I'll skip the early investigations because they aren't relevant to the story.) Some investigation showed that Explorer's tree view was calling into the shell extension, which was in turn hanging the shell for several seconds at a time. Explorer was calling into the shell extension because the node was in the folder tree view, and Explorer was doing a little bookkeeping to synchronize the folder state with the view. The node referred to a server that was no lo...
WM_CTLCOLOR vs GetFileVersionInfoSize: Just because somebody else screwed up doesn't mean you're allowed to screw up too
In a discussion of the now-vestigial parameter to the function, Neil asks, "Weren't there sufficient API differences (e.g. WM_CTLCOLOR) between Win16 and Win32 to justify changing the definitions to eliminate the superfluous handle?" The goal of Win32 was to provide as much backward compatibility with existing 16-bit source code as can be practically achieved. Not all of the changes were successful in achieving this goal, but just because one person fails to meet that goal doesn't mean that everybody else should abandon the goal, too. The Win32 porting tool PORTTOOL.EXE scanned for things which had change...
Rogue feature: Docking a folder at the edge of the screen
Starting in Windows 2000 and continuing through Windows Vista, you could drag a folder out of Explorer and slam it into the edge of the screen. When you let go, it docked itself to that edge of the screen like a toolbar. A customer noticed that this stopped working in Windows 7 and asked, "Was this feature dropped in Windows 7, and is there a way to turn it back on?" Yes, the feature was dropped in Windows 7, and there is no way to turn it back on because the code to implement it was deleted from the product. (Well, okay, you could "turn it back on" by working with your support represent...
One for the "They have to say that because of me": Ground rules at the Point Defiance Zoo
The ground rules for the Point Defiance Zoo and Aquarium in Tacoma include the usual things you might expect. "No pets." "Do not feed the animals." "No smoking." But then there's a rule that clearly is one about which somebody somewhere in the world can say "They have to say that because of me":
Why can't I use Magnifier in Full Screen or Lens mode?
A customer liaison asked why their customer's Windows 7 machines could run Magnifier only in Docked mode. Full Screen and Lens mode were disabled. The customer liaison was unable to reproduce the problem on a physical machine, but was able to reproduce it in a virtual machine. Full Screen and Lens mode require that desktop composition be enabled. Windows will enable desktop composition by default if it thinks your video card is capable of handling it. (Finding the minimum hardware requirements for desktop composition is left as an exercise.) This was visible in the screen shots provided by the customer li...
When you transfer control across stack frames, all the frames in between need to be in on the joke
Chris Hill suggests discussing the use of structured exception handling as it relates to the window manager, and specifically the implications for applications which raise exceptions from a callback. If you plan on raising an exception and handling it in a function higher up the stack, all the stack frames in between need to be be in on your little scheme, because they need to be able to unwind. (And I don't mean "unwind" in the "have a beer and watch some football" sense of "unwind".) If you wrote all the code in between the point the exception is raised and the point it is handled, then you're in good sha...
The case of the asynchronous copy and delete
A customer reported some strange behavior in the and functions. They were able to reduce the problem to a simple test program, which went like this (pseudocode): When they ran the program, they found that sometimes the copy failed on the first try with error 5 () but if they waited a second and tried again, it succeeded. Similarly, sometimes the delete failed on the first try, but succeeded on the second try if you waited a bit. What's going on here? It looks like the is returning before the file copy is complete, causing the to fail because the copy is still in progress. Conversely, it looks like ...
You can't rule out a total breakdown of normal functioning, because a total breakdown of normal functioning could manifest itself as anything
A customer was attempting to study a problem that their analysis traced back to the function returning . Is it a valid conclusion that there is no heap corruption? While heap corruption may not be the avenue of investigation you'd first pursue, you can't rule it out. In the presence of a total breakdown of normal functioning, anything can happen, including appearing to be some other type of failure entirely. For example, the heap corruption might have corrupted the bookkeeping data in such a way as to make the heap behave as if it were a fixed-sized heap, say by corrupting the location where the heap manage...
How did the X-Mouse setting come to be?
Commenter HiTechHiTouch wants to know whether the "X-Mouse" feature went through the "every request starts at −100 points filter", and if so, how did it manage to gain 99 points? The X-Mouse feature is ancient and long predates the "−100 points" rule. It was added back in the days when a developer could add a random rogue feature because he liked it. But I'm getting ahead of myself. Rewind back to 1995. Windows 95 had just shipped, and some of the graphics people had shifted their focus to DirectX. The DirectX team maintained a very close relationship with the video game software community, ...
Why don't the shortcuts I put in the CSIDL_COMMON_FAVORITES folder show up in the Favorites menu?
A customer created some shortcuts in the folder, expecting them to appear in the Favorites menu for all users. Instead, they appeared in the Favorites menu for no users. Why isn't working? The value was added at the same time as the other values, and its name strongly suggests that its relationship to is the same as the relationship between and , or between and , or between and . That suggestion is a false one. In fact, is not hooked up to anything. It's another of those vestigial values that got created with the intent of actually doing something but that thing never actually happened. I don't think...
Buzzword-filled subject line easily misinterpreted by unsuspecting manager
A colleague of mine submitted some paperwork regarding the end-date of his college intern. The automated response combined HR buzzwords in an unfortunate way: Subject: Intern Termination Report was executed Just to be sure, my colleague stopped by his intern's office. He's still there. And still alive. For now.
Adventures in undefined behavior: The premature downcast
A customer encountered the following problem: The function converts the cookie back to a object, and then checks if the object is a object by calling . If so, then it does some more stuff to figure out what type of paint to buy. (Note to nitpickers: The actual scenario was not like this, but I presented it this way to illustrate the point. If you say "You should've used RTTI" or "You should've had a BuyPaint method on the Shape class", then you're missing the point.) The programmers figured they'd save some typing by casting the result of to a right away, because after all, since is a virtual method...
I'm not calling a virtual function from my constructor or destructor, but I'm still getting a __purecall error
Some time ago, I described what is for: It's to detect the cases where you call a virtual method with no implementation (a so-called pure virtual method). This can happen during object constructor or destruction, since those are times when you can validly have a partially-implemented object. Well, there's another case this can happen: If the object has already been destructed. If you call a method on an object that has already been destructed, the behavior is undefined. In practice, what happens is that the method runs on whatever leftover values are in memory where the object used to be. Depending on how luc...
Psychic debugging: Why Chinese characters don't work
Here's a walkthrough of an actual case of psychic debugging. I'm using the internal XYZ table-generating tool, but it appears to be useless in my case. Does this tool work? Right now, I'm just resorting to the manual method of generating my data table (Chinese and English). Hooray for vague questions! "It appears to be useless." But there were enough tiny clues in the question that made it possible to make a psychic guess. First of all, the parenthetical "Chinese and English" suggests that there are Chinese characters in the data being passed to the XYZ table-generating tool. Second of all, one might make a...
Command line tool to manage Windows 7 Libraries, with source code
A customer asked if there was a command-line tool for managing Windows 7 Libraries so that they could create and deploy libraries across their organization. Not only is there such a tool, it even comes with source code. The Shell Library Command Line Sample shows how to manage Windows 7 libraries programmatically via the interface. And it's actually a useful program on its own. For example, to see all the folders that are part of your Documents library, use the command Each of the commands has further sub-options. And the source code shows how to perform each of these actions programmati...
Well at least nobody's parking there any more
There is a field next to the Microsoft building I used to work in, and for a time, people parked their cars out on the field, presumably because finding a proper parking space in the garage became difficult due to overcrowding. To prevent people from parking in the field, Security placed a large log across the access to the field. The technique worked: Nobody parked in the field any more. Some months later, our building had a fire drill, and everybody dutifully filed out of the building and waited until the all-clear signal was given to return. Normally, people would wait in the field, because that is the design...
How does the taskbar decide whether to show Recent or Frequent documents on the jump list?
Some jump lists show Recent documents, and others show Frequent documents. (Images stolen from Sasha Goldshtein.) Our friend xpclient wanted to know how the taskbar decides which one to use, because it seemed random. (Ironically, xpclient is asking a question about the Window 7 client.) The default is to show Recent documents. But an application can customize its jump list, and in that case, the application can select which category to show based on the guidance in the documentation. (Or the application might choose to ignore the guidance in the documentation and show both.) Okay, but what about Expl...
Dumping a hash table with external chaining from the debugger
I was doing some crash dump debugging, as I am often called upon to do, and one of the data structure I had to grovel through was something that operated basically like an atom table, so that's what I'll call it. Like an atom table, it manages a collection of strings. You can add a string to the table (getting a unique value back, which we will call an atom), and later you can hand it the atom and it will give you the string back. It looked something like this: (It didn't actually look like this; I've reduced it to the smallest example that still illustrates my point.) As part of my debugging, I had an atom...
Wait, you never said that I had to initialize the object before I used it!
A customer reported that they were having trouble creating slim reader/writer locks at runtime. They simplified the issue to a short program: "What is the correct way of creating an via the operator?" It wasn't long before somebody noted that nowhere in the code is the function called. "Oh, yeah, thanks for catching that. It looks like one needs to initialize SRW locks which are created via the operator. Otherwise it's not required." No, the function is always required. It's just that you got lucky in the local variable case and the initial stack garbage looks enough like an initialized SRW lock th...
The shifting sands of "Run as different user"
A customer liaison asked the following question on behalf of his customer. When I do a shift-right-click on a shortcut to a program, I see the following: The option to run a program as another user (other than Administrator) was present in Windows XP, but it was lost in Windows Vista. It appears that we responded to those complaints by restoring the functionality in Windows 7. Is that right? The odd thing is that my customer has the Run as different user option available on their Windows 7 machines, but not on their Windows Server 2008 R2 machines. Does whether you have access t...
Sorry we got cut off, my phone just auto-rebooted
Some time ago, I was on the phone when the connection suddenly cut out. I looked at the my phone display and it said, Auto-restart in 7 seconds. The seconds counted down, and then the phone rebooted, and after about ten more seconds, it was back in business, acting like nothing was wrong. (Except that it just terminated a phone call without warning, but hey, who's keeping track?) Sometimes I think phones are getting too smart for their own good. Historical note: This entry was written over four years ago, and the model of IP phone in question has long since been replaced.
How do I customize how my application windows are grouped in the Taskbar?
Benjamin Smedberg wants to know how to customize the icon used in the Taskbar for applications that are grouped, when the application is a runtime for multiple applications. (This is the other scenario I hinted at last time.) Actually, customizing the icon is only part of what you want to happen when your application is a runtime. In that case, you really want each inner application to be exposed to the user as an entirely separate application. In other words, if your application is hosting Product A and Product B, you want the windows for Product A and Product B to group separately, have...
My colleague picked a good day to go out and catch a baseball game
I ran into one of my colleagues at the coffee stand and asked him how things were going. He said that Wednesday was his wife's birthday, and he asked her if she wanted to do anything special. "Let's catch a baseball game," she suggested. So off they went to watch a baseball game. Turns out they chose a good game to watch: Seattle Mariners pitcher Félix Hernández threw a perfect game. (I like how Wikipedia has a page dedicated to the 23rd perfect game in baseball history, but no page for the first perfect game in baseball history. Because Wikipedia covers pop culture prior to 2001 very differently...
What if my application is really two applications bundled into a single file, and I want them collected into two groups on the taskbar in Windows 7?
A customer wanted to prevent multiple copies of their program from being grouped on the taskbar. They didn't give an explanation why, but let's assume that they are doing this for honorable purposes rather than as a way to annoy the user. For example, maybe their program is really multiple applications bundled inside a single EXE file for convenience. The information you need to do this is in MSDN under Application User Model IDs, specifically in the Where to assign an AppUserModelID section. I'll assume you've read the guidance there, and I'm just going to dive into the implementation. Suppose our scratch...
Charles Petzold's Programming Windows Sixth Edition has reached Release Preview
We interrupt this program for a word from Microsoft Press. A few months ago, I noted that Charles Petzold is coming back with another edition of Programming Windows, and you could have gotten in on the ground floor and ordered your copy for only $10 which included access to all prerelease versions. Well, the book has reached Release Preview, which means that the sticker price has increased to $30, so if you missed your chance earlier, you can at least get your order in before it goes up to $40 on August 28 and before it reaches its final price of $50 on November 15. And as with the people who acted quickly, y...
What happened to the Windows 2000 "Set default language setting for the system" button?
Last time, we looked at the evolution of the control panel settings which control the language groups for which Windows will install fonts, code page information, and other support collateral. This was in the context of a customer who was trying to migrate from Windows 2000 to Windows XP, and the customer wanted to convert their workflow to the new operating system. They made the appropriate changes, and... the problem was not fixed. At this point, the customer liaison decided to tell us what the actual problem was. (I don't know whether the information was originally withheld by the customer or the custo...
What happened to the Windows 2000 "Language settings for the system" control panel?
In 2011, a customer had a question about migrating from Windows 2000 to Windows XP. (That's right, this customer was still using Windows 2000 in the year 2011.) Specifically, they noted that in Windows 2000, they can select multiple languages in the "Language settings for the system" portion of the Regional Options control panel, and they couldn't find the corresponding control panel setting in Windows XP. OK C ancel Apply In Windows 2000, "Language settings for the system" provides the option to install support (such as code pages, keyboard layouts, and fo...
How long does it take for a notification icon to stop appearing in the Notification Area Icons control panel?
A customer reported that even after uninstalling their application, the notification icon entry remains in the Notification Area Icons control panel. Yup, that's right. Explorer remembers the icon, even after the underlying program has been uninstalled, because you might have uninstalled it with the intention of immediately reinstalling it, so Explorer remembers the icon in case it comes back. But after one week, Explorer gives up and finally forgets about the icon. "It's been a week, and the user hasn't reinstalled the application. I'm going to give up waiting for it." The customer wanted to know how they coul...
Why am I in the Quake credits?
Anon wants to know why I am listed in the credits for the video game Quake under the "Special Thanks" section. "Were you an early tester/debugger?" I've never played a game of Quake in my entire life. I (and most of the rest of the Windows 95 team) played DOOM, but after a while, first-person-shooter games started giving me a headache. By the time Quake came out, I had already abandoned playing FPS games. I don't remember what it was that I did specifically, but it was along the lines of helping them with various technical issues related to running under Windows. At the time, I was a kernel developer, a...
How did real-mode Windows implement its LRU algorithm without hardware assistance?
I noted some time ago that real-mode Windows had to do all its memory management without any hardware assistance. And yet, along the way, they managed to implement an LRU-based discard algorithm. Gabe is really interested in how that was done. As we saw a few months ago, inter-segment calls were redirected through a little stub which either jumped directly to the target (if it was in memory) or loaded the target (possibly discarding other memory to make room) before jumping to it. And we saw that the executable format had instructions baked into it so that the Entry Table could be loaded directly into memor...
What is SysFader and why is it always crashing?
If you type SysFader into your favorite search engine, you'll find lots of hits from people asking, "What is SysFader, and why is it always crashing Internet Explorer?" The exception unknown software exception (0xe06d7363) occurred in the application at location 0x7c812afb. OK Cancel When a program encounters a fatal error, the system crash dialog appears. And it needs to put somebody's name in the title of the dialog to indicate which application crashed. Sure, it has the process name (iexplore.exe), but it has this nagging feeling that it can do better....
Of what possible legitimate use are functions like CreateRemoteThread, WriteProcessMemory, and VirtualProtectEx?
There are a bunch of functions that allow you to manipulate the address space of other processes, like and . Of what possible legitimate use could they be? Why would one process need to go digging around inside the address space of another process, unless it was up to no good? These functions exist for debuggers. For example, when you ask the debugger to inspect the memory of the process being debugged, it uses to do it. Similarly, when you ask the debugger to update the value of a variable in your process, it uses to do it. And when you ask the debugger to set a breakpoint, it uses the function to change yo...
Microspeak: planful
Every year, Microsoft invites its employees to fill out a poll which asks questions regarding all sorts of things. One of the things Microsoft employees are asked to evaluate is whether they think that their vice president is acting planfully. The tricky part about that question is that nobody knows exactly what the word planfully means. Merriam-Webster defines planful as "full of plans : RESOURCEFUL, SCHEMING." Is that what they're asking us? Whether our vice president is resourceful and scheming? Is that a good thing or a bad thing? The OED, on the other hand, defines it as "Full or rich in plans; char...
Why is the desktop treated so special in window ordering?
Clipboarder Gadget wants to know why the desktop is treated so special in window ordering. Specifically, when you double-click a folder icon on the desktop, and the immediately close it, why does focus not go back to the desktop? Instead it goes to some random window. Actually, it's the other way around. Focus is going to a random window specifically because the desktop is not being treated special. The rules for focus transfer when a window is closed is that focus goes to the owner, if any. If there is no owner, then the window manager starts looking around, in a rather complicated way, but the next enabled ...
Get your Contoso-branded merchandise while you can
Long-time observers are familiar with Contoso, the fake company name used in Microsoft samples and demonstrations. The Windows Phone folks have started running with the joke and creating their own line of Contoso-branded merchandise. (Of course, if you get the Contoso mug, you should fill it with Fourth Coffee.)
FORFILES, for your fancier batch file enumeration needs
Crack open open the champagne: Batch File Week is finally over! Variations on the will let you repeat an operation on the contents of a directory, possibly even recursively if you add the option, with some basic attribute-level filtering if you add the or /a- flags. For your fancy recursive file operations, there's a tool called which iterates through the contents of a directory (recursively if requested), executing a command on each item it finds. It also has additional filtering capability, like selecting files based on their last-modified time. For example, you could copy all files in the current dire...
If you're going to throw a badminton match, you have to be less obvious about it
It may be possible based on your location to view what NBC euphemistically calls "highlights" from the women's badminton doubles match between China's Yu Yang/Wang Xiaoli and South Korea's Jung Kyung Eun/Kim Ha Na. The serves go laughably into the net, there is barely any attempt to chase down shots, and returns go far out of bounds. If this is top-level badminton, I think I could be a world champion. Both sides had secured their advance into the next round, and Wired explained why both teams decided that a strategic loss would be advantageous. Julie VanDusky-Allen provides a game-theoretical analysis of the s...
Exiting a batch file without exiting the command shell -and- batch file subroutines
Prepare your party hats: Batch File Week is almost over. In your batch file, you may want to exit batch file processing (say, you encountered an error and want to give up), but if you use the command, that will exit the entire command processor. Which is probably not what you intended. Batch file processing ends when execution reaches the end of the batch file. The trick therefore is to use the command to jump to a label right before the end of the file, so that execution "falls off the end". Here, there are two places where we abandon batch file execution. One is on an invalid parameter, and another is...
You gotta fight for your right to parry
(The headline was stolen from one of my cleverer friends.) I'm taking time out of my busy vacation to draw your attention (if it hasn't been already) to the story of South Korean fencer Shin A Lam, who got screwed out of her trip to the finals of the women's individual epeé.¹ The story is heart-wrenching, and the photojournalism is moving in its simplicity. (Assisted in large part by the rule that fencers must not leave the piste while the appeal is in progress.) The FIE, fencing's international governing body, later chose to award Shin a special medal "For aspiration to win and respect of the rul...
How do I find the most recently created file in a directory from a batch file?
We've reached Hump Day of Batch File Week. Remember, nobody actually likes batch programming. You merely tolerate it. Today, we'll find the most recently-created item in a directory. (For example, we have a server that holds our daily builds, and you might want to write a batch file that automatically installs the latest build.) There may be better ways, but what I do is ask for a list sorted oldest-to-newest, and then choose the last one. This trick works by asking the command to list just the names () of just the files , sorted by date (), based on the creation time (). Each time a new file is report...
Reading the output of a command into a batch file variable
It's Day Two of Batch File Week. Don't worry, it'll be over in a few days. There is no obvious way to read the output of a command into a batch file variable. In unix-style shells, this is done via backquoting. The Windows command processor does not have direct backquoting, but you can fake it by abusing the command. Here's the evolution: The flag to the command says that it should open the file you pass in parentheses and set the loop variable to the contents of each line. The loop variable in the command takes one percent sign if you are executing it directly from the command prompt, but two perc...
Raymond's subjective, unfair, and completely wrong impressions of the opening ceremonies of a major athletic event which took place recently
Like many other people, I watched the opening ceremonies of a major athletic event which took place a few days ago. (The organization responsible for the event has taken the step of blocking the mention of the name of the city hosting the event and the year the event takes place, or the name of the event itself except in editorial news pieces or journalistic statements of fact, of which this is neither, so I will endeavour to steer clear of the protected marks.) I wish somebody had let me know in advance that the opening ceremonies came with a reading list. I hope that at least the British history majors enjoy...
Why don't any commands work after I run my batch file? I'm told that they are not recognized as an internal or external command, operable program, or batch file.
I sort of forgot to celebrate CLR Week last year, so let's say that CLR week is "on hiatus" until next year. To fill the summertime time slot, I'm going to burn off a busted pilot: This week is Batch File Week 2012. Remember, nobody actually enjoys batch programming. It's just something you have to put up with in order to get something done. Batch programming is the COBOL of Windows. (Who knows, if people actually like Batch File Week [fat chance], maybe it'll come back as a regular series.) We'll open Batch File Week with a simple puzzle. A customer reported that after running their batch file, almost no co...
Psychic debugging: Why your IContextMenu::InvokeCommand never gets called
A customer reported a problem with their shell context menu extension. I have implemented the shell extension, but when the user selects my custom menu item, my is never called. Can anyone please let me know what the problem could be and how to fix it? Since there really isn't much information provided in this request, I was forced to invoke my psychic powers. Actually, given what you know about shell context menu hosting, you probably know the answer too. My psychic powers tell me that you gave your menu item the wrong ID, or you returned the wrong value from . If the menu IDs do not lie in the range yo...
A brief and also incomplete history of Windows localization
The process by which Windows has been localized has changed over the years. Back in the days of 16-bit Windows, Windows was developed with a single target language: English. Just English. After Windows was complete and masters were sent off to the factory for duplication, the development team handed the source code over to the localization teams. "Hey, by the way, we shipped a new version of Windows. Go localize it, will ya?" While the code that was written for the English version was careful to put localizable content in resources, there were often English-specific assumptions hard-coded into the source code...
One way to make sure you pass an array of the correct size
Another entry in the very sporadic series of "very strange code I've seen." The code has been changed to protect the guilty, but the essence has been preserved.
Taking flexitarianism to another, perhaps unintended, level
Our cafeteria has been trying to encourage flexitarianism, which it defines as eating one meat-free meal per week. But in their effort to make the concept more appealing, they may have lost sight of the goal. (The "Vegetarian Option" magnet was probably intended for the Asparagus, Mushroom and Spinach Pizette just above it.) One of my colleagues suggested that the sign was applying the transitive property of vegeterianism: "If you eat that which eats plants, you too eat the plants." Fool me twice: The following day, the "Vegetarian Option" magnet was placed on the sign for the meatball pizza. Maybe they're tr...
What's the story behind the WM_SYNCPAINT message?
Danail wants to know the story behind the message. The documentation pretty much tells the story. When a window has been hidden, shown, moved or sized, the system may determine that it needs to send a message to the windows of other threads. This message must be passed to , which will send the and messages to the window as necessary. When you call the function, the window manager updates the window size, position, whatever, and then it goes around repainting the windows that were affected by the operation. By default, the function does a quick-repaint of the windows before returning. After the function ...
The format of icon resources
It's been a long time since my last entry in the continuing sporadic series on resources formats. Today we'll look at icons. Recall that an icon file consists of two parts, an icon directory (consisting of an icon directory header followed by a number of icon directory entries), and then the icon images themselves. When an icon is stored in resources, each of those parts gets its own resource entry. The icon directory (the header plus the directory entries) is stored as a resource of type . The format of the icon directory in resources is slightly different from the format on disk: All the members mean...
Why do some font names begin with an at-sign?
It was a simple question. For some reason, my font selection dialog () shows a bunch of font names beginning with the at-sign (@). These fonts don't work correctly if I use them. Any idea what they are? (I tried searching the Internet, but search engines don't seem to let you search for so it's hard to make much headway.) (And that's why I wrote "at-sign" in the subject instead of using the @ character.) Fonts which begin with an @-sign are vertically-oriented fonts. They are used in languages like Chinese, Japanese, and (less often) Korean. The idea is that if you want to generate vertical text, you st...
Why don't per-item custom icons work when I open a Zip file or some other virtual folder?
A customer observed that when they opened a Zip file containing an Excel spreadsheet saved as XML, the icon for the spreadsheet in the Zip folder is just a plain XML icon rather than a fancy Excel-XML icon. "Is there any way to invoke a shell icon handler on an item inside a Zip folder?" Even if there were a way, you wouldn't like it. Think about it: In order to determine whether the XML file should get a plain-XML icon or an Excel-XML icon, the Office icon handler needs to open the XML file and sniff around to see if has whatever it is that makes an XML file an Excel-XML file. This means that the Zip folder h...
Why doesn't the Low Disk Space warning balloon show up as soon as I run low on disk space
A customer reported an issue with the title "The notification balloon for Low Disk Space does not appear even if the free disk is very low." They provided the following steps: You read through the steps nodding, "uh huh, uh huh", and then you get to the last step and you say, "Wait a second, the subject of your report was that the balloon doesn't appear at all, and now you're saying that it appears after ten minutes. So it does appear after all. What is the problem?" The customer explained that on earlier versions of Windows, the Low Disk Space warning balloon appeared within one minute, whereas in Windows&nb...
How much gets localized in a localized version of Windows?
ErikF wonders, "Do the localized versions of Windows translate these weird, out of the way resources? My guess is "no", but I don't have a localized copy of Windows to look at right now." There are two questions here. The first question is "What content is in scope for localization?" The next question is, "Of everything in scope, how much of it actually gets translated?" Historically, the answer has been "All of it." Not just the stuff you might expect, like strings and dialog boxes, but other stuff like animations. As you can imagine, translating every single string and dialog box (and possibly also bitma...
Why doesn't RealGetWindowClass return the real window class for my superclass?
A customer was reporting that the function was not reporting the base window class of their superclass. (Error checking has been elided for expository purposes.) The customer found that the assertion fails, returning a window class name of "AwesomeWindow" instead of "static". "I thought the point of RealGetWindowClass was to dig through the superclassing to find the base class. But it's not returning the base class." That's right, because you haven't told it what the base class is yet! "What do you mean I haven't told it? It's right there at the end of my function: ." Yeah, but that line of code hasn't...
What happens when you mark a section as DISCARDABLE?
In the flags you pass to the linker, you can specify that a section be made discardable. What does that mean? If you are a kernel-mode driver, the discardable flag means that the contents will be removed from memory after initialization is complete. This is where you put your initialization code and data. But if you're writing user-mode code, the discardable flag has no effect. Not relevant to the topic but people are going to ask anyway: The discardable flag on resources also has no effect. The discardable attribute for user-mode code is a left-over from 16-bit Windows, which had to simulate a hardware ...
What does the HTOBJECT hit-test code do?
Leo Davidson observes that a hit-test code is defined for , but it is not documented, and wonders what's up. The is another one of those features that never got implemented. The code does nothing and nobody uses it. It was added back in Windows 95 for reasons lost to the mists of time, but when the reason for adding it vanished (maybe a feature got cut), it was too late to remove it from the header file because that would require renumbering and , two values which were in widespread use already. So the value just stayed in the header file, taking up space but accomplishing nothing.
Microspeak: radar
The metaphoric use of the term radar is in general use. It refers to the set of things that some entity is paying attention to. (That entity being the owner of the radar.) At Microsoft, the metaphorical radar usually belongs to a specific person or group. You might forward an email exchange to a person or group with the message "Just wanted to make sure XYZ was on your radar." In other words, "Just wanted to make sure you were aware of XYZ." There is no requirement that the recipient take action in response to the message, but you're letting them know about XYZ, just in case they weren't already aware of it. ...
Why hasn't the API hook mechanism for x64 been standardized like it was for x86?
Joshua posted to the Suggestion Box, "Around the time of WinXP SP2 x86, the API hook mechanism was standardized. Why wasn't the same thing done for x64?" Who said it was standardized for x86? Hooking APIs is not supported by Windows. There may be specific interfaces that expose hooks (like to let you monitor calls to and , and to let you hook various window manager operations) but there is no supported general API hooking mechanism provided by the operating system. So I don't know where you got that idea from.
The physics of a falling Slinky
Professor Ted Bunn (no relation), who still gets email about a Black Holes FAQ he wrote over fifteen years ago, recently blogged about what happens when you suspend a Slinky vertically, then let go. No wait, come back. In Part the First, he provides an alternate (but equivalent) explanation for the phenomenon. Allen Downey on his wonderfully-titled blog Probably Overthinking It started in with the equations, which inspired Ted to write Part the Second, which contains with lots of math, but there are also charts. Okay, fine, I don't blame you for leaving.
What are the recommended locations for storing different types of files?
Some time back, I provided informal guidance regarding what types of files go into which folders. Here are the official guidelines [pdf], for those looking for something with more authority than just me blathering.
How your taskbar auto-hide settings can keep getting overwritten
A customer reported that they were observing that some users were finding their taskbar set to auto-hide even though the standard configuration in the company is for the auto-hide feature to be disabled. Going into Taskbar Properties shows Auto-hide the taskbar checked. None of the users had changed their setting to auto-hide manually, so the question was raised to the Windows team, "Are there any cases where Explorer will set the auto-hide setting on its own?" Explorer does not set the auto-hide checkbox on its own. Now, the taskbar does auto-hide even when the setting is unchecked if it detects that the appli...
The continuing battle between people who offer a service and others who want to hack into the service
In the history of the Internet, there have been many cases of one company providing a service, and others trying to piggyback off the service through a nonstandard client. The result is usually a back-and-forth where the provider changes the interface, the piggybacker reverse-engineers the interface, back and forth, until one side finally gives up. Once upon a time, there was one company with a well-known service, and another company that was piggybacking off it. (I first heard this story from somebody who worked at the piggybacking company.) The back-and-forth continued for several rounds, until th...
You already got your answer, why are you re-asking the question?
Today's rant is a blend of two earlier rants: People didn't answer your first email for a reason and If you didn't like the answer, asking the same question again is unlikely to help. A customer submitted a list of questions (via their customer liaison) to the Widgets discussion list, and somebody wrote up a reply, which was sent back to the customer. So far so good. A few days later, the same list of questions was submitted to the Gizmo discussion list via a different customer liaison. Since the question was about Widgets, the question was forwarded to the Widgets discussion list, at which point the same ans...
Tracking shortcuts and the early history of multiple monitors
Commenter Roni put two suggestions in the suggestion box in the same entry, which is a problem for me because I feel like I'm forced to answer both of them or neither. The first question suggestion has to do with how shortcuts can find their targets even if they've been renamed. This is something I had covered nearly a year before the question was asked, so the reason I'm not answering that question isn't that I'm ignoring the question. It's that I already answered it. While I'm at it, here are other questions that I've already answered: The other question was a series of questions about the history of mul...
2012 mid-year link clearance
Another round of the semi-annual link clearance. And, as always, the obligatory plug for my column in TechNet Magazine:
How did real-mode Windows patch up return addresses to discarded code segments?
Last week, I described how real-mode Windows fixed up jumps to functions that got discarded. But what about return addresses to functions that got discarded? The naïve solution would be to allocate a special "return address recovery" function for each return address you found, but that idea comes with its own problems: You are patching addresses on the stack because you are trying to free up memory. It would be a bad idea to try to allocate memory while you're trying to free memory! What if in order to satisfy the allocation, you had to discard still more memory? You would start moving and patching stacks befo...
You still need the "safe" functions even if you check string lengths ahead of time
Commenter POKE53280,0 claims, "If one validates parameters before using string functions (which quality programmers should do), the 'safe' functions have no reason to exist." Consider the following function: What could possibly go wrong? You check the length of the string, and if it doesn't fit in the buffer, then you reject it. Therefore, you claim, the is safe. What could possibly go wrong is that the length of the string can change between the time you check it and the time you use it. The first thread changes the length of the string rapidly between 255 and 511, between a string that passes valid...
How did my hard drive turn into a TARDIS?
A customer observed that the entry for a network drive looked liked this in My Computer, well, except that there was a network drive icon instead of ASCII art. How is it possible for a 2.5GB drive to have 3.81TB free? While there have certainly been examples of Explorer showing confusing values the reason for the strange results was, at least this time, not Explorer's fault. This particular network drive actually reported (via ) that it had more free space than drive space. Explorer is dutifully reporting the information it was given, because it doesn't try to second-guess the file system. If a network driv...
Thanks for reminding me what to do when the elevator is out of order
Every few years, the building maintenance people have to perform tests on the elevators to ensure they meet safety regulations. And the real estate department sends out the usual notice informing the building occupants that the elevators in the building will be taken out of service at various times during the day. They were kind enough to include the following advice: If an elevator is non-responsive and/or has out of order signage posted, please use another available elevator. One of my colleagues sarcastically remarked, "Wow, thank goodness they sent that email. I'd have no idea what to do had I seen a non-...
How does Explorer determine the delay between clicking on an item and initiating an edit?
Ian Boyd wants to know why the specific value of 500ms was chosen as the edit delay in Windows Explorer. Because it's your double-click time. Since the double-click action (execute) is not an extension of the single-click action (edit), Explorer (and more generally, list view) waits for the double-click timeout before entering edit mode so it can tell whether that first click was really a single-click on its own or a single-click on the way to a double-click. If the timeout were shorter than the double-click time, then double-clicking an item would end up having the first click trigger edit mode and the seco...
How did real-mode Windows fix up jumps to functions that got discarded?
In a discussion of how real-mode Windows walked stacks, commenter Matt wonders about fixing jumps in the rest of the code to the discarded functions. I noted in the original article that "there are multiple parts to the solution" and that stack-walking was just one piece. Today, we'll look at another piece: Inter-segment fixups. Recall that real-mode Windows ran on an 8086 processor, a simple processor with no memory manager, no CPU privilege levels, and no concept of task switching. Memory management in real-mode Windows was handled manually by the real-mode kernel, and the way it managed memory was by lo...
When the default pushbutton is invoked, the invoke goes to the top-level dialog
One quirk of nested dialogs lies in what happens when the user presses Enter to invoke the default pushbutton: The resulting message goes to the top-level dialog, even if the default pushbutton belongs to a sub-dialog. Why doesn't it send the to the parent of the default pushbutton? I mean, the dialog manager knows the handle of the button, so it can send the message to the button's parent, right? Well, the dialog manager knows the handle of a button. But not necessarily the button. Recall that if focus is not on a pushbutton, then the dialog manager sets the default pushbutton based on the control ID ret...
Counting down to the last day of school, as students do it
Today is the last day of school in Seattle public school. My friend the seventh-grade teacher told me that students count down to the last day of school in a rather unusual way. Some people might count the number of calendar days until the end of school. For example, if there are 35 days between today and the last day of school, we say that it's 35 days until the end of school. Others might count only the number of school days before school is out. If today is Monday, and the last day of school is Friday, then there are five days of school remaining. But students, or at least seventh-grade students, count the ...
When embedding a dialog inside another, make sure you don't accidentally create duplicate control IDs
The extended style (known in dialog templates as ) instructs the dialog manager that the dialog's children should be promoted into the dialog's parent. This is easier to explain in pictures than in text. Given the following window hierarchy: The result of the extended style being set is that the children of B are treated as if they were direct children of the main dialog, and the window B itself logically vanishes. The extended style means "Hello, I am not really a dialog control. I am a control parent. In other words, I have children, and those children are controls." (Some people erroneously pu...
It's not a good idea to give multiple controls on a dialog box the same ID
When you build a dialog, either from a template or by explicitly calling , one of the pieces of information about each control is a child window identifier. And it's probably in your best interest to make sure two controls on the dialog don't have the same ID number. Of course, one consequence of giving two control the same ID number is that the function won't know which one to return when you say, "Please give me control number 100." This naturally has a cascade effect on all the other functions which are built atop the function, such as . Another reason to avoid duplication is that many notification messag...
What is the history of the GetRandomRgn function?
An anonymous commenter was curious about how the function arrived at its strange name, what the purpose of the third parameter is, and why it is inconsistent between Windows 95 and Windows NT. The sense of word "random" here is hacker slang rather than its formal probabilistic definition, specifically sense 2: "Assorted, undistinguished", perhaps with a bit of sense 4 sprinkled in: "Not well organized." (Commenter Gabe suggested that a better name would have been .) Once upon a time, when men were men and Windows was 16-bit, there was an internal function used to communicate between the ...
Globalization quiz: In honor of, well, that's part of the quiz
The Corporate Citizenship Tools; Microsoft Local Language Program Web site contains a map of the world, coded by region. There was a bug on the map. See if you can spot it: After I pointed out the error, they fixed the map on their Web page, so no fair clicking through to the Local Language Program Web page and comparing the pictures! Non-useful hint: I chose the publication date of this quiz in honor of the answer. Bonus chatter: Inside the answer. Iceland is drawn in the color of North America rather than Europe. Here's the corrected map: The non-useful hint is that I posted this quiz on the Fri...
Now that Windows makes it harder for your program to block shutdown, how do you block shutdown?
Up until Windows XP, applications could intercept the message and tell Windows, "No, don't shut down." If they were polite about it, they would also inform the user which application blocked system shutdown and why. And if they were really polite about it, they would even provide a way for the user to say, "I don't care; shut down anyway." As I noted some time ago, Windows Vista made it harder for applications to block shutdown. Applications are given two seconds to clean up, and then it's game over. Okay, now the game of walls and ladders continues. The power management folks created an escape hatch fo...
Why don't all of my folder customizations roam with my profile?
A customer reported some inconsistency in how folder customizations are handled by roaming profiles. Why doesn't the customization roam? Well, if you think about it, it makes sense that the setting for doesn't roam because doesn't roam either! The on Server1 is not the same directory as the on Server2. Let's change Step 2 slightly: I think nobody would be surprised at the results of this second experiment. The changes to Library\Documents are there because that folder is part of your roaming profile. The changes to are there because it is a global resource. And the changes to are not there...
Microsoft Dynamics in a soda can, sort of
It is not uncommon for a product team to produce some custom soda cans (really, carbonated water) for distribution at Microsoft cafeterias. Last year, the Microsoft Dynamics™ CRM 2011 team put some custom cans of sparkling water in the coolers extoling the virtues of their new product. It took the form of a side-by-side feature comparison. They didn't stop at soda cans. They also branded the napkin dispensers. (The napkin dispensers have a clear panel in which a message can be inserted.) (I changed the URLs from an internal Web site to the public Microsoft Dynamics™ CRM Web site.)
Fabio coming to Redmond. Also: Whey Protein
Mark your calendars: Fabio Lanzoni, better known to the world as simply Fabio, will be at the Redmond Whole Foods Market on June 21 to promote his whey protein product. (Now made with real Fabio!) And unlike Martha, he will let you take a picture of him. By the way, ladies, he's available!
Why do you have to wait for Windows Error Reporting to check for solutions before it restarts the application?
Leo Davidson wonders why you have to wait for Windows Error Reporting to check for solutions before it restarts the application. Why not do the two in parallel? Well, for one thing, when the application restarts, it might freak out if it sees a dead copy of itself. I know for sure that I would freak out if I woke up one morning and saw my own dead body lying next to me. While Windows Error Reporting is checking for a solution, it still has access to the carcass of the crashed application, because it may need to refer to it in order to answer follow-up questions from the server. ("Hey, was version 3.14 of PI.DL...
How can I determine the underlying cause of a EXCEPTION_IN_PAGE_ERROR exception?
A customer was using memory-mapped files and installed an exception handler to log in-page errors in the memory-mapped file region. They wanted to know how they could obtain the real disk error that resulted in the memory manager not being able to page-in the requested data. Finding the answer isn't that hard. A quick search for reveals that the information is provided in the member of the structure. In other words,
Eventually the window manager simply says that enough is enough
Many window manager operations are recursive, and eventually the window manager will simply say that enough is enough when the recursion goes too deep. We've seen this when you nest windows more than 50 levels deep or nest menus more than 25 levels deep, for example. (Note also that these limits may change in the future, so don't rely on being able to walk right up to the edge. Those values came from 32-bit Windows XP; I don't know if the limits have been dropped even further in subsequent versions of Windows, and I'm not sufficiently motivated to find out.) A customer had some code which installed a me...
Don't be helpless: What might be the reason for a "Path not found" error?
Internally at Microsoft, we have a programmer's tool which I will call Program Q. On the peer-to-peer mailing list for Program Q, somebody asked the following question: When I try to do a , instead of opening an editor window where I can modify the template, I get the following error: Can you help resolve this error? Okay, there is already everything you need in the error message. The program even converted the error number to error text for you. You just have to read it and think about what it's telling you. The file is . Therefore the path is . I leave you to determine the next step in ...
Microspeak: Turds
In Microspeak, a turd is a graphics glitch which results in old pixels appearing on the screen when they shouldn't. Perhaps they are not being erased properly, or instead of being erased, they move to an unwanted location. The source of the problem could be failing to mark a region for redrawing after something changed, or it could be that the drawing code ran into a problem and failed to draw over the old pixels. The problem might be that the code whose job it is to remove the object from the screen ran into a problem and didn't actually remove it, resulting in an on-screen object that nobody really is keeping t...
Why does PrintWindow hate CS_PARENTDC? Because EVERYBODY hates CS_PARENTDC!
Commenter kero wants to know why the function hates . (And , and .) Because everybody hates ! (And , and .) We saw earlier that these class styles violate widely-held assumptions about how drawing works. I mean, who would have thought that asking for two device contexts would give you the same one back twice? Or that changes to one device context would secretly modify another (because they're really the same)? Or that a window procedure assumes that it will see only one device context ever? The function is really in a pickle when faced with a window with one of these class styles, because the whole point o...
The time I watched a total lunar eclipse from the top of a mountain
One of my colleagues loves doing outdoorsy things, and he also loves space and astronomy. Many years ago, he invited a small number of us on an outing that combined both of his interests: A hike up a mountain to view the total lunar eclipse. Since an eclipse does not wait until you're ready, it's kind of important to stay on schedule or you'll end up missing the show. We started while it was still light out, and the people who were not seasoned hikers (like me) had to tough it out and keep going, because there was very little time in the schedule for taking breaks. (Because my colleague has been hiking so long t...
How do I prefetch data into my memory-mapped file?
A customer created a memory mapping on a large file and found that when the memory manager wanted to page in data from that file, it did so in 32KB chunks. The customer wanted to know if there was a way to increase the chunk size for efficiency. The memory manager decides the chunk size for memory-mapped files, and the chunk size is currently set to eight pages, which on a system with 4KB pages, comes out to 32KB chunks. (Note that this chunk size is an internal parameter and is subject to change in future versions of Windows. I'm telling a story, not providing formal documentation.) You have a few options. Th...
What happens if I call KillTimer with a NULL hwnd?
A customer discovered a bug in their code and wanted some information on how serious it was, so they could assess how urgently they need to issue a fix. We have code that calls with a valid window handle, but then we destroy the window before we get around to calling . When we finally do call , we do so with a window handle. The calls are probably harmless, but are we leaking the timers? The customer's real concern was actually in the part of the problem they thought was a point of little concern. The window manager cleans up orphaned timers when the associated window is destroyed, so there is no timer leak...
What does a STATUS_OBJECT_TYPE_MISMATCH exception in LeaveCriticalSection mean?
It means the same thing as a exception.
Hazards of spelling autocorrection: defiance
On an internal mailing list, a colleague asked for some recommendations on a webcam. I was wondering if there are any models I should avoid or defiantly get. I got this mental image of my colleague giving the salesperson the finger as he handed over his credit card. My colleague explained, "That's an error I frequently make because Outlook by default autocorrects 'definatly' to 'defiantly' instead of 'definitely'. You should see the reaction from my manager when he asks me to do something and I write back, 'I'll defiantly do that.' I'm a terrible speller. That's why I went into math: Only single letters." Bu...
If my window hosts multiple windowless ActiveX controls, which one do I call IOleInPlaceActiveObject::TranslateAccelerator and IOleInPlaceObjectWindowless::OnWindowMessage on?
Commenter Farproc asks how one goes about hosting two windowless ActiveX controls in a single window. In particular, "none of the documentation explains how to choose which control to send and on?" Actually, the documentation does say. The documentation for says, "Active in-place objects must always be given the first chance at translating accelerator keystrokes." So you pass the message to the active in-place object. Your window may host multiple windowless ActiveX controls, but at most one of them is the active object at a time. And most of the time, none of them will be active. For example, in Word, most...
The extern “C” specifier disables C++ mangling, but that doesn’t mean it disables mangling
The MSDN documentation on dllexport contains the following enigmatic paragraph, or at least did at the time I wrote this article: dllexport of a C++ function will expose the function with C++ name mangling. If C++ name mangling is not desired, either use a .def file (EXPORTS keyword) or declare the function as extern "C". I've seen this sentence misinterpreted as follows: dllexport of a C++ function will expose the function with C++ name mangling. To disable name mangling either use a .def file (EXPORTS keyword) or declare the function as extern "C". This is an understandable misinterpretation, but it ...
How do I prevent unchecked checkboxes in my listview control from disappearing?
A customer asked, "I have a listview control in report view with the extended style. I noticed that unchecked checkboxes are not visible until I hover over the corresponding item. Is it possible to get the checkboxes to be visible all the time?" I was kind of puzzled by this question because the default behavior of the list view control is to show the checkboxes all the time. I could have sat down and written a test program to prove it, but that would have taken too much time, and it wouldn't have advanced the story any. (The customer would merely have written back, "Well, that's not what I'm seeing.") This ap...
GUIDs are designed to be unique, not random
A customer liaison asked, "My customer is looking for information on the GUID generation algorithm. They need to select N items randomly from a pool of M (jury selection), and their proposed algorithm is to assign each item a GUID, then sort the items by GUID and take the first N." (I've seen similar questions regarding using GUIDs for things like passwords or other situations where the programmer is looking for a way to generate a value that cannot be predicted.) The GUID generation algorithm was designed for uniqueness. It was not designed for randomness or for unpredictability. Indeed, if you l...
Why is the Close button in the upper right corner?
Chris wants to know how the close button ended up to the right of the minimize and maximize/restore buttons. "In OS/2, it is on the left, which left the two other buttons in place." I don't know why the Close button went to the upper right instead of going to the left of the other buttons, but I'm going to guess. (That's what I do around here most of the time anyway; I just don't usually call it out.) Two words: Fitts's Law. The corners of the screen are very valuable, because users can target them with very little effort. You just slam the mouse in the direction you want, and the cursor goes into the corner...
What was the registry like in 16-bit Windows?
Commenter Niels wonders when and how the registry was introduced to 16-bit Windows and how much of it carried over to Windows 95. The 16-bit registry was extremely simple. There were just keys, no values. The only hive was . All it was used for was COM objects and file associations. The registry was stored in the file, and its maximum size was 64KB. It is my recollection that the registry was introduced in Windows 3.1, but Niels says it's not in a plain vanilla install, so I guess my memory is faulty. None of the 16-bit registry code was carried over to Windows 95. Windows 95 extended t...
How to view the stack of threads that were terminated as part of process teardown from user mode
Last time we saw how to view the stack of threads that were terminated as part of process teardown from the kernel debugger. You can do the same thing from a user-mode debugger, and it's actually a bit easier there. (The user-mode debugger I'm using is the one that comes with the Debugging Tools for Windows, the debugging engine that goes by a number of different front-ends, such as , , and .) A direct translation of the kernel-mode technique from last time would involve using the command and picking through for the memory blocks with candidate size and attributes. But there's an easier way. Now would be ...
Charles Petzold is back with another edition of Programming Windows
Back in the day (and perhaps still true today), Charles Petzold's Programming Windows was the definitive source for learning to program Windows. The book is so old that even I used it to learn Windows programming, back when everything was 16-bit and uphill both ways. The most recent edition is Programming Windows, 5th Edition, which was published way back in 1998. What has he been doing since then? My guess would have been "sitting on a beach in Hawaiʻi," but apparently he's been writing books on C# and Windows Forms and WPF and Silverlight. Hey, I could still be right: Maybe he writes the books while s...
How to view the stack of threads that were terminated as part of process teardown from the kernel debugger
As we saw some time ago, process shutdown is a multi-phase affair. After you call , all the threads are forcibly terminated. After that's done, each DLL is sent a notification. You may be debugging a problem with handling that suggests that some of those threads were not cleaned up properly. For example, you might assert that a reference count is zero, and you find during process shutdown that this assertion sometimes fires. Maybe you terminated a thread before it got a chance to release its reference? How can you test this theory if the thread is already gone? It so happens that when all the threads are te...
Sure, we do that: Context menu edition
A customer reported a problem that occurred only when they installed a particular application. If they uninstalled it, then the problem went away. After installing the application, the "Run As" context menu option stopped working. The customer didn't provide any other details, but we were able to make an educated guess as to what was going on. A common programming error in context menu extensions occurs in extensions which add only one menu item. These extensions ignore the parameters to the and simply assume that the only reason the method can be called is if the user selected their menu item. After all, if y...
Microspeak: The parking lot
Mike Dunn wonders what the Microspeak term parking lot means. I'm not familiar with this term either, and the first document I turned up during my search was a PowerPoint presentation that said "Avoid using Microsoft jargon terms, such as parking lot and dogfood." Yeah, that wasn't much help. From what I can gather, the term parking lot started out as a term used during brainstorming sessions. You've got a bunch of people in a conference room tossing out all sorts of ideas. The traditional way of organizing the ideas is to write each one on a Post-It® note and stick it on the whiteboard. As more and more...
What is the historical reason for MulDiv(1, -0x80000000, -0x80000000) returning 2?
Commenter rs asks, "Why does Windows (historically) return 2 for while Wine returns zero?" The function multiplies the first two parameters and divides by the third. Therefore, the mathematically correct answer for MulDiv(1, -0x80000000, -0x80000000) is 1, because a × b ÷ b = a for all nonzero b. So both Windows and Wine get it wrong. I don't know why Wine gets it wrong, but I dug through the archives to figure out what happened to Windows. First, some background. What's the point of the function anyway? Back in the days of 16-bit Windows, floating point was very ...
Warum deine Mutter Deutsch spricht
This upcoming Sunday is Mother's Day in the United States. In recognition of the holiday last year, a local church displayed the following message on its message board: "God couldn't be / everywhere / so God made mothers / German speaking." This explains why your mother speaks German. POIDH The church in question has an evening German-language service, and the advertisement for that service juxtaposed against the Jewish proverb produced an unexpected result.
When you crash on a mov ebx, eax instruction, there aren't too many obvious explanations, so just try what you can
A computer running some tests encountered a mysterious crash: A colleague of mine quickly diagnosed the proximate cause. *Something* marked the code page PAGE_READWRITE, instead of PAGE_EXECUTE_READ. I suspect a bug in a driver. FOO is just a victim here. This diagnosis was met with astonishment. "Wow! What made you think to check the protection on the code page?" Well, let's see. We're crashing on a instruction. This does not access memory; it's a register-to-register operation. There's no way a properly functioning CPU can raise an exception on this instruction. At this point, what possibilities...
Cheap amusement: Searching for spelling errors in the registry
One source of cheap amusement is searching for spelling errors in the registry. For example, one program tried to register a new file extension, or at least they tried, except that they spelled wrong. And they wonder why that feature never worked. My discovery was that my registry contained the mysterious key . After some debugging, I finally found the culprit. There was a program on my computer that did the equivalent of this: One of my colleagues remarked, "With enough force, any peg will fit in any hole." I suspect that the code was not that aggressively wrong. It was probably something more subtle...
How do I hide a window without blocking on it?
A customer was working on improving their application startup performance. They found that if their application was launched immediately after a fresh boot, the act of dismissing their splash screen was taking over 5% of their boot time. Their code removed the splash screen by calling . They suspect that the splash screen thread has, for some reason, stopped responding to messages, and while an investigation into that avenue was undertaken, a parallel investigation into reducing the cost of hiding the splash screen was also begun. One of the things they tried was to remove the style and call but they found tha...
Why can't I use the file sharing wizard if I exclude inheritable permissions from a folder's parent?
In Windows Vista and Windows Server 2008, if you go to a the advanced security settings for a directory and uncheck "include inheritable permissions from this object's parent", then go back to the Sharing tab, you'll find that the "Share" button is disabled. Why is this? We don't see this behavior on Windows 7 or Windows Server 2008 R2. (Yes, a customer actually noticed and asked the question.) The sharing wizard in Windows Vista and Windows Server 2008 does not support folders with the security descriptor control bit because it isn't sure that it can restore the ACL afterward. And as the customer n...
Why are the Windows 7 system notification icons colorless?
Mike wondered why the system notification icons went colorless in Windows 7 and why they went back to regular tooltips instead of the custom tooltips. I don't know either, so I asked Larry Osterman, who was in charge of the Volume icon. And he didn't know either. He was merely given new icons by the design team. But that doesn't stop me from guessing. (Which is what I do most of the time here, I just don't explicitly say that I'm guessing.) My guess is that the design team looked at the new Windows 7 taskbar and noticed that all the system-provided pieces were subdued and unobtrusive, with two exc...
How does the MultiByteToWideChar function treat invalid characters?
The flag controls how the function treats invalid characters. Some people claim that the following sentences in the documentation are contradictory: "Starting with Windows Vista, the function does not drop illegal code points if the application does not set the flag." "Windows XP: If this flag is not set, the function silently drops illegal code points." "The function fails if is set and an invalid character is encountered in the source string." Actually, the three sentences are talking about different cases. The first two talk about what happens if you omit the flag; the third talks about...
How does Explorer calculate the folder size information in the folder tooltip?
This information is accurate as of Windows 7; the algorithm may change for future versions of Windows. The information is being provided for the edification of computer network administrators, who are curious about random stuff like this since it can affect their network load. When you hover over a folder, Explorer shows an infotip (a special type of tooltip) which contains information about the directory, and the information that concerns network administrators is the "Size". How does Explorer calculate the size? Explorer calculates the size by performing a naïve recursive listing of the directory an...
Why is there sometimes a long delay between pressing a hotkey for a shortcut and opening the shortcut?
Via a customer liaison, we received a problem report from a customer. The customer is facing issues with delayed desponses to opening a .lnk file by pressing its keyboard shortcut hotkey. This delay does not appear when the shortcut is double-clicked. For example, the customer has created a shortcut to Notepad and assigned it the shortcut Ctrl+Alt+X. Pressing the keyboard combination sometimes takes 5 or 6 seconds for Notepad to open. As noted above, double-clicking on the shortcut causes Notepad to open without delay. This issue is not consistently reproducible, but it appears to be independent of the short...
What happened to the Summary information created on Windows 2000 and Windows XP?
In Windows 2000 and Windows XP, you could add Summary information on the Details property page to files of all types. Text files, image files, some crazy file your grandmother sent you in a file format you don't know how to open. If Windows supports storing the Summary information in the file itself (for example, in EXIF tags or in Structure Storage properties), then the information gets stored there. Otherwise, Windows stashes the information in an alternate data stream. Windows Vista dropped support for storing Summary information in alternate data streams. What happened? Support for storing Summar...
When you don't speak a language, don't sound like you speak the language
I appreciate the help from Christoph and Voo in refining my German. But that reminds me of a story about a friend of a friend. She was in Japan to visit some friends. Although she speaks English and Mandarin fluently, she doesn't know any Japanese, so her friends taught her how to say "Sorry, I don't speak Japanese." She managed to say this sentence quite well despite learning it purely phonetically. One day they were walking down the street as a group, and a gentleman approached and asked her for directions. She responded with the only sentence she knew: "Sorry, I don't speak Japanese." The gentleman was of...
What were the tests that WinG did to evaluate video cards?
Georg Rottensteiner was curious about the weird things that WinG performed on installation to evaluate video cards. "What did it do actually and what for?" I don't actually know, since I was not involved in the WinG project, but I remember chatting with one of the developers who was working on video card benchmarks. He says that video card benchmarks are really hard to develop, not just because video cards are complicated, but also because video drivers cheat like a Mississippi riverboat card sharp on a boat full of blind tourists. He discovered all sorts of crazy shenanigans. Like a video driver which compa...
A process shutdown puzzle, Episode 2
A customer reported that their program would very sporadically crash in the function . The customer was kind enough to provide a stack trace at the point of the crash: The customer wondered, "Could the problem be that my cleanup group does not have a callback? MSDN seems to suggest that this is okay." The exception being thrown is , but that doesn't really say much. But that's okay, because the smoking gun isn't the exception being raised. It's in the stack. Do you see it? The code is calling from inside while handling the notification. Looking further up the stack, you can see this was triggered ...
Shortcut properties are in the shortcut, so if they can read the shortcut, they can read the properties
A customer wanted to know if "there was a way to hide the properties of a shortcut." We asked for an explanation of the problem they were trying to solve, so we could understand what their question meant. The customer liaison explained: The customer is insisting on this, even though I think it's really the wrong approach. They want to put a password into the parameters of a shortcut, but they don't want their employees to see the password when they right-click the shortcut and select Properties. We're trying to convince them of better ways of doing this, but right now they want to see if they can solve it by ma...
How do I prevent users from opening TIF files?
A customer had a question about their Windows XP installations. (This question was from several years ago, so the fine details aren't really relevant any more, but I'm actually telling this story for a commentary opportunity.) The customer wanted to disable all file associations for TIFF files. Their first attempt was by deleting and . This successfully renders TIFF files with a generic document icon, but when the user double-clicks the file, the registration is re-established and Windows Picture and Fax Viewer opens the file. The company had some strange company security policy that says that TIFF fil...
I thought I was so clever, salvaging an old floppy drive from a dead computer, but I didn't think *two* steps ahead…
When one of the oldest computers at Microsoft still doing useful work finally died, I had the presence of mind to salvage the 5¼″ floppy drive from the machine, so that I could (someday) extract the data off all the old 5¼″ floppy discs I have packed away in boxes meaning to convert someday. (Mind you, the data capacity of a giant box of 5¼″ floppy disks is approximately equal to half of a CD.) Oh, and by the way, if you know what a floppy drive is, then this question on superuser.com will make you feel old. I thought I was so clever, salvaging an old floppy drive fro...
Why are programs allowed to use normal characters as hotkeys?
alv wonders why programs are allowed to create hotkeys for normal characters. The example given is the famous AltGr modifier, equivalent to Ctrl+Alt. Programs which ignore the guidance and use Ctrl+Alt as a shortcut modifier end up stealing keys from many non-English keyboard layouts, thereby preventing users from typing things like the Euro sign € (which is an AltGr combination on most keyboards that support it), or even worse, preventing Polish users with the Polish programmer keyboard layout from typing the letter Ż. Given that using Ctrl+Alt as a keyboard shortcut modifier can prevent people fro...
What does INIT_ONCE_CTX_RESERVED_BITS mean?
Windows Vista adds the One-Time Initialization family of functions which address a common coding pattern: I want a specific chunk of code to run exactly once, even in the face of multiple calls from different threads. There are many implementations of this pattern, such as the infamous double-checked lock. The double-checked lock is very easy to get wrong, due to memory ordering and race conditions, so the kernel folks decided to write it for you. The straightforward way of using a one-time-initialization object is to have it protect the initialization of some other object. For example, you might have it pr...
Why don't I get a Caps Lock warning balloon any more?
A customer asked for help diagnosing a problem they were experiencing on Windows XP: My customer reports that on their machines, they do not get the warning balloon that appears when Caps Lock is set while you are typing into a password field. I searched for relevant KB articles but couldn't find anything related to that. Can you help? Time for the psychic powers. My psychic powers tell me that the customer disabled all balloon tips. The customer liaison replied You are right. Thanks for the help. This is a not uncommon situation with some customers. They change a setting, and then later report tha...
Why doesn't the Version tab show up for very large files?
If you have a really large file and try to view its properties in Explorer, you may find that the Version tab doesn't appear. What's going on? The Version tab uses the family of functions to obtain version information from files. It so happens that the function works by calling and then using functions like to locate the version resource so it can allocate a buffer to hold the version resource plus additional data to assist in character set translation. If the file is larger than the available address space in the Explorer process, then the call to will fail due to lack of address space into which to map ...
There's the kernel, and there's kernel mode – confusing historical terminology
A few weeks ago, I mentioned that the kernel folks decided not to expose bonus bytes to applications. Some people were confused by this statement, not for what it said, but for what it implied. "Wait, you're telling me that the heap is implemented in kernel mode?" Let's turn the clock back to 1983. The core components of Windows fell into three categories: Windows 1.0 ran on the 8086, which had no concept of CPU modes or memory protection or any stuff we take for granted nowadays. Everything ran in a single mode, and since there was only one mode, it didn't have a name. Although future versions of Win...
Why do we need IsDialogMessage at all?
alv wonders why we need the function at all. "All its activity could take place inside the window procedure of the modeless dialog itself", since when it doesn't have focus, it shouldn't be responding to messages anyway. Sure, that works great if the modeless dialog has focus. But it almost never does. What has focus is a control inside the modeless dialog. And in that case, the modeless dialog never sees the message, since the rule is that keyboard messages go to the window with focus. And that ain't the modeless dialog box. Consider, for example, a message box with OK and Cancel buttons. Focus defaults to t...
You already know the answer since you do it yourself
A customer was writing a program that performed virtual drag/drop. They were using the technique but found that many applications don't support drag/drop of virtual content. They support only . What's more, often these applications query for on not because they want to access the file, but just because they want to get the file names (for example, because they want to put up the no-entry cursor if the file types are not ones the application supports). Given that we want to be able to drop content onto applications which do not support drag/drop of virtual content, we have the problem of knowing exactly when ...
What is the real maximum length of a DNS name?
It's 255, but you have to count it the right way.
I know that an overlapped file handle requires an lpOverlapped, but why does it (sometimes) work if I omit it?
A customer observed that the formal requirements for the function specify that if the handle was opened with , then the parameter is mandatory. But the customer observed that in practice, passing results in strange behavior. Sometimes the call succeeds, and sometimes it even returns (horrors!) valid data. (Actually the more horrifying case is where the call succeeds and returns bogus data!) Now sure, you violated one of the requirements for the function, so the behavior is undefined. But why doesn't just flat-out fail if you call it incorrectly? The answer is that the function doesn't know whether you're ...
Microspeak: scoped to
The Merriam-Webster dictionary gives as the meaning of scope as a verb to look at for evaluation, as in "to scope out the competition." But that's not how we use it at Microsoft. Here are some fake citations: The Widgets pop-up shows the available widgets scoped to the current selection. The results of the search are scoped to the current folder. Workflows can be scoped to containers, content types (scopeable to containers, sites, collections, servers, or enterprises), or combinations of these. Okay, that last one wasn't fake. You can tell it's not fake because it is extra confusing. To be scoped to som...
There's the interface contract, and there are the implementations of the interface contract
Ivo wants to know whether it is legal to use as the icon parameters to . The documentation says that the parameters are optional, but some shell folder implementations treat them as mandatory. Yes, the parameters are technically optional, but it's also the case that many people mess up their implementation of the interface and treat them as mandatory, either by crashing on a null pointer or by returning . Since is an extension interface, you are pretty much at the mercy of all the implementations of that extension. Welcome to the land of application compatibility, where you have to incorporate workarounds fo...
Registration-free COM the old-fashioned way: The car mp3 player
Windows XP introduced Registration-Free COM, permitting you to place your COM object registrations in a manifest rather than in the registry. Very handy when you want to support xcopy deployment or running directly off a thumb drive. And very much in keeping with the principle of not using a global solution for a local problem. (If you need your COM object to be used from other programs, then global registration is not unreasonable, but if the only client is another part of your program, then you have a local problem that should employ a local solution.) Here are some articles on the subject: Before man...
You can use an OVERLAPPED structure with synchronous I/O, too
Even if you didn't open a file with , you can still use the structure when you issue reads and writes. Mind you, the I/O will still complete synchronously, but you can take advantage of the other stuff that has to offer. Specifically, you can take advantage of the and members to issue the I/O against a file location different from the current file pointer. (This is a file pointer in the sense of and not in the sense of the C runtime .) If your program does a lot of reads and writes to random locations in a file, using the synchronous structure saves you a call to at each I/O. Let's illustrate this by ...
I totally presented to an executive the wrong way
Some time ago, Gray Knowlton wrote an article on how to present to an executive. As you might have guessed, I've done it completely the wrong way. Many years ago, I was part of a group presenting to a senior-level executive. I was the one who wrote the document establishing the background for the topic and laying out the various options with their pros and cons. I wasn't the one doing the actual presenting, but I was asked to attend anyway, just in case the senior executive had a question that the presenters couldn't answer. For the duration of the meeting, I sat in the back and knitted. As it turns out, I...
Introducing the unrolled-switch anti-pattern
Over the years, I've seen a bunch of coding anti-patterns. I figured maybe I'll share a few. Today, I'll introduce what I'm calling the unrolled-switch anti-pattern, also known as "Specialization is always faster, right?" As we all know, special-case code is faster than general-purpose code. Instead of writing slow general-purpose code: we unroll it into a switch statement, thereby generating highly-optimized special-purpose code, one for each axis. What makes this anti-pattern particularly frustrating is that you cannot tell at a glance whether all the cases really are the same (just with different axe...
If posting here is frequently frustrating and irritating, why do I keep doing it?
Appreciator wonders, if I find posting here frequently frustrating and irritating, why I keep doing it anyway? Imagine I announced one day, "This is too frustrating and annoying. I'm going to stop now." To the rest of the world, this would "mean something." People would discuss in hushed tones—and for the Internet, hushed tones means in a normal voice, or perhaps even louder than normal—what this "means" for blogging, for Microsoft, for whatever. People would start speculating as to what pushed me over the line, maybe muse about what this means for other bloggers, or question my actual motivations. ...
How do I perform shell file operations while avoiding shell copy hooks?
Okay, the subject line of the article gives away the answer to the puzzle, but here's the puzzle anyway: A customer reported a problem with the function: Consider the following program: If "a" is a file, then everything works fine, but if it's a directory, then Application Verifier raises the following error: Heap violation detected Memory access operation in the context of a freed block: reuse-after-delete or double-delete Can you help explain what we're doing wrong? So far as we can tell, all our parameters are correct. This is one of those "It doesn't work on my machine" issues, because the prov...
Why can't I delete a file immediately after terminating the process that has the file open?
A customer discovered a bug where terminating a process did not close the handles that the process had open, resulting in their emergency cleanup code not working: Their workaround was to insert a call to before deleting the file. The customer wanted to know whether they discovered a bug in , and they were concerned that their workaround could add up to a half second to their cleanup code, during which the end user is sitting there waiting for everything to clean up. As MSDN notes, TerminateProcess initiates termination and returns immediately. This stops execution of all threads within the process and r...
Converting to Unicode usually involves, you know, some sort of conversion
A colleague was investigating a problem with a third party application and found an unusual window class name: L"整瑳整瑳". He remarked, "This looks quite odd and could be some problem with the application." The string is nonsense in Chinese, but I immediately recognized what was up. Here's a hint: Rewrite the string as L"\x6574" L"\x7473" L"\x6574" L"\x7473" Still don't see it? How about looking at the byte sequence, remembering that Windows uses UTF-16LE. 0x74 0x65 0x73 0x74 0x74 0x65 0x73 0x74 Okay, maybe you don't have your ASCII table memorized. That's right, the app...
Amusing message on a whiteboard in the hallway
It is common to see whiteboards mounted in hallways. Sometimes they have official purposes; other times they are just placed for the convenience of hallway conversations or impromptu meetings. One of the hallways near my office has a very large whiteboard, completely blank, save for one note clearly written in the corner. DO NOT ERASE
Why does a maximized window have the wrong window rectangle?
Commenter configurator wonders why the maximum size for a form is the screen size plus (12,12). Somebody else wonders why it's the screen size plus (16,16). Let's start by rewinding the clock to Windows 3.0. When you maximize a window, the default position of the window is such that all the resizing borders hang "off the edges of the screen". The client area extends from the left edge of the screen to the right edge of the screen, and also goes all the way to the bottom. It doesn't go all the way to the top, since it needs to leave room for the caption, but the resizing border that sits above the caption...
Beverage Gas Division of Central Welding Supply
The other day, I saw a van which was labeled Beverage Gas Division of Central Welding Supply. This odd juxtaposition was created by the acquisition of Compressed Gas Western by Central Welding Supply in 2009. I sure hope they don't get their tanks confused.
Why is the Heap32Next function incredibly slow on Windows 7?
Improved correctness but at a price.
Why does my window style change when I call SetWindowText?
A customer observed some strange behavior with window styles: We ran some weird behavior: Calling the function causes a change in window styles. Specifically, calling results in the and messages, and sometimes the result is that the style is removed. Is this a bug? What would cause this? The message sends the message to the control, at which point anything that happens is the window's own responsibility. If it wants to change styles based on the text you sent, then that's what happens. The window manager doesn't do anything special to force it to happen or to prevent it. That's weird, because I'm not e...
Isn't there a race condition in GetFileVersionInfoSize?
In response to my explanation of what the parameter in is used for, Steve Nuchia wonders if there's a race condition between the time you get the size and the time you ask for the data. Yes, there is a race condition, but calling the function in a loop won't help because the function does not report that the buffer is too small to hold all the version data. It just fills the buffer as much as it can and truncates the rest. In practice, this is not a problem because you are usually getting the versions of files that you expect to be stable. For example, you might be obtaining the version resources of the fi...
In 1993, Microsoft stole my colleague's car
I remember walking between buildings at Microsoft back in the 1990's and seeing a moss-covered, rusted-out jalopy in one of the parking spaces. It clearly hadn't moved in ages. The person I was with said, "Oh, yeah, Microsoft owns that car. They stole it from Bob." (Bob is my generic name for a Microsoft employee.) The Inaugural Day Storm of 1993 left felled trees and other wind damage in its wake on the Microsoft Redmond campus. One of my colleagues was out of town when the storm hit, and he returned to stories of fallen trees, wind damage, and howling winds. Bob also returned to find that his car had been st...
The most exciting part of my morning is catching my bus, specifically, making the transfer
Note: Transit nerd content. You have been warned. I still rely on One Bus Away to tell me when my bus is coming. Recent changes in bus service means that there is no longer a direct bus from my neighborhood to my work. My basic options are as follows: If you sit and work out the math, the total travel time for all the options is about the same, around 29 minutes. Which is about the same time it takes me to ride my bicycle, so it basically doesn't matter which route I take, especially since traffic lights randomize the travel time by a few minutes each way. But the paradox of choice means that I still try ...
Why does holding the Ctrl key when selecting New Task from Task Manager open a command prompt?
Commenter Adam S wonders why holding the Ctrl key when selecting New Task from Task Manager will open a command prompt. It's a rogue feature. Windows XP introduced visual styles, and one of the tricky parts of debugging visual styles is that if the visual style engine goes berzerk, you can't see anything! One of the problems that the visual styles folks encountered when developing their feature was that sometimes they would get into a state where the Run dialog would stop working. And without a Run dialog, you couldn't install or launch a debugger to begin investigating what went wrong. The solution...
Memory allocation functions can give you more memory than you ask for, and you are welcome to use the freebies too, but watch out for the free lunch
Memory allocation functions like , , , and all have the property that they can return more memory than you requested. For example, if you ask for 13 bytes, you may very well get a pointer to 16 bytes. The corresponding functions return the actual size of the memory block, and you are welcome to use all the memory in the block up to the actual size (even the bytes beyond the ones you requested). But watch out for the free lunch. Consider the following code: So far so good. We allocate some memory, and then fill it with zeroes. That gives us our zero-initialized memory. Or does it? When you ask the hea...
Why does the VerQueryValue function give me the wrong file version number?
A customer was writing a test to verify that their patching system was working properly, but they found that even after the patch was installed, a call to reported that the file was still the original version. Why was the function reporting the wrong version? Recall that the version resource is, well, a resource. And one of the things that happens with resources is that they can get redirected based on the language the user is running. When you ask for the resources of a language-neutral DLL, the loader redirects your request to the appropriate language-specific DLL. That way, if you're running on an English ...
How do I get mouse messages faster than WM_MOUSEMOVE?
We saw some time ago that the rate at which you receive messages is entirely up to how fast your program calls . But what if your program is calling as fast as it can, and it's still not fast enough? You can use the function to ask the window manager, "Hey, can you tell me about the mouse messages I missed?" I can think of two cases where you might want to do this: You are a program like Paint, where the user is drawing with the mouse and you want to capture every nuance of the mouse motion. You are a program that supports something like mouse gestures, so you want the full mouse curve informatio...
Microspeak: Friction
In physics, friction is a force that resists motion. In Microspeak, friction is an obstacle which prevents somebody from doing something you want them to do. (The preferred verb phrase for getting over an obstacle is overcoming friction.) There is friction in the system for X that is reduced when developing with Y. Using X reduces friction of someone being able to do Y without having to Z. Many companies have found that outsourcing activities can introduce unexpected complexity, add cost and friction into the value chain, and require more senior management attention and deeper management skills than anticip...
If you have multiple versions of Windows installed, why do they all try to adjust the clock?
Commenter Martin notes that if you have multiple copies of Windows installed on your machine, then each one will try to adjust the clock when you enter or exit daylight saving time. "I cannot believe that this feature is a bug. Please could you comment this?" This falls into a category of issue that I like to call "So what did you expect?" (This was the catch phrase of the old Call-A.P.P.L.E. magazine.) If you have multiple operating systems installed on your machine, each one thinks that it has control of your computer. It's not like there's some standard cross-operating system mechanism for negotiating cont...
To some people, time zones are just a fancy way of sounding important
Standard time sounds much more standard.
Alt text for images are important in email, too
Apparently the IT department gave up on getting everybody to read email in plain text, and other service departments at Microsoft have moved beyond simply using HTML for markup and started adding banner images to the top of each email message. Because the best way to promote your brand to other parts of the company is to stick a banner logo at the top of every message. Here's the HTML for one such banner image, with line breaks inserted for sanity. The great thing about the absurd alt text is that that's what appears in the autopreview window and in the email notification pop-up. But wait, it gets wors...
Why do program files go into the Program Files directory?
Some of Microsoft's software certification programs (such as the Windows Logo) require that applications set their default installation location to the Program Files directory. What is the reason for this? One technical reason is that this ensures that the directory receives an appropriate default security descriptor. But the Program Files directory was introduced in Windows 95, which didn't have security descriptors, so that can't be the entire reason. Rewind the clock to Windows 3.1. Microsoft didn't provide guidance on where applications should install by default. As a result, they went everywhere....
Why does Explorer ignore seconds when sorting by Date Modified?
A customer reported that Explorer appears to be ignoring the seconds when sorting by Date Modified. The customer was kind enough to include detailed steps to reproduce the problem. Start with a folder with several files, sorted by Date Modified. Right-click on the newest file, select Copy. Right-click on the blank column on the right, select Paste. This will create a file with the same name, but with "- Copy" appended. Press F5 to refresh the view and note the sort order. The copy appears at the top of the list. Highlight the newly-created file, hit F2, and give the document a different name, an...
Why doesn't the Maximize button maximize across all monitors?
Cheong wonders why there isn't a way for the Maximize button to maximize a window across multiple monitors. (Troll asks a similar question: Why doesn't Windows support spanned mode for multiple monitors?) We tried it that way at first. And we quickly discovered why it was a bad idea. Wait, I'm not finished yet. Things get still worse if your two monitors are not the same size. In that case, the virtual screen is larger than the visible region. For example, my monitor arrangement has a landscape monitor on the left and a portrait monitor on the right, with the bottoms of the monitors aligned. ...
This isn't Highlights magazine: Sort keys and why they change
Some time ago, Ry Jones gave some examples of Quotable Raymond, including the following: How to make a good doc bug report: 1. Don't embed pictures. ... This isn't Highlights magazine. What Ry didn't realize is that his "..." totally misrepresented the message. There were actually two separate items, but he combined them into one and replaced the missing parts with "...". I already ranted some time ago about embedding pictures. Today I'll rant about the second item, which is turning a bug report into the Spot the difference between these two pictures game in Highlights magazine. A customer reporte...
How do I make it so that users can copy static text on a dialog box to the clipboard easily?
Given that you have a Win32 dialog box with static text in an control, how do you make it so that users can easily copy that text to the clipboard? The traditional solution is to create a borderless read-only edit control (which draws as static text by default). Add it to the tab order by setting the style, and maybe even give it a keyboard accelerator for accessibility. Starting in Windows Vista, version 6 of the common controls provides an alternative. (A less accessible alternative, mind you.) Static text controls automatically copy their contents to the clipboard when you double-click them if you...
What was the nature of the feedback that resulted in the change to the highlighting model for Explorer navigation pane?
Gabe wanted to know the nature of the feedback that resulted in the change to Explorer navigation pane. Historically, Explorer had a navigation pane that contained a folder tree, and the navigation pane could be toggled on and off. From observations and usability studies, we observed that users in general found this toggling burdensome. People liked the folder tree as a form of browsing, but they didn't like the fact that the folder tree kept changing as they navigated through the system. In other words, they liked the fact that they could change the folder tree by expanding and collapsing nodes, but they wante...
How can I customize which notification icons are displayed by default on a new installation?
There's a setting for it, but you need some help from the application.
Why was HDS_FILTERBAR added to the common controls if nobody uses it?
Mike Dunn was curious about the intended purpose of . The style adds a row below the header control consisting of an edit control and a funnel icon. The funnel icon presumably represents a coffee filter, because after all, everybody in the world drinks coffee as much as people in Seattle. (Developers think they're so clever.) Mike points out that new features of the common controls were nearly always used by whatever version of Windows or Internet Explorer shipped that new version. The style is a notable exception. What happened? I believe the feature was originally intended for use by Active Directory; m...
Why does Windows keep showing the old indirect strings even after I update the binary?
If your application uses indirect localized string resources, and you update the application, you may find that Windows keeps using the old string from the previous version of the application. For example, suppose that you set the localized name for a shortcut to , and in version 1 of your program, you have For version 2, your marketing team decides that the program should really be called Contoso Document System, so you change the resource file to read The user upgrades to version 2 of your program, but the shortcut on the Start menu still reads Contoso Document Services. What's going on?...
What does the minus sign in indirect localized string resources mean?
The syntax for indirect localized string resources is filenamestringId, optionally followed by a semicolon and a comment. A customer wanted to know what the minus signs stands for. The minus sign doesn't "stand for" anything. It's just part of the syntax. It's like asking what the semicolon at the end of a C statement stands for. It doesn't stand for anything; it's just part of the rules for C statements. (And if the minus sign has to stand for something, what does the comma stand for?) Okay, so maybe the question was really "Why does the syntax for indirect localized strings include a minus sign? Isn't the co...
Instead of creating something and then trying to hide it, simply don't create it in the first place
A customer had a question, which was sort of I bet somebody got a really nice bonus for that feature in reverse. A customer is asking if there is a way to programmatically control the icons in the notification area. Specifically, they want the setting for their notification icon to be "Only show notifications" rather than "Show icon and notifications" or "Hide icon and notifications." Fully charged (100%) Network Fabrikam Internet access Volume Speakers: 10% Contoso Resource Notification No new resources found. It's a good thing th...
Why don't music files show up in my Recent Items list?
If you double-click a music file, it doesn't show up in your Recent Items list. What's so special about music files? The technical reason is that the file types are registered with the flag, which means that they don't show up in the Recent Items list (formerly known as Recent Documents), and they don't show up in the Recent or Frequent section of Windows Media Player's Jump List. Okay, fine, but that's like answering "Why is there a door here?" with "Because the blueprints said that there should be a door there." You really want to know why the architect decided to put a door there. The reason why music fil...
What's the difference between Text Document, Text Document – MS-DOS Format, and Unicode Text Document?
Alasdair King asks why Wordpad has three formats, Text Document, Text Document - MS-DOS Format, and Unicode Text Document. "Isn't at least one redundant?" Recall that in Windows, three code pages have special status. Three text file formats. Three encodings. Hm... I wonder... As you might have guessed by now, the three text file formats correspond to the three special code pages. Now it's just a matter of deciding which one matches with which. The easiest one is the Unicode one; it seems clear that Unicode Text Document matches with Unicode. Okay, we now have to figure out how Text Document and Text Doc...
How do I find out which process has a file open?
Classically, there was no way to find out which process has a file open. A file object has a reference count, and when the reference count drops to zero, the file is closed. But there's nobody keeping track of which processes own how many references. (And that's ignoring the case that the reference is not coming from a process in the first place; maybe it's coming from a kernel driver, or maybe it came from a process that no longer exists but whose reference is being kept alive by a kernel driver that captured the object reference.) This falls into the category of not keeping track of information you don't n...
Why does the DrawIcon function draw at the default icon size?
Miral wondered why the function draws at the default icon size instead of respecting the actual icon size. After all, if you loaded a nonstandard-sized icon via , then presumably you want to use that nonstandard size. The question is one of those types of questions that fails to understand history, like asking why NASA didn't send the space shuttle to rescue the Apollo 13 astronauts. At the time the function was written, the function didn't exist, and wouldn't exist for over a decade. The function showed up in Windows 95, but Windows was drawing icons long before then, and for a long time, the on...
When does an icon handler shell extension get unloaded?
A customer had a question about the function. They used the function to obtain the icon for a file, and they discovered that when they asked for the icon of a particular type of file, the shell extension for the associated application was loaded. But unfortunately the third party shell extension is not getting unloaded, maybe because of a bug. Can we do anything in code to get this shell extension to unload? You already know everything you need to answer this. Shell extensions are COM objects, and icon handlers are in-process local servers, and in-process local servers remain loaded until the apartment is t...
The awesome Valentine's Day gift disguised as an uncreative one
A few years ago, one of my colleagues wanted to surprise his wife with a new laptop for Valentine's Day. (As a bonus, he set the wallpaper to one of their wedding pictures.) Now, he could just give her a neatly wrapped laptop, but he wanted this one to be a super-surprise. First, he bought a large box of chocolates. He then carefully opened the box (preserving the bow and other wrapping), removed the chocolates and put the laptop inside, using a smaller box of chocolates to act as packing material. He then put the cover back on the box of chocolates and restored the box to its original unopened appearance. As a...
Why did the Windows 95 Start button have a secret shortcut for closing it?
Unintentional consequences.
Fancy use of exception handling in FormatMessage leads to repeated "discovery" of security flaw
Every so often, somebody "discovers" an alleged security vulnerability in the function. You can try it yourself: If you run this program under the debugger and you tell it to break on all exceptions, then you will find that it breaks on an access violation trying to write to an invalid address. Did you just find a buffer overflow security vulnerability? The function was part of the original Win32 interface, back in the days when you had lots of address space (two whole gigabytes) but not a lot of RAM (12 megabytes, or 16 if you were running Server). The implementation of reflects this historical reali...
What is the effect of memory-mapped file access on GetLastError()?
A customer was using memory-mapped files and was looking for information as to whether access to the memory-mapped data modifies the value returned by . A member of the kernel team replied, "No, memory-mapped I/O does not ever change the value returned by ." That answer is simultaneously correct and wrong, a case of looking at the world through kernel-colored glasses. While it's true that the kernel does not ever change the value returned by , it's also the case that you might change it. If you set up an exception handler, then your exception handler might perform operations that affect the last-error cod...
The path-searching algorithm is not a backtracking algorithm
Suppose your PATH environment variable looks like this: Suppose that you call intending to load the library at . If the network server is down, the call will fail. Why doesn't it just skip the bad directory in the PATH and continue searching? Suppose the function skipped the bad network directory and kept searching. Suppose that the code which called was really after the file . By taking the server down, you have tricked the function into loading instead. (And maybe that was your DLL planting attack: If you can convince the system to reject all the versions on the by some means, you can then get to ...
Microspeak: fit
In Microspeak, fit is a predicate noun which is never used on its own but always comes with a modifying adjective. For something to be a good fit is for something to be appropriate or suitable for a particular situation. The opposite of a good fit is not a bad fit, because that's pejorative. Rather, something that is not a good fit is referred to as a poor fit. The purpose of a previewer plug-in is to allow users to view the media without opening it. An image editing tool would not be a good fit for the previewing feature. (Alternatively, "would be a poor fit for the previewing feature.") To be a good fit with...
The story of the mysterious WINA20.386 file
Global or local.
The compatibility constraints of error codes, episode 2
A customer reported an incompatibility in Windows 7: If A: is a floppy drive and they call and there is no disk in the drive, the call fails with the error . Previous versions of Windows failed with the error . Both error codes are reasonable responses to the situation. "The module couldn't be found because the drive is not ready." Programs should treat a failed as a failed library load and shouldn't be sensitive to the precise reason for the error. (They can display a more specific error to the user based on the error code, but overall program logic shouldn't depend on the error code.) Fortunately, the...
When you are looking for more information, it helps to say what you need the information for
It's often the case that when a question from a customer gets filtered through a customer liaison, some context gets lost. (I'm giving the customer the benefit of the doubt here and assuming that it's the customer liaison that removed the context rather than the customer who never provided it.) Consider the following request: We would like to know more information about the method the shell uses to resolve shortcuts. This is kind of a vague question. It's like asking "I'd like to know more about the anti-lock braking system in my car." There are any number of pieces of information that could be provided abou...
Things I've written that have amused other people, Episode 9
A customer liaison reported that their customer wants to be able to access their machine without needing a password. They just want to be able to and be able to access the files right away. I guess because passwords are confusing, easy to forget, and just get in the way. Anyway, the customer discovered that they could do so on Windows XP by going to the folder they want to share, going to the Sharing tab, then clicking on the If you understand the security risks but want to share files without running the wizard link, and then on the Enable File Sharing dialog, clicking Just enable file sharing. What th...
The Freudian typo that will not die: Enchanced video quality
While wasting time doing valuable background research on my computer, I received the following suggestion: For enchanced video quality, click here. It's good to know that the typo that I first encountered in 1993 is still alive and kicking. (And even though it's not important to the story, people will demand some sort of follow-up, so here it is: I submitted feedback to the vendor, who said that it was a known issue fixed in the next update.)
Why does it take Task Manager longer to appear when you start it from the Ctrl+Alt+Del dialog?
Amit was curious why it takes longer for Task Manager to appear when you start it from the Ctrl+Alt+Del dialog compared to launching it from the taskbar. Well, you can see the reason right there on the screen: You're launching it the long way around. If you launch Task Manager from the taskbar, Explorer just launches via the usual mechanism, and Task Manager launches under the same credentials on the same desktop. On the other hand, when you use the secure attention sequence, the program receives the notification, switches to the secure desktop, and displays the Ctrl+Alt+Del dialog. When you select Task M...
Does mapping the same shared memory two times in a process lead to double the address space usage?
A customer designed a system which uses shared memory. Specifically, for each database file, they create a corresponding shared memory block of, say, 200MB. Multiple clients which connect to the same database file use the same shared memory block. Naturally, if two processes each access the same database file, each process will map the shared memory block into their respective address space. The question arose regarding what happens if one process connects to the same database file twice. Will the two calls to share the same address space, or will each one allocate a separate chunk of address space? Win32 makes...
The 2012/2013 Seattle Symphony subscription season at a glance
The pocket reference guide for 2012/2013.
Why doesn't the Windows 7 Start menu have a pushpin for pinning items?
You may have noticed a minor inconsistency between pinning a program to the Start menu and pinning a destination to a program's Jump List. Although pinned items appear at the top of the respective lists, and both the Start menu and Jump List let you right-click an item and select Pin/Unpin, the Jump List also lets you pin and unpin an item by clicking on the pushpin. Why doesn't the Start menu have a pushpin in addition to the right-click menu? For a time, items on the Start menu did have a pushpin, just like items on Jump Lists. The design had a few problems, however. Start menu items can also have a triangle i...
How do I disable the fault-tolerant heap?
A while back, I linked to a talk by Silviu Calinoiu on the fault-tolerant heap. But what if you don't want the fault-tolerant heap? For example, during program development, you probably want to disable the fault-tolerant heap for your program: If the program is crashing, then it should crash so you can debug it! Method 1 is to disable the fault-tolerant heap globally. While this prevents the fault-tolerant heap from auto-activating in the future, it does not go back and undo activations that were enabled in the past. In other words, you have to remember to do this before your application crashes for the ...
A single-handed effort to keep the memory of $2 bills alive
As I noted when I told the story of the computer programmer who dabbled in making change that my colleague had a lot of money-related quirks. For some reason my colleague felt the $2 bill deserved more attention. Every so often, he would go to the bank and buy $100 in $2 bills, then reintroduce the bills into circulation and enjoy people's reactions to them. (Most cashiers looked at it and recognized that it was legal tender, but couldn't find a good place to put it in the till. It usually got tossed under the drawer with all the checks.) It was a regular occurrence that the bank didn't have that many $2 bills...
Can OANOCACHE be used for non-debug purposes?
Friday asks whether OANOCACHE can be used for non-debug purposes, say to improve stability and/or speed. You can try, but it's not recommended. For one thing, it probably damages stability, because there are many applications out there which unwittingly rely on the BSTR cache to protect them from heap corruption bugs. The Windows team has for years wanted to tweak the BSTR cache (even going so far as getting rid of it entirely), but the compatibility issues always return and quash any attempts at radical restructuring. Identifying applications that rely on the BSTR cache and deploying an appropriate compatibil...
How do FILE_FLAG_SEQUENTIAL_SCAN and FILE_FLAG_RANDOM_ACCESS affect how the operating system treats my file?
Exclusively sequential, nonsequential, and then there's sort-of-sequential.
Why do Microsoft customer records use the abbreviation “cx” for customer?
It used to be something worse.
Don't try to allocate memory until there is only x% free
I have an ongoing conflict with my in-laws. Their concept of the correct amount of food to have in the refrigerator is "more than will comfortably fit." Whenever they come to visit (which is quite often), they make sure to bring enough food so that my refrigerator bursts at the seams, with vegetables and eggs and other foodstuffs crammed into every available nook and cranny. If I'm lucky, the amount of food manages to get down to "only slightly overfull" before their next visit. And the problem isn't restricted to the refrigerator. I once cleared out some space in the garage, only to find that they decided to use...
Microspeak: Walls and ladders
Reader laonianren wanted to know more about this game Walls and Ladders. "Walls and Ladders" is not a game. It's just a metaphor for a conflict in which one side wants to perform some action and the other side wants to prevent it. The defending side builds a wall, and the attacking side builds a taller ladder. In response, the defending side builds a taller wall, and the attacking side builds an even taller ladder. The result of this conflict is that the defending side constructs an ever-more-elaborate wall and the attacking side constructs a more-and-more complex ladder [link possible NSFW], both sides expen...
Cultural arbitrage: The food-related sucker bet
While I was at a group dinner at a Chinese restaurant, a whole fish was brought to our table. One of the other people at the table told a story of another time a whole fish was brought to the table. He attended the wedding rehearsal dinner of a family member. The bride is Chinese, but the groom is not. (Or maybe it was the other way around. Doesn't matter to the story.) The dinner was banquet-style at a Chinese restaurant, and one of the many courses was a whole fish. Two of the non-Chinese attendees marveled at the presence of an entire fish right there in front of them, head, tail, fins, and all. I guess they...
Why was there a font just for drawing symbols on buttons?
Nice and scalable.
Keys duplicated from photo: Delayed reaction
There was a report some time ago that researchers have developed a way to duplicate keys given only a photograph. When I read this story, I was reminded of an incident that occurred to a colleague of mine. He accidentally locked his keys in his car and called a locksmith. Frustratingly, the keys were sitting right there on the driver's seat. The locksmith arrived and assessed the situation. "Well, since you already paid for me to come all the way out here, how would you like a spare key?" "Huh? What do you mean?" The locksmith looked at the key on the driver's seat, studied it intently for a few seconds, then...
How do I print non-error messages during compilation?
Commenter Worf remarked, "My one wish is that would be supported." I always find it interesting when people say "I wish that Microsoft would stop following standards," since the directive is nonstandard. The Microsoft C/C++ compiler implements the feature in a method compatible with the standard, namely via a directive. If you want to warn people away from deprecated functionality, you can use the directive or the even more convenient (but more standards-troublesome) declaration specifier. The declaration specifier is much more convenient than the preprocessor directive because you can...
Puzzling out the upsell-o-meter
As I noted before, many grocery stores in the United States have a printer next to the cash register which prints out coupons customized to your purchases. Here's a purchase and the accompanying coupon. What is the story behind this pairing? Purchased: Diapers for newborn baby. Coupon: Save 75 cents on ice cream. Bonus chatter: While waiting in line, I read the warning label on the diapers. It went on for quite a bit, but one part triggered my "I wonder what lawsuit led to this warning" sensor: "Like most articles of clothing, XYZ brand diapers will burn if exposed to flame." Did somebody say, "Oh no, there's ...
Why does CreateEvent fail with ERROR_PATH_NOT_FOUND if I give it a name with a backslash?
A customer reported that the function was failing with the unusual error code : The customer continued, "The documentation for says that the parameter must not contain the backslash character. Clearly we are in error for having passed an illegal character, but why are we getting the strange error code? There is no file path involved. Right now, we've added to our list of possible error codes, but we'd like an explanation of what the error means." Okay, first of all, building a table of all known error codes is another compatibility problem waiting to happen. Suppose in the next version of Windows, a new...
What a steal: A house for only ten dollars!
When I was signing the papers for a house purchase many years ago, I noticed that the deed papers read The Grantor «names of people selling the house» for and in consideration of TEN DOLLARS AND OTHER GOOD AND VALUABLE CONSIDERATION in hand paid, conveys and warrants to «me» the following described real estate... I noticed that I technically was buying the house for ten dollars. The closing agent explained, "Well, ten dollars and other consideration. This is just a convention, so that the actual amount paid for the house doesn't go into the record." It also saves them from havin...
How can I detect the language a run of text is written in?
A customer asked, "I have a Unicode string. I want to know what language that string is in. Is there a function that can give me this information? I am most interested in knowing whether it is written in an East Asian language." The problem of determining the language in which a run of text is written is rather difficult. Many languages share the same script, or at least very similar scripts, so you can't just go based on which Unicode code point ranges appear in the string of text. (And what if the text contains words from multiple languages?) With heuristics and statistical analysis and a large enough sample, ...
News flash: Work-at-home job offers are mostly just scams
McClatchy Newspapers discovers, to everyone's surprise, that work-at-home job offers are mostly just scams. Of course, this is something Rob Cockerham discovered years ago. (He also has a rundown of all his articles on the subject, in case you haven't gotten enough.)
You can use backups for things other than restoring
A customer wanted to know the internal file format of Visual SourceSafe databases. (That wasn't the actual question, but I've translated it into something equivalent but which requires less explanation.) They explained why they wanted this information: We are doing some code engineering analysis on our project, so we need to extract data about every single commit to the project since its creation. Things like who did the commit, the number of lines of code changed, the time of day... We can then crank on all this data to determine things like What time of day are most bugs introduced? and possibly even try ident...
From the research journal Duh: To lose weight, eat less
Researchers have determined that the key to losing weight is to consume fewer calories. Okay, it's actually more interesting than the summary suggests. The researchers compared a variety of different popular diets and found that it didn't matter what diet you were on; the weight loss (and regain) was the same. The controlling factor was how many calories you consumed.
What were some of the abandoned features of Explorer back in its prototype days?
Chris asked for some stories about what Explorer was like in the early days. Well, one thing is that the original name of Explorer was Cabinet, continuing the folder/document metaphor by taking all your folders and documents and putting them inside a virtual filing cabinet. (Cabinet was viewed as an update to the Windows 3.1 File Manager program, whose icon as we all know was a filing cabinet.) Some remnants of this old name can be found in places like the structure. (Note that this old sense of Cabinet is unrelated to the CAB file format, which is also called Cabinet.) In the early versions of Cabinet,...
It must totally suck to live near Abbey Road
I feel sorry for the people who live near Abbey Road or who have to take that road as part of their daily routine, because tourists keep blocking traffic to recreate the cover of the eponymous Beatles album. The recording studio has a webcam on the intersection so you can watch the mayhem as it happens. Update: Just this morning, I checked out the webcam and within two minutes, another group of tourists posed in the zebra crossing.
Why did HeapFree fail with ERROR_POSSIBLE_DEADLOCK?
A customer reported that they were receiving some assertion failures because the function was failing with what they believed to be a valid heap block, and the function reported that the reason for failure was . What's going on? One of my colleagues asked the psychic question, "Is the process exiting?" "Why yes, in fact it is. How did you know?" Recall how processes exit. One of the first things that happens is that all the other threads in the process are forcible terminated, which has as a consequence that any synchronization resources owned by those threads are now orphaned. And in this case, the synchro...
A joke for mathematicians: On the Weyl schism
In one of my mathematics classes, the professor noted (and freely admitted that the joke was not original with him), "There are essentially two groups of mathematicians: Those that have read Weyl and those that have not. And once you enter the first group, you will never be understood by anyone in the second group." I guess it's only funny to mathematicians.
When DLL_PROCESS_DETACH tells you that the process is exiting, your best bet is just to return without doing anything
When the function receives a reason code of , the increasingly-inaccurately-named parameter to is used to indicate whether the process is exiting. And if the process is exiting, then you should just return without doing anything. No, really. Don't worry about freeing memory; it will all go away when the process address space is destroyed. Don't worry about closing handles; handles are closed automatically when the process handle table is destroyed. Don't try to call into other DLLs, because those other DLLs may already have received their notifications, in which case they may behave erratically in the same...
Misleading advertisement: Passports or green cards?
I happened to spot an online advertisement for a company that will help you enter the lottery for a United States Permanent Resident Card, commonly known as a Green Card (even though they card isn't green any more). The advertisement was illustrated with a picture of a United States passport. Um, a Green Card is not the same as a passport, nor does a Green Card authorize you to obtain a passport. Passports are for citizens, not alien permanent residents.
Creating context menus on menus
Last week we looked at menu drag/drop. Another little-used menu feature added in Windows 2000 is the ability to show context menus on menus. The message is and the flag is . Let's demonstrate with a simple program. Start with the scratch program, and add the function just so our context menu can do something. When we receive the message and confirm that the menu is the one we support, we create the popup menu and display it at the mouse location (obtained via ) with the flag, indicating that this is a pop-up menu for a pop-up menu. (We also use , but that's nothing new.) If the user chose to mov...
The new business model: Intentional billing errors
Just in the last month, I had to call a bank to reverse four erroneous "Account Maintenance Fees" across two different accounts. It appears that intentional billing errors is the new business model for our struggling economy. (For the record, although I am responsible for maintaining these accounts, I did not open the accounts at the bank in question. My personal account is at a credit union.) One of my friends remarked, "I got only two. They must not really be trying yet." Many years ago, back when the dot-com bubble appeared unpoppable, a different friend of mine happened to meet somebody who sheepishly admi...
Why don't ZIP files have the FILE_ATTRIBUTE_COMPRESSED attribute?
A customer reported that when they called on a ZIP file, the attribute was not returned. But ZIP files are compressed. Why isn't the attribute being set? Because tells you whether the file was compressed by the file system. It is not a flag which describes the semantics of the bytes stored in the file. After all, the file system doesn't know that this particular collection of bytes is a ZIP file and contains data that was compressed externally. Who knows, maybe it's just some uncompressed file that just happens to look superficially like a ZIP file (but isn't)? If a text file consists of the string "ADTUR ...
Exploiting the inattentive: The Xbox Kinect Premium Starter Kit
The name of the product is the Xbox Kinect™ Premium Starter Kit. The promotional images and box images show an Xbox Kinect device. But if you look closely, you'll see that the Xbox Kinect™ Premium Starter Kit does not come with an Xbox Kinect.
Why wasn't the Windows 95 shell prototyped on Windows NT?
Carlos wonders why the Windows 95 shell was prototyped as 16-bit code running on the still-under-development 32-bit kernel, USER, and GDI as opposed to being prototyped as fully 32-bit code on Windows NT. There were a number of reasons, some good, some bad. One reason was that the Windows 95 shell was being developed by the Windows 95 team, which was an outgrowth of the Windows 3.1 team. That meant that they had Windows 3.1-class hardware. And the hardware requirements of Windows NT were significantly higher than the hardware requirements of Windows 3.1. Here's a table for compari...
Using the MNS_DRAGDROP style: Menu rearrangement
In order to do drag-drop rearrangement of menus, you need four things, most of which we already know how to do. Dragging an item out of a menu. Check. Dropping an item into a menu. Check. Connecting the drag with the drop. Rearranging menu items in response to the operation. Let's do step 4 first, just to mix things up. And since this is just a demonstration rather than production code, I'm only going to support string menu items of up to 255 characters in length. One thing you might not have noticed is that I inserted the copy before deleting the original. That way, we don't get st...
Using the MNS_DRAGDROP style: Dropping in
Last time, we looked at using the style for dragging items out of a menu. Today, we'll look at dropping them in. Take the program from last time and make the following additions. First, let's add a second item to the menu. Yes, I hard-coded another path. This is a demo, not production code. Anyway, it's time to hook up the message: To handle the message, you convert the , pair into a COM object, requesting the interface provided by the member, and putting the result into the member. (Exercise: Why is the member typed as rather than ?) When the user tries to drop on a menu item, we just give ...
Using the MNS_DRAGDROP style: Dragging out
Windows 2000 introduced the menu style, which permits drag/drop operations in a menu. Nobody uses this style, probably because it's totally undiscoverable by the end-user. But I'll write a sample program anyway. Mind you, I knew nothing about the menu style until I started writing this entry. But I simply read the documentation, which says that if you set this style, you will receive and messages. The message is sent when the user drags a menu item, so let's go with that first. The documentation says that you get information about the item that was dragged, and then you return a code that specifies w...
Introducing the for-if anti-pattern
Over the years, I've seen a bunch of coding anti-patterns. I figured maybe I'll share a few. Today, I'll introduce what I'm calling the for-if anti-pattern, also known as "We'll sell you the whole seat, but you'll only need the edge." This is a special case of the for-case anti-pattern, where all but one of the cases is null. This can naturally be simplified to The for-if anti-pattern arises in many forms. For example: This enumerates all the files in a directory looking for a specific one, and if it's found, it returns a stream on it. The slightly-less-crazy version would be Note that both version...
Celebrating the end of the gluttony season, but the effects linger
The Washington State Ferry system has reduced the rated carrying capacity of its fleet because people have gotten fatter: The average weight of an adult passenger has been officially revised from 160 pounds to 185 pounds. (That's from 11 stone 6 to 13 stone 3 in the UK, or from 73kg to 84kg for the rest of the world.) This has happened before: In 1999, the rated capacity of Washington State ferries dropped when the previous method for determining seating density was abandoned due to passengers' big butts. (I recall that The Seattle Times printed a ruler next to the article so that for readers could assess th...
Why is the file size reported incorrectly for files that are still being written to?
The shell team often gets questions like these from customers: Attached please find a sample program which continuously writes data to a file. If you open the folder containing the file in Explorer, you can see that the file size is reported as zero. Even manually refreshing the Explorer window does not update the file size. Even the command shows the file size as zero. On the other hand, calling reports the correct file size. If I close the file handle, then Explorer and the command both report the correct file size. We can observe this behavior on Windows Server 2008 R2, but on Windows Server 2003, the fi...
How do I get the full path for the target of a shortcut file?
A customer was having trouble obtaining information from a shortcut file. "Here is a sample program that tries to print the target of a shortcut file, but it only gets the file name without a directory. How do I get the full path?" Recall that the structure contains only a file name in the member. It doesn't have any path information. The structure was originally created for the function, and you already know the directory you are searching in because you passed it to . But we're not using the structure in conjunction with , so where do I get the directory from? In the customer's excitement over the ...
How do I determine programmatically whether a particular language is LTR or RTL?
Given an , how does one determine whether the language lays out left-to-right or right-to-left? One suggestion was simply to hard-code the list of known right-to-left languages, and if the language isn't on the list, then assume that it is left-to-right. This technique is clearly fragile, because Windows adds support for new languages not infrequently, and if one of those is a right-to-left language, then your table is now out of date. And besides, there are languages whose layout is neither left-to-right nor right-to-left. For example, Chinese and Japanese traditionally lay out top-to-bottom. To obtain the text...
Deftly solving compatibility problems by withholding information
One of the continuing compatibility problems that plagued Direct3D was the way it reported texture formats. Historically, the way an application checked which texture formats were available was by calling and passing a callback function which is called once for each supported format. The application's callback made some sort of decision based on the information it received. The problem was that any time a new format was added, a bunch of programs ended up not working. Either the new format confused them, or the change in the order of the formats violated some assumption. For example, they may have assumed that i...
Microspeak: Offline (noun)
Sure, any noun can be verbed, and any verb can be nouned. But today, we're going to noun an adjective. I have no written citations of this usage; the only report was via a colleague who overheard it in a hallway conversion. I had some offlines with Fred about that. In Microspeak, offline is an adjective which means "outside this meeting." In order to keep a meeting on track, the meeting organizer may advise the people engaged in the discussion of a side topic or a topic of limited interest to take it offline, please, meaning discuss this amongst yourselves after the meeting, please. In other words, "Let's not...
Paint messages will come in as fast as you let them
There is a class of messages which are generated on demand rather than explicitly posted into a message queue. If you call or and the queue is empty, then the window manager will look to see if one of these generated-on-demand messages is due, messages like , , and . Neil wonders, "In that program that called 100,000 times, how many paint messages were generated?" The Zen answer to this question is "Yes." A more practical answer is "As many as you can get." When somebody calls , the window manager adds the specified rectangle to the window's invalid region (or invalidates the entire client area if no recta...
Programmatically controlling which handles are inherited by new processes in Win32
In unix, file descriptors are inherited by child processes by default. This wasn't so much an active decision as it was a consequence of the fork/exec model. To exclude a file descriptor from being inherited by children, you set the flag on the file descriptor. Win32 sort of works like that, but backwards, and maybe a little upside-down. And in high heels. In Win32, handles default to not inherited. Ways to make a handle inherited during have grown during the evolution of Win32. As far as I can tell, back in the old days, inheritability of handles was established at handle creation time. For most handle...
Not even making it to the airtight hatchway: Execution even before you get there
Today's dubious security vulnerability comes from somebody who reported that the function had a security vulnerability which could lead to arbitrary code execution. This is a serious issue, but reading the report made us wonder if something was missing. According to the report, this sample program illustrates that the function will execute whatever you pass as its second parameter. In this case, the program chose to launch Notepad, but obviously an attacker could change the code to something more dangerous. We had trouble trying to figure out what the person was trying to say. After all, it's not the fun...
The peculiar cadence of executive mail messages
They follow a pattern that appears to be designed to hide information.
Online gift ordering + enthusiastic kids at the keyboard + Unicode, wait… Unicode?
I was completing an online gift order for my young nephew's birthday, and I was in the middle of typing Happy birthday into the gift card message when an enthusiastic child reached for the keyboard and held down the "a" key as I typed the final "a" in "birthday". I wanted to capture the spontaneous enthusiasm in the gift tag, but I had no idea what font or format rectangle was going to be used, so I couldn't be sure where to put hyphens so that they will ensure line breaks at visually-pleasing locations. And if I didn't insert hyphens at all, then the line would just run off the end of the gift tag and end up t...
What is the API for accessing content on SkyDrive?
The last time I mentioned programmatic access to SkyDrive was last June, where I noted that the interface was given the confusing name Messenger Connect. At least now they renamed it to Live Connect, which is slightly less confusing. The SkyDrive folks have been pretty busy lately. A few days ago, Dare Obasanjo announced a new Live Connect SDK, which means that you now have even more ways of accessing your SkyDrive content programmatically. (I like how the block diagram screen shot still has the red underline squiggles under the word skydrive.) Check it out at the Live Connect Developer Center. You can wat...
How can I tell whether a window is modal?
A customer wanted a way to determine whether a particular window is modal. They listed a few methods they had tried but found that it didn't work and asked for assistance. As Eric Lippert is fond of saying, "First, write your spec." Until you know what you want, you won't know how to get it. First, you need to define what you mean by a modal window. There are multiple competing definitions. The customer decided that the definition of modal window they want is this one: A modal window is a child window that requires the user to interact with it before they can return to operating the parent application, ...
Sure, I'm supposed to pass WT_EXECUTELONGFUNCTION if my function takes a long time, but how long is long?
A customer contacted me to tell a story and ask a question. The customer discovered that in their code base, all calls to passed the flag, regardless of whether the function actually took a long time or not. Their program creates a large number of work items at startup, and the result of passing for all of them was that the thread pool created a new thread for each queued work item, resulting in a bloated thread pool that thrashed the CPU. When he asked the other people on his team why they were passing the flag unconditionally, they pointed to this article from 2005 on the importance of passing the flag t...
What does it mean when my program exits with the message "This application has requested the Runtime to terminate it in an unusual way"?
You're running your program, and then it suddenly exits with the message This application has requested the Runtime to terminate it in an unusual way. What happened? That message is printed by the C runtime function , the same function that also causes your program to terminate with exit code 3. Your program might call explicitly, or it might end up being called implicitly by the runtime library itself. The C++ standard spells out the conditions under which is called, and it's quite a long list, so I won't bother repeating them here. Consult your favorite copy of the C++ standard for details. (The mo...
GetParent, just as confusing as EnumClaw, but it's an actual function!
The function , documented as returning "the child or the parent of the window", was a joke, but there's a function whose behavior is just as confusing as the joke function : . The function returns the parent window, or owner window, or possibly neither. All that's left is for it to be a floor wax and it'll have everything covered. The idea behind is that it returns the parent window. Only child windows have parents, so what happens if you pass something that isn't a child window? Well, we shouldn't let a parameter go to waste, right? So let's have it return the owner window if you pass in a top-level window....
A feature I didn't even know existed much less had a name: Color hot-track
I hadn't even noticed this until somebody pointed it out: When you hover your mouse over a button in the Windows 7 taskbar which corresponds to a running application, the taskbar button lights up in a color that matches the colors in the icon itself. (And even more subtly, the lighting effect is centered on the mouse.) This feature even has a name: Color hot-track. (Gentlemen, start your photocopiers.) Some people ask how it's done. It's really nothing special. The code just looks for the predominant color in the icon. (And, since visual designers are sticklers for this sort of thing, black, white, and...
Why does my program still show up in the Programs and Features folder after my uninstaller exits?
A customer reported that they were having problems with their program entry in the Programs and Features folder (formerly known as Add and Remove Programs, formerly known as Add/Remove Programs). When the user goes to the Programs and Features folder, selects their program, and clicks Uninstall, the uninstaller runs, but after the uninstaller exits, their entry remains in Programs and Features. They have to manually refresh the folder to get it to disappear. Why won't the item disappear? The Programs and Features folder launches your uninstaller and waits for it to exit, at which point the Programs and Features ...
Don't let more than one process try to read from stdin at the same time
A customer reported a problem with a program that ran a series of other programs in parallel. We have a main program (call it main.exe) that runs a bunch of child processes with stdout and stderr redirected. (We are not redirecting stdin.) We've found that some of the child processes get stuck inside the C runtime startup code on a call to on the stdin handle. What could be the reason for this? Is there something we can do that doesn't require us to modify the child processes? (They are third party code we do not have control over.) This is one of those once you've debugged this problem you never forget it ty...
Our code needs to run on multiple platforms with different rules, so we follow none of them!
A customer was encountering sporadic crashes in their 64-bit application, and upon investigation, the problem was traced to a misaligned RSP register. We saw some time ago that the Windows x64 calling convention requires the RSP register to be 16-byte aligned. The customer traced the source of the misalignment to a third-party library they were using. They contacted the vendor, who acknowledged that they were not following the Windows x64 calling conventions, but explained that their code needs to run on multiple x64 operating systems, and since each operating system has different calling conventions, they ad...
If you protect a write with a critical section, you may also want to protect the read
It is common to have a critical section which protects against concurrent writes to a variable or collection of variables. But if you protect a write with a critical section, you may also want to protect the read, because the read might race against the write. Adam Rosenfield shared his experience with this issue in a comment from a few years back. I'll reproduce the example here in part to save you the trouble of clicking, but also to make this entry look longer and consequently make it seem like I'm actually doing some work (when in fact Adam did nearly all of the work): There is a race condition here: ...
Things I've written that have amused other people, Episode 8
In a technical discussion, I opened a reply with Bob's paper which I haven't yet read points out that... Some people wrote to me to say that the've added this quote to their file in the hopes of being able to use it themselves someday. For those who are curious, I found the technical discussion in question. It had to do with whether the following code is thread-safe: Question: Can this code legitimately print ? Surprisingly, the answer is yes!
Why is CLIPFORMAT defined to be a WORD rather than a UINT?
Commenter Ivo wants to know if the function returns a , why is the data type defined to be a ? Since a is smaller than a , you have to stick in a cast every time you assign the result of to a . Rewind to 16-bit Windows. Back in those days, a and a were the same size, namely, 16 bits. As a result, people got lazy about the distinction. Six of one, a half dozen of the other. (People are lazy about this sort of distinction even today, assuming for example that and are the same size, and in turn forcing to remain a 32-bit integer type even on 64-bit Windows.) The function came first, and when the OL...
How to insert a large number of items into a treeview efficiently
Just a quick tip today. If you need to insert a large number of items into a treeview, like tens of thousands, then it's much more efficient to insert them "backwards". (I'm ignoring for now the usability question of having a treeview that large in the first place.) In other words, instead of do it this way: Why is backwards-insertion faster? It has to do with the annoying parameter. To validate that the parameter is valid, the treeview needs to verify that the is a valid child of the , and this is done by walking the parent's children looking for a match. The sooner you find the match, the faster the...
How can I extend the deadline for responding to the PBT_APMSUSPEND message?
A customer observed that starting in Windows Vista, the deadline for responding to the message was reduced from twenty seconds to two seconds. Their program needs more than two seconds to prepare for a suspend and they wanted to know how they could extend the deadline. The program communicates with a device, and if they don't properly prepare the device for suspend, it has problems when the system resumes. No, you cannot extend the deadline for responding to the message. The two second deadline is hard-coded; it is not configurable. The whole point of reducing the deadline from twenty to two seconds is to en...
It is not unreasonable to expect uninitialized garbage to change at any time, you don't need to ask for an explanation
A customer admitted that they had a bug in their code: One bug in the above code is in the final parameter passed to : It's supposed to be the count in bytes, but the calculation appends only one byte for the terminating null instead of a full . In other words, it should be For concreteness, let's say the original string was five s in length, not counting the terminating null. Therefore, the correct buffer size is 12 bytes, but they passed only 11 to . This error is compounded in the code that reads the value back: The code happily divides without checking that the division is even. In our example, the c...
The Control Panel search results understand common misspellings, too
Here's a little trick. Open your Start menu and type scrensaver into the search box. That's right, spell it with only one e. Hey, it still found the Control Panel options for managing your screen saver. If you enable Improve my search results by using online Help in Windows Help and Support, this sends your search query to a back-end server to see if there's updated online help content related to your search. And the people who develop the online help content look over those queries to see if, for example, there is a category of issues people are searching for help with and not finding anything. It also means ...
Why not use animated GIFs as a lightweight alternative to AVIs in the animation common control?
Commenter Vilx- wondered why animated GIFs weren't used as the animation format for the shell animation common control. After all, "they are even more lightweight than AVIs." Animated GIFs are certainly more lightweight than general AVIs, since AVI is just a container format, so decoding a general AVI means decoding any encoding format invented now or in the future. On the other hand, the shell common control imposed enough limits on the type of AVIs it could handle to the point where what was left was extremely lightweight, certainly much more lightweight than an animated GIF. Think about it: To use an animat...
Why does Internet Explorer not call DLL_PROCESS_DETACH on my DLL when I call ExitProcess?
A customer asked a question, but as is often the case, the question was much more telling than the answer. We have an Internet Explorer plug-in which calls to force Internet Explorer to exit. We found that when we do this, our plug-in does not receive a notification. What could be preventing our plug-in from receiving the notification? As we saw some time ago when we looked at the way processes shut down (plus an important follow-up or two), all a process has to do to thwart proper delivery of notifications is to do something untoward during shutdown, at which point the kernel just gives up and calls...
Why can't I install this DLL via Regsvr32 /i?
A customer asked for help installing a particular DLL. They ran the command but got the error "SomeDll.dll was loaded, but the DllInstall entry point was not found. This file can not be registered." A DLL needs to be specifically written to be used with the command. You can't just grab some random DLL and expect to work. As we saw last week, the program merely loads the specified DLL and calls an entry point established by convention. If the DLL was not written to be used with then the conventional entry point will not be found, and you get an error message. The switch to instructs the program to look f...
How can I tell whether a COM pointer to a remote object is still valid?
A customer asked the rather suspicious question, "How do I check whether a pointer is valid in another process?" This question should make your head boggle with bewilderment. First of all, we've moved beyond to . Second of all, what the heck are you doing with a pointer in another process? You can't do anything with it! After some back-and-forth¹ we manage to tease the real question out of the customer: How can I tell whether a COM pointer to a remote object is still valid? The easy answer is "Don't worry. COM will take care of it." Just call the method on the object. If the remote object is not valid, ...
Fontography term or pretentious blather?
Fontography is like wine. The connoisseurs speak in a language that only superficially resembles English. Here's a list of words. Which of them are terms used in fontography, and which are just pretentious blather? If you aren't familiar with font speak, here's a sample I stole from an old article on the evolution of the Internet explorer logo: In The Elements of Typographic Style by Robert Bringhurst, "this typeface is described as a heavy un-modulated line and tiny aperture (which) evoke an image of uncultivated strength, force and persistence." Bonus link: Cheese or Font?
The challenges in changing the way Explorer hosts shell extensions
Various types of shell extensions such as thumbnail extractors are run in a separate process, and if one of those shell extensions crashes, it takes out the COM Surrogate rather than the main Explorer process. Anonymous wondered if this model could be extended to all types of shell extensions, perhaps not all at once, but gradually. The dangers of extending this model to existing shell extensions are compatibility (of course) and re-entrancy. The thumbnail extractor interface was lucky in that the only parameter an extractor received was an representing the object for which the caller wishes to retrieve a t...
Stupid Raymond talent: Screaming carrier
Similar to Mike, I was able to scream (not whistle: scream) a 300 baud carrier tone. This skill proved useful when I was in college and the mainframe system was down. Instead of sitting around waiting for the system to come back, I just went about my regular business around campus. Every so often, I would go to a nearby campus phone (like a free public phone but it can only make calls to other locations on campus), dial the 300 baud dial-up number, and scream the carrier tone. If I got a response, that meant that the mainframe was back online and I should wrap up what I was doing and head back to the lab. Mind ...
How can I tell whether a DLL has been registered?
A customer pointed out that you can use to register a DLL or to unregister it, but how do you query whether a DLL has been registered? DLL registration (via ) is not declarative; it is procedural. A DLL does not provide a manifest of things it would like to happen when installed. Instead, the DLL merely provides two functions for to call, one for registration () and another for unregistration (). All the function does is call those functions. How those functions perform their registration and unregistration is not specified. Most of the time, those functions merely write some registry settings, but the is n...
Okay, everybody, it's time for rumors and gossip
A friend of mine told me one technique his boss used for keeping group meetings on time. The last item on every meeting agenda was called Rumors and gossip. A group meeting is sort of like a mandatory watercooler session. Everybody is now in a room sitting around a table, and you naturally start discussing whatever rumors you've heard about what's going on in upper management, that newspaper article about what your competition is up to, or whether you think your supplier is really going to deliver that component on time. Whenever the meeting started to drift into rumors and gossip, the boss would simply say, "S...
Microspeak: Level-set
In mathematics, a level set is the set of points at which a function takes a particular value. This has nothing to do with the way the term is used at Microsoft. In fact, the way the term is used at Microsoft, I have no idea what it means. But here are citations. The first is from an upper-level executive: Before we start the meeting, let me level-set. Here's what we plan to accomplish today. The next is from a presentation to a large group on some investigative work a team undertook. After the presenter spent a few minutes discussing the background of the problem: That's some level-setting on the hardware w...
Percentages may not add up to 100%, but not for the reason you suggest
I saw a chart which had the disclaimer, "Percentages may not add up to 100%, as they are rounded to the nearest percent." The values in the table were 10.4%, 4.0%, 9.4%, 9.3%, 9.2%, 21.2%, 20.0%, and 15.8%. This is a use of the phrase "nearest percent" I was previously unfamiliar with.
The life story of the SwitchToThisWindow function
Originally for the MS-DOS emulation layer.
How do I generate a unique 32-bit value for a time zone?
Public Service Announcement: Daylight Saving Time ends in most parts of the United States this weekend. Other parts of the world may change on a different day from the United States. A customer asked the following question: Given two structures, I would like to compute a for each that I can then compare to determine whether they represent the same time zone. When I say the same, I mean that when the two are passed to with the same input, the output is the same. A structure contains more information than can be packed into a 32-bit value. (At least there's no obvious way to pack it into a 32-bit valu...
We've traced the call and it's coming from inside the house: A function call that always fails
A customer reported that they had a problem with a particular function added in Windows 7. The tricky bit was that the function was used only on very high-end hardware, not the sort of thing your average developer has lying around. The customer reported that the function always failed with error 122 () even though the buffer seems perfectly valid. Since most of us don't have machines with more than 64 processors, we couldn't run the code on our own machines to see what happens. People asked some clarifying questions, like whether this code is compiled 32-bit or 64-bit (thinking that maybe there is an ...
Debugging why a user's taskbar disappeared
A customer reported that they had gone to the Screen Saver control panel, selected a screen saver that they had recently downloaded, then hit the Test button to see what it looked like. He was pleased with what he saw, and he went home, leaving the screen saver running. When he returned the following morning, he found that the screen saver had crashed. (There was an error message on the screen.) After dismissing the crash dialog, he found that his taskbar was missing. What happened? We were unable to determine for sure, but debugging the customer's machine revealed that the taskbar no longer had the style, mos...
The power of statistical photography
Inside Microsoft, there was an employee photography contest to provide images to be included in Windows 7, either in one of the pre-release versions or in the final product. Each subsidiary selected the photos to be included in their localized version of Windows, choosing images which best reflect that region's culture, history, and natural beauty. The employee-submitted photos were in direct competition against the professional photographs; as a result, some regions ended up selecting multiple employee-contributed images and others picked none. The Swiss delegation, in characteristically Swiss fashion, ...
My least effective Hallowe'en costume
One year I decided to dress as a nerd for Hallowe'en. I took an old pair of glasses with large lenses, "repaired" it with some masking tape, and combined it with a plaid dress shirt with a pocket protector and courduroy pants that were too short. Nobody at work realized I was wearing a costume. The best Hallowe'en work costume I saw was someone who came dressed as a Christmas tree. Complete with Christmas lights. She had to make sure to stand near an electrical outlet so she could plug herself in. I wish I had a picture: One of my friends spotted somebody at a work Hallowe'en party dressed as Bill Gates. But n...
Why isn't my transparent static control transparent?
A customer reported that their application uses transparent static controls positioned over a bitmap image control, but even though they set the Transparent property on the static control, the static control isn't transparent. The customer was kind enough to provide clear steps to illustrate the problem: Open Visual Studio 2005 or 2008. From the menu, select File, New File, Visual C++, Resource Template File (RCT). Right-click on the RCT file, select Add Resource, and add a bitmap named . Open the dialog box () and add a "Picture Control", specifying as its ID. Change the type to Bitmap a...
Why do the pinned items in the Jump List go on the top instead of the bottom?
When you pin items to the Jump List, they go to the top of the menu that appears when you right-click the Taskbar item. Why not put the pinned items at the bottom? After all, over 98% of users leave the taskbar at the bottom of the screen, so putting the pinned items at the bottom of the list maintains a consistent position relative to the Taskbar icon, permitting the development of muscle memory. The Taskbar folks tried out all sorts of ideas for ordering the Pinned items, the Frequent/Recent items, the Tasks, and the system commands on that one pop-up menu. And these ideas were put to the test: With real user...
How can I get notified when some other window is destroyed?
A customer wanted to know whether there was a method (other than polling) to monitor another window and find out when it gets destroyed. The goal was to automate some operation, and one of the steps was to wait until some program closed its XYZ window before moving on to the next step. Finding the XYZ window could be done with a , but since the window belongs to another process, you can't subclass it to find out when it gets destroyed. Enter accessibility. The function lets you monitor accessibility events, and you can do it globally, for a particular process, or for a particular thread. Since we're interes...
Raymond misreads restaurant names: Local 360
Okay, maybe this time I'm misreading it on purpose, but when I see the name of popular new restaurant Local 360, I think, "That doesn't look all that low-calorie to me. I bet their dishes have more than 360 calories." Or maybe it's "We serve high-calorie foods five days a year. Congratulations, you happen to have picked those five days."
No good deed goes unpunished: Helping to redirect a question
It is a common occurrence that a question is sent to a mailing that is close, but not quite right. Usually somebody will provide information to help redirect the question to a more appropriate mailing list. But this effort does not always go unpunished. From: X A customer is encountering a problem with Product Q when they blah blah blah. Can somebody help? From: Y Support for Product Q is handled by Team R. Note that Product Q is out of mainstream support; you will need to have an extended support agreement. From: X Thank you. I have confirmed that the customer has an extended ...
Squeezing the last bit of enjoyment out of the lost half-inning of a baseball game
A colleague of mine complained, "When the home team is winning, they don't bother playing the bottom half of the ninth inning. I'm getting ripped off! Make them finish the game!" This led to some speculation as to how the visiting team could manage to salvage a win out of that final half-inning, given that they had no further opportunity to score any runs. My proposal was that they could try to get as many players on the home team to be rendered ineligible to play (say, by injuring them or provoking fights and getting them thrown out of the game), until the home team had fewer than nine eligible players, at whic...
If the shell is written in C++, why not just export its base classes?
ton suggested that since the shell is written in C++, should have been an abstract class, and then it could have used techniques like exceptions and Inversion of Control. Okay, first of all, I'm not sure how Inversion of Control is something that requires C++, so I'm going to leave that aside. Second of all, who says the shell is written in C++? As it happens, when was introduced in Windows 95, the entire shell was written in plain C. That's right, plain C. Vtables were built up by hand, method inheritance was implemented by direct replacement in the vtable, method overrides were implemented by funct...
The video of Microsoft Store employees dressed in Windows colors, revealed by a falling curtain, gee that looks familiar, somehow
One of my former colleagues tipped me off to this video of the Grand Opening of the newest Microsoft Store, specifically calling out this moment at timecode 0:48 of a curtain dropping, revealing cheering employees dressed in Windows colors, which seemed familiar, somehow. Oh right, because I did the same thing over fifteen years ago, at timecode 5:25 in this video.
The PSN_SETACTIVE notification is sent each time your wizard page is activated
A customer had received a number of crashes via Windows Error Reporting and believed that they had found a bug in the tree view common control. In our UI, we have a tree view with checkboxes. The tree view displays a fixed item at the top, followed by a variable number of dynamic items. When the user clicks Next, we look at the tree view to determine what the user selected. The code goes like this (pseudo): In the crashes we receive, other variables in the program indicate that there should be only one dynamic item, but our loop iterates multiple times. Furthermore, the first time through the loop, the i...
No, modifying the DLLs that come with Windows is not supported
From the I can't believe I had to write that file comes this question from a customer: Our customer is modifying the ABC.DLL file that comes with Windows in order to accomplish XYZ. Is this supported? No, of course this isn't supported. I can't believe I had to write that. if you modify a system file, then the thing you're running isn't Windows any more but is rather some sort of operating system that resembles Windows in many significant ways. (Imagine the extreme case of this: The customer modifies NTOSKRNL.EXE, KERNEL32.DLL, USER32.DLL, etc. so that they happen to be byte-for-byte identical to the files th...
Why do some infotips repeat the name of the item as well as the infotip?
A customer noticed that when the user hovered over their application name in the Start menu, the infotip that pops up includes their product name: ... but no other program on the Start menu included the product name in the description: The customer compared their shortcut with the other ones but couldn't find anything that was telling Explorer, "Include the program name in the pop-up infotip, please." Because the reason for the name being included in the infotip had nothing to do with the properties stored in the shortcut. The reason the name was included in the infotip is that the name was being truncated i...
Seeing the world through arbitrage-colored glasses
On the mailing list with a negative service level agreement, one of my colleagues posted the message Free Nerf guns in my office. I've decided I'm no longer a collector. Not one to miss the opportunity to cause some trouble, another colleague posted the message Nerf guns for sale: $1 each. Get'em while they're hot. That earned a chuckle from me.
Why is there a CSIDL_DESKTOP value if you need the desktop in order to get it anyway?
John asks why there is a special constant defined for the desktop. After all, in order to use , you need to call and then bind to it. What's the point of having an that represents the desktop if, in order to use it, you first need to get the desktop? It's like asking why the file system uses (dot) to refer to the current directory. You're already in the current directory. In order to resolve (dot), you already need to have the current directory, so why bother with the dot at all? Because it is often convenient to give a name to your starting point. Suppose somebody wants to save a file to the desktop...
When your vice president tells you to stop replying to a mail thread, you probably should stop replying to the mail thread
Some time in the early part of this century, somebody sent a message to the Windows NT Development Announcements mailing list at Microsoft. It went something like, "My car was parked in «location X» and somebody ran into it and didn't leave a note. Does anybody have any information about this?" Now, one thing you need to know is that the Windows NT Development Announcements mailing list has the entire Windows division as members. We're talking thousands of people. And the sort of announcements sent to the alias are not the "somebody dinged my car" type of announcements. They are announcements li...
The question mark lets you make up anything you like
A trend I've noticed in journalism is to make some sort of outrageous statement, but then stick a question mark at the end to disavow any responsibility for the statement. By changing it to a question, you're avoiding actually having to back up what you write. "I'm not saying this is actually true. I'm just raising the question." For example, a headline might read "The sign of something new?" The author doesn't want to actually back up the claim that the subject is the sign of something new, so he'll just say it with a question mark. Now the responsibility to support or refute the claim has been shifted to you, ...
How do I set an accessible name on an unlabeled control?
A customer asked for advice on accessibility. This was great news, because it meant that somebody actually cared about accessibility! We have a property sheet page that contains an unlabeled list view. The list view is not labeled because its meaning is implied by its placement on the dialog. This works great as long as you can see the screen, but we also need to associate an accessible name to the list view so that screen readers know what it is. We tried on the list view, but accessibility didn't pick it up. How do I set the accessibility name on the control? Place a static control immediately ahead of the...
Is there a 2048 character limit for OFN_ALLOWMULTISELECT in MFC or isn't there?
The MFC documentation for contains the following strange warning: When the user allocates their own buffer to accommodate , the buffer can't be larger than 2048 or else everything gets corrupted (2048 is the maximum size). The sudden informality of the phrase "or else everything gets corrupted" is surprising but also sounds vaguely familiar to me. I think I was the one who wrote that phrase over a decade ago as part of my investigation into a defect in the common dialog functions. Somebody must have forwarded my analysis to the MFC documentation team (since the problem was originally in an MFC application), ...
Microspeak: Bug jail
Bug jail is not a place where bugs are sent as punishment for their crimes. Rather, it's a (virtual) place that developers are sent when they have too many bugs. Project management establishes some maximum number of bugs (known as a bug cap) each developer is permitted to have on his or her plate, and developers whose bug count exceeds the specified maximum are placed in bug jail. The precise triggers for bug jail vary from team to team, and it may vary based on the nature of the bug. For example, one trigger might be that any Priority 0 bugs more than 24 hours old will land you in bug jail. Once you lan...
Why does copying a file to my USB thumb drive say that the parameter is incorrect?
Consider the following sequence of operations, assuming that F: is a USB thumb drive with plenty of disk space. Why is the second file copy failing? The hint is the file extension: *.iso, which suggests that this is a CD or DVD image, and DVD images have the feature that they tend to be really big. Like more than 4GB big. USB thumb drives tend to be formatted with the FAT32 file system rather than with NTFS. And FAT32 has a maximum file size of 4GB minus one byte. The user confirmed that the file was larger than 4GB and that the USB thumb drive was formatted as FAT32. Mind you, the error message ...
How do I access a file without updating its last-access time?
The first problem with discussing file last-access time is agreeing what you mean by a file's last-access time. The file system folks have one definition of the file last-access time, namely the time the file was most recently opened and either read from or written to. This is the value retrieved by functions like , , and . The problem with this definition is that it doesn't match the intuitive definition of last-access time, which is "the last time I accessed the file," emphasis on the I. In fact, the intuitive definition of access is more specific: It's "the last time I opened, modified, printed, or otherw...
During process termination, slim reader/writer locks are now also electrified
Some time ago I mentioned that during process termination, the gates are now electrified: If you attempt to enter a critical section that is owned by a thread that was terminated by an earlier phase of process termination, the entire process is forcibly terminated. Windows Vista introduced a new lightweight synchronization pseudo-object known as the slim reader/writer lock. And if you tried to enter a slim reader/writer lock during process termination and found yourself waiting for the current owner to release it, you ended up waiting forever since the current owner was terminated by an earlier phase of proce...
Why can't I move the Program Files directory via the unattend file?
We saw last time that the unattend file lets you change some Windows configuration settings that cannot be changed after Setup is complete. But one of the things you can't change is the location of the Program Files directory. Many people wish they could relocate their Program Files directory to another drive in order to relieve disk space pressure on the system partition. Why won't Windows let them do this? Now that NTFS is mandatory for the system volume (it took only 13 years to get there!), Windows itself can start taking advantage of NTFS features. For example, Windows Update can take advantage of transa...
The unattend file lets you configure Windows while it's installing, and in some cases it's your only chance
Some Windows settings can only be established as part of the installation process. This is done with a so-called unattend file. (Remember, no matter where you put an advanced setting, somebody will tell you that you are an idiot.) In earlier versions of Windows, the unattend file took the form of an INI file, but Windows Vista hopped aboard the XML bandwagon, and the unattend file format changed to XML. The nice thing about using XML is that you can publish a schema so people can validate their unattend file without having to perform a test install (only to discover twenty minutes later that a typo resulted...
Beyoncé, the giant metal chicken has a Facebook page
In my 2011 mid-year link clearance, I linked to the story And that's why you should learn to pick your battles. I thought that was the end of the story, but no, it's the gift that keeps on giving. Beyoncé, the giant metal chicken has a Facebook page, populated with all sorts of crazy things like pictures of Beyoncé's relatives spotted in the wild (some of them knocking on doors or peeking in windows), a No Soliciting sign just for giant metal chickens, and an updated version of the chart of anniversary gifts which lists BIG METAL CHICKEN as the modern 15th anniversary present.
Adjusting your commute to avoid being at work quite so much
Commenter Bernard remarked that he moved from one side of the company campus to the other, and his commute distance (and time) was cut in half. That reminds me of a short story from a now-retired colleague of mine. He bicycled to work, and over the years, the gradual expansion of the Microsoft main corporate campus resulted in nearly three quarters of his commute to work taking place on Microsoft property. This bothered him to the point where he changed his route just so he wouldn't be "at work" practically the moment he left his house. Bonus chatter: Looks like Michael Kaplan also has one of these unbalanced...
Do not access the disk in your IContextMenu handler, no really, don't do it
We saw some time ago that the number one cause of crashes in Explorer is malware. It so happens that the number one cause of hangs in Explorer is disk access from context menu handlers (a special case of the more general principle, you can't open the file until the user tells you to open it). That's why I was amused by Memet's claim that "would hit the disk" is not acceptable for me. The feedback I see from customers, either directly from large multinational corporations with 500ms ping times or indirectly from individual users who collectively click Send Report millions of times a day, is that "would h...
2011 Q3 link clearance: Microsoft blogger edition
It's that time again: Linking to other Microsoft bloggers.
There's also a large object heap for unmanaged code, but it's inside the regular heap
Occasionally, a customer will ask for assistance explaining some strange heap behavior, or at least heap behavior that appears to be strange if you assume that the heap behaves purely classically. I need to understand the heap behavior we're seeing. I have a sample program which allocates five blocks of memory from the process heap, each of size 100 bytes. When we dump the heap blocks with the command, we find that all of them belong to the same heap segment, and when we do a , we find that they all live on the same page. On the other hand, if we allocate five blocks of size 512KB, then we find that each one...
Appearing to succeed is a valid form of undefined behavior, but it's still undefined
A customer requested a clarification on the MSDN documentation for the function. The MSDN documentation says that if the parameter is , then the behavior is undefined. Is this true? As explicitly stated in MSDN, the behavior is undefined. Observe that the annotation on the parameter is , which means that the parameter must be a non- value provided by the caller. (If were permitted, the annotation would have been .) Undefined behavior means that anything can happen. The program might crash immediately. It might crash five minutes later. It might send email to your boss saying that you screwed up and t...
Does this operation work when impersonating? The default answer is NO
Impersonation requires end-to-end support.
Ah, the exciting world of cross-forest dogfood
The Windows group has its own domain (known as for historical reasons) which operates separately from the domain forest operated by the Microsoft IT department. Various trust relationships need to be set up between them so that people on the Windows team can connect to resources managed by the Microsoft IT department and vice versa, but it generally works out okay. There are some glitches, but that's the price of dogfood. What better way to make sure that Windows works well in a cross-forest environment than by putting the entire Windows division in its own domain separate from the rest of the company? ...
Sending a window a WM_DESTROY message is like prank calling somebody pretending to be the police
A customer was trying to track down a memory leak in their program. Their leak tracking tool produced the stacks which allocated memory that was never freed, and they all seemed to come from , which is a DLL that comes with Windows. The customer naturally contacted Microsoft to report what appeared to be a memory leak in Windows. I was one of the people who investigated this case, and the customer was able to narrow down the scenario which was triggering the leak. Eventually, I tracked it down. First, here's the thread that caused the leak: This thread creates an invisible window whose job is to do somethin...
Why does my asynchronous I/O complete synchronously?
A customer was creating a large file and found that, even though the file was opened with and the call was being made with an structure, the I/O was nevertheless completing synchronously. Knowledge Base article 156932 covers some cases in which asynchronous I/O will be converted to synchronous I/O. And in this case, it was scenario number three in that document. The reason the customer's asynchronous writes were completing synchronously is that all of the writes were to the end of the file. It so happens that in the current implementation of NTFS, writes which extend the length of the file always complete s...
Why does my single-byte write take forever?
A customer found that a single-byte write was taking several seconds, even though the write was to a file on the local hard drive that was fully spun-up. Here's the pseudocode: The customer experimented with using asynchronous I/O, but it didn't help. The write still took a long time. Even using (and writing full sectors, naturally) didn't help. The reason is that on NTFS, extending a file reserves disk space but does not zero out the data. Instead, NTFS keeps track of the "last byte written", technically known as the valid data length, and only zeroes out up to that point. The data past the valid data le...
Why do Windows functions all begin with a pointless MOV EDI, EDI instruction?
For future use.
Random notes from //build/ 2011
Here are some random notes from //build/ 2011, information of no consequence whatesoever. A game we played while walking to and from the convention center was spot the geek. "Hey, there's a guy walking down the street. He's wearing a collared shirt and khakis, with a black bag over his shoulder, staring into his phone. I call geek." One of the stores on Harbor Boulevard has the direct-and-to-the-point name Brand Name Mart, or as it was known at night (due to burnt-out lights) Bra d N Mart. In the room where the prototype devices were being han...
Microspeak: The bug farm
In its most general sense, the term bug farm refers to something that is a rich source of bugs. It is typically applied to code which is nearly unmaintainable. Code can arrive in this state through a variety of means. The term is most often used as a cautionary term, calling attention to areas where there is high risk that code you're about to write is going to result in a bug farm. Aren't we setting ourselves up for a bug farm? This could easily lead to a bug farm from different lifetimes for this various state objects. The term is quite popular at Microsoft (pre-emptive snarky comment: because Microsoft ...
The clipboard viewer linked list is no longer the responsibility of applications to maintain, unless they want to
Commenter Nice Clipboard Manager (with drop->clipboard) wonders why Windows still uses a linked list to inform programs about clipboard modifications. If any clipboard viewer fails to maintain the chain, then some windows won't get informed of the change, and if a clipboard viewer creates a loop in the chain, an infinite loop results. Well, sure, that's what happens if you use the old clipboard viewer chain. So don't use it. The old clipboard viewer chain remains for backward compatibility, but it's hardly the best way to monitor the clipboard. (This is another example of people asking for a feature that ...
Why can't I PostMessage the WM_COPYDATA message, but I can SendMessageTimeout it with a tiny timeout?
After receiving the explanation of what happens to a sent message when reaches its timeout, a customer found that the explanation raised another question: If the window manager waits until the receiving thread finishes processing the message, then why can't you post a message? "After all, with a very short timeout isn't all that different from ." Actually, with a very short timeout is completely different from . Let's set aside the one crucial difference that, unlike messages posted by , which cannot be recalled, the function will cancel the message entirely if the receiving thread does not process messa...
Some preliminary notes from //build/ 2011
Hey everybody, I'm down at the //build/ conference. (The extra slash is to keep the d from falling over.) I'm not speaking this year, but you can find me in the Apps area of the Expo room today until 3:30pm (except lunchtime), and Friday morning before lunch. I'll also be at Ask the Experts tonight. There are so many great sessions to choose from. The one I would attend if I weren't working that time slot would be Bring apps to life with Metro style animations in HTML5. Instead, I'll probably go to Building high performance Metro style apps using HTML5. Fortunately, the sessions are being recorded, so I can ca...
What happens to a sent message when SendMessageTimeout reaches its timeout?
The function tries to send a message, but gives up if the timeout elapses. What exactly happens when the timeout elapses? It depends. The first case is if the receiving thread never received the message at all. (I.e., if during the period the sender is waiting, the receiving thread never called , , or a similar message-retrieval function which dispatches inbound sent messages.) In that case, if the timeout is reached, then the entire operation is canceled; the window manager cleans up everything and makes it look as if the call to never took place. The message is removed from the list of the thread's non-queu...
A common control for associating extensions is well overdue
Mark complained that a common control for associating extensions is well overdue. This is a recurring theme I see in the comments: People complaining that Windows lacks some critical feature that it in fact already has. (In the case, Windows had the feature for over two years at the time the question was asked. Maybe the SDK needs a ribbon? j/k) Windows Vista added the Default Programs UI as a control panel program, and it also has a programmable interface. You can use to query and set default associations, and you can use to invoke the control panel itself on a set of associations associated with yo...
Why are the building numbers on Microsoft main campus so erratic?
Carrie complains that the building numbers on Microsoft main campus are completely random. Why is building 22 near buildings 40 and 41, far, far away from building 24? Because the Microsoft campus evolved. Many many years ago, the space on which the central Microsoft campus resides was a mill. Eventually it became an office park, and when Microsoft decided to move its headquarters there, it carved out a little wooded area and constructed four buildings, logically numbered 1 through 4. Later, the campus expanded, and plans were drawn up for three more buildings, logically numbered (and placed) 5&nbs...
Is this a really bug with CreateWindowEx or am I just confused?
Somebody sent me email pointing out strange behavior in the function if you fail a window creation by returning −1 from the message. On the other hand, returning from seems to work just fine. "So why the difference with ?" You already know enough to solve this puzzle. You just need to connect the dots. (In fact, the person who sent me this topic did so a year after I already answered it. But I'm repeating it here because the original answer was accidentally destroyed.)
Throwing garbage on the sidewalk: The sad history of the rundll32 program
Fix that stack.
Why waste your money on the car when it's the sound system you care about?
There is apparently a subculture of people who decide to economize on the car part of the "loud stereo in car" formula (since they really don't care about the car—it's all about the music) and put their loud stereo on the back of a bicycle instead. This quotation from the article caught my attention: "People say, 'It's the next best thing to having a system in a car.' But it's better because you don't even have to roll down the windows." I had been unsure what to think about people who drive down the street with their stereos blaring. Are they audiophiles who prefer their music loud? Or are they jerks ...
Why doesn't the Disk Management snap-in incorporate S.M.A.R.T. data?
My article a while back on Why the Disk Management snap-in reports my volume as Healthy when the drive is dying gave the low-level explanation of why the Disk Management snap-in does not incorporate SMART information: because the Disk Management snap-in is concerned with volume partitioning. DWalker59 noted that the use of the word "Healthy" carries more meaning than the authors of the snap-in intended. The authors of the snap-in assumed that everybody knew what the Disk Management snap-in was for, and therefore everybody know that the word "Healthy" applied to the state of the file system. I never said that t...
Why is the registry a hierarchical database instead of a relational one?
Commenter ton asks why the registry was defined as a hierarchical database instead of a relational database. Heck, it's not even a hierarchical database! The original registry was just a dictionary; i.e., a list of name/value pairs, accessed by name. In other words, it was a flat database. If you turned your head sideways and treated the backslashes as node separators, you could sort of trick yourself into believing that this resulted in something vaguely approximating a hierarchical database, and a really lame one at that (since each node held only one piece of data). When you choose your data structu...
What happened to that suspicious-looking guy hanging around the entrance?
One of the fun parts of attending a conference is swapping stories with other professionals. Today's story is in honor of Global Security Week. (And retroactively in honor of the upcoming //build conference.) One of the attendees (let's call him Bob) shared with me a story of the time they had to make a change in one of their data centers. This particular change required physical presence at the facility, and to minimize impact on customers, the change was made at night (presumably because that's when demand was lowest). When Bob arrived at the data center, he walked past a suspicious-looking guy on his way to ...
Thanks for letting me know what my ideal career and company are
When it's performance review season, all of a sudden you start getting mail about career management. What a coincidence. There are a variety of career management tools available, some mandatory, some optional. I gave one of the optional ones a shot, since it claimed to help me "manage my career and professional development", and as I already noted, I appear to have been promoted by mistake all these years, so maybe I should figure out how to get promoted for real. This particular tool sends me to the Web site of an external company that was contracted by Microsoft to provide career guidance services. I went thr...
What's the story with the parameters to the WM_INPUT_DEVICE_CHANGE message?
A customer found these strange macros in winuser.h: According to the documentation for the message, the is the operation code and the is a handle to the device that changed. Given that definition, the correct macro would be . What's up with the bogus macro? The macro was incorrectly defined in Windows Vista. In the Windows 7 version of the Platform SDK, the correct macro was added, but in order to avoid introducing a breaking change to existing code, the old broken macro remains in place in order to retain bug-for-bug compatibility with existing code. Even though the macro didn't work, ...
Invoking commands on items in the Recycle Bin
Our old friend, the IContextMenu.
Modernizing our simple program that retrieves information about the items in the Recycle Bin
Last time, we wrote a simple program to print various properties of the items in the Recycle Bin, and we did so in the classical style, using item ID lists and s. One thing you may have noticed is that a lot of functions take the combination of an and a . In the shell namespace, operations on items usually happen by means of the pair (folder, child), and one of the common mistakes made by beginners is failing to keep track of the pairing and passing child pidls to the wrong parent folder. Even if you're not a beginner and are good at keeping track of which child pidls correspond to which parent folders, it's...
How can I get information about the items in the Recycle Bin?
For some reason, a lot of people are interested in programmatic access to the contents of the Recycle Bin. They never explain why they care, so it's possible that they are looking at their problem the wrong way. For example, one reason for asking, "How do I purge an item from the Recycle Bin given a path?" is that some operation in their program results in the files going into the Recycle Bin and they want them to be deleted entirely. The correct solution is to clear the flag when deleting the items in the first place. Moving to the Recycle Bin and then purging is the wrong solution because your search-and-de...
Why can't I use PSGUID_STORAGE like a GUID?
The header file defines a GUID called , but a customer was having trouble using it. The strange compiler error the customer referred to is the following: "I don't see what the compiler is complaining about. The parentheses appear to be properly matched before the left brace." Remember, what you see is not necessarily what the compiler sees. Let's take another look at this mysterious GUID: Well there's your problem. After the preprocessor does its substitution, the line becomes and that's not legal C/C++. (Though with a little tweaking, you can get GCC to accept it.) The symbols is intended to be...
Random musings on the introduction of long file names on FAT
Tom Keddie thinks that the format of long file names on FAT deserves an article. Fortunately, I don't have to write it; somebody else already did. So go read that article first. I'm just going to add some remarks and stories. Hi, welcome back. Coming up with the technique of setting Read-only, System, Hidden, and Volume attributes to hide LFN entries took a bit of trial and error. The volume label was the most important part, since that was enough to get 90% of programs which did low-level disk access to lay off those directory entries. The other bits were added to push the success rate ever so close to 100%...
Stupid command-line trick: Counting the number of lines in stdin
On unix, you can use to count the number of lines in stdin. Windows doesn't come with , but there's a sneaky way to count the number of lines anyway: It is a special quirk of the command that the null string is treated as never matching. The flag reverses the sense of the test, so now it matches everything. And the flag returns the count. It's pretty convoluted, but it does work. (Remember, I provide the occasional tip on batch file programming as a public service to those forced to endure it, not as an endorsement of batch file programming.) Now come da history: Why does the command say that a nul...
Magic dirt, the fate of former professional athletes, and other sports randomness
A sports-related (mostly baseball) link dump.
What do SizeOfStackReserve and SizeOfStackCommit mean for a DLL?
Nothing. Those fields in the structure are meaningful only when they appear in the EXE. The values provided in DLLs are ignored. and fall into the same category. In general, flags and fields which control process settings have no effect when declared in a DLL. We've seen a few examples already, like the flag or the markers which indicate the default layout direction.
Why doesn't the Open Files list in the Shared Folders snap-in show all my open files?
A customer wanted a way to determine which users were using specific files on their server. They fired up the Shared Folders MMC snap-in and went to the Open Files list. They found that the results were inconsistent. Some file types like and did show up in the list when they were open, but other file types like did not. The customer asked for an explanation of the inconsistency and for a list of which file types work and which ones don't. The customer is confusing two senses of the term open file. From the file system point of view, an open file is one that has an outstanding handle reference. This is differ...
You don't make something easier to find by hiding it even more deeply
Commenter rolfhub suggested that, to help people recover from accidentally going into Tiny Footprint Mode, the Task Manager could display a right-click context menu with an entry to return to normal mode. My initial reaction to this was Huh? Who right-clicks on nothing? Tiny Footprint Mode is itself already a bad secret hidden setting. Having the exit from the mode be a right-click menu on a blank space is a double-secret hidden setting. If I had dictatorial control over all aspects of the shell, I would put a Restore button in the upper right corner to let people return to normal mode.
Why are the alignment requirements for SLIST_ENTRY so different on 64-bit Windows?
The function stipulates that all list items must be aligned on a boundary. For 32-bit Windows, is 8, but the structure itself does not have a attribute. Even more confusingly, the documentation for says that the 64-bit structure needs to be 16-byte aligned but says nothing about the 32-bit structure. So what are the memory alignment requirements for a 32-bit , 8 or 4? It's 8. No, 4. No wait, it's both. Officially, the alignment requirement is 8. Earlier versions of the header file did not stipulate 8-byte alignment, and changing the declaration would have resulted in existing structures which ...
Ow, I'm too safe!
One of my friends is a geek, and, naturally, fully researches everything he does, from cement pouring to bicycle parts, perhaps a bit obsessively. He made sure to get five-point restraints for his children's car seats, for example. And he naturally tightens the belts snugly when putting his children in the car. At one point, as he was strapping his daughter in, she complained, "Ow! I'm too safe!" Because as far as she was concerned, "being safe" was a synonym for "having a tight seat belt." I leave you to figure out how she came to this conclusion.
Why does IFileOperation skip junctions even though I passed FOFX_NOSKIPJUNCTIONS?
The method accepts a number of flags to modify the file operation, among them today's subject . A customer reported that they couldn't get this flag to work: Whether they set it or not, the skipped over file system junctions. The term junction evolved two independent different meanings. The shell team invented the term shell namespace junction in Windows 95 to refer to a point in the shell namespace in which one type of namespace extension is grafted into another. For example, a directory of the form serves as the transition point between the default file system namespace and a custom namespace. Meanw...
Starting up inside the box
the shell team received two customer questions about a month apart which seemed unrelated but had the same root cause. I found that in Windows Vista, the command is ten times slower than it was in Windows XP. What is the source of this slowdown, and how can I fix it? We have an application which takes a very long time to start up on Windows Vista than it did in Windows XP. We noticed that the slowdown occurs only if we set the application to autostart. Let's look at the second one first, since that customer provided a useful piece of information: The slowdown occurs only if they set the progr...
Why does creating a shortcut to a file change its last-modified time… sometimes?
A customer observed that sometimes, the last-modified timestamp on a file would change even though nobody modified the file, or at least consciously took any steps to modify the file. In particular, they found that simply double-clicking the file in Explorer was enough to trigger the file modification. It took a while to puzzle out, but here's what's going on: When you double-click a file in Explorer, Explorer adds it to the Recent Items list. Internally, this is done by creating a shortcut to the item. The nice thing about a shortcut is that it knows how to track its target. That way, if you move an item, the...
Why does the runas command require its command line to be quoted?
Commenter teo complained that the command requires its command line to be quoted. Well, if you think about it, why single out ? Pretty much all programs require their command line to be quoted if they contain special characters (like spaces that you want to be interpreted as part of a file name instead of as an argument separator). The command is just doing things the way everybody else does. Recall that on Windows, programs perform their own command line parsing. This isn't unix where the command shell does the work of parsing quotation marks and globs before handing the (now-partly-parsed) command line to ...
ReadDirectoryChangesW reads directory changes, but what if the directory doesn’t change?
Not all changes within a directory result in the directory changing.
The ways people mess up IUnknown::QueryInterface, episode 4
One of the rules for is so obvious that nobody even bothers to state it explicitly as a rule: "If somebody asks you for an interface, and you return , then the pointer you return must point to the interface the caller requested." (This feels like the software version of dumb warning labels.) During compatibility testing for Windows Vista, we found a shell extension that behaved rather strangely. Eventually, the problem was traced to a broken implementation which depended subtly on the order in which interfaces were queried. The shell asked for the and interfaces in the following order: One parti...
Slim reader/writer locks don't remember who the owners are, so you'll have to find them some other way
The slim reader/writer lock is a very convenient synchronization facility, but one of the downsides is that it doesn't keep track of who the current owners are. When your thread is stuck waiting to acquire a slim reader/writer lock, a natural thing to want to know is which threads own the resource your stuck thread waiting for. Since there's not facility for going from the waiting thread to the owning threads, you'll just have to find the owning threads some other way. Here's the thread that is waiting for the lock in shared mode: Okay, how do you find the thread that owns the lock? First, slim reader/wr...
Why does the Shift+F10 menu differ from the right-click menu?
The Shift+F10 key is a keyboard shortcut for calling up the context menu on the selected item. but if you look closely, you might discover that the right-click menu and the Shift+F10 menu differ in subtle ways. Shouldn't they be the same? After all, that's the point of being a keyboard shortcut, right? Let's set aside the possibility that a program might be intentionally making them different, in violation of UI guidelines. For example, a poorly-designed program might use the message as the trigger to display the context menu instead of using the message, in which case Shift+F10 won't do anything at all. Or t...
What does the CreateProcess function do if there is no space between the program name and the arguments?
In an old discussion of why the function modifies its command line, commenter Random832 asked, "What if there is no space between the program name and arguments - like "cmd/?" - where does it put the null then?" The function requires a space between the program name and arguments. If you leave out the space, then the arguments are considered as part of the program name (and you'll almost certainly get back). It sounds like Random832 has confused command line parsing with command line parsing. Clearly the two parsers are different; you can see this even without playing with spaces between the program na...
Menu item states are not reliable until they are shown because they aren't needed until then
A question arrived from a customer (with the rather unhelpful subject line Question for Microsoft) wondering why, when they call and then ask for the states of the various menu items like , the menu item states don't reflect reality. The menu item states don't synchronize with reality until the user actually opens the system menu. There is no requirement that applications keep menu item states continuously in sync. After all, that's why we have messages like : To tell the application, "Whoa, we're about to show this menu, so you might want to comb its hair and pick the food out of its teeth so it can be seen by...
Why doesn't b match word boundaries correctly?
A colleague of mine was having trouble getting the metacharacter in a regular expression to work. Of course, when somebody asks a question like that, you first have to establish what their definition of "work" is. Fortunately, he provided some examples: "The last two entries are just sanity checks to make sure I didn't make some stupid mistake like passing the parameters in the wrong order. I want to search for a string that contains %1 with word boundaries on either side, something I would normally use \b for. Is there something special about the % character? Notice that the match succeeds when I look for the...
A shell extension is a guest in someone else's house; don't go changing the code page
A customer reported a problem with their shell extension: We want to format a floating point number according to the user's default locale. We do this by calling to convert the value from floating point to text with a period (U+002E) as the decimal separator, then using to apply the user's preferred grouping character, decimal separator, etc. We found, however, that if the user is running in (say) German, we find that sometimes (but not always) the function follows the German locale and uses a comma (U+002C) as the decimal separator with no thousands separator. This format prevents the function from working...
An even easier way to get Windows Media Player to single-step a video
Since my original article explaining how to get Windows Media Player to single-step a video, I've learned that there's an even easier way. Backward-stepping is dependent upon the codec; some of them will go backward to the previous keyframe. The person who tipped me off to this feature: The developer who implemented it. Remember: Sharing a tip does not imply that I approve of the situation that led to the need for the tip in the first place.
Microspeak: Dogfood
The shifting meaning.
Why can you set each monitor to a different color depth?
Random832 seemed horrified by the fact that it is possible to run multiple monitors, with different color formats on each monitor. "Seriously, why does it let you do that?" Well, of course you can do that. Why shouldn't it let you do that? When multiple monitors were introduced to Windows, video hardware was nowhere near as advanced as it is today. One common discovery was that your computer, which came with a video card in one of the expansion slots, actually had a video chip baked into the motherboard, but which was disabled in the BIOS. In other words, your computer was actually multiple-monitor-capable; it'...
Hey, let's report errors only when nothing is at stake!
Only an idiot would have parameter validation, and only an idiot would not have it. In an attempt to resolve this paradox, commenter Gabe suggested, "When running for your QA department, it should crash immediately; when running for your customer, it should silently keep going." A similar opinion was expressed by commenter Koro and some others. This replaces one paradox with another. Under the new regime, your program reports errors only when nothing is at stake. "Report problems when running in test mode, and ignore problems when running on live data." Isn't this backwards? Shouldn't we be more sensitive to p...
Simulating input via WM_CHAR messages may fake out the recipient but it won't fake out the input system
We saw some time ago that you can't simulate keyboard input with . You may get away with it, depending on how the application you're trying to fake out processes input, but since you're just faking data, the application may discover that it's all a ruse when they try to access information that you didn't fake out, say by calling and discovering that the key it was told was being pressed is in fact not being pressed after all. When you try to do this fake-out, you might or might not be able to fake out the application, but you're definitely not going to fake out the input system itself. I wrote a test program ...
Luxurifying the camping experience in a different direction
Some time ago, I noted the increasing luxurification of camping, where people with more money than sense decide to go through the camping experience without building any of the character that comes with it. But that's not the only direction luxurification has moved. Unwilling to accept that "getting there is half the fun", some people take chartered planes to and from summer camp. Stick it out for the punch line in the final sentence of the article.
You don't need to ask me a question the compiler can answer more accurately
A customer reported having problems developing the correct p/invoke signature for the structure. "The code works on 32-bit machines, but on 64-bit machines, the call to returns ." The sample code included the lines My response was simply, "I bet you are passing the wrong structure size. Note that on 64-bit Windows, the alignment of the inner structures is 8-byte rather than 4-byte. Write a C++ program that does the same thing and compare." The customer decided to read only the first sentence of my reply, possibly the second, and ignore the third. "So what size should the structure be on 64-bit machines...
No, we're not going to play Stairway to Heaven, and please tell everbody else in your area code to stop calling me
Some time ago, I told the story of how one employee's phone received calls intended for a local radio station's contest line due to people dialing seven digits instead of ten and defaulting to the wrong area code. Upon reading that story, a colleague of mine pointed out that one of the conference rooms in his building has a similar problem. The direct line for the conference room is identical to the request line for a local radio station, save for the area code. People who work in the building know never to answer the phone in that conference room. (Although apparently there have been a couple of pranks involv...
How is it possible to run Wordpad by just typing its name even though it isn’t on the PATH?
It's in the App Paths.
How do I disable windowless control support in dialog boxes?
A customer wanted to know how to disable windowless control support in dialog boxes. "The customer has a CommandButton ActiveX control on his dialog box, and using to get the window handle of the command button succeeded with VC 6.0, but when compiled with VC 9.0, it does not create a window. I'm guessing that this is caused by 's support for windowless controls. Is it possible to disable support for windowless controls?" The question on its face is somewhat puzzling, because dialog boxes don't "support" or "not support" windowless controls. It's like asking, "I want rice that doesn't support meat. My...
Why is secur32.dll called secur32.dll and not secure32.dll?
Many years ago, in a discussion of why you shouldn't name your DLL "security.dll", I dug a bit into the history behind the DLL. Here are some other useless tidbits about that file. Originally, there were two DLLs called . One was the 32-bit version and one was the 16-bit version. They could coexist because the 32-bit version was in the directory and the 16-bit version was in the directory. And then Windows 95 showed up and screwed up everything. Windows 95 did not have separate and directories. All the system files, both 16-bit and 32-bit, were lumped together in a single directory. When the Se...
How do I find the original name of a hard link?
A customer asked, "Given a hardlink name, is it possible to get the original file name used to create it in the first place?" Recall that hard links create an alternate name for a file. Once that alternate name is created, there is no way to tell which is the original name and which is the new name. The new file does not have a "link back to the original"; they are both links to the underlying file content. This is an old topic, so I won't go into further detail. Though this question does illustrate that many people continue to misunderstand what hard links are. Anyway, once you figure out what the customer...
Some mailing lists come with a negative service level agreement, but that's okay, because everybody is in on the joke
As I noted some time ago, there's a mailing list devoted to chatting among people who work in a particular cluster of buildings. It's not a technical support mailing list, but people will often ask a technical question on the off chance that somebody can help, in the same way that you might ask your friends for some help with something. Of course, one consequence of this is that the quality of the responses is highly variable. While there's a good chance that somebody will help you with your problem, there's also a good chance that a technical question will receive a highly unhelpful response just for fun, in t...
The danger of making the chk build stricter is that nobody will run it
Our old pal Norman Diamond suggested that Windows should go beyond merely detecting dubious behavior on debug builds and should kill the application when it misbehaves. The thing is, if you make an operating system so strict that the slightest misstep results in lightning bolts from the sky, then nobody would run it. Back in the days of 16-bit Windows, as today, there were two builds, the so-called retail build, which had assertions disabled, and the so-called debug build, which had assertions enabled and broke into the debugger if an application did something suspicious. (This is similar to today's terms che...
Using the wrong HINSTANCE in RegisterClass is like identity theft
Use your own account.
Photoshop meme: Mark Reynolds casually eating sunflower seeds
July 7, 2011: David Ortiz hits a home run against the Baltimore Orioles. As he rounds third base, Orioles third baseman Mark Reynolds casually finishes off a package of sunflower seeds (photo 6 in the slide show). An Internet meme is born. Follow the hilarity.
What is that horrible grinding noise coming from my floppy disk drive?
Wait, what's a floppy disk drive? For those youngsters out there, floppy disks are where we stored data before the invention of the USB earring. A single floppy disk could hold up to two seconds of CD-quality audio. This may not sound like a lot, but it was in fact pretty darned awesome, because CDs hadn't been invented yet either. Anyway, if you had a dodgy floppy disk (say, because you decided to fold it in half), you often heard a clattering sound from the floppy disk drive as it tried to salvage what data it could from the disk. What is that sound? That sound is recalibration. The floppy disk driver softw...
The tradition of giving cute names to unborn babies
Many of my friends gave names to their unborn babies. Most of them were based on various objects that were the size of the adorable little parasite¹ at the time they discovered that they were pregnant: There were a few outliers, though. That last one takes a bit of explaining. Having grown tired of people asking her what she was planning on naming the baby, my friend made up an absurd name and used it with a straight face. "We're think of naming her Aubergine, if it's a girl." People would respond with a polite but confused "Oh, that's an interesting name." Then, still deadpan, she would add, "If it's...
What does the executable timestamp really mean?
A customer was looking for some information on the executable timestamp: I would like my program to display the date it was linked. The looks like what I need. Is there an easy way to retrieve this information so I don't have to parse the EXE header myself? Also, what functions exist for formatting this timestamp into something human-readable? The customer didn't explain why they needed this information, but presumably it was for diagnostic purposes. For example, the program might display the information in the About box to help the product support team identify which version of the program the end-user is ru...
At least it'll be easy to write up the security violation report
Many years ago, Microsoft instituted a new security policy at the main campus: all employees must visibly wear their identification badge, even when working in their office. As is customary with with nearly all new security policies, it was met with resistance. One of my colleagues was working late, and his concentration was interrupted by a member of the corporate security staff at his door. — Sir, can I see your cardkey? My colleague was not in a good mood (I guess it was a nasty bug), so he curtly replied, "No. I'm busy." — Sir, you have to show me your cardkey. It's part of the new security po...
Windows has supported multiple UI languages for over a decade, but nobody knew it
In the early days of Windows, there was a separate version of Windows for each language, and once you decided to install, say, the French version of Windows, you were locked into using French. You couldn't change your mind and, say, switch to German. The reason for this is that there were bits and pieces of language-dependent information stored all over the system. One obvious place is in file names. For example, a shortcut to the calculator program was kept at %USERPROFILE%\Start Menu\Programs\Accessories\Calculator.lnk on US-English systems, but %USERPROFILE%\Startmenü\Programme\Zubehör\Rechner.lnk ...
We've traced the pipe, and it's coming from inside the process!
We saw last time one of the deadlocks you can run into when playing with pipes. Today we'll look at another one: Our program runs a helper process with stdin/stdout/stderr redirected. The helper process takes input via stdin and prints the result to stdout. Sometimes we find that the from the controlling process into the stdin pipe hangs. Closer examination reveals that the helper process no longer exists. Under these conditions, should the fail, since the reader is no longer available? If you attempt to write to a pipe when there is nobody around to call to read the data out the other end, the call to ...
And… that cadence means it's halftime, concert-goers!
In college, one of my classmates (who is now the conductor of an orchestra, so I guess that whole music thing worked out for him) coined the term halftime to refer to a resounding cadence in the first half of a piece, the type of cadence that might fool an inattentive or unseasoned listener into thinking that the piece is over, when in fact it's just getting started. We're not talking about a false ending, which is comparatively easy to find, but rather a "big finish" when we're nowhere near the finish. Also sprach Zarathustra has a big halftime cadence, complete with a reprise of the opening fanfare, at the en...
Be careful when redirecting both a process’s stdin and stdout to pipes, for you can easily deadlock
Pipe in, pipe out.
The historical struggle over control of the Portuguese language
Portugal has been going through a rough patch. Its international stature has diminished over the years, its economy has always struggled to remain competitive, the government had to accept a bailout to avoid defaulting on its debt, and on top of it all, it is losing control of its own language. In Portugal, the latest round of Portuguese spelling reform takes effect over a six-year transition period, leaving the Portuguese dismayed that the spelling of their language is being driven by Brazil, a former colony. I sympathize with the plight of the Portuguese, although I also understand the value of consistent sp...
Looking at the problem at the wrong level: Closing a process's stdin
A customer was having trouble manipulating the stdin stream that was given to a process. How do you simulate sending Ctrl+Z to a hidden console process programmatically? I am using and want to send the console a Ctrl+Z. I've tried sending ASCII code 26, but that doesn't work. supports Ctrl+C and Ctrl+Break but not Ctrl+Z. Here's what I'm doing, but it doesn't work: The customer was kind enough to do more than simply ask the question. The customer set up the scenario and even provided a code fragment that illustrates the problem. Which is good, because the original question was the wrong question. ...
Microspeak: Reporting through
I'll start with the citation from a hypothetical conversation: "This is being handled by Jonathan Swift." — Who does he report through? "He reports up through Jane Austen's org." The Microspeak term report through (or report up through) comes up often in situations where people from different groups are working together. In its most literal meaning, to report through someone is to have that person as your manager, or your manager's manager, or your manager's manager's manager, etc. (Not that any of those people beyond two levels actually reads any of the reports you've written!) Usually, when some...
A handful of trips through the time machine
A few trips through the time machine: In the Internet Explorer time machine video, I was struck by the remark, "Appearance-wise, very little had changed [in Internet Explorer 4] since IE3. Not much changed in terms of functionality, either." In fact, Internet Explorer 4 was probably the most significant revision of Internet Explorer in its history, because that's the version that completely replaced the old layout engine with a new one code-named Trident, the layout engine that continues to power Internet Explorer today. Another case of "When you change the insides, nobody notices."
The list of heaps returned by GetProcessHeaps is valid when it returns, but who knows what happens later
A customer had a problem involving heap corruption. In our code, we call and then for each heap, we call to enable the low fragmentation heap. However, the application crashes due to an invalid heap handle. My question is, why do we need to allocate an array of size 1025 even though we pass 1024 to ? Ha, faked you out with that question, eh? (It sure faked me out.) It's not clear why the code under-reports the buffer size to . So let's ignore the customer's stated question and move on to the more obvious question: Why does this code crash due to an invalid heap handle? Well, for one thing, the cod...
2011 mid-year link clearance
Another round of the semi-annual link clearance. And, as always, the obligatory plug for my column in TechNet Magazine:
The UseUrl attribute in the App Paths key indicates that your application can accept a URL on the command line
Setting the attribute in your key indicates that your application can accept a URL on the command line as the document to be opened. The documentation for this attribute is a confusing blend of raw documentation, guidance, history, and an example. Let's tease the parts apart so you won't confuse the example with the contract. The raw documentation is simple: Setting indicates that your application can accept URLs on the command line. The guidance is that programs like Web browsers should set this attribute because opening URLs is the primary reason for their existence. But it's not just Web browsers; any pr...
What happens to WPARAM, LPARAM, and LRESULT when they travel between 32-bit and 64-bit windows?
The integral types , , and are 32 bits wide on 32-bit systems and 64 bits wide on 64-bit systems. What happens when a 32-bit process sends a message to a 64-bit window or vice versa? There's really only one choice when converting a 64-bit value to a 32-bit value: Truncation. When a 64-bit process sends a message to a 32-bit window, the 64-bit and values are truncated to 32 bits. Similarly, when a 64-bit window returns an back to a 32-bit sender, the value is truncated. But converting a 32-bit value to a 64-bit value introduces a choice: Do you zero-extend or sign-extend? The answer is obvious if you re...
A different way to win from one of those claw game
I know two people (siblings) who are experts at those claw games. They can look at a claw game, assess the situation, decide whether there is a winnable toy, and if so, drop in their quarter and grab it. I asked the elder sibling how they arrived at this amazing skill. "As a teenager, I spent something like $20 pumping quarters into one of these machines, and I eventually figured it out." Or there is the direct approach.
How do I display the Find Printers dialog programmatically?
A customer wanted to display the Find Printers dialog programmatically to let the user pick a printer from Active Directory and wanted to know whether this was possible. Yes, it's possible, and there's more than one way to do it. There's the lazy way and the overachieving way. The overachieving way is to use the method. The sample function spells it all out for you. The lazy way takes a little bit of out-of-the-box thinking: Open the Find Printers dialog, set up the search the way you want it, and then save the search to a file (File, Save Search). In your program, when you need to open the Find Printers di...
There's more to workflow than hitting F5 in the IDE
Commenter Stu suggested that instead of having code to auto-correct dialog templates, why not have a program that corrects them at build time? That way, Windows wouldn't have to make all these accommodations for programs that didn't understand the new dialog template requirements for property sheet pages. For one thing, this model assumes that all dialog templates come from Win32 PE resources and aren't generated at runtime or loaded from other files not in resource format. For those cases, you still need the runtime fixup, so this solution would be a supplement to the existing one rather than a replacement. ...
Why doesn't my MessageBox wrap at the right location?
A customer reported that the function was wrapping text "at the wrong location." Our program displays a message with the function, and we use the '\n' character to force line breaks at positions we choose. But we've found that starting in Windows Vista, the line breaks we placed are not working. The function is inserting its own line breaks, which interferes with our custom text layout. It used to be that the width of the message box would expand to fit the longest line in the message. The function is one of those "leave the driving to us" type of functions. You give it a string to display, select whi...
What happens when applications try to copy text by sending Ctrl+C
I'm stealing this story from one of my colleagues. I remember one app from a long time ago that had a feature where you could hit a global short cut key (or something like that) to launch the dictionary. It was also smart in that it would detect the current selected text and immediately search the dictionary for that term. One day I was running a Perl script that took several hours to run. It was nearly done and for whatever I decided to launch the dictionary. It sent a Ctrl+C to my Perl script and killed it. And that's why you don't send Ctrl+C to arbitrary applications. Active Accessibility gives you ...
How do I compress files (via NTFS compression) from the command line?
A customer wanted to know whether there was a way to compress files and directories (in the sense of NTFS compression) from a script or from the command line. They knew about the Properties dialog, but they wanted something scriptable. The command-line tool for this is . Type for usage information. The customer liaison was grateful for this information. Thanks for the prompt response, and yes, this will meet our customer's need to compress specific files such as *.docx under a particular directory and all its subdirectories. Um, *.docx files are already compressed. Compressing them again gains you nothing. ...
How to get Windows Media Player to single-step a video
I always forget how to do this, so I'm going to write it down so I can look it up later. When a video is playing, right-click the volume control slider and select Enhancements, then Play speed settings. (Actually, it also works if you right-click the speaker icon, the Stop button, the Replay button, or the Shuffle button, but the volume control slider is the biggest target.) On the Play speed settings dialog, the single-step controls are at the bottom; they look like triangles. Update: There's an even easier way.
See you in Building 109, Conference Room A
We saw some time ago that if somebody invites you to a meeting in Building 7, they are inviting you off campus to take a break from work. If somebody invites you to a meeting in Building 109, Conference Room A, they are inviting you to join them at the Azteca Mexican restaurant next door. Update: One of the members of the "Building 109 Conference Room A" mailing list informed me that Building 109 Conference Room A is specifically the bar at the Azteca restaurant. Update 2: Building 109 Conference Room A has its own mailing list!
In Windows, the directory is the application bundle
Aaargh! wonders why Windows doesn't just steal the concept of bundles from Apple and package up each application with all its libraries and everything else it needs into a single directory. This is such a great idea, it's been around since the early 1990's. It's just that Windows didn't give it a cute named like bundle. It just gave it the boring name directory. In other words, it's a victim of bad marketing. Maybe we should have given it a cute name like... elfgrass. The first directory searched by the function is the directory containing the application. If you put all your supporting libraries in the same...
How do I make a window remain visible even when the user selects Show Desktop?
A customer had this question: I'd like to know how to get a window to remain visible, even when the user has selected Show Desktop. Right now, when the user picks Show Desktop, the desktop appears and covers my window. Um, yeah, because that's the whole point of Show Desktop: To show the desktop and get rid of all those windows that are in the way. Windows like yours. We're sorry that Windows was unprepared for a program as awesome as yours, because there's no way to mark your window as even if the user says to show the desktop instead of this window, override the user's command and show the window anyway. (...
How do I create a right-aligned toolbar button?
I didn't think this was all that common a request, but it came in twice from two different customers, so I guess there are still people creating toolbars, and creating them with right-aligned buttons (even though it violates Windows user interface guidelines, though I can't find a citation right now). You may have noticed that the toolbar common control doesn't provide a facility for creating right-aligned buttons. Partly because it's a violation of the guidelines anyway, but mostly because the default state of every feature is "not implemented." Adding a feature requires work, and since there is only a finite ...
How do I convert a UTF-8 string to UTF-16 while rejecting illegal sequences?
By default, when you ask to convert a UTF-8 string to UTF-16 that contains illegal sequences (such as overlong sequences), it will try to muddle through as best as it can. If you want it to treat illegal sequences as an error, pass the flag. The MSDN documentation on this subject is, to be honest, kind of hard to follow and even includes a double-negative: "The function does not drop illegal code points if the application does not set this flag." Not only is this confusing, it doesn't even say what happens to illegal code points when you omit this flag; all it says is what it doesn't do, namely that it doesn'...
Sufficiently advanced magic is indistinguishable from technology
An informal tradition in a former group was that whenever somebody bought a new car, we all went out to lunch to celebrate, but the person with the new car had to be one of the drivers. During one of our new-car trips, the proud owner of the new car showed off its fancy features. "Check this out, this car has a voice-controlled radio: Radio, On." The car radio turned on. "Radio, Select KUOW." The radio changed its station. "Radio, louder." The volume went up. But this wasn't a demonstration of voice-recognition technology. It was a magic trick. You see, the car has radio controls built into the back of th...
You don't need to steal focus if you can just arrange for someone to give it to you
Commenter doesn't matter proposes a scenario where focus-stealing is necessary: There are two applications A and B, Application B exposes an interface, and Application A connects to application B via that interface, When some sort of even occurs in application B, it notifies application A, which wants to steal focus in order to interact with the user as a result of the event. Actually, this is still not a situation where focus-stealing is necessary. Application B just needs to call on application A before it fires the event, so that when application A receives ...
Generally speaking, if your function fails, you should return a failure code
A customer requested assistance with their shell namespace extension, and the request worked its way to me for resolution. The customer was at a loss because the customer's code was nowhere on the stack. What is wrong? The customer didn't provide a dump file or any other information beyond the stack trace. (Hint: When reporting a problem with a shell namespace extension, at least mention the last few method calls your namespace extension received before the crash.) I was forced to use my psychic powers to solve the problem. But you can, too. All the information you need is right there in front of you. The...
PE resources must be 4-byte aligned, but that doesn't stop people from trying other alignments
Resources in PE-format files must be stored at offsets which are a multiple of four. This requirement is necessary for platforms which are sensitive to data alignment. That doesn't stop people from breaking the rules anyway. After all, it sort of works anyway, as long as you're careful. I mean, sure maybe if somebody running a non-x86 version of Windows tries to read your resources, they will crash, but who uses non-x86 versions of Windows, right? In Windows Vista SP1, additional hardening was added to the resource parsing code to address various security issues, but the one that's important today is that ...
Microspeak: The planned unplanned outage, and other operations jargon
The Operations group at Microsoft manage the servers which keep the company running. And they have their own jargon which is puzzling to those of us who don't spend all our days in a noisy server room. From what I can gather, an Unplanned Outage would be better termed an Unscheduled Outage: We did not have it marked off on our calendar that the server would be unavailable at this time, but it ended up that way. These unscheduled outages fall into two categories: An Unplanned Unplanned Outage is an unscheduled outage that took place of its own volition. In other words, the server crashed or somebody accidentall...
You'd think that with the name scratch, people wouldn't expect it to be around for a long time
There is a server run by the Windows team called . Its purpose is to act as a file server for storing files temporarily. For example, if you want to send somebody a crash dump, you can copy it to the scratch server and send the person a link. The file server is never backed up and is not designed to be used as a permanent solution for anything. The Windows team likes to use the server to test various file server features. For example, the scratch server uses hierarchical storage management and migrates files to tape relatively aggressively, so that the HSM development team can get real-world usage of their fea...
Why do Group Policy settings require me to have a degree in philosophy?
Commenter Josh points out that Group Policy settings often employ double-negatives (and what's the difference between turning something off and not configuring it)? Group Policy settings are unusual in that they are there to modify behavior that would continue to exist without them. They aren't part of the behavior but rather a follow-on. Suppose that the default behavior is to do XYZ automatically, but due to requests from corporate customers, a Group Policy is added to alter this behavior. The Group Policy for this might look like this: Don't do XYZ automatically Enabled Disabled Not configured The t...
Swamping the thread pool with work faster than it can drain
This scenarios is real, but details have been changed to protect the guilty. Consider a window showing the top of a multi-page document. The developers found that when the user clicks the down-arrow button on the scroll bar, the program locks up for 45 seconds, over a dozen threads are created, and then suddenly everything clears up and the window displays the final paragraph of the document (i.e., it scrolled all the way to the bottom). The problem was traced to queueing tasks to the thread pool faster than they can drain. The document is an object which, unlike a window, has no thread affinity. (Naturall...
How do I control X-Mouse settings (active window tracking)?
For quite some time, Windows has had a setting officially called active window tracking but which informally goes by the name X-Mouse, because that was the name of the PowerToy which first exposed the feature. (The PowerToy was in turn so-named because it made the mouse behave in a manner similar to many X window managers.) The setting is exposed to end users in Windows 7 on Make the mouse easier to use under Activate a window by hovering over it with the mouse. If you want to write your own PowerToy to control this setting, you can do so by calling the function. There are three settings which collective...
How do I prevent users from pinning my program to the taskbar?
A customer wanted to prevent users from pinning their application to the taskbar. I have an application that is launched as a helper by a main application. Users shouldn't be launching it directly, but rather should be launching the main application. But since the helper shows up in the taskbar, users may be tempted to right-click on the taskbar icon and select "Pin to taskbar." Unfortunately, this pins the helper program to the taskbar instead of the main application, and launching the helper program directly doesn't work. Is there a way I can prevent users from pinning the helper program? It so happens tha...
My evil essence revealed
I found it amusing that somebody considered the fact that Microsoft employees can read my queued-up blog entries before the articles are published to be further evidence of Microsoft's evil essence as a monopoly. Just for the record, this is not evidence of Microsoft's evil essence as a monopoly. Rather, it's evidence of Raymond's evil essence as a monopoly, because the monopoly on blog articles written by Raymond Chen that haven't yet been published belongs to me.
Just for fun: Sample user names in Windows 7
Names from around the world.
Why are custom properties created on Windows 2000 lost when I view the file from newer versions of Windows?
In Windows 2000, Explorer let you add properties like Summary and Author to nearly any file type. But when you view the files from a machine running Windows XP or later, those properties are lost. Where did they go? Most file types do not have extensibility points for adding metadata. For example, every byte of a plain text files is devoted to text data; there is nowhere to put metadata like Author or Summary. In Windows 2000, the shell chose to store this extra information in NTFS alternate data streams (or more accurately, the shell chose to use the storage format, which is implemented in term...
How do IsThemeActive, IsAppThemed, and IsCompositionActive differ?
There are three functions which test very similar things, and sometimes applications pick the wrong one. Here's the rundown: Note that these functions do not answer the question "Is the application using the visual-styles-enabled version of the common controls library?" That question is harder to answer because the decision to use the visual-styles-enabled version of the common controls library is not a process-wide one but is rather made on a window-by-window basis. You can have an application where half of the button controls are the old non-visual-styles version and half of the button controls participate i...
WinMain is just the conventional name for the Win32 process entry point
is the conventional name for the user-provided entry point in a Win32 program. Just like in 16-bit Windows, where the complicated entry point requirements were converted by language-provided startup code into a call to the the user's function, the language startup code for 32-bit programs also does the work of converting the raw entry point into something that calls (or or ). The raw entry point for 32-bit Windows applications has a much simpler interface than the crazy 16-bit entry point: The operating system calls the function with no parameters, and the return value (if the function ever returns) i...
Microspeak: PowerPoint Karaoke and the eye chart
The game PowerPoint-Karaoke was invented in 2006 by Zentrale Ingelligenz Agentur. In this game, contestants are called upon to give a PowerPoint presentation based on a slide deck they have never seen. (The German spelling uses a hyphen between the two words. When "translated" into English, the hyphen is often omitted.) At Microsoft, the term has been extended to refer to giving a presentation from slides prepared by somebody else, usually on short notice and therefore with little preparation. Bob is out sick today, so I'll be giving the overview. Sorry for the PowerPoint Karaoke. This is shorthand for "Sorr...
If it's possible to do something, then it's possible to do something WRONG
Once you make it possible to do something, you have to accept that you also made it possible to do something wrong. When the window manager was originally designed, it made it possible for programs to override many standard behaviors. They could handle the message so a window can be dragged by grabbing any part of the window, not just the caption bar. They could handle the message to draw custom title bars. The theory was that making all of these things possible permitted smart people to do clever things. The downside is that it also permits stupid people to do dumb things. Changing the window procedur...
One engineer's interpretation of the Segway as a hybrid vehicle
In a discussion of commuting options (in which I was primarily an observer), the following exchange took place: A: I would rather get kicked in the shins every morning than bike up the massive hill that sits between my apartment and main campus. B: Have you tried an electric bike? C: If you're going to eliminate pedaling, then you may as well go all the way and get a Segway. B: Actually, I used to own a Segway. I was floored by the engineering achievement of creating a device that combined the speed benefits of walking with the exercise benefits of driving, and for just the cost of a used Honda! Note, of co...
BeginBufferedPaint: It's not just for buffered painting any more
I covered the function in my 2008 PDC presentation, but one thing I didn't mention is that the buffered paint functions are very handy even if you have no intention of painting. Since the buffered paint functions maintain a cache (provided that you remembed to call ), you can use to get a temporary bitmap even if you have no intention of actually painting to the screen. You might want a bitmap to do some off-screen composition, or for some other temporary purpose, in which case you can ask to give you a bitmap, use the bitmap for whatever you like, and then pass when you call to say "Ha ha, just kidding....
Why is my program terminating with exit code 3?
Looks like that's what the Microsoft C runtime uses for an abort.
Watching the battle between Facebook and Facebook spammers
I am watching the continuing battle between Facebook and Facebook spammers with detached amusement. When I see a spam link posted to a friend's Facebook wall, I like to go and figure out how they got fooled. Internet Explorer's InPrivate Browsing comes in handy here, because I can switch to InPrivate mode before visiting the site, so that the site can't actually cause any harm to my Facebook account since I'm not logged in and it doesn't know how to log me in. The early versions were simply Web pages that hosted an embedded YouTube video, but they placed an invisible "Like" button over the playback controls, so ...
How long do taskbar notification balloons appear on the screen?
We saw some time ago that taskbar notification balloons don't penalize you for being away from the computer. But how long does the balloon stay up when the user is there? Originally, the balloon appeared for whatever amount of time the application specified in the member of the structure, subject to a system-imposed minimum of 10 seconds and maximum of 60 seconds. In Windows XP, some animation was added to the balloon, adding 2 seconds of fade-in and fade-out animation to the display time. Starting in Windows Vista, applications are no longer allowed to specify how long they wanted the balloon to appear...
Why does Explorer show a thumbnail for my image that's different from the image?
A customer (via a customer liaison) reported that Explorer somestimes showed a thumbnail for an image file that didn't exactly match the image itself. I have an image that consists of a collage of other images. When I switch Explorer to Extra Large Icons mode, the thumbnail is a miniature representation of the image file. But in Large Icons and Medium Icons mode, the thumbnail image shows only one of the images in the collage. I've tried deleting the thumbnail cache, but that didn't help; Explorer still shows the wrong thumbnails for the smaller icon modes. What is wrong? The customer provided screenshots dem...
Multithreaded UI code may be just as hard as multithreaded non-UI code, but the consequences are different
Commenter Tim Smith claims that the problems with multithreaded UI code are not significantly more than plain multithreaded code. While that may be true on a theoretical level, the situations are quite different in practice. Regardless of whether your multithreaded code does UI or not, you have to deal with race conditions, synchronization, cache coherency, priority inversion, all that mulitthreaded stuff. The difference is that multithreaded problems with non-UI code are often rare, relying on race conditions and other timing issues. As a result, you can often get away with a multithreaded bug, because it may...
If undecorated names are given in the DLL export table, why does link /dump /exports show me decorated names?
If you run the command on a DLL which exports only undecorated names, you may find that in addition to showing those undecorated names, it also shows the fully-decorated names. We're building a DLL and for some functions, we have chosen to suppress the names from the export table by using the NONAME keyword. When we dump the exports, we still see the names. And the functions which we did want to export by name are showing up with their decorated names even though we list them in the DEF file with undecorated names. Where is the decorated name coming from? Is it being stored in the DLL after all? The orig...
Looking at the world through kernel-colored glasses
During a discussion of the proper way of cancelling I/O, the question was raised as to whether it was safe to free the I/O buffer, close the event handle, and free the structure immediately after the call to . The response from the kernel developer was telling. That's fine. We write back to the buffer under a try/except, so if the memory is freed, we'll just ignore it. And we take a reference to the handle, so closing it does no harm. These may be the right answers from a kernel-mode point of view (where the focus is on ensuring that consistency in kernel mode is not compromised), but they are horrible answe...
Why double-null-terminated strings instead of an array of pointers to strings?
I mentioned this in passing in my description of the format of double-null-terminated strings, but I think it deserves calling out. Double-null-terminated strings may be difficult to create and modify, but they are very easy to serialize: You just write out the bytes as a blob. This property is very convenient when you have to copy around the list of strings: Transferring the strings is a simple matter of transferring the memory block as-is. No conversion is necessary. This makes it easy to do things like wrap the memory inside another container that supports only flat blobs of memory. As it turns out, a flat ...
Why is hybrid sleep off by default on laptops? (and how do I turn it on?)
Hybrid sleep is a type of sleep state that combines sleep and hibernate. When you put the computer into a hybrid sleep state, it writes out all its RAM to the hard drive (just like a hibernate), and then goes into a low power state that keeps RAM refreshed (just like a sleep). The idea is that you can resume the computer quickly from sleep, but if there is a power failure or some other catastrophe, you can still restore the computer from hibernation. A hybrid sleep can be converted to a hibernation by simply turning off the power. By comparison, a normal sleep requires resuming the computer to full power in or...
Sorting is a state and a verb (and a floor wax and a dessert topping)
Cliff Barbier points out that after you sort an Explorer view by name, new items are not inserted in their sorted position. This goes back to the question of whether sorting is a state or a verb. If you take an Explorer folder and say Sort by Name, do you mean "From now on, always show the contents of this folder sorted by name"? Or do you mean "Rearrange the items currently in this folder so they are sorted by name"? The first case treats sorting a state, where sorting is an attribute of the folder that persists. The second case treats sorting as a verb, where the action is performed so that its effects ling...
A function pointer cast is a bug waiting to happen
A customer reported an application compatibility bug in Windows. We have some code that manages a Win32 button control. During button creation, we subclass the window by calling . On the previous version of Windows, the subclass procedure receives the following messages, in order: We do not handle any of these messages and pass them through to . On the latest version of Windows, we get only the first two messages, and crashes while it's handling the third message before it gets a chance to call us. It looks like it's reading from invalid memory. The callback function goes like this: We install th...
Your program loads libraries by their short name and you don't even realize it
In the discussion of the problems that occur if you load the same DLL by both its short and long names, Xepol asserted that any program which loads a DLL by its short name "would have ONLY itself to blame for making stupid, unpredictable, asinine assumptions" and that Windows should "change the loader to NOT load any dll with a short name where the short name and long name do not match." The problem with this rule, well, okay, one problem is that you're changing the rules after the game has started. Programs have been allowed to load DLLs by their short name in the past; making it no longer possible creates an ...
Why don't the file timestamps on an extracted file match the ones stored in the ZIP file?
A customer liaison had the following question: My customer has ZIP files stored on a remote server being accessed from a machine running Windows Server 2003 and Internet Explorer Enhanced Security Configuration. When we extract files from the ZIP file, the last-modified time is set to the current time rather than the time specified in the ZIP file. The problem goes away if we disable Enhanced Security Configuration or if we add the remote server to our Trusted Sites list. We think the reason is that if the file is in a non-trusted zone, the ZIP file is copied to a temporary location and is extracted from there,...
Like a chicken talking to a duck
Many years ago, I called the home of my Chinese-speaking nieces. This was before they started learning English and before I started learning their dialect of Chinese. After the call was over, the eldest niece asked, "Who was that on the phone?" "That was Uncle Raymond." "Oh, I want to talk to Uncle Raymond!" Her mother replied, "That'd be like a chicken talking to a duck." A chicken talking to a duck is a Chinese idiom referring to two people who cannot communicate due to a language barrier. It seems that ducks are somehow central to the concept of language unintelligibility. Is there a duck-related langu...
That's not a duck
One of the audio features added to Windows 7 goes by the formal name stream attenuation, but it is more commonly known to people in the audio world as ducking. Ducking is the process of lowering the volume of background sounds in order to draw more attention to the foreground sound. For example, when you're watching a big battle scene in a summer action movie, your ears are assaulted with the sounds of weapons fire, objects exploding left and right, but when the hero turns to his girlfriend-of-the-moment, the sound level of all the death and destruction drops a bit so you can hear him say something tender,...
The Importance of Being Snooki
What if Jersey Shore were actually a play written by Oscar Wilde? Algernon Moncrieff and Jack Worthing from Broadway's current production of The Importance of Being Earnest explore that premise in a five-part series titled "Jersey Shore" Gone Wilde, drawing its dialogue from things actually said on "Jersey Shore". The dialogue and delivery are funny enough. But what really sells it is the acting: The eye rolls, the nervous glances, the blank stares... Warning: NSFW for crude language, so I didn't embed the videos. You'll have to click through.
Hidden compatibility constraints of redirecting program execution via a stub
One of the "obvious" solutions to the issue of how much work you're willing to do to save 68KB of disk space was to replace one of the copies with a stub that launches the other copy. If you try this obvious solution, you may run into some compatibility issues. First of all, there are programs which launch Notepad and then wait on the process handle so they can wait until the user closes Notepad. Your stub program cannot just do a on the target, because programs which perform a wait will find the wait satisfied when your stub program exits. Okay, so your stub program has to wait for the real copy of Notepa...
Not quite understanding why you wash your hands before playing the piano
My niece wanted to play my piano, and I asked her to wash her hands. She said, "I don't need that, I have Magic Soap," and she produced a bottle of hand sanitizer. Um, the purpose of washing your hands isn't so the piano doesn't get sick. My piano-instructor cousin-in-law tells me that her young students often say, "My hands are not dirty. They are just a little sticky because I just ate a chocolate muffin on my way here. I don't think I need to wash my hands. Why do you always ask me to wash my hands before the piano lesson?"
Why is there a RestoreLastError function that does the same thing as SetLastError?
Matt Pietrek noticed that and do exactly the same thing and wondered why there's a separate function for it. It's to assist in debugging and diagnostics. Say you're debugging a problem and when you call you get . It would really help a lot if you could figure out who set the error code to . If you set a breakpoint on , you find that people call for two different reasons: That second one needs a little explanation. You might have a logging function that goes like this: It's important that functions which perform logging, assertion checking, and other diagnostic operations are nonintrusive. You don...
Microspeak: Hipo
A friend of mind was asked out of the blue, "What does hypo mean?" She started to flash back to high school English class and Greek word roots. "I've started to hear it everywhere. Like Everyone in that meeting is a hypo or We need to reach out to hypos." My friend realized that she had mis-heard the question. It was not about the Greek root hypo but rather the bizarro Microspeak word hipo, shorthand for high-potential employee. As I researched this term (which I had never encountered before), I found that it fell into that special category of Microspeak known as if you have to ask, I'm not going to tell you....
How do I pin a program directly to the Start menu rather than a shortcut?
Anonymous bemoans the fact that pinning programs to the Start menu (in Windows XP) actually pins the shortcut rather than the program itself. This means that if you right-click on a shortcut to pin it, then delete the shortcut, the pinned item stops working. How do you pin the program directly? You pin the program directly by right-clicking on the program directly. If you right-click on a shortcut and select Pin to Start menu, then you're pinning the shortcut. This is sort of obvious, because after all, that's what you right-clicked on. If you want to pin the raw program, then dive into the Program Files f...
No, you can't ask whether your notification icon is visible or not
A customer asked what started out as a simple question, but by now you know that this sort of simple question only raises new questions: Is there a way that we can detect that the user has hidden our notification icon? No, there is no way to ask whether your notification icon is hidden or visible. Users decide which icons they want to see, and you don't get to snoop in on the users' decisions. Questions like this scare me, because it sounds like this customer's program is going to respond to the user's choice to hide their icon by doing something even more annoying. This is another demonstration of Le Chatel...
There's only so much you can do to stop running code from simulating UI actions
Commenter KiwiBlue asks whether Captcha-style tests were considered to prevent unsigned drivers from programmatically clicking the 'Install anyway' button. I'm sure somebody considered it, but Captcha has its own problems. "Type the (distorted) letters below"-type Captcha cannot be used by people with visual impairments, people who are dyslexic, or people who simply are not familiar with the Latin alphabet. (Believe it or not, the vast majority of people on the planet have a native language which does not use the Latin alphabet.) Using an audio captcha runs into the problem of different accents, letters whose ...
Even if you have a lock, you can borrow some lock-free techniques
Even if you prefer to use a lock (after all, they are much easier to program), you can borrow some lock-free techniques. For example, consider this: There are some concerns here. First of all, there's the lock hierarchy issue: If reticulating a spline takes the geometry lock, that may violate our lock hierarchy. If the lock is a hot lock, you may be concerned that all this gorilla stuff will hold the lock for too long. Maybe rendering a gorilla is a slow and complicated operation because it's hard to get the fur just right. These issues become less onerous if you switch to a lock-free algorithm, but that...
The performance improvements of a lock-free algorithm is often not in the locking
GWO wonders what the conditions are under which the lock-free version significantly outpeforms a simple critical section. Remember that switching to a lock-free algorithm should be guided by performance measurements. Switching from a simple algorithm to a complex one shouldn't be done unless you know that the simple algorithm is having trouble. That said, here are some non-obvious advantages of a lock-free algorithm over one that uses a simple lock. (Later, we'll see how you can take advantage of these techniques without actually going lock-free.) Consider a program that uses a simple critical section to ...
Corrections to Patterns for using the InitOnce functions
Adam Rosenfield pointed out that it is not possible to fail an asynchronous initialization; if you pass when completing an asynchronous initialization, the function fails with . (Serves me right for writing an article the night before it goes up.) A more correct version is therefore In other words, the pattern is as follows: While I'm here, I may as well answer the exercises. Exercise: Instead of calling with , what happens if the function simply returns without ever completing the init-once? Answer: The structure is left in an asynchronous initialization pending state. This is fine, because the n...
Endorsement: Aaron Margosis's Unintended Consequences of Security Lockdowns talk at TechEd
At TechEd 2011 North America in Atlanta, Aaron Margosis is presenting a talk on Unintended Consequences of Security Lockdowns. I've seen the internal version of his talk and I give it two thumbs up. If you're going to be at TechEd North America, consider adding it to your schedule.
Visual Studio 2005 gives you acquire and release semantics for free on volatile memory access
If you are using Visual Studio 2005 or later, then you don't need the weird function because Visual Studio 2005 and later automatically impose acquire semantics on reads from volatile locations. It also imposes release semantics on writes to volatile locations. In other words, you can replace the old function with the following: This is a good thing because it expresses your intentions more clearly to the compiler. The old method that overloaded forced the compiler to perform the actual compare-and-exchange even though we really didn't care about the operation; we just wanted the side effect of the Acqui...
Back from Las Vegas, and now my clothes smell like cigarette smoke
I actually came back Thursday night, but I've been too lazy to jot down some reactions until now. There are signs on the street directing you to a tram connecting the Monte Carlo hotel with the Bellagio. but once you follow the first sign (that takes you into the casino), there are no more signs telling you how to get to the tram. The tram is a lie. Actually, the tram does exist, but it's not marked. You have to walk through the entire Monte Carlo casino to the Street of Dreams shops, and then past them and up a flight of stairs to the tram station. When you reach the Bellagio, you then have to do the reverse...
Don't forget to include the message queue in your lock hierarchy
In addition to the loader lock, the message queue is another resource that people often forget to incorporate into their lock hierarchy. If your code runs on a UI thread, then it implicitly owns the message queue whenever it is running, because messages cannot be dispatched to a thread until it calls a message-retrieval function such as or . In other words, whenever a thread is not checking for a message, it cannot receive a message. For example, consider the following code: If belongs to another thread, then you have a potential deadlock, because that thread might be waiting for your critical section. ...
Lock-free algorithms: The try/commit/(hand off) model
The last lock-free pattern for this week isn't actually lock-free, but it does run without blocking. The pattern for what I'll call try/commit/(hand off) is more complicated than the other patterns, so I'll start off by describing it in words rather than in code, because the code tends to make things more complicated. First, you take the state variable and chop it up into pieces. You need some bits to be used as a lock and as a work has been handed off flag. And if the work that has been handed off is complicated, you may need some more bits to remember the details of the handoff. A common way of doing this ...
Lock-free algorithms: The opportunistic cache
Suppose profiling reveals that a specific calculation is responsible for a significant portion of your CPU time, and instrumentation says that most of the time, it's just being asked to calculate the same thing over and over. A simple one-level cache would do the trick here. Of course, this isn't thread-safe, because if one thread is pre-empted inside the call to , then another thread will see values for and that do not correspond to each other. One solution would be to put a critical section around this code, but this introduces an artificial bottleneck: If the most recent cached result is , , and if two...
Lock-free algorithms: Update if you can I'm feeling down
A customer was looking for advice on this synchronization problem: We have a small amount of data that we need to share among multiple processes. One way to protect the data is to use a spin lock. However, that has potential for deadlock if the process which holds the spinlock doesn't get a chance to release it. For example, it might be suspended in the debugger, or somebody might decide to use to nuke it. Any suggestions on how we can share this data without exposure to these types of horrible failure modes? I'm thinking of something like a reader takes the lock, fetches the values, and then checks at sta...
Overheard conversation fragment: I'm over here by the slot machines
While on a trip to Las Vegas, I happened to overhear a woman talking on her mobile phone who, from her body language, was clearly trying to meet up with a friend. We were in the casino of one of the major hotels. She said, "I'm over here by the slot machines." Yeah, that narrows it down. I'll be heading to Vegas for the Niney Awards. If I don't see you at the ceremony, I'll meet you by the slot machines.
Lock-free algorithms: The try/commit/(try again) pattern
The singleton constructor pattern and the example we saw some time ago are really special cases of the more general pattern which I'll call try/commit/(try again). I don't know if this pattern has a real name, but that's what I'm calling it for today. The general form of this pattern goes like this: We calculate the desired new value based on the initial value, combining it with other values that vary depending on the operation you want to perform, and then use an to update the shared value, provided the variable hasn't changed from its initial value. If the value did change, then that means another thre...
Holding down the shift key when right-clicking lets you pin things to the Start menu even when you might have been better off not doing so
Holding the shift key when calling up a context menu is a convention for indicating that you want to see additional advanced options which are normally hidden. One of those options is Pin to Start menu. What is this doing as an extended command? The Pin to Start menu command normally appears on the context menu of a program or a shortcut to a program. The Start menu pin list was intended to be a launch point for programs, so if the item you pick isn't actually a program, the Pin to Start menu item will be hidden. Furthermore, only items on the local hard drive will show Pin to Start menu. This avoids ugliness ...
Patterns for using the InitOnce functions
Letting the smart people do the work for you.
Lock-free algorithms: The singleton constructor (answer to exercises)
A few days ago, I asked you to make an existing class multithread-safe. The class caches objects called which are indexed by a 32-bit ID. The cache is implemented as an array that dynamically resizes as more items are added to it. A naïve multithreaded version might use a slim reader-writer lock with shared access on reads, exclusive access on writes, and mixed access on the treacherous "create if it doesn't already exist" path. Let's see. First of all, the function doesn't allocate the memory for the cache until somebody actually tries to look something up. But duh, that's the whole point of the class:...
Lock-free algorithms: The one-time initialization
A special case of the singleton constructor is simply lazy-initializing a bunch of variables. In a single-threaded application you can do something like this: This works fine in a single-threaded program, but if the program is multi-threaded, then two threads might end up trying to lazy-initialize the variables, and there are race conditions which can result in one thread using values before they have been initialized: Observe that if the first thread is pre-empted after the value for is initially set, the second thread will think that everything is initialized and may end up using an uninitialized ...
Lock-free algorithms: Choosing a unique value (solutions)
Last time, I left a warm-up exercise consisting of a code fragment which tries to compute a unique process-wide value. Here it is again: It may be easier to enumerate what the function does right rather than what it does wrong. Um, the words are correctly-spelled. That's about it. Damien was the first to note that the author basically reimplemented . Poorly. As we saw earlier, the algorithm for performing complex calculations with interlocked functions is (capture, compute, compare-exchange, retry). But the above code didn't do any of these things. By failing to capture the values, the code is ...
Lock-free algorithms: The singleton constructor
The first half may be familiar to many (most?) readers, but there's an interesting exercise at the bottom. A very useful pattern for the Interlocked* functions is lock-free lazy initialization via . Yes, that's a really long function name, but it turns out every part of it important. This is a double-check lock, but without the locking. Instead of taking lock when doing the initial construction, we just let it be a free-for-all over who gets to create the object. If five threads all reach this code at the same time, sure, let's create five objects. After everybody creates what they think is the winning obje...
Lock-free algorithms: Choosing a unique value (warm-up)
Here's a snippet of code whose job is to generate a unique number within the process. Here's some reference reading to get yourself in the mood. Caution: It may or may not be useful. Criticize this code fragment.
Windows is not a .NET Framework delivery channel either
We learned a while ago that Windows is not an MFC delivery channel. And, since you asked, it's not a .NET Framework delivery channel either. If you're developing a program that uses the .NET Framework, you have to have a backup plan if the version of the .NET Framework you need is not installed on the computer. This might mean including a copy of the installer on your CD. It might mean redirecting the user to an appropriate download site. It might just mean telling the user, "This program requires version XYZ of the .NET Framework." Whatever you do, you need to do something. Windows XP didn't come with a...
The funniest joke I've ever told (to a three-year-old)
I've tested this joke on several children ages three and four, and it never fails. There were two kittens walking down the street, and one of them fell on its butt! I developed this joke for one of my honorary nieces. She had just started to learn about joke-telling and asked me to tell her a joke. One of the keys to joke-telling is to know your audience: A three-year-old won't have the attention span for a longer joke, and subtlety and observational humor won't work either. It's got to be short and direct. She thought kittens were cute, and falling on one's butt was funny, so I figured, hey, let me combine t...
The introduction of whimsical teasing in Comic Chat
A few months after my post on the sad demise of whimsical teasing in Comic Chat, I received a piece of email from none other than the author of Comic Chat, DJ Kurlander: I was the person that started the Comic Chat project in Microsoft Research and was responsible for that line, "This person is too lazy to create a profile entry." Not a whole lot of thought went into the default profile. In maybe the 30 seconds that I put into it, I thought that the line was moderately humorous, fit with the quirky nature of Comic Chat, and might motivate more people to create profiles. When we released version 2, MSN got th...
2011 Q1 link clearance: Microsoft blogger edition
It's that time again: Linking to other Microsoft bloggers.
Having an owner window from another process is tricky, but it's sometimes the right thing to do
A customer had a main program (let's call it A) and a helper program (let's call it B), and the customer wanted and wanted B to act like a modal dialog relative to A. When B is launched, we disable A's window and then call to simulate a modal dialog. How do we make sure that focus goes to B's window and not A's? We've found that if the user clicks on the (now-disabled) window from the process A, then window B loses focus. This is not the behavior from regular modal windows however: For normal modal windows, clicking on the disabled owner activates the modal popup. One idea is to watch for...
How do I get the title of a dialog from a dialog resource?
A customer submitted the following question: We are developing automated tests for our application. Among other things, our application uses property sheets, which means that the name of the tab is stored as the title of the dialog template resource. Since we want our automated tests to run on all language versions of our application, we don't want to hard-code the tab names in our automated test. I have not been able to find any information on how to programmatically extract the dialog titles from the dialog resources. Any pointers would be appreciated. I replied with some pointers: The customer was gratef...
Although the default icon for a shortcut is the icon of the target, you can override that
A customer reported that a shortcut they deployed to their employees' desktops was triggering unwanted server traffic. My customer deploys a shortcut on %ALLUSERSPROFILE%\Desktop, and this shortcut points to an EXE file on a remote server. Once a local user logs on, the computer will try logging onto the remote computer to query information and generate a login failure alert on the server. Is there any way to stop Explorer from querying the shortcut information? Fortunately, the customer provided context for the question, because the question the customer is asking doesn't actually match the scenario. The ...
Why did Win32 define BOOL as a signed int instead of an unsigned int?
Igor Levicki wants somebody from Microsoft to explain why was defined as a instead of an . You don't need to work for Microsoft to figure this out. All the information you need is publically available. Quoting from K&R Classic, which was the operative C standards document at the time Windows was being developed: 7.6 Relational Operators The [relational operators] all yield 0 if the specified relation is false and 1 if it is true. The type of the result is . Win32 defined as synonymous with because Brian and Dennis said so. If you want to know why Brian and Dennis decided to have the result of rel...
Paul Cézanne and Camille Saint-Saëns may have similar-sounding last names, but they are not the same person
Next week, the Seattle Symphony Orchestra performs the Saint-Saëns Organ Symphony, but the people responsible for the symphony's radio advertisements don't realize that. As the strains of the symphony resound in the background, the announcer proudly announces that tickets are still available for "Cézanne's Organ Symphony." The names Cézanne and Saint-Saëns may sound similar, but I can assure you that they are not the same person. Here's a handy chart: This is not the first time the Seattle Symphony's radio announcer has made this substitution. I don't know whether somebody is giving h...
How do I monitor, or even control, the lifetime of an Explorer window?
A customer wanted help with monitoring the lifetime of an Explorer window. We want to launch a copy of Explorer to open a specific folder, then wait until the user closes the folder before continuing. We tried launching a copy of Explorer with the folder on the command line, then doing a on the process handle, but the wait sometimes completes immediately without waiting. How do we wait until the user closes the Explorer window? This is another case of solving a problem halfway and then having trouble with the other half. The reason that returns immediately is that Explorer is a single-instance program (w...
How can I generate a consistent but unique value that can coexist with GUIDs?
A customer needed to generate a GUID for each instance of a hardware device they encounter: The serial number for each device is 20 bits long (four and a half bytes). We need to generate a GUID based on each device, subject to the constraints that when a device is reinserted, we generate the same GUID for it, that no two devices generate the same GUID, and that the GUIDs we generate not collide with GUIDs generated by other means. One of our engineers suggested just running and substituting the serial number for the final nine hex digits. Is this a viable technique? This is similar to the trap of thinking tha...
Function requirements are cumulative: If you fail to meet any of them, then all bets are off
A customer was having problems with the function: We are looking for a clarification of the behavior of . We have a thread that waits on two handles (call them and ) with , . Under certain conditions, we signal and close from another thread while the wait is in progress. This results in being returned from the wait call. MSDN is not clear on what the expected behavior is here. On the one hand, it says This description implies that the wait should never fail, because the function should have noticed that is signaled before it got around to noticing that was invalid. On the other hand, the documenta...
Why is there the message '!Do not use this registry key' in the registry?
Under , there is a message to registry snoopers: The first value is called "!Do not use this registry key" and the associated data is the message "Use the SHGetFolderPath or SHGetKnownFolderPath function instead." I added that message. The long and sad story of the Shell Folders key explains that the registry key exists only to retain backward compatibility with four programs written in 1994. There's also a TechNet version of the article which is just as sad but not as long. One customer saw this message and complained, "That registry key and that TechNet article explain ho...
How does the C runtime know whether to use the static-linking or dynamic-linking version of the header file?
In response to a description of what happens when you get wrong, nksingh asks, "This seems like a problem for the CRT. As far as I know, VC gives you the option of statically or dynamically linking the CRT. But it seems like the headers will have to make a choice to support one thing better than the other. Conditional compilation would work, but then people would have to remember to include a #define somewhere. Is this dllimport vs. static linking thing something the compiler could figure out on its own if you're doing Link-time codegen?" Let's start from the beginning. Yes, this would be a problem for the...
You can extend the PROPSHEETPAGE structure with your own bonus data
... for when regular strength lParam just isn't enough. A little-known and even less-used feature of the shell property sheet is that you can hang custom data off the end of the structure, and the shell will carry it around for you. Mind you, the shell carries it around by means of and destroys it by just freeing the underlying memory, so whatever you stick on the end needs to be plain old data. (Though you do get an opportunity to "construct" and "destruct" if you register a callback, during which you are permitted to modify your bonus data and the field of the .) Here's a program that illustrates this...
What does the "l" in lstrcmp stand for?
If you ask Michael Kaplan, he'd probably say that it stands for lame. In his article, Michael presents a nice chart of the various L-functions and their sort-of counterparts. There are other L-functions not on his list, not because he missed them, but because they don't have anything to do with characters or encodings. On the other hand, those other functions help shed light on the history of the L-functions. Those other functions are lopen, lcreat, lread, lwrite, lclose, and llseek. There are all L-version sort-of counterparts to open, creat, and read, write, close, and lseek. Note that we've already uncovere...
What’s up with the mysterious inc bp in function prologues of 16-bit code?
A little while ago, we learned about the EBP chain. The EBP chain in 32-bit code is pretty straightforward because there is only one type of function call. But in 16-bit code there are two types of function calls, the near call and the far call. A near call pushes a 16-bit return address on the stack before branching to the function entry point, which must reside in the same code segment as the caller. The function then uses a instruction (a near return) when it wants to return to the caller, indicating that the CPU should resume execution at the specified address within the same code segment. By comparison, ...
Raymond's highly scientific predictions for the 2011 NCAA men's basketball tournament
Once again, it's time for Raymond to come up with an absurd, arbitrary criterion for filling out his NCAA bracket. This year, I look at the strength of the school's football team, on the theory that a school with a strong football team and a strong basketball team has clearly invested a lot in its athletics program. My ranking of football teams is about as scientific as my ranking of basketball teams: (As a special case, USC received its rank of 22 from two years ago, because it was forced to sit out the 2010 season as part of its punishment for "several major rules violations." Now that's what I call dedic...
Why can't Explorer decide what size a file is?
If you open Explorer and highlight a file whose size is a few kilobytes, you can find some file sizes where the Explorer Size column shows a size different from the value shown in the Details pane. What's the deal? Why can't Explorer decide what size a file is? The two displays use different algorithms. The values in the Size column are always given in kilobytes, regardless of the actual file size. File is 15 bytes? Show it in kilobytes. File is 2 gigabytes? Show it in kilobytes. The value shown in the Size column is rounded up to the nearest kilobyte. Your 15-byte file shows up as 1KB. This has been the behav...
The old DEBUG program can load COM files bigger than 64KB, but that doesn't mean they actually load as a program
Some times ago, I described why a corrupted binary sometimes results in the error "Program too big to fit in memory". Commenter Neil was under the impression that nonrelocatable programs files could be larger than 64KB and used the DEBUG command to verify this assertion. While it's true that DEBUG can load files bigger than 64KB, that doesn't mean that they will load as a program. If DEBUG decide that you didn't give it a program (the file extension is not EXE or COM),¹ then it treats the file on the command line as a data file and loads it into memory in its entirety, provided it fits in memory in its en...
Why does my TIME_ZONE_INFORMATION have the wrong DST cutover date?
Public Service Announcement: Daylight Saving Time begins in most parts of the United States this weekend. Other parts of the world may change on a different day from the United States. A customer reported that they were getting incorrect values from the function. I have a program that calls , and it looks like it's returning incorrect DST transition dates. For example, is returning March 2nd as the tzi.DaylightDate value, instead of the Expected March 14th date. The current time zone is Pacific Time. The value returned by (and ) is correct; you're just reading it wrong. As called out in the documentation...
How do I create a topmost window that is never covered by other topmost windows?
We already know that you can't create a window that is always on top, even in the presence of other windows marked always-on-top. An application of the What if two programs did this? rule demonstrates that it's not possible, because whatever trick you use to be on-top-of-always-on-top, another program can use the same trick, and now you have two on-top-of-always-on-top windows, and what happens? A customer who failed to understand this principle asked for a way to establish their window as "super-awesome topmost". They even discovered the answer to the "and what happens?" rhetorical question posed above. We ha...
How to rescue a broken stack trace: Recovering the EBP chain
Stack frames are threaded through EBP.
Microspeak: Cadence
Originally, the term cadence meant the rate at which a regular event recurs, possibly with variations, but with an overall cycle that repeats. For example, the cadence for team meetings might be "Every Monday, with a longer meeting on the last meeting of each month." Project X is on a six-month release cadence, whereas Project Y takes two to three years between releases. Q: What was the cadence of email requests you sent out to drive contributions? A: We started with an announcement in September, with two follow-up messages in the next month. In what I suspect is a case of I want to use this cool...
What's the difference between FreeResource and, say, DestroyAcceleratorTable
MaxMax asks a number of resource-related questions, starting with "How do you Unlock a LockResource?" and culminating in "What are the differences between and , , etc.? It would be much easier to use a single function instead of a collection of five." It helps if you understand the history of resources, because the functions were designed back when resources were managed very differently from how they are today. The usage pattern is still the same: You unlock a resource by calling, um, . Although the usage pattern is the same, the mechanism under the covers is completely different. In 16-bit Windows,...
News flash: Companies change their product to appeal to their customers
There was some apparent uproar because there was an industry which "changed the flavoring of their product depending on which market segment they were trying to appeal to." Well duh, don't all industries do this? The reason why this even remotely qualified as news didn't appear until the last five words of the article!
The window manager needs a message pump in order to call you back unexpectedly
There are a bunch of different ways of asking the window manager to call you when something interesting happens. Some of them are are in response to things that you explicitly asked for right now. The enumeration functions are classic examples of this. If you call and pass a callback function, then that callback is called directly from the enumerator. On the other hand, there is a much larger class of things that are in response either to things that happen on another thread, or in response to things that happen on your thread, but not as a direct result of an immediate request. For example, if you use the fun...
If you're waiting for I/O to complete, it helps if you actually have an I/O to begin with
We saw earlier the importance of waiting for I/O to complete before freeing the data structures associated with that I/O. On the other hand, before you start waiting, you have to make sure that you have something to wait for. A customer reported a hang in waiting for an I/O to cancel, and the I/O team was brought in to investigate. They looked at the I/O stack and found that the I/O the customer was waiting for was no longer active. The I/O people considered a few possibilities. These possibilities are in increasing order of likelihood (and, perhaps not coincidentally, decreasing order of relevance to th...
Charlie Sheen v Muammar Gaddafi: Whose line is it anyway?
I got seven out of ten right.
Although the x64 calling convention reserves spill space for parameters, you don't have to use them as such
Although the x64 calling convention reserves space on the stack as spill locations for the first four parameters (passed in registers), there is no requirement that the spill locations actually be used for spilling. They're just 32 bytes of memory available for scratch use by the function being called. We have a test program that works okay when optimizations are disabled, but when compiled with full optimizations, everything appears to be wrong right off the bat. It doesn't get the correct values for and : With optimizations disabled, the code is generated correctly: But when we compile with optimiza...
No, not that M, the other M, the one called Max
Code names are rampant at Microsoft. One of the purposes of a code name is to impress upon the people who work with the project that the name is only temporary, and that the final name will come from the marketing folks (who sometimes pull through with a catchy name like Zune, and who sometimes drop the ball with a dud like Bob and who sometimes cough up monstrosities like Microsoft WinFX Software Development Kit for Microsoft® Pre-Release Windows Operating System Code-Named "Longhorn", Beta 1 Web Setup). What I find amusing are the project which change their code names. I mean, the code name is already a p...
On the linguistic productivity of the word spam
The word spam has spawned off its own corner of the English language. I'm impressed by how productive the root word spam has become. Gratuitous cross-promotion: My colleague Terry Zink occasionally writes about spam on his Cyber Security Blog.
If you want to use GUIDs to identify your files, then nobody's stopping you
Igor Levicki proposes solving the problem of file extensions by using a GUID instead of a file name to identify a file. You can do this already. Every file on an NTFS volume has an object identifier which is formally 16-byte buffer, but let's just call it a GUID. By default a file doesn't have an object identifier, but you can ask for one to be created with , which will retrieve the existing object identifier associated with a file, or create one if there isn't one already. If you are a control freak, you can use to specify the GUID you want to use as the object identifier. (The call fails if the file alread...
DRUNK HULK's insightful commentary in all-caps (and faux-rudimentary English)
DRUNK HULK. Just read it.
Why does WaitForMultipleObjects return ERROR_INVALID_PARAMETER when all the parameters look valid to me?
A customer asked for assistance with the function: I am getting when calling even though all the parameters are valid as far as I can tell. I've narrowed it down to this simple program. First of all, thank you for narrowing the issue down to a minimal program that illustrates the problem. You'd be surprised how often a customer says, "I'm having problem with function X. Here's a program that illustrates the problem." And then attaches a huge project that doesn't compile because it is written in some development environment different from the one you have on your machine. The problem here is that...
iPhone pricing as economic experiment
Back in 2005, Slate's Tim Harford wondered why Microsoft didn't raise the introductory price of Xbox 360 game consoles. With the price set at $300, lines were long and shortages were many. Harford's readers came up with their own theories for resisting the laws of supply and demand and holding to a fixed price. The Xbox 360 is hardly unique in this respect. When there's a hot product, manufacturers hold to the original price and let the lines grow, the shortages fester, and the customers get more frustrated. Think Tickle Me Elmo or Cabbage Patch Kids. Even though from an economic-theoretical standpoi...
Shortcuts are serializable objects, which means that they can be stored in places other than just a file
It's true that the vast majority of the time, people consider the shell shortcut object as synonymous with the file it is normally saved into, shortcuts need not spend their time in a file. You can put a shortcut anywhere you can save a hunk of bytes. Here's a program that creates a shortcut to the file name passed on the command line (make sure it's a full path), and then serializes the shortcut to a blob of bytes (in the form of a ). Once that's done, it reconstitutes the bytes back into a shortcut object and sucks information out of it. After creating the shortcut object, we serialize it into a stream bac...
How long does an idle UNC connection remain active before it is automatically disconnected?
When you access a resource via a UNC, the Windows network redirector keeps the virtual circuit open for a while even after you close the resource. This is done to take advantage of locality: If you access a network resource once, you're probably going to access it again in a short time, so the redirector leaves the connection open for a little bit, on the off chance that you're going to use it again. For example, if copying a bunch of files from a server via a UNC, once one file copy is complete, the next one is going to start very shortly thereafter. If there is no activity on a connection for a while, then th...
Dr. Watson and the bluescreen – a story from the trenches
A fellow Microsoft employee volunteered a story from his prior work at a hospital as their enterprise architect. I received an escalation from our Tier 1 service desk on a Dr. Watson. Why would I get a simple escalation? Strange... Since I hadn't seen the outside of my cubicle for a while, I decided to walk over to talk to the customer in person. The employee having the problem was named Dr. Watson. His computer had bluescreened. I still get a chuckle out of that years later. That little unexpected name collision threw twelve people in the IT service and support teams into disarray.
Sharktopus: Just when you thought it was safe to see what movies are coming out
Sharktopus: Half-shark. Half-octopus. All-killer. I am not making that up. The Web site is sharktopusmovie.com, presumably because sharktopus.com was already taken. I am not making that up. I guess they wanted to ride the coattails of Megashark vs. Giant Octopus? Even more disturbing discovery: Megashark vs. Giant Octopus has a sequel: Megashark versus Crocosaurus. One of my colleagues says that he's going to wait for the sequel: Sharktopuses on a Plane.
If an operation results in messages being sent, then naturally the target window must be processing messages for the operation to complete
If an operation includes as part of its processing sending messages, then naturally the target window for those messages must be processing messages (or more precisely, the thread which owns the target window must be processing messages) in order for the operation to complete. Why? Because processing messages is the only way a window can receive messages! It's sort of tautological yet not obvious to everyone. Generally you run into this problem when you try to manipulate a window from a thread different from the one which created the window. Since windows have thread affinity, operations from off-thread typical...
WM_NCHITTEST is for hit-testing, and hit-testing can happen for reasons other than the mouse being over your window
The message is sent to your window in order determine what part of the window corresponds to a particular point. The most common reason for this is that the mouse is over your window. Although triggers most often for mouse activity, that is not the only reason why somebody might want to ask, "What part of the window does this point correspond to?" Consider a program that wants to beep when the mouse is over the Close button. This is an artificial example, but you can use your imagination to come up with more realistic ones, like showing a custom mouseover animation or displaying a balloon tip if the doc...
What is the highest numerical resource ID permitted by Win32?
A customer asked the following question: What is the maximum legal value of a resource identifier? Functions like take a as the resource ID, which suggests a full 32-bit range, but in practice, most resource IDs appear to be in the 16-bit range. Is there any particular history/precedent for avoiding large numbers as resource IDs? (I have a program that autogenerates string IDs, and having a full 32-bit range gives me some more flexibility in assigning the IDs, but I want to make sure I don't run afoul of any limitations either.) Let's answer the literal question first, and then look at the misconceptions behi...
What is the difference between a directory and a folder?
Windows 95 introduced Windows Explorer and along with it the term folder. What is the relationship between folders and directories? Some people believe that Windows 95 renamed directories to folders, but it's actually more than that. Windows Explorer lets you view folders, which are containers in the shell namespace. Directories are one type of folder, namely, folders which correspond to file system locations. There are other types of folders, such as Control Panel or Network Neighborhood or Printers. These other types of folders represent objects in the shell namespace which do not correspond to fil...
Don't mention the war. I mentioned it once, but I think I got away with it all right (Episode 2)
In preparation for the 2012 Olympic Games in London, the official UK tourism bureau produced tips for dealing with people from other countries.
Window message parameters do not come with metaphysical certitude
The MSDN documentation for window messages describes what each of the parameters means, but just because it means something doesn't mean that it is that something; it merely means it. But you knew this already. If you have a window handle, you can send it whatever message you like, with whatever parameters you like, even if those parameters contradict reality. For example, you could write some code that seeks out a target window and sends it a with parameters that claim that the message was generated from a keyboard accelerator, when in fact it was generated by code contained within your custom control. But you...
What happens when you email the people in the I'm a PC commercial?
In 2008, the first I'm a PC ad aired, opening with Sean Siler doing an impression of John Hodgman portraying a PC, and continuing with montage of people proudly announcing, "I'm a PC!" Accompanying the first four people to appear on screen are email addresses. The addresses are live (or at least they were when the campaign launched), and if you write to them, you get an autoresponse. I've heard that the most popular of the four email addresses in terms of incoming volume was not Sean Siler's, nor was it the one belonging to Bill Gates. Rather, the most messages arrived from people trying to contact the young...
Any intelligent human being
The story of The Best reminded me of a classmate from school who was inordinately fond of the phrase any intelligent human being. For example, our classmate would say, "Any intelligent human being would do X" or "It's obvious to any intelligent human being that Y." (I often—but not always—consider myself to be an intelligent human being, yet sometimes the things "any intelligent human being" would do were things I personally wouldn't.) On the other hand, you wouldn't hear our classmate use the phrase in sentences like "I cannot comprehend how any intelligent human being would be fooled by&n...
How do specify that a shortcut should not be promoted as newly-installed on the Start menu?
Windows XP employed a number of heuristics to determine which Start menu shortcuts should be promoted when an application is newly-installed. But what if those heuristics end up guessing wrong? You can set the property to to tell the Start menu, "I am not the primary entry point for the program; I'm a secondary shortcut, like a help file."
Psychic debugging: Because of course when something doesn't work, it's because the program was sabotaged from above
When something stops working, you begin developing theories for why it doesn't work, and normally, you start with simple theories that involve things close to you, and only after you exhaust those possibilities do you expand your scope. Typically, you don't consider that there is a global conspiracy against you, or at least that's not usually your first theory. I'm trying to use the XYZ.DLL that comes with your product. I have successfully registered this DLL (as specified in the documentation) by performing a . According to the documentation, I should now be able to create a object, but when I try to do ...
Why does SHGetKnownFolderPath return E_FAIL for a known folder?
A customer reported having problems with the function. I've left in the red herrings. On Windows 7, I'm trying to retrieve the Internet folder with the following code: The call always fails with . What am I doing wrong? I tried passing as the token, but that didn't help. The reason the call fails has nothing to do with Windows 7 or the token. The call fails because is a virtual folder—there is no path in the first place! The reason is that the folder you are requesting is a virtual folder (KF_CATEGORY_VIRTUAL). Virtual folders don't exist in the file system, so they don't have a pat...
Microspeak: Recycling bits or recycling electrons
To recycle bits (or recycle electrons) is to take an old piece of email and use it to answer a similar (often identical) question or discussion on a mailing list. This is usually done by simply replying to the thread with the two-word message "Recycling bits" (or "Recycling electrons") and attaching the original email message. An important aspect of the use of this term is that the attached email message definitively answers the question or resolves the discussion. Usually, the attached email message comes from the very same mailing list that is hosting the current discussion. For example, consider this question...
The cursor isn't associated with a window or a window class; it's associated with a thread group
In my earlier discussion of the fact that changing a class property affects all windows of that class, commenters LittleHelper and Norman Diamond wanted to know "Why is the cursor associated with class and not a window?" This is another one of those questions that start off with an invalid assumption. The cursor is not associated with a class. The cursor is not associated with a window. The cursor is associated with an input state. (Initially, each thread has its own input state, but functions like can cause threads to share their input states.) As we saw when we explored the process by which the cursor ge...
The 2010 Niney Award nominees have been announced
The nominees for the first (annual?) Niney Awards have been announced. The Nineys are an award which recognizes those who have had the greatest impact on the technical/developer community over the past year. Winners are selected by you, the technical/developer community. The winners will be announced at the MIX11 conference in April. But before they can announce winners, they need to collect votes. That's where you come in. Cast your vote online in the following categories: Now, it so happens that among the nominees is an author of a somewhat unsucessful book on programming (not to be confused with an au...
Ready… cancel… wait for it! (part 3)
A customer reported that their application was crashing in RPC, and they submitted a sample program which illustrated the same crash as their program. Their sample program was actually based on the AsyncRPC sample client program, which was nice, because it provided a mutually-known starting point. They made quite a few changes to the program, but this is the important one: (It was actually more complicated than this, but this is the short version.) The program was crashing for the same reason that Wednesday's I/O cancellation program was crashing: The program issued an asynchronous cancel and didn't wait f...
I am no longer impressed by your fancy new 10,000 BTU hot pot burner
Two years ago, we had a gathering at my house for some friends for hot pot, the traditional way of ringing in the lunar new year (which takes place today). It was actually a bit of a cross-cultural event, since the attendees came from different regions of Asia, where different traditions reign. (And the American guests just had to choose sides!) My house has but one portable stove for hot pot, so one of the guests brought her own unit, a unit as it turns out which was purchased specifically for the occasion, which gleamed in the light and proudly proclaimed 10,000 BTU of raw heating power. This was cause for mu...
Ready… cancel… wait for it! (part 2)
A customer had a question about I/O cancellation. They have a pending call with a completion procedure. They then cancel the I/O with and wait for the completion by passing as the parameter to . Assuming both return success, can I assume that my completion procedure will not be called after GetOverlappedResult returns? It appears that GetOverlappedResult waits non-alertably for the I/O to complete, so I'm assuming it just eats the APC if there was one. But if an APC had been posted just before I called CancelIoEx, will it also cancel that APC? does not magically revoke completion callbacks. Why should it?...
Ready… cancel… wait for it! (part 1)
One of the cardinal rules of the structure is the structure must remain valid until the I/O completes. The reason is that the structure is manipulated by address rather than by value. The word complete here has a specific technical meaning. It doesn't mean "must remain valid until you are no longer interested in the result of the I/O." It means that the structure must remain valid until the I/O subsystem has signaled that the I/O operation is finally over, that there is nothing left to do, it has passed on: You have an ex-I/O operation. Note that an I/O operation can complete successfully, or it can comp...
There is no longer any pleasure in reading the annual Microsoft injury reports
Microsoft is required by law to file reports on employees who have sustained injuries on the job. They are also required to post the reports in a location where employees can see them. These reports come out every year on February 1. Back in the old days, these reports were filled out by hand, and reading them was oddly amusing for the details. My favorite from the mid 1990's was a report on an employee who was injured on the job, and the description was simply pencil lead embedded in hand. Sadly, the reports are now computerized, and there isn't a place to describe the nature of each injury. It's just a b...
Solutions that require a time machine: Making applications which require compatibility behaviors crash so the developers will fix their bug before they ship
A while ago, I mentioned that there are many applications that rely on messages being delivered even if there is nothing to paint because they put business logic inside their handler. As a result, Windows sends them dummy messages. Jerry Pisk opines, Thanks to the Windows team going out of their way not to break poorly written applications developers once again have no incentive to clean up their act and actually write working applications. If an application requires a dummy WM_PAINT not to crash it should be made to crash as soon as possible so the developers go in and fix it before releasing their "code"...
Some remarks on VirtualAlloc and MEM_LARGE_PAGES
Large pages are a special feature for dedicated server processes.
How do you obtain the icon for a shortcut without the shortcut overlay?
The easy one-stop-shopping way to get the icon for a file is to use the function with the flag. One quirk of the function is that if you pass the path to a shortcut file, it will always place the shortcut overlay on the icon, regardless of whether you passed the flag. (Exercise: What is so special about the shortcut overlay that makes it exempt from the powers of the flag? The information you need is on the MSDN page for , though you'll have to apply some logic to the sitaution.) I'm using SHGetFileInfo to get the icon of a file to display in my application. When the file is a shortcut, rather t...
Microspeak: Leverage
At Microsoft, leverage is not a term of physics whereby a force can be magnified by the application of mechanical advantage. It is also not a term of finance whereby the power of a small amount of money can be magnified by the assumption of debt. In fact, at Microsoft, the word leverage isn't even a noun. It is a verb: to leverage, leverages, leveraging, leveraged, has leveraged. Oh, and it has nothing to do with magnification. Here are some citations: How do I leverage a SiteMap? Allow advertising partners to leverage this resource for providing targeted advertising links. Leverage existing design to power...
Why does the name of my TEMP directory keep changing?
A customer liaison contacted the shell team with the following request: Subject: Support case: 069314718055994 On two of my customer's machines, he's finding that if he opens %TEMP% from the Start menu, it opens C:\Users\username\AppData\Local\Temp\1, C:\Users\username\AppData\Local\Temp\2, and so on. Each time the user logs off and back on, the number increments. The number resets after each reboot. Why are we seeing these folders being created under Temp? This does not appear to be the default behavior. What would cause the operating system to create these folders? The customer rebuilt one of the affected m...
There's a default implementation for WM_SETREDRAW, but you might be able to do better
If your window doesn't have a handler for the message, then will give you a default implementation which suppresses messages for your window when redraw is disabled, and re-enables (and triggers a full repaint) when redraw is re-enabled. (This is internally accomplished by making the window pseudo-invisible, but that's an implementation detail you shouldn't be concerned with.) Although the default implementation works fine for simple controls, more complex controls can do better, and in fact they should do better, because that's sort of the point of . The intended use for disabling redraw on a window is in...
The 2011/2012 Seattle Symphony subscription season at a glance
Every year, I put together a little pocket guide to the Seattle Symphony subscription season for my symphony friends to help them decide which ticket package they want. As before, you might find it helpful, you might not, but either way, you're going to have to suffer through it. Here's the at-a-glance season guide for the first season with newly-appointed music director Ludovic Morlot. (Full brochure [pdf].) function filter(c) { var rows = document.getElementById("schedule").getElementsByTagName("TR"); for (var i = 0; i != rows.length; i++) { var row = rows[i]; var className = row.className; if (c...
Modality, part 9: Setting the correct owner for modal UI, practical exam
Here's a question that came from a customer. You can answer it yourself based on what you know about modal UI. (If you're kind of rusty on the topic, you can catch up here.) I've left in some irrelevant details just to make things interesting. Our program launches a helper program to display an Aero Wizard to guide the user through submitting a service request. There are no calls leading up to or returning from this call. the handles things nicely. When the user clicks "Cancel" to cancel the service request, we use a TaskDialog so we can get the new look for our confirmation message box. The task dial...
How to turn off the exception handler that COM "helpfully" wraps around your server
Historically, COM placed a giant around your server's methods. If your server encountered what would normally be an unhandled exception, the giant would catch it and turn it into the error . It then marked the exception as handled, so that the server remained running, thereby "improving robustness by keeping the server running even when it encountered a problem." Mind you, this was actually a disservice. The fact that an unhandled exception occurred means that the server was in an unexpected state. By catching the exception and saying, "Don't worry, it's all good," you end up leaving a corrupted server run...
Why didn’t they use the Space Shuttle to rescue the Apollo 13 astronauts?
Understanding decisions in the context of history.
Don't just stand around saying somebody should do something: Be someone
On one of the frivolous mailing lists in the Windows project, somebody spotted some behavior that seemed pretty bad and filed a bug on it. The project was winding down, with fewer and fewer bugs being accepted by the release management team each day, so it was not entirely surprising that this particular bug was also rejected. News of this smackdown threw the mailing list into an fit of apoplexy. Don't they realize how bad this bug is? Somebody should reactivate this bug. Yeah, this is really serious. I don't think they understood the scope of the problem. Somebody should mark the bug for reconsideration. D...
Was showing the column header in all Explorer views a rogue feature?
User :( asks whether the Explorer feature that shows the column headers in all views was a rogue feature or a planned one. If it was a rogue feature, it was a horribly badly hidden one. One of the important characteristics of the rogue feature is that you not be able to tell that the feature is there unless you go looking for it. If the feature is right there on the screen as soon as you open an Explorer window, odds are that somebody is going to notice and say something about it. (For example, the designer who is responsible for Explorer is probably going to notice that every screenshot of Explorer doesn't...
What's the difference between an asynchronous PIPE_WAIT pipe and a PIPE_NOWAIT pipe?
When you operate on named pipes, you have a choice of opening them in mode or mode. When you read from a pipe, the read blocks until data becomes available in the pipe. When you read from a pipe, then the read completes immediately even if there is no data in the pipe. But how is this different from a pipe opened in asynchronous mode by passing ? The difference is in when the I/O is deemed to have completed. When you issue an overlapped read against a pipe, the call to returns immediately, but the completion actions do not occur until there is data available in the pipe. (Completion actions are things l...
The MARGINS parameter to the DwmExtendFrameIntoClientArea function controls how far the frame extends into the client area
A customer wrote a program that calls to extend the frame over the entire client area, but then discovered that this made programming difficult: I have a window which I want to have a glassy border but an opaque body. I made my entire window transparent by calling , and I understand that this means that I am now responsible for managing the alpha channel when drawing so that the body of my window remains opaque while the glassy border is transparent. Since most GDI functions are not alpha-aware, this management is frustrating. Is there a better way? In pictures, I only want the red portion of the diagram below ...
My, what strange NOPs you have!
While cleaning up my office, I ran across some old documents which reminded me that there are a lot of weird NOP instructions in Windows 95. Certain early versions of the 80386 processor (manufactured prior to 1987) are known as B1 stepping chips. These early versions of the 80386 had some obscure bugs that affected Windows. For example, if the instruction following a string operation (such as ) uses opposite-sized addresses from that in the string instruction (for example, if you performed a followed by a ) or if the following instruction accessed an opposite-sized stack (for example, if you performed a...
The message text limit for the Marquee screen saver is 255, even if you bypass the dialog box that prevents you from entering more than 255 characters
If you find an old Windows XP machine and fire up the configuration dialog for the Marquee screen saver, you'll see that the text field for entering the message won't let you type more than 255 characters. That's because the Marquee screen saver uses a 255-character buffer to hold the message, and the dialog box figure there's no point in letting you type in a message longer than the screen saver can display. A customer decided to bypass the configuration dialog and change the text in the screen saver by editing the settings directly, and then complained that the Marquee screen saver truncated the message ...
Why does pasting a string containing an illegal filename character into a rename edit box delete the characters from the clipboard, too?
Ane asks why, if you have a string with an illegal filename character on the clipboard, and you paste that string into a rename edit box, do the illegal characters get deleted not just from the edit box but also the clipboard? Basically, it's a bug, the result of a poor choice of default in an internal helper class. There is an internal helper class for "monitoring an edit control" with options to do things like remove illegal characters. This helper class was written back in 1998, presumably with the intention of being used somewhere, but it never did get hooked up. Maybe the feature it was originally written...
When does a process ID become available for reuse?
A customer wanted some information about process IDs: I'm writing some code that depends on process IDs and I'd like to understand better problem of process ID reuse. When can PIDs be reused? Does it happen when the process handle becomes signaled (but before the zombie object is removed from the system) or does it happen only after last handle to process is released (and the process object is removed from the system)? If its the former, will OpenProcess() succeed for a zombie process? (i.e. the one that has been terminated, but not yet removed from the system)? The process ID is a value associated with ...
Processes, commit, RAM, threads, and how high can you go?
Back in 2008, Igor Levicki made a boatload of incorrect assumptions in an attempt to calculate the highest a process ID can go on Windows NT. Let's look at them one at a time. So if you can't create more than 2,028 threads in one process (because of 2GB per process limit) and each process needs at least one thread, that means you are capped by the amount of physical RAM available for stack. One assumption is that each process needs at least one thread. Really? What about a process that has exited? (Some people call these zombie processes.) There are no threads remaining in this process, but the proces...
Why does SHGetSpecialFolderPath take such a long time before returning a network error?
A customer reported that their program was failing to start up because the call to was taking a long time and then eventually returning with . The account that was experiencing this problem had a redirected network profile, "but even if he's redirecting, why would we get the bad net path error? Does calling actually touch the folder/network? If so, we should probably stop calling this function on the UI thread since network problems could cause our program to hang." The function will access the network if you pass the flag, which says "Check if the folder is there, and if not, create it." The customer had b...
From inside the Redmond Reality Distortion Field: Why publish documents in PDF?
A few years ago, the Windows 7 team developed a document to introduce technology writers to the features of Windows 7. The document was released in PDF format, which created quite a stir among certain people trapped inside the Redmond Reality Distortion Field, who indignantly complained, Why are we releasing this document in PDF format? Shouldn't it be in docx or XPS? I would expect people interested in Windows 7 to be willing to use more Microsoft technology. Um, hello from the real world. It's the people who are critical of Windows 7 who are least likely to use Microsoft technology! "Ok...
Begin feeling
A few years ago, the gas station near Microsoft's main campus (the one which had been run by my colleague in a previous stage of his career) appeared to have suffered some problems with the LCD unit on one of its pumps. Instead of "Please insert card", it said "@leace incebd cabd". As a geek, I quickly determined that bit 4 got wiped out in the ASCII codes for the characters in the message. Undaunted, I set about going through the usual steps for purchasing gasoline, though it took a little longer than normal because I first had to decode the corrupted strings. And then after I thought I had finished all the ne...
2010 year-end link clearance
Another round of the semi-annual link clearance. And, as always, the obligatory plug for my column in TechNet Magazine:
What makes RealGetWindowClass so much more real than GetClassName?
There's and then there's . What makes more real? Recall from last time that the functions were added to support Windows accessibility. The goal with is to help accessibility tools identify what kind of window it is working with, even if the application did a little disguising in the form of superclassing. If you ask for the class name of a window, it digs through all the superclassing and returns the name of the base class (if the base class is one of the standard window manager classes). For example, if your application superclassed the class, a call to would return , but a call to would return . ...
WindowFromPoint, ChildWindowFromPoint, RealChildWindowFromPoint, when will it all end?
Oh wait, there's also . There are many ways of identifying the window that appears beneath a point. The documentation for each one describes how they work, but I figured I'd do a little compare/contrast to help you decide which one you want for your particular programming problem. The oldest functions are and . The primary difference between them is that returns the deepest window beneath the point, whereas returns the shallowest. What do I mean by deep and shallow? Suppose you have a top-level window P and a child window C. And suppose you ask one of the above functions, "What window is beneath ...
Psychic debugging: When I copy a file to the clipboard and then paste it, I get an old version of the file
A customer reported the following strange problem: I tried to copy some text files from my computer to another computer on the network. After the copy completes, I looked at the network directory and found that while it did contain files with the same names as the ones I copied, they have completely wrong timestamps. Curious, I opened up the files and noticed that they don't even match the files I copied! Instead, they have yesterday's version of the files, not incorporating the changes that I made today. I still have both the source and destination folders open on my screen and can confirm that the files I cop...
Windows 7 not only can make a wallpaper slide show from images on your computer, it can even pull them from an RSS feed
Buried in the theme file documentation is a section called [Slideshow] which lets you control the source for images that are used when you put the desktop wallpaper in slideshow mode. And a bonus feature hidden in the [Slideshow] section is the ability to draw the images from an RSS feed. After creating the .theme file, double-click it and it will be added to the list of available themes. One thing about the RSS feed is that when you first set it up, it'll probably take a while for the initial images to download. You don't get any feedback that the images are still downloading; they just show up once they're re...
Why can’t you use the space bar to select check box and radio button elements from a menu?
Because it's a menu, not a dialog box.
Some suggestions on improving the assembly instructions for your children's play furniture
Some suggestions for those companies which produce children's play furniture:
That mysterious 01
Some time ago, we learned the story of that mysterious J. There is another mystery character that sometimes shows up in place of a smiley face: the \001. The character starts out as the Unicode U+263A, which looks like this: ☺. In code page 437, this character lives at position 1, and depending on what program is being used to display the character, it might appear as a box (representing the character U+0001) or as the escape sequence \001. You can think of this as a version of the mysterious J, but taking a route through code page 437, or you can think of it as how a bullet turns i...
What is the correct way of temporarily changing a thread's preferred UI language?
A customer ran into a crashing bug in their shell extension. The shell extension wants to change the thread's preferred UI language temporarily, so that it can load its resources from a specific language. You'd think this would be easy: Approximately ten seconds after this code runs, Explorer crashes with the exception whose description is "A threadpool worker thread enter a callback, which left with preferred languages set. This is unexpected, indicating that the callback missed clearing them." (Just before Explorer crashes, the message "ThreadPool: callback 77180274(05B67430) returned with preferred langua...
The __fortran calling convention isn't the calling convention used by FORTRAN
Although the Microsoft C compiler supports a calling convention called , that's just what the calling convention is called; its relationship with the FORTRAN programming language is only coincidental. The keyword is now just an old-fashioned synonym for . Various FORTRAN compilers use different calling conventions; the one I describe here applies to the now-defunct Microsoft Fortran PowerStation. Fortran Powerstation pushes parameters on the stack right-to-left, with callee-cleanup. (So far, this matches aka .) Function names are converted to all-uppercase, with an underscore at the beginning and appende...
How do I simulate input without SendInput?
Michal Zygmunt wants to create a system where multiple applications can have focus, with different users generating input and directing them at their target applications. Attempting to simulate this by posting input messages didn't work. "Can you tell us maybe how SendInput is internally implemented so that we can use it to simulate only part of the actions (like without acquiring focus)?" operates at the bottom level of the input stack. It is just a backdoor into the same input mechanism that the keyboard and mouse drivers use to tell the window manager that the user has generated input. The function doesn...
Developing the method for taking advantage of the fact that the OVERLAPPED associated with asynchronous I/O is passed by address
You can take advantage of the fact that the associated with asynchronous I/O is passed by address, but there was some confusion about how this technique could "work" when kernel mode has no idea that you are playing this trick. Whether kernel mode is in on the trick is immaterial since it is not part of the trick. Let's start with a version of the code which does not take advantage of the structure address in the way described in the article. This is a technique I found in a book on advanced Windows programming: This version of the code uses the address of the structure to determine the location in th...
What happened to the return code from WinMain in 16-bit Windows?
Commenter S asks, "What happened to the return code from WinMain in a Windows 3.1 app?" After all, there was no function in 16-bit Windows. Basically, the exit code vanished into the ether. Unless you captured it. The Toolhelp library provided a low-level hook into various parts of the kernel, allowing you to monitor, among other things, the creation and destruction of tasks. That was how you captured the return code of a Windows program in 16-bit Windows. But if you didn't catch it as it happened, it was gone forever, lost in the ether.
The OVERLAPPED associated with asynchronous I/O is passed by address, and you can take advantage of that
When you issue asynchronous I/O, the completion function or the I/O completion port receives, among other things, a pointer to the structure that the I/O was originally issued against. And that is your key to golden riches. If you need to associate information with the I/O operation, there's no obvious place to put it, so some people end up doing things like maintaining a master table which records all outstanding overlapped I/O as well as the additional information associated with that I/O. When each I/O completes, they look up the I/O in the master table to locate that additional information. But it's eas...
Why does SHCOLUMNINFO have unusually tight packing?
Alternate title: News flash: Sometimes things happen by mistake rbirkby asks why the structure has 1-byte packing. "Was the expectation that there would be so many columns in a details view that the saving would be worthwhile?" Hardly anything that clever or ingenious. It's just the consequence of a mistake. When the structure was added to the header file in the Windows 2000 timeframe, it was added with no specific packing directive. But it turns out that there was a specific packing directive; it just wasn't obvious. Near the top of the header file was the following: (There was of course a mat...
There is no interface for preventing your notification icon from being hidden
Yes, it's another installment of I bet somebody got a really nice bonus for that feature. A customer had this question for the Windows 7 team: Our program creates a notification icon, and we found that on Windows 7 it is hidden. It appears properly on all previous versions of Windows. What is the API to make our icon visible? First of all, I'd like to congratulate you on writing the most awesome program in the history of the universe. Unfortunately, Windows 7 was not prepared for your awesomeness, because there is no way to prevent your notification icon from being hidden. That's because if t...
The subtleties of a Will Ferrell movie, and other observations from the in-flight entertainment on a Chinese airline
My flights to and from Beijing were on Hainan Airlines, a Chinese airline. One consequence of this is that Mandarin Chinese is the primary language of communication; English is a distant second. It also means that the in-flight movies are subtitled in Chinese, so if you can't read Chinese, you are restricted to movies in languages you understand. I wasn't interested in the English-language movies, although I did watch a little bit of "The Other Guys", a Will Ferrell vehicle. In one scene, Ferrell's character and his friend have dinner in a Chinese restaurant. Ferrell's character says to the waiter, "謝#...
Microspeak: Informing a product
Microspeak is not always about changing a word from a verb to a noun or changing a noun to a verb or even changing a noun into a verb and then back into a noun. Sometimes it's about data compression. This testing won't inform RC, but we'll need it to inform an RTM release. First, you need to familiarize yourself with a less-used sense of the verb to inform, namely to guide or direct. A typical use would be something like "This data will inform the decision whether to continue with the original plan in Product Q." In other words, this data will be used to help decide whether to continue with the origina...
Why are the Compression and Encryption options check boxes instead of radio buttons?
Tanveer Badar asks why the file properties Advanced dialog shows two checkboxes (compression and encryption) even though NTFS supports only one or the other at a time. "Why not have two radio buttons instead of these silly check boxes?" Actually, if you want radio buttons, you'd need three, one to cover the "neither" case. Let's look at what those radio buttons would look like: Compress contents to save disk space Encrypt contents to secure data Neither compress nor encrypt This takes an implementation detail (that NTFS currently does not support simultaneous compression and encryption) and elevates it to th...
Some notes on my trip to Beijing disguised as travel tips
Single-use tickets purchased from subway vending machines are valid only on the day of purchase for use in that station. Do not buy your return ticket at the same time as your outbound ticket because it will not work. This detail is clearly explained on the ticket that you receive after you have paid for it. (Also, the vending machine will ask you how many "sheets" you want. It's asking how many tickets you want.) Subway station names are printed in both Chinese and pinyin, but the pinyin omits the tone markers, which means that you will have no idea how you're supposed to pronounce the station name, should anyb...
How do I limit the size of the preview window used by Aero Snap?
A customer reported that the translucent preview shows by Aero Snap showed the wrong dimensions for their application window. "As you can see in the screen shot, the preview is too wide. Our application window has a maximum width, but the preview is fully half the width of the screen. How can we disable the Aero Snap feature?" Whoa there, giving up so easily? Sounds like you're throwing the baby out with the bathwater. To control the size of the preview window used by Aero Snap, you respond to the same message you've already been responding to in order to tell Windows the valid range of sizes for your windo...
What appears superficially to be a line is actually just a one-dimensional mob
In China, queueing is honored more in the breach than in the observance. If you see a line for something, you must understand that what you are seeing is not really a line. It is a one-dimensional mob. You must be prepared to defend your position in line fiercely, because any sign of weakness will be pounced upon, and the next thing you know, five people just cut in front of you. I first became aware of this characteristic of "Chinese queueing theory" while still at the airport. When the gate agents announced that the flight to Beijing had begun boarding, a one-dimensional mob quickly formed, and I naïvely...
We've traced the call and it's coming from inside the house: Grid lines in list view report mode
A customer wanted to know how to remove the grid lines from a list view control in report mode. The customer was kind enough to include the source code for the relevant part of the program and drew our attention to the line in the resource file that he believed to be the source of the problem: The customer didn't know it, but that line in the resource file was of no help at all in diagnosing the problem. Fortunately, we found the root cause in the source code provided: The grid lines are there because you explicitly asked for them! The customer accepted this answer without response. One of my colleagues ...
Kindergarten writing exercise from my niece
When my niece was in kindergarten, a regular classroom assignment was for students to write a few sentences about something happening in their lives. For one of the assignments, my niece wrote the following: My auntie has a baby in her tumy. If it is a boy I will call him Kevin. If it is a grl I will call her Alula. We have no idea where the name "Alula" came from. The baby turned out to be a girl, but her aunt chose a different name. My niece did not hold up her end of the bargain and call her new cousin "Alula". Update: Upon further reflection, I think the proposed boy's name was "Derik", not Kevin. Not i...
It rather involved being on the other side of this airtight hatchway: Invalid parameters from one security level crashing code at the same security level
In the category of dubious security vulnerability, I submit the following (paraphrased) report: I have discovered that if you call the function (whose first parameter is supposed to be a pointer to a IUnknown), and instead of passing a valid COM object pointer, you pass a pointer to a random hunk of data, you can trigger an access violation in the function which is exploitable by putting specially-crafted data in that memory blob. An attacker can exploit the function for remote execution and compromise the system, provided an application uses the function and passes a pointer to untrusted data as the firs...
Creative naming in pursuit of subverting the no-fun zone
For a time, the Information Technology department at Microsoft cracked down on what it believed to be frivolous mailing lists. All mailing lists inside the company had to have a valid business purpose. The nascent wireless networking team found a way to circumvent this rule: They created a mailing list for discussion of non-business topics but officially said that it was for discussing Wireless Networking Interference.
TrackMouseEvent tracks mouse events in your window, but only if the events belong to your window
Greg Williams wonders why fails to detect mouse hover events when responding to DoDragDrop callbacks. "My suspicion is that monopolizes the window so that a message is never posted, so it won't end up being useful." That's basically it, for the appropriate sense of the word "monopolize." The monitors mouse events that take place in your window and notifies your window when events of interest occur. But this requires that the events actually take place in your window! The function calls so that it can carry out the task of following the mouse anywhere on the screen. Recall that mouse events nor...
ZOMG! This program is using 100% CPU!1! Think of the puppies!!11!!1!1!eleven
Calm down.
The alignment declaration specifier is in bytes, not bits
Explicit object alignment is not something most people worry about when writing code, which means that when you decide to worry about it, you may be a bit rusty on how the declarations work. (After all, if it's something you worried about all the time, then you wouldn't have trouble remembering how to do it!) I was looking at some customer code, and there was a class who had a data member with an explicit alignment declaration. I pointed out that the comment didn't match the code. The comment says that the variable needs to be DWORD-aligned (which in Windows-speak means aligned on a 32-bit boundary), but th...
I will be speaking at TechEd China 2010 today
As I've mentioned a few times by now, the way to get me to show up at your event is to invite me. The easiest (i.e. cheapest) way is to hold your event in the Seattle area so that my travel expenses are effectively zero; I just use my bus pass. The folks at TechEd China 2010, on the other hand, had to fly me all the way out to Beijing, which is where I've been this week. Preparing these talks is a lot of work, because each one is different. It's not like I have a "stock presentation" that I give over and over. So even if you invite me, I may decline because I simply don't have the time to write up a new present...
How do I delete bytes from the beginning of a file?
It's easy to append bytes to the end of a file: Just open it for writing, seek to the end, and start writing. It's also easy to delete bytes from the end of a file: Seek to the point where you want the file to be truncated and call . But how do you delete bytes from the beginning of a file? You can't, but you sort of can, even though you can't. The underlying abstract model for storage of file contents is in the form of a chunk of bytes, each indexed by the file offset. The reason appending bytes and truncating bytes is so easy is that doing so doesn't alter the file offsets of any other bytes in the file. I...
Microspeak: Take-away
At Microsoft, the take-away is the essential message of a presentation or the conclusion that you are expected to draw from a situation. It is something you are expected to remember when the whole thing is over, a piece of information you take away with you as you leave the room. XYZ demo take away (title of a document) The preferred intensifier is key, and you probably see it attached to the phrase take-away more often than not. This example comes from a presentation on the results of a user study: Results: XYZ Tough to Use In fact, every single slide in this presentation had a bullet point at the botto...
What were Get/SetMessageExtraInfo ever used for?
KJK::Hyperion asks, "Could you shed some light on Get/SetMessageExtraInfo? It's almost like nobody on earth used them, ever, and I can't get some sample code." Yup, that's about right. Nobody on earth (to within experimental error) ever used them. These functions were introduced on July 20, 1990 (I'm looking at the change history right now) at the request of what was then called the Hand-Writing Windows group, which shipped the first version of Windows for Pen Computing in 1992. The idea was that each input event from the custom pen hardware would have this extra information associated with it, and the software...
Watching the game of Telephone play out in five seconds
Some time ago, I spent the Thanksgiving holiday with my nieces (ages 3 and 5 at the time), and I overheard this conversation between them. "Thanksgiving is over." — Christmas is coming! "It's Christmas time!" — Today is Christmas!
The easy way out is to just answer the question: What is the current Explorer window looking at?
A customer had the following question: We have an application which copies and pastes files. Our problem is that we want to paste the files into the folder which corresponds to the currently active Windows Explorer window. Right now, we're using , but we find this method unsatisfactory because we want to replace Explorer's default file copy engine with our own custom one. Can you provide assistance? (And commenter wtroost had no clue why somebody would copy a file by sending window messages to Explorer. Well here you have it.) The easy way out is to answer the question: You can enumerate the active Explorer ...
What if two programs did this? Practical exam
A customer who doesn't read this blog had the following question: The requirement for our application is that it must be on top of all other windows, even in the presence of other windows with the topmost style. In our and messages, we set ourselves to topmost, and then call to bring ourselves to the front, and then we ourselves just to make sure. The result is that our application and another application end up fighting back and forth because both applications are applying similar logic to remain on top. There are other applications that defeat our logic, and they manage to cover our application. (These ...
You can filter the Common File dialog with wildcards
A customer reported an apparent inconsistency in the shell common file dialogs: The question mark appears to be treated differently from other invalid file name characters. I tried to save a file in Paint under the name but instead of telling me that I had an invalid character in the file name (as it does with other characters like and ) or navigating to a new folder (like or ), it appears to do nothing. Actually, it did do something. You just couldn't tell because the result of that something was the same as doing nothing. If you type a wildcard like or into a common file dialog, the dialog interprets ...
But who's going to set up their own email server?
Many many years ago, back in the days when Microsoft's email address had exclamation points, an internal tool was developed to permit Microsoft employees to view and update their Benefits information from the comfort of their very own offices. Welcome to the paperless office! One of my friends noticed an odd sentence in the instructions for using the tool: "Before running the program, make sure you are logged onto your email server." "That's strange," my friend thought. "Why does it matter that you're logged onto your email server? This tool doesn't use email." Since my friend happened at the time to be a test...
Consequences of using variables declared __declspec(thread)
As a prerequisite, I am going to assume that you understand how TLS works, and in particular how variables work. There's a quite thorough treatise on the subject by Ken Johnson (better known as Skywing), who comments quite frequently on this site. The series starts here and continues for a total of 8 installments, ending here. That last page also has a table of contents so you can skip over the parts you already know to get to the parts you don't know. Now that you've read Ken's articles... No, wait I know you didn't read them and you're just skimming past it in the hopes that you will be able to fake your ...
What's the difference between the Windows directory and the System directory?
(Windows was released on November 20, 1985, twenty-five years ago tomorrow. Happy birthday!) You have and you have . Why do we need both? They're both read-only directories. They are both searched by . They seem to be redundant. (There are other directories like which are not relevant to the discussion.) Back in the old days, the distinction was important. The Windows directory was read-write, and it's where user configuration settings were kept. See for example, , which reads from in the Windows directory, and , which defaults to the Windows directory if you don't give a full path to the configuration file....
One possible reason why ShellExecute returns SE_ERR_ACCESSDENIED and ShellExecuteEx returns ERROR_ACCESS_DENIED
(The strangely-phrased subject line is for search engine optimization.) A customer reported that when they called , the function sometimes fails with , depending on what they are trying to execute. (If they had tried they would have gotten the error .) After a good amount of back-and-forth examing file type registrations, a member of the development team had psychic insight to ask, "Are you calling it from an MTA?" "Yes," the customer replied. "ShellExecute is being called from a dedicated MTA thread. Would that cause the failure?" Why yes, as a matter of fact, and it's called out in the documentation for ....
How full does a hard drive have to get before Explorer will start getting concerned?
The answer depends on which "hard drive almost full" warning you're talking about. Note that these boundaries are merely the current implementation (up until Windows 7). Future versions of Windows reserve the right to change the thresholds. The information provided is for entertainment purposes only. The thermometer under the drive icon in My Computer uses a very simple algorithm: A drive is drawn in the warning state when it is 90% full. The low disk space warning balloon is more complicated. The simplified version is that it warns of low disk space on drives bigger than about 3GB when free disk space dr...
If you measure something, people will change their behavior to address the measurement and not the thing the measurement is intended to measure
We all know that once you start measuring something, people will change the way they behave. We hope that the change is for the better, but that's not always the case, and that's especially true if you are using the metrics as a proxy for something else: People will manipulate the metric without necessarily affecting the thing that your metric is trying to measure. I was reminded of this topic when I read a story in The Daily WTF of a manager who equated number of checkins with productivity. One metric that nearly all software products use to gauge productivity and product progress is the number of bugs outs...
The program running in a console decides what appears in that console
James Risto asks, "Is there a way to change the behavior of the CMD.EXE window? I would like to add a status line." The use of the phrase "the CMD.EXE window" is ambiguous. James could be referring to the console itself, or he could be referring to the CMD.EXE progarm. The program running in a console decides what appears in the console. If you want to devote a line of text to a status bar, then feel free to code one up. But if you didn't write the program that's running, then you're at the mercy of whatever that program decided to display. Just to show that it can be done, here's a totally useless console...
Why does the common file dialog change the current directory?
When you change folders in a common file dialog, the common file dialog calls to match the directory you are viewing. (Don't make me bring back the Nitpicker's Corner.) Okay, the first reaction to this is, "What? I didn't know it did that!" This is the other shoe dropping in the story of the curse of the current directory. Now the question is, "Why does it do this?" Actually, you know the answer to this already. Many programs require that the current directory match the directory containing the document being opened. Now, it turns out, there's a way for you to say, "No, I'm not one of those lame-o programs...
Using delayload to detect functionality is a security vulnerability
We saw last time that your debugging code can be a security vulnerability when you don't control the current directory. A corollary to this is that your delayload code can also be a security vulnerability, for the same reason. When you use the linker's delayload functionality to defer loading a DLL until the first time it is called, the linker injects code which calls on a DLL the first time you call a function in it, and then calls on the functions you requested. When you call a delay-loaded function and the delayload code did not get a function pointer from (either because the DLL got loaded but the funct...
Your debugging code can be a security vulnerability: Loading optional debugging DLLs without a full path
Remember, the bad guys don't care that your feature exists just for debugging purposes. If it's there, they will attack it. Consider the following code: When you need to debug the program, you can install the DLL into the application directory. The code above looks for that DLL and if present, gets some function pointers from it. For illustrative purposes, I've included one debugging hook. The idea of this example (and it's just an example, so let's not argue about whether it's a good example) is that when we're about to load a document, we call the function, telling it about the document that was just l...
The curse of the current directory
The current directory is both a convenience and a curse. It's a convenience because it saves you a lot of typing and enables the use of relative paths. It's a curse because of everything else. The root cause of this curse is that the Windows NT family of operating systems keeps open a handle to the process's current directory. (Pre-emptive Yuhong Bao comment: The Windows 95 series of operating systems, on the other hand, did not keep the current directory open, which had its own set of problems not relevant to this discussion.) The primary consequence of this curse is that you can't delete a direct...
Is there any vendor bias in the way the Start menu determines which programs are most frequently used?
Chrissy wants to know if there is a bias towards Microsoft products in the selection of most frequently used programs on the Start menu. The only bias is in the initial default MFU list, the one that appears upon a fresh login. In Windows XP, the default Start menu MFU contains six slots. The first three point to Windows applications, and the second three point to programs chosen by the OEM. (If the OEM chooses not to take advantage of this feature, or if this is a boxed version of the product, then the second three slots also point to Windows applications.) Which specific three (or six) programs get disp...
Why does the Win32 Time service require the date to be correct before it will set the time?
Public Service Announcement: Daylight Saving Time ends in most parts of the United States this weekend. Andy points out that if you attempt to synchronize your clock when the date is set incorrectly, the operation fails with the error message "An error occurred while Windows was synchronizing with time.windows.com. For security reasons, Windows cannot synchronize with the server because your date does not match. Please fix the date and try again." He wonders what the security risk is. First of all, for people who are trying to solve the problem, the solution is to follow the steps in the error message. Set yo...
The story of MUI, as told by others (with some commentary)
First, the story as told by others: Now the question you're all going to ask so I may as well answer it: Why is this information kept in a file instead of being attached to the file itself (say, in an alternate stream)? If it were in an alternate stream, then it would track the file when it was moved or copied. First answer: Because alternate streams require NTFS. Localized names were introduced in Windows 2000, and Windows 2000 gave you the option of formatting your drive as FAT or NTFS. (It wasn't until Windows Vista that NTFS became mandatory.) Therefore the mechanism for localized names ne...
The quiet fading away of the CtlPanelClass
If you search MSDN for , you'll find a few really old Knowledge Base articles that include it in a list of "class names of common Windows applications." I'm not sure why the Knowledge Base articles bothered to list those classes; there is no technical reason for applications to need to know this, and including the information merely encourages programmers to rely on the window class name in strange undocumented ways. (This is another one of those cases where a Knowledge Base article written to assist in troubleshooting becomes interpreted as formal documentation.) Windows Vista finally got rid of that window cl...
The wisdom of seventh graders: Being President
Today is Election Day in the United States. Some years ago, seventh grade students (age 12) were asked to imagine they had just been elected president and to give an address to the nation on one thing they would change. Remember, these are only the most entertaining ideas. Do not assume all student ideas are like these. And this sentence came from a student destined for greatness as a politician: "Something must be done, and I will make it happen."
Saying that your case is different doesn't make it so
A customer wanted to do one of those user-hostile things that Windows doesn't make easy to do (the sort of thing I tend to call out on this Web site). After receiving an explanation that Windows doesn't provide a way of doing what they want because it abuses the component in question and goes against user expectations, the customer countered, "Yes, we understand that, but our case is different." The customer then proceeded to explain how they intended to use this newfound power (if only they could figure out how to do it) and under what circumstances they intend to invoke it. Their explanation was interesting in...
Why doesn't the End Task button end my task immediately?
Commenter littleguru asks, "Why does the End Now button not kill the process immediately?" When you click the End Now button, the process really does end now, but not before a brief message from our sponsor. When you kill a hung application, Windows Error Reporting steps in to record the state of the hung application so it can be submitted to the mother ship (with your permission). If you are running Windows XP or Windows Vista, you can briefly see a process called or ; these are the guys who are doing the data collection. After being uploaded to Microsoft, these failure reports are studied to deter...
It's the Great Pumpkin, Charlie Brown: The world of competitive pumpkin-growing
Bill Littlefield of NPR's sports program Only a Game interviews Susan Warren about competitive pumpkin-growing. [Direct link - Real format] An excerpt from her book Backyard Giants was printed in The Wall Street Journal: The Race to Break the Squash Barrier, the quest to grow a one-ton pumpkin. I'm fascinated by these subcultures of people obsessed with one thing.
Debugging walkthrough: Diagnosing a __purecall failure
Prerequisite: Understanding what means. I was asked to help diagnose an issue in which a program managed to stumble into the function. The stack at the point of failure looked like this: The line at that called the mystic was a simple : From what we know of , this means that somebody called into a virtual method on a derived class after the derived class's destructor has run. Okay, well, let's see if we can find the object in question. Since the method being called is a COM method, the calling convention applies, which means that the pointer is on the stack. Using our knowledge of the layou...
Why is there an LVN_ODSTATECHANGED notification when there's already a perfectly good LVN_ITEMCHANGED notification?
If you work with owner-data listviews, you take the responsibility for managing the data associated with each item in the list view. The list view control itself only knows how many items there are; when it needs information about an item, it asks you for it. It's the fancy name for a "virtual list view" control. When you use an ownerdata list view, you will receive a new notification, . The OD stands for ownerdata, so this is an "owner data state changed" notification. The list view sends this notification when the state of one or more items in an owner data list view control change simultaneously. Mind you, t...
How do I programmatically invoke Aero Peek on a window?
A customer wanted to know if there was a way for their application to invoke the Aero Peek feature so that their window appeared and all the other windows on the system turned transparent. No, there is no such programmatic interface exposed. Aero Peek is a feature for the user to invoke, not a feature for applications to invoke so they can draw attention to themselves. Yes, I realize you wrote a program so awesome that all other programs pale in comparison, and that part of your mission is to make all the other programs literally pale in comparison to your program. Sorry. Maybe you can meet up with that oth...
Hacking Barney the dinosaur for fun (no profit)
Wonder powers ActiMate!
Belated happy first birthday, Windows 7
On Friday, the marketing folks informed me that they decided to put me on the Microsoft Careers United States home page in recognition of Windows 7's first birthday. It's an honor and to be honest a bit scary to be chosen to be the face of Windows on a day of such significance. (They told me that had narrowed it down to me and "some Director of Test". Sorry, Director of Test; maybe they'll pick you for Windows 7's second birthday.) I think my picture is still there (they didn't tell me how long it was going to be up), but here's a screen capture just to prove it to my relatives: ...
When you call a function, your code doesn't resume execution until that function returns
Consider this code fragment: When calls , and has not yet returned, does continue executing? Does get called before returns? No, it does not. The basic structure of the C/C++ language imposes sequential execution. Control does not return to the function until returns control, either by reaching the end of the function or by an explicit . Commenter Norman Diamond asks a bunch of questions, but they're all mooted by the first: I can't find any of the answers in MSDN, and even an answer to one doesn't make answers to others obvious. Unless failures occur, the DialogBox function doesn't return u...
The evolution of the ICO file format, part 4: PNG images
We finish our tour of the evolution of the ICO file format with the introduction of PNG-compressed images in Windows Vista. The natural way of introducing PNG support for icon images would be to allow the field of the to take the value , in which case the image would be represented not by a DIB but by a PNG. After all, that's why we have a field: For forward compatibility with future encoding systems. Wipe the dust off your hands and declare victory. Unfortunately, it wasn't that simple. If you actually try using ICO files in this format, you'll find that a number of popular icon-authoring tools crash w...
The evolution of the ICO file format, part 3: Alpha-blended images
Windows XP introduced the ability to provide icon images which contain an 8-bit alpha channel. Up until this point, you had only a 1-bit alpha channel, represented by a mask. The representation of an alpha-blended image in your ICO file is pretty straightforward. Recall that the old ICO format supports 0RGB 32bpp bitmaps. To use an alpha-blended image, just drop in a ARGB 32bpp bitmap instead. When the window manager sees a 32bpp bitmap, it looks at the alpha channel. If it's all zeroes, then it assumes that the image is in 0RGB format; otherwise it assumes it is in ARGB format. Everything else remains the ...
How do I get the dimensions of a cursor or icon?
Given a or a , how do you get the dimensions of the icon or cursor? The function gets you most of the way there, returning you an structure which gives you the mask and color bitmaps (and the hotspot, if a cursor). You can then use the function to get the attributes of the bitmap. And then here's the tricky part: You have to massage the data a bit. As we've learned over the past few days, an icon consists of two bitmaps, a mask and an image. A cursor is the same as an icon, but with a hotspot. To get the dimensions of the icon or cursor, just take the dimensions of the color bitmap. If you have one. ...
The evolution of the ICO file format, part 2: Now in color!
Last time, we looked at the format of classic monochrome icons. But if you want to include color images, too? (Note that it is legal—and for a time it was common—for a single ICO file to offer both monochrome and color icons. After all, a single ICO file can offer both 16-color and high-color images; why not also 2-color images?) The representation of color images in an ICO file is almost the same as the representation of monochrome images: All that changes is that the image bitmap is now in color. (The mask remains monochrome.) In other words, the image format consists of a where the is the width of the ima...
The evolution of the ICO file format, part 1: Monochrome beginnings
This week is devoted to the evolution of the ICO file format. Note that the icon resource format is different from the ICO file format; I'll save that topic for another day. The ICO file begins with a fixed header: must be zero, and must be 1. The describes how many images are included in this ICO file. An ICO file is really a collection of images; the theory is that each image is an alternate representation of the same underlying concept, but at different sizes and color depths. There is nothing to prevent you, in principle, from creating an ICO file where the 16×16 image looks nothing like the 32...
What does the FOF_NOCOPYSECURITYATTRIBS flag really do (or not do)?
In the old days, the shell copy engine didn't pay attention to ACLs. It just let the file system do whatever the default file system behavior was. The result was something like this: Perfectly logical, right? If a new file is created, then the security attributes are inherited from the container. If an existing file is moved, then its security attributes move with it. And since moving a file across drives was handled as a copy/delete, moving a file across drives behaved like a copy. Users, however, found this behavior confusing. For example, they would take a file from a private folder like their My Document...
The memcmp function reports the result of the comparison at the point of the first difference, but it can still read past that point
This story originally involved a more complex data structure, but that would have required too much explaining (with relatively little benefit since the data structure was not related to the moral of the story), so I'm going to retell it with double null-terminated strings as the data structure instead. Consider the following code to compare two double-null-terminated strings for equality: "Aha, this code is inefficient. Since the function stops comparing as soon as it finds a difference, I can skip the call to and simply write because we can never read past the end of : If the strings are equal, then...
How do I get the color depth of the screen?
How do I get the color depth of the screen? This question already makes an assumption that isn't always true, but we'll answer the question first, then discuss why the answer is wrong. If you have a device context for the screen, you can query the color depth with a simple arithmetic calculation: Now that you have the answer, I'll explain why it's wrong, but you can probably guess the reason already. Two words: Multiple monitors. If you have multiple monitors connected to your system, each one can be running at a different color depth. For example, your primary monitor might be running at 32 bits per p...
Why are the keyboard scan codes for digits off by one?
What, they were digits?
Why does each drive have its own current directory?
Commenter Dean Earley asks, "Why is there a 'current directory' AND an current drive? Why not merge them?" Pithy answer: Originally, each drive had its own current directory, but now they don't, but it looks like they do. Okay, let's unwrap that sentence. You actually know enough to answer the question yourself; you just have to put the pieces together. Set the wayback machine to DOS 1.0. Each volume was represented by a drive letter. There were no subdirectories. This behavior was carried forward from CP/M. Programs from the DOS 1.0 era didn't understand subdirectories; they referred to files ...
Why does TaskDialog return immediately without showing a dialog? – Answer
Last time, I left an exercise to determine why the function was not actually displaying anything. The problem had nothing to do with an invalid window handle parameter and had all to do with original window being destroyed. My psychic powers told me that the window's handler called . As we learned some time ago, quit messages cause modal loops to exit. Since the code was calling after the window was destroyed, there was a message still sitting in the queue, and that quit message caused the modal loop in to exit before it got a chance to display anything. Switching to wouldn't have changed anything, si...
Why does my asynchronous I/O request return TRUE instead of failing with ERROR_IO_PENDING?
A customer reported that their program was not respecting the flag consistently: My program opens a file handle in mode, binds it to an I/O completion callback function with , and then issues a against it. I would expect that the returns and returns , indicating that the I/O operation is being performed asynchronously, and that the completion function will be called when the operation completes. However, I find that some percentage of the time, the call to returns , indicating that the operation was performed synchronously. What am I doing wrong? I don't want my thread to block on I/O; that's why I'm issu...
The overlooked computer room at school that became my "office" for a while
VIMH's comment on an unmarked restroom that is largely unknown reminds me of a story from my college days. Since my final project involved computational geometry, I was granted a key to the rooms in our department which had the computers with fancy graphical displays. (The term "fancy graphical display" is a relative one, mind you. By today's standards they would be pretty lame.) Use of the computers in these rooms was normally reserved for faculty and graduate students. During my wanderings through the department building, I discovered that there was a small storage room in an unused corner of the basement tha...
Why does TaskDialog return immediately without showing a dialog?
A customer reported a problem with the function. We've encountered a strange behavior in the function. A user reported that when exiting our application, our program played an error beep that didn't appear to be associated with an error. After investigating, we found that the sound is coming from our application trying to display an error dialog before closing by calling . The error beep is played but no dialog appears. Some background on the error condition that we're trying to report: We're calling , and the window procedure creates another window in its handler. It looks like the original window is dest...
Wildly popular computer game? The Windows product team has you covered
DOOM and World of Warcraft.
Secret passages on Microsoft main campus
Getting from one point to another.
On understanding that getting married comes with changes in lifestyle
A friend of mine who had been married less than a year received a phone call from Adam, one of his still-single friends: "Hey, Joe! Irving and I are going into town, hit some bars, hang out at some clubs, wanna come along?" My friend replied, "Hang on a second." A beat. "Nope. Still married!" As far as I know, Adam and Irving are still single.
Why is the origin at the upper left corner?
Because early geeks didn't study math.
Which ferry should we take from Germany back to Denmark? Oh, it's this one, except for that one word I don't understand
Writing that entry last Friday reminded me that I never did share my stories of that emergency vacation, save for a cryptic list of learnings. Here's a little story about the ferry crossing. Part of the trip involved driving from Copenhagen (København) to Munich (München), which means taking a ferry. (It's faster than driving down the peninsula.) Realizing that we would also have to take the ferry on the return trip on Saturday, we grabbed a ferry schedule during a rest stop in Denmark. What we didn't realize until it was time for the return trip was that the schedule was (naturally) in Danish, a...
Non-psychic debugging: Why you're leaking timers
I was not involved in this debugging puzzle, but I was informed of its conclusions, and I think it illustrates both the process of debugging as well as uncovering a common type of defect. I've written it up in the style of a post-mortem. A user reported that if they press and hold the F2 key for about a minute, our program eventually stops working. According to Task Manager, our User object count has reached the 10,000 object limit, and closer inspection revealed that we had created over 9000 timer objects. We ran the debugger and set breakpoints on and to print to the debugger each timer ID as it was cr...
2010 Q3 link clearance: Microsoft blogger edition
It's that time again: Sending some link love to my colleagues.
Why doesn't the TAB key work on controls I've marked as WS_TABSTOP?
A customer had a programming problem regarding tab stops: I create a parent window (child of main frame) as below This window hosts 2 toolbar windows. Each toolbar window has the style set using . MSDN states WS_EX_CONTROLPARENT Allows the user to navigate among the child windows of the window by using the TAB key. But I am not able to use TAB to navigate to second toolbar. I tried handling and return . But this message is not sent to parent. I can try subclassing the toolbar to handle TAB key, but if I do that, then what's the point of the and styles? You already know how to solve this cus...
We apologize for the delay, but there is an issue with the music
After the opening work of the Seattle Symphony concert last Saturday night, the orchestra members rearranged themselves to play the Foote, but conductor Gerard Schwarz didn't come out onto the stage. The delay grew and people started wondering what was going on. An announcement was made over the public address system: "We apologize for the delay, but there is an issue with the music." This only created more confusion. What does "an issue with the music" mean? Eventually, Schwarz took the podium and explained what happened. It turned into a game of good news/bad news. "The good news is that one of the orchest...
Where did my mail control panel icon go?
A customer ran into the following problem: I was trying to add another email account to Outlook, and the instructions say that I should go to the mail icon in the Control Panel, which to my surprise is nowhere to be found! How can I figure out what went wrong? A little bit of psychic debugging will solve this. The customer was running Windows Vista, 64-bit edition. On 64-bit versions of Windows XP and Windows Vista, the Control Panel shows only 64-bit control panels. The 32-bit control panels are off in a separate 32-bit control panel, which you can find by clicking the View 32-bit Control Pan...
Speculation around Microsoft Company Meeting 2010
Today is Microsoft's annual Company Meeting. Back in August, the Real Estate and Facilities department sent a message to our group of buildings to inform us that the locker rooms would be closed "due to the filming of an upcoming corporate initiative." Speculation swirled as to what sort of "upcoming corporate initiative" would require filming in a locker room. The Company Meeting was only a month away, and I suggested that Steve Ballmer might be filming a (shudder) parody of the Old Spice Guy commercial. Picking up the ball, one of my colleagues wrote the proposed script for this parody: Hello developers. ...
Children's reactions to macadamia nuts dipped in chocolate
Some time ago, we had some people over our house for dinner, and we had a selection of desserts including chocolate-covered macadamia nuts. The children in attendance finished their dinner before the adults (because the adults were busy doing boring things like talking) and were excused to go play. It so happens that the play room is right next to the kitchen, and in the kitchen was the dessert table, including a bowl of chocolate-covered macadamia nuts, which the children managed to consume in their entirety before the adults finally finished talking and went to get dessert. The second half of the story didn'...
Why not just require each application to declare what version of Windows it is compatible with?
Via the Suggestion Box, Arno Shoedl asked, "could not a lot of compatibility problems be solved by simply declaring (via manifest?) the earliest and latest version of Windows a program has been tested to run on?" Actually, programs already declare that, sort of. Each module has a subsystem field in the header that specifies the earliest version of Windows the program will run on. There isn't a corresponding way to declare the maximum version of Windows you want to run on, however, so the manifesty thing could be done there. (There is a new manifesty way of saying what version of Windows you would like to see.) ...
Does anybody actually like Brazil nuts?
Brazil nuts are perhaps best known for floating to the top of a jar of mixed nuts. According to Wikipedia,¹ the reason for the phenomenon is not well understood. At least in my house, the reason for the phenomenon is quite clear: Brazil nuts float to the top because nobody in my house likes Brazil nuts. When you reach in and grab a handful of nuts, you toss the Brazil nuts back into the jar, which is why they end up on top. A few months ago, I asked "Does anybody actually like Brazil nuts?" A lot of people agreed with my opinion of them, but there was a notable dissenter: Larry Osterman. There is now a s...
How reliable is the BatteryLifePercent member of the SYSTEM_POWER_STATUS structure?
A customer was writing a program that called and used the value. The customer wanted to know whether a reported battery life percentage of 38% really means that the remaining battery life is between 37.5% and 38.5%. Although the value is reported to 1% precision, the accuracy in practice is much worse. Similarly, the is reported in seconds, but if your battery actually lasts exactly the amount of time predicted by that field (and not a second longer or shorter), it's almost certainly a fluke. Even a stopped clock is right twice a day. These battery levels come from the hardware itself, so you are at the mer...
Pizza: The reference food for young children
One way to convince a child to try out an unfamiliar food is to say that it's an alternate form of pizza. Here are some examples. Feel free to add more in the comments. I had originally listed crêpe as French pizza, then realized it's more like a French pancake. (I wonder what the Italian version of pizza would be...)
You must flush GDI operations when switching between direct access and GDI access, and direct access includes other parts of GDI
A customer was running into problems when accessing the pixels of a DIB section. They used the parameter to and created two bitmaps from the same underlying memory. Those two bitmaps were then selected into corresponding DCs, and the customer found that changes to the pixels performed by writing via one DC were not visible when read from the other DC. The customer pointed out this clause in MSDN: You need to guarantee that the GDI subsystem has completed any drawing to a bitmap created by before you draw to the bitmap yourself. Access to the bitmap must be synchronized. Do this by calling the function. T...
Happy Mid-Autumn festival 2010
The other day, I told my niece that I would be eating a moon cake on Wednesday. She asked, "Why? Is it your birthday?" For the record, my favorite flavor is red bean paste. Bonus chatter: The underground economy of moon cakes, moon cake vouchers, and how moon cakes are like fruitcake.
What is the effect of the /LARGEADDRESSAWARE switch on a DLL?
Nothing. Large-address-awareness is a process property, which comes from the EXE.
Fact check: The first major Microsoft product launched via Webcast
In 2009, while hosting the Webcast launch of Office Communications Server 2007 R2 (what a mouthful; no wonder they renamed it Lync), Stephen Elop claimed that this was the first time Microsoft had launched a major product via Webcast. Elop's crack team of marketing researchers apparently forgot about the Webcast launch, just three months earlier, of Windows Small Business Server 2008. Maybe somebody can find an even earlier Webcast launch of a major Microsoft product. (Perhaps Elop is claiming that Small Business Server is not a major product, but by that standard, neither is Office Communications Server, w...
How do I get the dropped height of a combo box?
Via the Suggestion Box, commenter Twisted Combo responds to an old blog entry on why the size of a combo box includes the height of the drop-down by asking, But how do I *get* the dropped down height?" By using the deviously-named message, which the header file wraps inside the macro. Start with the scratch program and make these changes: The actual results will naturally vary depending on your system configuration, but when I ran this program, the window caption said "24 / 500".
It's amazing how many business meetings there are in Munich in late September
During my emergency vacation, we stopped at a German supermarket, and my friend loaded up on all sorts of odd and fascinating products. This is something he does every time he travels abroad. At the register, my friend did the work of unloading the cart onto the conveyor belt while I went ahead to bag and to deal with any questions from the cashier, since I was the only German-speaking person in our little group. The woman behind my friend looked at what he was buying and made some remark that implied that he did not make the most price-efficient choices. My friend replied, "Oh, we're from the United States, an...
What's up with the strange treatment of quotation marks and backslashes by CommandLineToArgvW
The way the function treats quotation marks and backslashes has raised eyebrows at times. Let's look at the problem space, and then see what algorithm would work. Here are some sample command lines and what you presumably want them to be parsed as: In the first example, we want quotation marks to protect spaces. In the second example, we want to be able to enclose a path in quotation marks to protect the spaces. Backslashes inside the path have no special meaning; they are copied as any other normal character. So far, the rule is simple: Inside quotation marks, just copy until you see the matching quotation...
How is the CommandLineToArgvW function intended to be used?
The function does some basic command line parsing. A customer reported that it was producing strange results when you passed an empty string as the first parameter: Well, okay, yeah, but huh? The first parameter to is supposed to be the value returned by . That's the command line, and that's what was designed to parse. If you pass something else, then will try to cope, but it's not really doing what it was designed for. It turns out that the customer was mistakenly passing the parameter that was passed to the function: That command line is not in the format that expects. The function wants the ...
Follow-up: The impact of overwhelmingly talented competitors on the rest of the field
A while back, I wrote on the impact of hardworking employees on their less diligent colleagues. Slate uncovered a study that demonstrated the reverse effect: How Tiger Woods makes everyone else on the course play worse. The magic ingredient is the incentive structure. If you have an incentive structure which rewards the best-performing person, and there is somebody who pretty much blows the rest of the field out of the water, then the incentive structure effectively slips down one notch. Everybody is now fighting for second place (since they've written off first place to Tiger Woods), and since the second plac...
How do I create a UNC to an IPv6 address?
Windows UNC notation permits you to use a raw IPv4 address in dotted notation as a server name: For example, will show you the shared resources on the computer whose IP address is 127.0.0.1. But what about IPv6 addresses? IPv6 notation contains colons, which tend to mess up file name parsing since a colon is not a valid character in a path component. Enter the domain. Take your IPv6 address, replace the colons with dashes, replace percent signs with the letter "s", and append . This magic host resolves back to the original IPv6 address, but it avoids characters which give parsers the heebie-jeebies. Note th...
Microspeak: Sats
I introduced this Microspeak last year as part of a general entry about management-speak, but I'm giving it its own entry because it deserves some attention on its own. I just want to have creative control over how my audience can interact with me without resorting to complex hacking in a way that is easy to explain but ups our blogging audiences sats to a new level that may also stimulate a developer ecosytem that breeds quality innovation... Ignore the other management-speak; we're looking at the weird four-letter word sats. Sats is short for satisfaction metrics. This falls under the overall obsession on...
Ha ha, the speaker gift is a speaker, get it?
As a thank-you for presenting at TechReady11, the conference organizers gave me (and presumably the other speakers) a portable speaker with the Windows logo printed on it. The speaker underneath the logo is the X-Mini II Capsule Speaker, and I have to agree with Steve Clayton that they pack a lot of sound in a compact size. Great for taking on trips, or even picnics. It's been a long time since I last recommended a Christmas gift for geeks, so maybe I'll make up for it by giving two suggestions this year. The second suggestion is a response to a comment from that old article: My bicycle lock is just a lapt...
Why doesn't Win32 give you the option of ignoring failures in DLL import resolution?
Yuhong Bao asked, via the Suggestion Box, "Why not implement delay-loading by having a flag in the import entry specifying that Windows should mimic the Windows 3.1 behavior for resolving that import?" Okay, first we have to clear up the false assumptions in the question. The question assumes that Windows 3.1 had delay-loading functionality in the first place (functionality that Yuhong Bao would like added to Win32). Actually, Windows 3.1 behavior did not have any delay-load functionality. If your module imported from another DLL in its import table, the target DLL was loaded when your module was load...
Hey there token, long time no see! (Did you do something with your hair?)
Consider a system where you have a lot of secured objects, and suppose further that checking whether a user has access to an object is a slow operation. This is not as rare as you might think: Even though a single access check against a security descriptor with a small number of ACEs might be fast, you can have objects with complicated security descriptors or (more likely) users who belong to hundreds or thousands of security groups. Since checking whether a security descriptor grants access to a token is potentially¹ O(nm) in the number of ACEs in the security descriptor and the number of groups the user be...
Flushing your performance down the drain, that is
Some time ago, Larry Osterman discussed the severe performance consequences of flushing the registry, which is a specific case of the more general performance catch: Flushing anything will cost you dearly. A while back, I discussed the high cost of the "commit" function, and all the flush-type operations turn into a commit at the end of the day. , [see correction below] , , they all wait until the data has been confirmed written to the disk. If you perform one of these explicit flush operations, you aren't letting the disk cache do its job. These types of operations are necessary only if you're trying to main...
The contractually obligatory beeper, and the customers who demand them
One of the fun parts of meeting with other developers, either at conferences or on my self-funded book tour, is exchanging war stories. Here's one of the stories I've collected, from somebody describing a former company. As is customary, I've removed identifying information. One day, the engineering team were instructed that the team was being issued a beeper, and that a member of the engineering team had to be on call at all times. This new requirement was the handiwork of the sales team, who landed a big contract with a customer, but the customer insisted on a support contract which included the ability to t...
How do I customize the order of items in the All Programs section of the Start menu?
The items in the All Programs section of the Start menu are grouped into two sections, although there are no visible divider lines between them. We saw earlier that the Fast Items lost their special status in Windows Vista and are sorted with the regular items. Another change from Windows XP is the order of the remaining two groups: Windows XP put folders above non-folders, because that was the sort order imposed by the method so that folders sorted above files in regular Explorer windows. This deviation from standard sort order starting in Windows Vista was introduced because the guidan...
Was there really an Opera billboard outside Microsoft main campus?
Maybe somebody took a picture.c
What happens to a named object when all handles to it are closed?
A customer had a question about named kernel objects: I understand that handles in a process if leaked will be destroyed by the kernel when the process exits. My question would be around named objects. Would named objects hold their value indefinitely? If I run a small utility app to increment a named counting semaphore, the count of that named semaphore could be lost when that app exits? I would expect it to always hold its current value so that transactions across processes and across time could be held even if no process is holding on to it. When the last handle to a named kernel object (such as a na...
It rather involved being on the other side of this airtight hatchway: If you grant users full control over critical files, then it's not the fault of the system for letting users modify them
Today's dubious security vulnerability is another example of If you reconfigure your computer to be insecure, don't be surprised that there's a security vulnerability. This example comes from by an actual security vulnerability report submitted to Microsoft: I have found a critical security vulnerability that allows arbitrary elevation to administrator from unprivileged accounts. I can just stop there because your brain has already stopped processing input because of all the alarm bells ringing after you read that first step. That first step gives away the farm. If you grant control to the entire content...
Yes, the Windows 7 beta wallpaper was a picture of a betta fish
It wasn't long before people realized that the fish in the default wallpaper for the Windows 7 beta was a betta fish. This was intended to be a cute little pun, though some people took the semiotics to an extreme, Dude, this is Windows, not The Da Vinci Code. It's not like the people who chose the wallpaper are using a backchannel to pass secret messages to you like "I know I'm not supposed to tell you, but here's the Windows product schedule" or "Help, I'm trapped in a wallpaper factory!" They're just having a bit of fun. I have yet to see anybody point out that the fish was blowing seven bubbles. And no...
Shutdown reason codes are reason codes, not error codes or HRESULTs
A customer liaison asked the following question on behalf of his customer: My customer is finding that their Windows Server 2003 system has restarted, and they want to find out why. I've found some event log similar to the ones below, but I don't know what error code is. I've searched the Knowledge Base but couldn't find anything relevant. Please let me know why the system restarted. The value is not an error code. It says right there that it's a reason code: The system shutdown reason codes are documented in MSDN under the devious heading System Shutdown Reason Codes. In this case, the value is a ...
Be on the alert: Mainstream and alternative medicines mixed together on the store shelves, not clearly distinguished
I was in the supermarket looking for cold medicine, and as is my wont, I like to read the fine print before choosing a product. Most of the products listed their active ingredients in the form Active Ingredient: XYZ 150mg. But there were a few that said Active Ingredient: XYZ 6X. What is this 6X? How much is 6X? Six times what? A closer look at the box reveals the word Homeopathic unobtrusively written towards the bottom of the box. The 6X notation means that the active ingredient's concentration is one part in 106, or one part in a million. Suppose the dosage is one teaspoon. That's about five...
Reflections create Xbox logo on neighbor’s roof
Marketing gone crazy.
On LockWindowUpdate: Locking the taskbar
Andy Visser posted to the Suggestion Box something that wasn't so much a suggestion as a comment, presumably to get around the fact that comments on the original item had been closed: "I've found that the start bar seems to behave like it may be using this call incorrectly. I put my start bar on the left hand side of the screen. When I try to resize the bar (dragging its edge left and right), the system tray will dynamically move icons (based on tray width), seemingly disregarding the lock. The rest of the bar waits until MouseUp to redraw." Actually, the taskbar (that's the name of the thing you're referring to...
If you return from the main thread, does the process exit?
No, but maybe yes.
How do I recover the window handle passed to ShellExecute?
A customer had the following question: I'm using the function to launch a new process and am passing the handle to my application's main window as the parameter. From the new process, I want to get information from the old process, and to do that, I need the window handle. How can I recover that window handle from the new process? You can't. That window handle is used by the function only to host any user interface operations that occur as a result of the attempt to execute the program. For example, it is the owner window used for any error dialogs. The function does not pass the window handle to the laun...
What young children do when they hear a foreign language
My young nieces live in a Chinese-speaking household, which is great for them because it means that when they grow up, they will be fluent in two languages. But it makes things a bit tricky at the beginning. The niece who is the subject of this story had just turned two at the time this story takes place, so her language skills even in Chinese are pretty rudimentary. Her language skills in English are restricted to a collection of set phrases like Excuse me!, I'm sorry!, What'you doing?, I want ice cream!, and any catch phrase from the character Dora the Explorer. (I'm also fairly sure she doesn't know what Wha...
Why did the Explore option disappear from the context menu of folders in the second column of the Start menu?
A customer noticed that when you right-click on Computer in the second column of the Start menu on Windows Vista, the first two options are Open and Explore. On the other hand, in Windows 7, the Explore option is gone, leaving just Open. The customer also noticed that in Windows Vista, the two commands had the same effect and wondered if Explore was removed because it was redundant. The response from the product team was a very simple "Yes." It's interesting when a customer notices a relatively insignificant UI change, figures out the likely reason for the change, and then asks for confirmation. ...
Windows 95: It sucks less
An unofficial team motto.
Be careful that your splash screen doesn't squander the foreground love
Commenter Erbi has a program which creates a splash screen on a background thread while the main thread initializes. "I create and then destroy this splash screen window just before creating and displaying the main window." The problem is that the main window fails to obtain foreground activation. Commenting out the code that creates the splash screen fixes the problem, but then there isn't a splash screen any more (obviously). "Is there an explanation for this behavior?" This behavior is explained by two earlier blog posts, plus a PDC talk. The first blog post came out years before this question was asked: The...
Miss France, she has the Eiffel Tower on her head, because France has the Eiffel Tower, and no other country does, so she put it on her head, that's why
Miss Universe 2010 National Costumes, Part 1 Miss Universe 2010 National Costumes, Part 2 Commentary in parts NSFW but they so deserve it.
Why does the primary monitor have (0,0) as its upper left coordinate?
By definition, the primary monitor is the monitor that has (0,0) as its upper left corner. Why can't the primary monitor be positioned somewhere else? Well, sure you could do that, but then you'd have to invent a new name for the monitor whose upper left corner is at (0,0), and then you're back where you started. In other words, it's just a name. You could ask, "Why can't starboard be on the left-hand side of the boat?" Well, sure you could do that, but then you'd have to come up with a new name for the right-hand side of the boat, and then things are pretty much the same as they were, just with different names...
I challenge you to come up with an even lamer physics pun
The other day, I was in the office kitchenette, and two of my colleagues both named Paul happened to be there getting coffee. I quipped, "Oh no, is this legal? I think it's a violation of the Paul Exclusion Principle." It was a horrible physics pun, perhaps one of the worst I've made in a long time. My challenge to you is to come up with an even worse one that you've told. Note: You have to have actually made the pun to an appropriate audience. No fair just making one up for the purpose of the challenge.
How do I get the Explorer navigation pane to highlight the current folder all the time?
In Windows 7, the folder tree in the Explorer navigation pane by default no longer highlights the item in the view pane. This change was based on user testing and feedback, but if, like me, you prefer things the old way, you can play with two new check boxes on the Folder Options dialog. You can get to Folder Options in a variety of ways: However you wind up there, the item you want to turn on is Automatically expand to current folder (or Expand to current folder if you use the super élite method).
Microspeak: The funnel
In the Customer Service and Support part of Microsoft, you will often see the term funnel. Here are some citations: Effectively and efficiently solve issues by driving levers across the entire funnel. Putting the Fun in Funnel. Strengthening the front of the funnel. The funnel is a way of viewing customer support engagements. For some reason, the funnel diagram is always drawn on its side with the mouth (the fat part) on the left and the stem (the narrow part) on the right. The width of the funnel represents the volume of customers at that stage of the support process, and the progress through the funnel r...
What was that story about the WinHelp pen-writing-in-book animation?
The first time you open a WinHelp file, you get this pen-writing-in-book animation while WinHelp does um something which it passes off as preparing Help file for first use or something similarly vague. I remember a conversation about that animation. The Windows shell team suggested to the author of WinHelp that the program use the shell common animation control to display that animation. After all, it's a short animation and it met the requirements for the animation common control. But the author of WinHelp rejected the notion. (Pre-emptive "I can't believe I had to write this": This conversation has been e...
What happened to WinHelp?
Commenter winhelp (probably not his/her real name) wonders what happened to WinHelp.exe. I don't know, but it turns out the answer was already known to the Internet. At the time the question was posted, the answer was already in the Wikipedia entry for Windows Help—it even had a citation! The question does highlight another one of those no matter what you do, somebody will call you an idiot dilemmas. On the one side, we have "Windows is already so big, what's the harm in adding another megabyte to the size to add this feature that is rarely used, primarly by older applications, so that customers won't h...
When do I need to use GC.KeepAlive?
Finalization is the crazy wildcard in garbage collection. It operates "behind the GC", running after the GC has declared an object dead. Think about it: Finalizers run on objects that have no active references. How can be a reference to an object that has no references? That's just crazy-talk! Finalizers are a Ouija board, permitting dead objects to operate "from beyond the grave" and affect live objects. As a result, when finalizers are involved, there is a lot of creepy spooky juju going on, and you need to tread very carefully, or your soul will become cursed. Let's step back and look at a different prob...
How can I find all objects of a particular type?
More than one customer has asked a question like this: I'm looking for a way to search for all instances of a particular type at runtime. My goal is to invoke a particular method on each of those instances. Note that I did not create these object myself or have any other access to them. Is this possible? Imagine what the world would be like if it were possible. For starters, just imagine the fun you could have if you could call . Vegas road trip! More generally, it breaks the semantics of AppDomain boundaries, since grabbing all instances of a type lets you get objects from another AppDomain, w...
How do I get the reference count of a CLR object?
A customer asked the rather enigmatic question (with no context): Is there a way to get the reference count of an object in .Net? Thanks, Bob Smith Senior Developer Contoso The CLR does not maintain reference counts, so there is no reference count to "get". The garbage collector only cares about whether an object has zero references or at least one reference. It doesn't care if there is one, two, twelve, or five hundred—from the point of view of the garbage collector, one is as good as five hundred. The customer replied, I am aware of that, yet the mechanism is somehow implemented by the GC......
Everybody thinks about CLR objects the wrong way (well not everybody)
Many people responded to Everybody thinks about garbage collection the wrong way by proposing variations on auto-disposal based on scope: "Any local variable that is IDisposable should dispose itself when it goes out of scope." "You should be able to attach an attribute to a class that says the destructor should be called immediately after leaving scope." "It should have promised to call finalizers on scope exit." What these people fail to recognize is that they are dealing with object references, not objects. (I'm restricting the discussion to reference types, naturally.) In C++,...
When does an object become available for garbage collection?
As we saw last time, garbage collection is a method for simulating an infinite amount of memory in a finite amount of memory. This simulation is performed by reclaiming memory once the environment can determine that the program wouldn't notice that the memory was reclaimed. There are a variety of mechanism for determining this. In a basic tracing collector, this determination is made by taking the objects which the program has definite references to, then tracing references from those objects, contining transitively until all accessible objects are found. But what looks like a definite reference in your code ma...
Everybody thinks about garbage collection the wrong way
Welcome to CLR Week 2010. This year, CLR Week is going to be more philosophical than usual. When you ask somebody what garbage collection is, the answer you get is probably going to be something along the lines of "Garbage collection is when the operating environment automatically reclaims memory that is no longer being used by the program. It does this by tracing memory starting from roots to identify which objects are accessible." This description confuses the mechanism with the goal. It's like saying the job of a firefighter is "driving a red truck and spraying water." That's a description of what a firefigh...
Some known folders cannot be moved, but others can, and you'll just have to accept that
Locations in the shell known folder system can be marked as , which makes them immovable. Conversely, if a file system folder is not immovable, then it can be moved. This dichotomy appears simple and unworthy of discussion, except that customers sometimes have trouble incorporating this concept into their world view. I have some code that calls , and it works for most of the folders I'm interested in, but for some values like , it fails with . Doesn't matter if I run elevated or not. What am I doing wrong? The difference is that (known under the New World Order as ) is marked as so it cannot be moved. I...
Raymond misreads flyers, episode 2: It Takes You
As part of a new phase in Microsoft's continuing recycling efforts, the recycling program got a new motto. The new motto was not announced with any fanfare. Rather, any recycling-related announcement had the new motto at the top as part of the letterhead. The new motto: It Takes You. I had trouble parsing this at first. To me, it sounded like the punch line to a Yakov Smirnoff joke. Episode 1.
How many failure reports does a bug have to get before Windows will fix it?
When a program crashes or hangs, you are given the opportunity to send an error report to Microsoft. This information is collected by the Windows Error Reporting team for analysis. Occasionally, somebody will ask, "How many failures need to be recorded before the bug is fixed? A thousand? Ten thousand? Ten million?" Each team at Microsoft takes very seriously the failures that come in via Windows Error Reporting. Since failures are not uniformly distributed, and since engineering resources are not infinite, you have to dedicate your limited resources to where they will have the greatest effect. Each failure th...
Don't forget to replace your placeholder bitmaps with real bitmaps
The story We Burned the Poop reminded me of an embarrassing story a colleague of mine related from earlier in his programming career. During the development of the product he was working on, the programmers needed an image for a comparatively rarely-used piece of the user interface. Since programmers aren't graphic designers, they inserted a placeholder bitmap which would be used until a real image arrived. And since programmers are nerds, they used a picture of a television character who was popular at the time. The testers naturally ran the program through its paces, and when that piece of the user interface...
A brief conversation while preparing to hike along the Pacific coast
Many years ago, one of my colleagues (who happens to be an avid outdoorsy person with a dry sense of humor) assembled a small group of people to take a long weekend hike along the Capa Alava Trail and then north along the Pacific coast. As we gathered in the parking lot midday Friday with our backpacking gear, another of our colleagues (whom I will call "Mary") walked past and the following conversation ensued: Mary: "Hey, where ya goin'? (joking) That way I can call Search and Rescue if I don't see you on Monday." Bob: "We're heading out to Lake Ozette." Mary: "Cool, where's Lake Ozette?" Bob: "That's okay...
Did I know where the Novell short file name behavior came from?
Commenter Yuhong Bao asks, "Do you know that the Novell behavior described in "Not all short filenames contain a tilde" came from HPFS?" Yes, but it was not relevant to the discussion so I didn't bother mentioning it. Going into more detail on the history of the Novell "long namespace" would just encourage people to conclude, "This problem affects only Novell, and since I don't use Novell, I don't have to worry about this."
Decoding the parameters of a thrown C++ exception (0xE06D7363)
Start with the 0xE06D7363...
Holy cow, those TechReady attendees really love their tchotchkes
I was at the Ask the Experts event last night at TechReady11, and if I didn't know better, I would have thought the purpose of Ask the Experts was for attendees to wander the room collecting the coolest swag they could get their hands on as quickly as possible. My table was equipped with about two dozen Windows 7 frisbees, and the moment they came out of the box, they disappeared into the hands of passers-by, most of whom didn't even bother reading the sign on the table much less make eye contact with me. The table next to mine started with a mountain of mugs, but it wasn't long before it was reduced to a m...
Why is my icon being drawn at the wrong size when I call DrawIcon?
Some time ago I had a problem with icon drawing. When I tried to draw an icon with it ended up being drawn at the wrong size. A call to confirmed that the icon was 48×48, but it drew at 32×32. The answer is documented in a backwards sort of way in the function, which says at the bottom, To duplicate DrawIcon (hDC, X, Y, hIcon), call DrawIconEx as follows: Aha, if you use , then the icon size is ignored and it is drawn with . The fix, therefore, was to switch to the function so I could remove the flag, thereby permitting the icon to be drawn at its actual size. A bonus quirk of the ...
The frustration of people who have already decided on the solution and won't let you derail them with your annoying questions
I illustrate this frustration with an actual mail thread (suitably redacted) which I was an observer to. It's a long thread because that's part of the frustration. From: Adam I am looking for some expert advice here on finding a better solution to our performance problem with Product P. Here are the details. [Here follow the details on a problem and three proposed solutions. Feature F is mentioned briefly and rejected because "it will be a problem because of Condition C."] From: Bob This approach is prone to a lot of trouble. Please be more specific about what was wrong with Feature&n...
Hardware backward compatibility: The finicky floppy drive
I think the behavior is more petulant than finicky, but finicky is alliterative. Back in the days of Windows 95, I was talking with the person responsible for, among other things, the floppy disk driver, and I learned about a particular driver hack that was needed to work around a flaw in a very common motherboard chipset. Apparently the floppy disk controller in this chipset was very picky about how you talked to it. If the very first command it receives after power-on is a read request, and there is no disk in the drive, the controller chip hangs unrecoverably. Issuing a reset to the chip has no effect. ...
Why didn't Windows XP auto-elevate programs beyond those named setup.exe?
Commenter J-F has a friend who wonders why Windows XP didn't auto-elevate all installers but rather only the ones named setup.exe. (Perhaps that friend's name is Josh, who repeated the question twelve days later.) Remember what the starting point was. In Windows 2000, nothing was auto-elevated. Before adding a feature, you have to know what problem the feature is trying to solve. The problem is improving the experience for non-administrators who want to install software. When they try to install a program and forget to use the Run as feature, then instead of proceeding halfway through the installer ...
MSDN content is also available as a Web service
Unless you've been living under a rock, by now you know about MSDN's low bandwidth view (aka ScriptFree) and lightweight view. But there are other views too, like PDA view (for when you want to look up MSDN documentation on your phone?), Robot view, printer-friendly view, unstyled HTML view... (See that first link above for more details.) But in addition to all the views, you can go directly to the back-end that drives all the data: The MSDN/TechNet Publish System (MTPS) Content Service. With that interface, you can request the back-end data and format it any way you like. Here's an MSDN Magazine article wh...
If I'm not supposed to call IsBadXxxPtr, how can I check if a pointer is bad?
Some time ago, I opined that should really be called and you really should just let the program crash if somebody passes you a bad pointer. It is common to put pointer validation code at the start of functions for debugging purposes (as long as you don't make logic decisions based on whether the pointer is valid). But if you can't use , how can you validate the pointer? Well, to validate a write pointer, write to it. To validate a read pointer, read from it. If the pointer is invalid, you'll crash, and at a predictable location, before the function has gotten halfway through its processing (making post-mort...
I will be speaking at TechReady11
This year, it's advanced debugging.
Things I've written that have amused other people, Episode 7
A customer asked for advice on how to accomplish something, the details of which are not important, except to say that what they were trying to do was far more complicated than the twenty-word summary would suggest. And I wasn't convinced that it was a good idea, sort of like asking for advice on how to catch a baseball in your teeth or pick all the cheese off your cheeseburger. I explained several of the pitfalls of their approach, the ones that I could think of off the top of my head, things they need to watch out for or take precautions against, and I concluded with the sentence, "This idea is fraught with p...
No, you can't lock a gadget to the top of the sidebar
In another installment of I bet somebody got a really nice bonus for that feature, I offer you this customer: My customer has created a Windows Vista sidebar gadget and wants to know if there's a way to force this gadget to appear at the top of the sidebar and prevent the user from moving or removing it. I applaud this company for having written the most awesome sidebar gadget in the history of the universe. It's so compelling that it should override the user's preferences and force itself into the upper right corner of their screen in all perpetuity. Unfortunately, Windows was not prepared for a program as ...
Suggestion Box 4
The topic backlog from Suggestion Box 3 has nearly cleared out, and I've actually been enjoying not having to write up a reply every Monday for the past several months, but all good things must come to an end, and so, without much fanfare, we now have Suggestion Box 4. Remember, the suggestion box is for suggestions for future topics. It isn't for developer support, bug reports, or ranting. Topics I'm inclined to cover: Topics I am not inclined to cover: Selected products at Microsoft participate in the Connect program, and many more have official blogs. Suggestions should be between two and fo...
Management-speak: Multi-perspective content
A colleague of mine visited an internal Web site for task ABC and found that the site was no longer there. Instead it was replaced with a simple message: Designed with the user in mind you will now find contextual ABC and DEF information served up in a secure format alongside all GHI information. Access to relevant multi-perspective content will enable faster resolution for your GHI needs. Translation:
To enable and disable a window, use the EnableWindow function
Commenter Chris 'Xenon' Hanson points out that fiddling with the style directly via leads to strange behavior. However it isn't the case that "most widget classes work fine." Reaching in and fiddling the style bit directly is like reaching into a program's internal variables and just changing the values: All the other work that is associated with changing the value simply doesn't happen. It's like taking a book you checked out of the library, re-shelving it, and then going into the library computer and marking it as "returned". The bookkeeping will say that the book has been returned, but all the other proce...
How do I launch the Explorer Search window with specific search criteria?
A customer wanted to know how to launch Explorer's Search window with specific fixed search criteria. It turns out that there are two ways of doing this, the poor man's way and the overachiever's way. The overachiever's way is actually easier to discover. You can use the search-ms protocol to generate a command string that describes the query you want to perform and pass it to . The poor man's way actually requires a little bit of out-of-the-box thinking: Open the Explorer Search window and interactively create the query you want to be able to relaunch later. Now do File, Save Search, and save the query. When...
There's always the low-tech way of managing a process, too
One of my colleagues had a problem with content management. I've changed the underlying scenario but the principle is the same. Is there a way to require that someone other than the author of a proposal sign off before the proposal tracking system accepts it? We had an issue where somebody wrote up a proposal, and due to a miscommunication, the proposal coordinator thought the proposal was ready and submitted it prematurely. This happened to another team in our group, and we want to make sure we don't make the same mistake. Another colleague explained: This is a people problem, not a technology problem. One w...
Why don't all the Control Panel applications show up when you open a menu from the address bar?
One of the features added to the Explorer Address Bar in Windows Vista is the ability to navigate quickly to an item by clicking on its name, or navigate to a folder's children by clicking the arrow that appears next to the item and selecting your destination. One customer reported that there appeared to be a problem with the Control Panel: Switch to Classic View, and then click the arrow next to the words Control Panel. The result is a dropdown menu that shows some but not all of the Control Panel applications. Is this a bug? No, everything is behaving normally. Recall that the dropdown menu shows things that...
Tips for planning your ship party
Not saying how I know.
What is the cost of WS_CLIPSIBLINGS if the sibling windows don't overlap?
Commenter Robert May asks via the Suggestion Box whether there is a penalty to pay for using when the sibling windows are not overlapping. When you use the style, the window manager clips out the portion of the client rectangle that is covered by sibling windows. This is usually desirable behavior; otherwise you end up with two windows trying to paint at the same location, and somebody is likely to get hurt. (The One notable exception is in dialog boxes, where some controls like the group box were designed to have other controls drawn on top of them.) The cost of this flag is that when it comes time to calcu...
What's the difference between LastWriteTime and ChangeTime in FILE_BASIC_INFO?
The structure contains a number of fields which record the last time a particular action occurred. Two of the fields seem to describe the same thing. LastWriteTime The time the file was last written to. ChangeTime The time the file was changed. What's the difference between writing to a file and changing it? I'm told that the difference is metadata. The LastWriteTime covers writes to the file's data stream (which you accomplish via the function). On the other hand, the ChangeTime also includes changes to the file metadata, such as changing its file attributes (hidden, read-...
How do I configure a Remote Desktop Connection shortcut to open on a specific monitor?
A customer wanted to know how to configure a Remote Desktop Connection shortcut so that the session appears on the monitor of choice. "I have two RDP shortcuts, and each one displays on a different monitor, but I want them all to display on my 20-inch monitor. How do I tell the bad shortcut, 'Hey, use that monitor over there please'?" Normal shell shortcuts (LNK files) do not encode monitor information. It is up to the application to decide where to display its windows. Many applications save the window position when you exit and restore it when you restart. If you have one of these types of programs, then the ...
Crackpots in computer security: The neighbors are looking at me weird
The security team gets all sorts of email to report security issues. Nearly 200,000 each year. And of course the reports vary in quality greatly. The ones I'm fascinated by are the crackpots. IMMEDIATE HELP NEEDED, PHONES PHONE NUMBERS DELETED, EM XXXXXXXX@ GMAIL,HOTMAIL,LIVE,AOL.YAHOO. IM ALMOST POSITIVE HE IS USING BLUETOOTH. BUT HE CAN INTRUDE AT WILL. HE COULD BE VERY DANGEROUS. LAST FRIDAY YOUR DEPT HAS GPS SEARCHING, BUT THE HACKER CUT US OFF. THEN TRASHED 4 OF MY PCS.PLEASE ON CONTACT ME IMMEDEDIATLY, LOOK IN THE RECORDS. HE MAY BE IN MY AREA, THE NEIGHB ORS ARE LOOKING AT ME WE...
Hardware backward compatibility: The firmware that missed one tiny detail
The person responsible for the floppy disk driver in Windows 95 also was responsible for the low-level CD-ROM drivers. (Not to be confused with the CDFS file system, which was handled by the file system team, not the hardware driver folks.) And I remember a story about one particularly strange CD-ROM drive. This drive was produced by a name-brand manufacturer. The box that the drive comes in proudly announces that it is an IDE ATAPI drive. And they did a fantastic job. They implemented all the ATAPI commands that were defined at the time, with one tiny exception. They forgot to implement the "Are you an AT...
One small silver lining of moving Boeing headquarters to Chicago
In 2001, Boeing moved their corporate headquarters from Seattle to Chicago. This resulted in much wailing and consternation in Seattle, where Boeing had been since its founding in 1915. But every cloud has a silver lining. Seattle is the home of Boeing's passenger jet division, and the presence of corporate executives had added an extra layer of management annoyance to the already-stressful job of building airplanes. As the story goes, one of the Corporate Vice Presidents from some other division of Boeing had an office that overlooked Boeing Field, giving him a vantage point from which to watch each airplane t...
The commutative law for postage and its limitations
The college professor who carried on a letter exchange with a kind pensioner who proved that the speed of light could be exceeded told me of another letter exchange, this time with another professional mathematician. The letter came from England, and it accompanied some sort of document or artifact that the correspondent wanted the college professor to look over and return. The mathematician took the effort of including a stamped return envelope with the remark, "By the commutative law for postage, I have placed the same amount of postage on the return envelope as I have on the outgoing envelope." The profess...
Instead of trying to figure out what shortcut class to use, just ask the shell to do it for you
If a shell namespace item has the attribute, then it is a shortcut to another location. The most common type of shortcut is the file, which you can load by creating the object and using , but what if you have some other type of shortcut? How do you know what CLSID to use? Since anybody can create their own shortcut file types, a hard-coded list mapping file extensions to CLSIDs is not going to work for long. But fortunately, you don't have to know how to look up the CLSID for a particular shortcut; you can just ask the namespace to do it for you by asking for the UI object. I've limited myself to files ...
What Raymond listens to: KCRW's The Business
KCRW's The Business reveals how the sausage of the entertainment industry is made. Here are some of my favorites:
What is the lpClass member of SHELLEXECUTEINFO used for?
A customer reported problems launching the default Web browser with the function: This fails with . If you don't pass the flag and leave , then the function will try to figure out what your refers to, looking at the file extension, looking for the file on the , and if all else fails, trying some autocorrection. In this case, the customer was relying on the autocorrection, since they left the prefix off their URL. One of the default autocorrection rules is that if the item that couldn't be launched begins with , then try again with in front. On the other hand, if you pass an explicit , then no name ...
2010 mid-year link clearance
Another round of the semi-annual link clearance. And, as always, the obligatory plug for my column in TechNet Magazine: Starting in June 2010, TechNet Magazine publishes each issue in two stages, and my column appears in the second half of the month, so don't freak out when you don't see it when a new issue first comes out.
Management fallacy: If I send people email, then they will work harder
A project many years ago neared the conclusion of one of its project milestones. Things were getting down to the wire, and upper management was concerned that the project may not reach the milestone on schedule. To ensure success, they decided to send email. From: Senior Manager Subject: READ NOW!!!! More than one bug Please see the attached spreadsheet. If you are on the To: line you can look at the Assigned To: column and find your name. You are in this spreadsheet if you have 2 or more bugs assigned to you. At this stage of the project as we are winding down and entering Milestone Z, people with a ...
The illusory repair powers of black electrical tape
Back in the crazy dot-com boom days, I knew someone who was into high-performance automobiles. And since these were the crazy dot-com boom days, he had the money to satisfy his urge to drive high-performance automobiles. He bought a used Ferrari, but found that it spent more time in the repair shop than on the road. To solve this problem, he bought a second Ferrari. (Note: This is not a solution available to most people.) One of the many trips to the auto repair shop was to address an indicator light on the dashboard which had lit up. The mechanics studied the problem and concluded that the indicator light was a...
Redneck Scrabble: It's fun unless you had to do it for real
In response to my story about creative-spelling Scrabble, some people volunteered their own personal variations, like Plausible Scrabble or Rude Word Scrabble. One variation my friends and I sometimes play is Redneck Scrabble. All words must be spelled the way a redneck might spell it. We enjoy playing it, except for my schoolteacher friend for whom it brought back horrible memories of her training, when she was assigned to assist in teaching elementary school in a rural part of the country. This Web site has some other variations. I haven't played Any Language Scrabble, but one of my college friends did; t...
How do I get a radio button control to render its text transparently?
Commenter Andrei asks via the Suggestion Box for help with making the text transparent using . "Instead of the radio button now there's a black background." Let's look at this problem in stages. First, let's ignore the transparent part and figure out how to render text without a black background. The background color of the text comes from the color you selected into the DC when handling the message. And if you forget to set a background color, then you get whatever color is lying around in the DC, which might very well be black. Start with the scratch program and make these changes, which I'm going to writ...
6-4, 3-6, 6-7 (7-9), 7-6 (7-3), 70-68: The scoreboard doesn't even go that high
The match went so long that it exceeded the limits of the scoreboard! Deadspin pulls some choice quotes out of Xan Brooks's descent into madness live-blogging the marathon Wimbledon match between John Isner and Nicolas Mahut. Just read it. You can follow him as he loses his grip on reality before your very eyes. It's just a shame somebody had to lose.
My life as a square (pixel)
The evolving shape of the pixel.
When setting expectations, you also have to deny them when necessary
Occasionally the shell team will get a request from a customer via their customer liaison that requests information on how to accomplish something or other, and before we'll answer the question, we want to know what the support boundaries are. For example, we might provide a mechanism that works on Windows Vista but comes with no guarantees that it'll work in the future. (This sort of one-off solution might be appropriate for, say, a corporate deployment, where the company controls all the computers in their organization and therefore controls what version of Windows runs on each of them.) The customer liais...
The best way to prove somebody incompetent is to make up stuff and then point out that it's idiotic
One way to show that somebody is incompetent is to tell them that something they're doing is stupid, even when it's not what they're doing. Take for example this comment saying that it's stupid for copy and paste to use data objects which can allow code to execute. Um, we were talking about drag and drop, not copy and paste. And in fact, the copy and paste functionality of console windows hasn't changed. You can still copy and paste with impunity. Second example: "And yet, the feature I really want is never implemented: Rearranging the taskbar." Except it isn't true. Windows 7 implemented it. Third examp...
How do I customize the Favorite Links section of the File Open dialog?
In the standard File Open dialog in Windows Vista and Windows 7, the top of the navigation bar contains a section called Favorite Links (on Windows Vista) or just Favorites (on Windows 7). These items also appear in the Explorer window's Navigation Pane. How do I customize those links? You add or remove them from your Links folder. To open your Links folder on Windows Vista, open the Start menu and click on your name. This opens an Explorer window to view your user profile. Double-click the folder called Links. On Windows; 7, it's much easier: Right-click the word Favorites and sel...
Wow, a task bar, what a novel idea
Some of my colleagues were struck by a sentence in this old Newsweek article about Microsoft's advertising campaign from last year. The sentence wasn't about the ad campaign, though. It was about Windows 7: The user interface has a slick new feature, a "taskbar" at the bottom that shows what apps you have open. The new system is due out later this year. Wow, Windows 7 has a "taskbar". If only we had thought of that sooner.
Bug Bash: It's funny because it's true
Hans Bjordahl's Bug Bash is one of those it's funny because it's true comics about life inside a software company. Specifically, Microsoft, where Hans worked for many years and whose internal newsletter featured Hans's strip. (Some might argue that Bug Bash was the only part of the company newsletter worth reading.) Today I'm going to share two of my favorites. Bonus discovery, Hans revealed himself as the co-founder of Mr. Cranky. Man, I loved that site.
As random as I wanna be: Why cmd.exe's %RANDOM% isn't so random
Somebody on my team reported that a particular script in our project's build process would fail with bizarre output maybe once in fifty tries. This script was run from a , and the result was a failed build. Rerunning make fixed the problem, but that's not much consolation when the build lab encounters it approximately every other day. The strange thing about the bizarre output was that it appeared to contain a mix of two different runs. How could the output of two runs be mixed into one output file? The script was a batch file, and it generated its output in a few different steps, storing the intermediate outp...
I always do a double-take when I see the name Andrew Bynum
I always think, "Does he have teammates Andrew Byref and Andrew Byval?"
Why can't AppLocale just be added to the Compatibility property sheet page?
Commenter DoesNotMatter wants to know why AppLocale cannot just be added to the Compatibility property sheet as a dropdown option. One of the things about having a huge topic backlog is that if I just wait long enough, there's a good chance somebody else will answer it, and then I don't have to write anything. And more often than not, that somebody else is Michael Kaplan, who addressed this question in April 2010: Not only is AppLocale not installed by default, AppLocale does everything in its power to remind you that you shouldn't be using it! AppLocale is the emergency compact spare tire that you pull out ...
What does the PRE in PREfast stand for?
Commenter Jeff asks what the PRE in PREfast stands for. It's an inside joke. The Microsoft Programmer Productivity Research Center (MSPPRC) originally produced a tool called PREfix. Michael Howard put me in touch with the development team, and they explained that it was called PREfix because it helps you fix your bugs before (PRE) you even run the code. The problem with PREfix was that it required monster hardware, and even if you got the hardware up and running, the results took days to generate, and tuning the program's parameters required intricate knowledge of its inner workings. In other words, it was ...
Hunting for loopholes in Washington state's driving-while-phoning-or-texting law
Last week, a law went into effect in the state of Washington which makes driving while texting or using a hand-held phone a primary offense, meaning that you can be pulled over for doing it. (Previously, it was a secondary offense, which means that the officer must have some other reason for pulling you over.) One of my colleagues studied the new law when it was passed and believes he found a loophole. According to RCW 46.61.667 subsection (2)(c)(i), driving-while-phoning is legal if the driver is using the phone to report illegal activity. My colleague points out that the law does not say whom you have t...
Annotating function parameters and using PREfast to check them
Via the suggestion box, Sys64738 asks, whether I think is a good C/C++ programming style to add IN and OUT to function prototypes. Remember, this is my opinion. Your opinion may validly differ. I would go beyond just IN and OUT and step up to SAL annotations, which describe the semantics of function parameters in more detail than simply IN and OUT. For example, the annotation lets you specify not only that the buffer is an output parameter, but also lets you specify how big the buffer is. This added expressiveness is used by tools like PREfast and its user-mode equivalent the C/C++ Code Analysis tool. The...
My niece asked me what color seashell I would like her to draw
My niece was amusing herself by drawing pictures with crayon, and she asked me, "I'm going to draw a seashell for you. What color do you want?" I said, "Blue." She responded, "No."
How do I indicate that I want my window to follow right-to-left layout rules?
There are many ways, depending on how wide a scope you want. If there is one specific window that you want to follow right-to-left layout rules, then you pass the extended window style when you create the window. This extended style is inherited by child windows, so once you set a top-level window to have right-to-left layout, all child windows will have it, too. To block the extended style from being inherited by child windows, pass the style when you create the parent window. Sidebar: If you're calling the function, then you don't directly control the styles of the top-level window. But there's a weird ba...
When you set a 100% CPU program to real-time priority, you get what you asked for
Real-time priority is really dangerous. It's higher priority than nearly everything else. It's higher priority than mouse input, keyboard input, and the disk cache. If you foolishly set the priority class of a CPU-intensive program to real-time, it will suck up your entire processor, leaving no cycles for anything else. In particular, since not even input runs at real-time priority, you can't stop it via any interactive means, because the thread that manages input can't even run to process your input. Mind you, even if the input thread did run at real-time priority, that wouldn't really help you any. Sure, it...
When you use a term, it helps if you know what the term means
Some years ago (in a project far, far away) I received a piece of email from a member of the release management team asking me if a particular issue met the escrow reset bug bar or not, as it applied to an upcoming pre-RTM release. I asked, "What is the current escrow reset bar?" I thought this was a fair question. After all, in order to state whether or not the issue met the escrow reset criteria, I needed to know what the escrow reset criteria were. I figured they'd reply with something like "The escrow reset criteria are on this internal Web page. Please evaluate the issue against those criteria and get bac...
Proto-Microspeak: Bug-hugging
As they say, "piss or get off the pot."
Dum dee dum, just hanging around the European Conference on Computer Supported Co-op… OMG LOOK AT THOSE CUTE DUCKS!
The 10th European Conference on Computer Supported Co-operative Work was held in Limerick, Ireland, and as you'd expect there were a lot of speakers and breakout sessions and... oh my God, look at those cute ducks!
Is it real that you are still using Visual C++ 6 and 5?
Commenter Sys64738 points out that Bjarne Stroustrup's Web site says that "Literally everything at Microsoft is built using various flavors of Visual C++ - mostly 6.0 and 7.0 but we do have a few holdouts still using 5.0 :-(" and wonders if it's true. Well, let's see. Visual C++ 6 came out in 1998 and doesn't support the /GS flag, nor does it support various replacement functions like . This makes it hard for anything compiled with Visual C++ 6 to conform to Microsoft's Security Development Lifecycle which requires all code to be compiled with /GS and bans functions like . As a result, I would suspect that...
How do I enable and disable the minimize, maximize, and close buttons in my caption bar?
A customer was having problems with the small icon that appears in the upper left corner of the caption: In my program, I need to enable and disable the Close button programmatically, since the program sometimes goes into a state where I don't want the user to close it. I do this by removing the style when I want to disable the Close button, and adding it back when I want to re-enable it. However, doing this has as a side effect that the icon for my program doesn't appear in the title bar any more. If I never touch the style, then it works fine (but then I don't get the enable/disable behavior that I want). ...
The voice of Carl Kasell emerges from the loudspeaker as some old guy stands there and moves his mouth
Some time ago, the NPR news quiz Wait Wait... Don't Tell Me taped a show in Seattle. (They're back in town tonight.) I was fortunate to score tickets to that show, in part because I ordered them nearly a full year before taping. Watching the taping of the show is quite a treat, and I recommend it for any fan of the program. You can watch Peter Sagal pace back and forth as he talks and contrast it to old-school radio man Carl Kasell, who stands perfectly still as he delivers his lines. The strangest part of the experience was putting the face to the voice. When Carl Kasell started talking, my reaction was, "Hey...
How do I convert an ANSI string directly to UTF-8?
A customer asked the following question: Is there a way to convert an ANSI string directly to UTF-8 string? I have an ANSI string which was converted from Unicode based of the current code page. I need to convert this string to UTF-8. Currently I am converting the string from ANSI to Unicode () and then converting the Unicode to UTF-8 (). Is there a way to do the conversion without the redundant conversion back to Unicode? There is no multibyte-to-multibyte conversion function built into Windows (as of this writing). To convert from one 8-bit encoding to another, you have to use Unicode as an intermediate ...
The giant typewriter eraser in the Olympic Sculpture Park in Seattle
The Olympic Sculpture Park in Seattle is open and free to the public all year around. (And I'm surprised they haven't gotten the heat from the IOC over use of the word Olympic.) One of the works is a giant typewriter eraser. When my friend took her niece (I'm guessing around ten years old at the time) to visit the park, the girl asked, "What's that?" — Oh, that's a typewriter eraser. Back before Wite-Out or eraser ribbons, this was how you corrected mistakes. This end is the eraser, and you use that end to brush the crumbs off. The next question was unexpected, but in retrospect, inevitable. "What's...
Puzzle: Can you explain this program's crash profile?
Some time ago, I was asked to help a customer study a set of crashes that had been collected by Windows Error Reporting. (You too can sign up to obtain access to crash data for your application.) The issue itself was the 325th most common crash in the ISV crash database, so fixing it would mean a lot toward improving the overall perceived stability of Windows. Fortunately, the issue was resolved relatively easily, but that's not what made the story interesting. What I found interesting was a little puzzle that faced me when I called up their crash profile. One of the items in the crash profile report is a histog...
Why doesn't the Windows Vista copy progress dialog show the names of the files being copied?, redux
As expected, everybody concluded that the Windows Vista copy progress dialog made every wrong decision possible. Let's look at some of the suggestions on making it suck less: Why not update the file name every five seconds to the file that is being copied at that time? Sure, you could do that, but the cost of getting the name is part of the problem. Retrieving the name is more than just "Remove everything after the last dot." You may have to look up localization information in order to display the name of the item in a manner appropriate for the user's preferred language. Since the operation being performed mi...
Welcome to the maze and enjoy the Habitrail
Last year, Microsoft Press and Microsoft Learning moved to new buildings in downtown Bellevue, bidding good-bye to The Maze. This was a nickname for their former building I had been unfamiliar with, but not having been to their building, I can't say whether the name is deserved or not. What I do know, however, is that the small cluster of buildings they moved from are connected by enclosed walkways, which are nicknamed the Habitrail due to their startling similarity to the hamster transportation tubes. Back in the old days, these corridors were lined with stand-up arcade consoles, owned by the people who work i...
That's a great idea, it's on the list
The great thing about the taskbar is that everybody and their pet dog have an idea for how it can be improved. The bad thing about the taskbar is that everybody and their pet dog have an idea for how it can be improved. (And everybody and their pet dog also think that their feature suggestion is the important one that should be worked on next. Especially if it's "just a tiny little feature.") For a few years, my office sat across the hall from the person responsible for the taskbar design and features. To help manage all the wonderful ideas that came in, my colleague maintained a spreadsheet of all suggestions ...
How do I accept files to be opened via IDropTarget instead of on the command line? – bonus content
One of my colleagues tipped me off to some additional resources on the subject of using the DropTarget technique for accepting files for execution. First, it turns out that there is an SDK sample that demonstrates the DropTarget technique after all. This sample is fifteen years late according to one commenter who apparently thinks that the Platform SDK needs to provide a sample for a feature that won't be invented for another twelve years. Maybe we can use the Microsoft Research project to predict the future. No wait, we also need to get them to invent the time machine so we can take the future-predictor ma...
Every window with the WS_SYSMENU style has a system menu, but it's not there until it needs to be
I mentioned last time that there's an optimization in the treatment of the system menu which significantly reduces the number of menus in the system. When a window has the window style, it has a system menu, but until somebody calls on that window, nobody knows what its menu handle is. Until that point, the window manager doesn't actually have to commit to creating a menu for the window; it can just pretend that the window has one. (This technique goes by the fancy name lazy initialization.) The window manager creates a global default system menu which contains the standard system menu items. If somebody pre...
When will the window manager destroy a menu automatically, and when do I need to do it manually?
Our old friend Norman Diamond wonders when you are supposed to destroy a menu and when you are supposed to let Windows destroy it. The rules for when the window manager implicitly destroys menus are actually not that complicated. Outside of the above situations, you are on your own. Of course, when I write that "you are on your own" I do not mean that "every code which sees a menu is responsible for destroying it." If that were the case, you would have a disaster as the slightest passing breeze would cause people to call all over the place. Rather, I mean that in all other cases, you need to "work it o...
How do I find the bounding box for a character in a font?
A customer had the following question: I'm looking for a way to get the height of text which consists entirely of digits, for example , as these characters do not have any descent or internal leading. I expected functions like to return the character's ascent minus the internal leading, but in fact it returns the ascent plus the descent plus the internal leading. I considered getting the font metrics and taking the , but I'm worried that numbers in other languages might have a nonzero descent and internal leading. Is there a function I can call to return the "real" height of the text? Well, first of all, t...
Cliff Notes: The short version of the Cliff Mass blog
Cliff Mass is Professor of Atmospheric Sciences at the University of Washington. To those of us in the Seattle area, he's a weather celebrity, appearing every Friday on local public radio station KUOW to provide a weekend weather forecast and discuss other weather issues. His blog covers similar material, such as his explanation of why weather radar shows lots of echoes even though there was no rain. His articles, while fascinating, are also quite long, so to help you get through them, there is the Cliff Mass TLDR blog. For example, the TLDR version of the mysterious echoes goes like this: The radar is ...
Why doesn't the Windows Vista copy progress dialog show the names of the files being copied?
When you copy multiple files in Windows Vista, the progress dialog gives you an estimate of the time remaining as well as an indication of what fraction of the operation has been completed. But one thing it doesn't tell you is the name of the file currently being copied. Why not? The programmer responsible for the file copy progress dialog in Windows Vista explained to me that there were a few reasons. First, there's the problem of presenting information to the user faster than the user could read it. All those filenames flashing by made users feel like they had lost control of the computer, as if it had decided...
Welcome to The New Old New Thing, 2010 edition
The blog server folks tell me that the upgrade is complete. Thanks for your patience. I'm told they will throw the switch early this afternoon. The new URL for this site after the switchover will be http://blogs.msdn.com/b/oldnewthing/, although there should be 301 redirects at all the old URLs so your existing links will still work. My colleague Michael Kaplan might say that the extra B is for badass. Or maybe it stands for bewildering. Or broken. Speaking of broken, you'll probably find a bunch of broken links, ugly layout, and other lameness (Pre-emptive snarky comment: that is, lameness beyond the normal l...
What's the deal with What's This??
Via the suggestion box, Matthew Douglass-Riley wonders about the history and fate of the What's This? button. (The same question was repeated by an anonymous coward.) The What's This? button (more formally known as the contextual help caption button) is turned on by the extended style and takes the form of a question mark. When the user clicks the button, the cursor changes to an arrow with a question mark, and when the user clicks on a child window, a message is delivered to that window. As originally written, the intended response is for the window to call the function with the command and information d...
SHAutoComplete giveth, and SHAutoComplete taketh away
The function lets you attach autocomplete functionality to an edit control, and there are flags that describe what sources you want the autocomplete to draw from. If you call a second time, the second set of flags replace the original flags. The flags do not accumulate. For example, if you first call , and then you later call , the result is that the autocompletion uses only the URL history. This replacement behavior (as opposed to accumulation behavior) is handy if you want to remove an autocompletion that you previously added. You just call a second time and leave off the flags for autocomplete sources yo...
We've traced the call and it's coming from inside the house: Operating system names
As the Windows Server 2003 project wound down, somebody reported a serious bug that went something like this: Subject: Windows Server 2003 still refers to itself as Windows .NET Server Previous versions of Windows report the product name correctly, but Windows Server 2003 still calls itself "Windows .NET Server" instead of Windows Server 2003. I've attached a copy of the program you can use to reproduce the problem. Indeed, if you run the program attached to the bug report, it does report when run on Windows Server 2003. Now to find out where gets the product name from, so we can find and fix ...
If you can detect the difference between an emulator and the real thing, then the emulator has failed
Recall that a corrupted program sometimes results in a "Program too big to fit in memory" error. In response, Dog complained that while that may have been a reasonable response back in the 1980's, in today's world, there's plenty of memory around for the MS-DOS emulator to add that extra check and return a better error code. Well yeah, but if you change the externally visible behavior, then you've failed as an emulator. The whole point of an emulator is to mimic another world, and any deviations from that other world can come back to bite you. MS-DOS is perhaps one of the strongest examples of requiring abso...
No good deed goes unpunished, part 2, redux
I noted some time ago that I have taken to "blaming" Exchange when someone assumes that my reply to a thread on a distribution list implies that I have taken responsibility for resolving their problem. One of my colleagues in another group is in a similar situation with respect to a different product, and he has taken to using the same basic formulation when sending issues back to the distribution list. One variation he used a while back gave me a chuckle: We need a new Exchange server. This one keeps stripping the mailing list.
An insight into the balance between forgiveness and permission
One of my colleagues shared this valuable insight into the balance between forgiveness and permission, which he in turn learned from a high-level manager in his organization: The statement that it is better to ask for forgiveness than to obtain permission is true 90% of the time. The key to success is knowing where the other 10% is.
If Windows 3.11 required a 32-bit processor, why was it called a 16-bit operating system?
Because it mostly ran 16-bit applications.
Maxing out the upsell-o-meter
Many grocery stores in the United States have a printer next to the cash register which prints out coupons customized to your purchases. If you buy the house brand of spaghetti, it might print out a coupon for a slightly more expensive brand of spaghetti. The goal with these coupons is to get you to try a fancier (and therefore more profitable) version of the product in the hopes that you will like it and switch. For reasons not important to the story, one of my colleagues needed to buy baby formula for his newborn son. He and his wife carefully researched the options and decided that the best brand to get was X...
How do I prevent users from dragging and dropping files in Explorer?
More than once, I've had a customer ask, "How do I prevent users from dragging and dropping files in Explorer?" Actually, three of them in the past year phrased it in an even more provocative way: "I want to write a program that hooks Explorer and displays a prompt before every drag/drop operation." This is one of those cases where you have to figure out what the customer really wants. They've solved half of their problem and are asking you for help with the other half. In my experience so far, when customers ask this question, their real problem is always one of the following: First, they just want to preven...
Things the locals know: How to have lunch at El Brillante
One of my colleagues moved to Granada last year, and he kindly provided me some recommendations for places to eat in Madrid. We found El Brillante easily, positioned across the street from the Atoche train station, with its back door and terrace facing the Museo Nacional Centro de Arte Reina Sofia (which mercifully goes by the nickname Museo Reina Sofia). But once you step inside to order your lunch, you enter a crowded, cacophanous world with people yelling back and forth and nothing even resembling a line. Here is how to have lunch at El Brillante: As you can see, it's a well-choreographed zoo. Oh, and t...
Why can I type a lowercase s with caron with the numeric keypad, but not a lowercase r with caron?
For concreteness, let's assume that you are using 437 as your OEM code page (which as we all know is not actually provided by the OEM) and 1252 as your ANSI code page (which as we all known is not actually the product of the American National Standards Institute). You can use Alt+0154 to type a Latin small letter s with caron because position 154 in code page 1252 is the Latin small letter s with caron. On the other hand, lowercase r with caron does not exist in code page 1252, nor does it exist in code page 437, so if you want to type that character, you're out of luck. The Alt+nnn...
The problem with setting up a story is that people focus on the set-up and miss the point of the story
In writing, one of the steps you need to perform is motivating the discussion. Now, technically, you don't have to do that, but if you just dive into the guts of a topic right off the bat, people are going to say, "What the heck is going on and why should I care?" Consider, for example, an article I wrote a while back on how to use WMI to obtain computer configuration information. To motivate the discussion, I considered a customer who wanted to collect computer manufacturer information programmatically (presumably for asset inventory purposes). But really, the reason wasn't important. It was just something for...
It rather involved being on the other side of this airtight hatchway: Consequences of enabling the kernel debugger
In the category of dubious security vulnerability, I submit for consideration the following report: A machine with the kernel debugger enabled is vulnerable to a denial of service attack from an unprivileged user. The unprivileged user need only deference a null pointer. Once this occurs, the computer becomes completely unusable to all users. Um, yeah. That's sort of the whole point of the kernel debugger, to halt system execution as soon as a problem has been detected. Enabling the kernel debugger requires administrative privileges, so it's not like unprivileged users can force a system halt on their own; the...
On nearly getting pickpocketed in both Lisbon and Madrid
My trip to Lisbon introduced me to another tourist phenomenon: pickpockets. It was around 10:30 in the morning, and I got on the train to head into town, planning to climb the steps through the Alfama district to visit the castle which looms over the city. The morning rush was over, and the Metro car was nearly empty. Just before the doors closed, a group of about four twentysomething guys stumbled onto the train, walking unsteadily and talking quite loudly among themselves. I found this immediately suspicious. They are acting drunk, but who is drunk at 10:30 in the morning? At 10:30, you're hung over, not drun...
Why can programs empty the clipboard when they start up?
Via the Suggestion Box, Johan Almén asks, "What was the rationale behind the decision to let Excel empty the clipboard when launched?" Why can an application empty the clipboard? Because it's there. After all, the point of the clipboard is to hold information temporarily. Programs are permitted to empty the clipboard, add data to the clipboard, or retrieve data from the clipboard. That's why it's there. (I'm assuming that the naming of the program Excel was just an example of a program, and that the question wasn't "Why doesn't Windows have a specific check for the program and block its clipboard acc...
Words you've had wrong your entire life
As a child, my mother would always call out "banzai" when she wanted me to raise my arms above my head so she could put on or take off a pullover shirt. I assumed that banzai was the word for "stick your hands in the air!" It wasn't until well into my adult life that my mother explained to me that, no, banzai does not mean "stick your hands in the air." It's a Japanese word meaning "ten thousand years", shouted as a term of approbation and accompanied by (you guessed it) throwing one's hands into the air. My mother was using it as a play term; in the United States, when you get your child to throw his hands into...
The many ways of converting a string from one language to another
A customer asked, "I'm looking for a way to convert English characters to another language. For example, if the target language is Arabic and the string is the word Hello, I want it to convert to H(Arabic)e(Arabic)l(Arabic)l(Arabic)o(Arabic)." The question is still vague, even with the assistance of the example, since it's not clear what "H(Arabic)" means. There are a variety of ways of converting a string from one language to another. Here are a few I was able to think of. As it turns out, the customer wasn't interested in any of these! What the customer wanted was, "Take the word Hello and imagine how you...
On the Portuguese custom of the couvert, and other restaurant customs
In restaurants in the United States, the custom is that anything brought to the table that you didn't order is complimentary. For example, after you place your order, the waiter returns to your table with a basket of bread. The bread is provided at no extra charge. These complimentary items are usually small, like some bread or a one-bite appetizer. (If anything bigger is brought to the table that you didn't request, it is customary to ask the waiter, "Is this ours?" just to make sure it wasn't delivered to the wrong table by mistake.) In Portugal, the custom is that these items (known as couvert) are brought to...
What are these strange =C: environment variables?
You won't see them when you execute a command, but if you write a program that manually enumerates all the environment variables and prints them out, and if you launch it from a command prompt, then you'll see weird variables with names like =C: and whose values correspond to directories on that drive. What are these things? These variables are part of the private bookkeeping of the command processor cmd.exe. That's why I added if you launch it from a command prompt to the steps above, because if you run the program from Explorer's Run dialog, you won't see them. If a cmd.exe is not in the chain of custody of...
Eating where the teenagers are: Pão Pão, Queijo Queijo
In Belém, directly to the east of the Mosteiro dos Jerónimos is a block of small shops, the most famous one of which being the Pastéis de Belém which sells the, um, Pastel de Belém, the Belém version of the unofficial dessert of Portugal. (This photo of a group of people eating was taken in front of the Pastéis de Belém shop. You can see the blue awnings in the background.) The place is always packed shoulder-to-shoulder with tourists. So turn around, leave the store, and walk back toward the Mosteiro dos Jerónimos. At about where the pink buildin...
How the shell converts an icon location into an icon
A customer had trouble getting an icon to display for a registered file type. In my resource file, I specify the icon like this: And when I register my file type, I set it like this: However, when I view an .xyz file, my awesome icon doesn't appear. On the other hand, if I change the 101 to a 0, then it works. Why? Isn't the number in the resource file the resource ID? Why yes, in fact, the number in the resource file is indeed the resource ID. But the number after the comma in the isn't. The format of shell icon locations (used most visibly by , but also used in other places) is , where...
Microspeak: The statistic known as BIS
I learned this term from a chart presented at a team meeting. It contained a column labelled BIS. When asked what those letters meant, the team manager explained that it's an abbreviation for butts in seats. Everybody in the room instantly understood. It is the number of actual human beings sitting at desks doing work. When doing project planning, you sometimes get carried away with the imaginary people who would be working on your project someday, treating them as if they were real people: coming up with features for these imaginary people to work on, projecting how many bugs these imaginary people will fix, lo...
Welcome to Belém, the scam artist capital of Lisbon
It has been quite a while since I was in Lisbon for a conference, but I still have a bunch of tiny travel stories. They may not be timely, but they're just stories. Lisbon is a wonderful city, and unlike Madrid, it doesn't have the feeling that it's overrun with tourists. It may very well be overrun with tourists, but at least it doesn't scream it at you. Well, until you get to the Belém neighborhood, which is where all the big monuments and famous historical buildings are. The sense begins to grow at the Padrão dos Descobrimentos (Monument to the Discoveries), and by the time you reach the To...
How do I accept files to be opened via IDropTarget instead of on the command line?
Commenter Yaron wants to know how to use the new IDropTarget mechanism for receiving a list of files to open. (Also asked by Anthony Wieser as a comment to an article.) The MSDN documentation on Verbs and File Assocations mentions that DDE has been deprecated as a way of launching documents and that you should use the DropTarget method instead. But what is the DropTarget method? (Note that the word method here is in the sense of technique and not in the C++ sense of function that belongs to a class.) The documentation in MSDN tells you what to do, but it does so very tersely. It says to create a key under ...
Welcome to Taiwan's premier English-only nightclub
One of my friends is fluent in both Mandarin and English. When she lived in Taiwan, she paid a visit to a nightclub whose gimmick was that you had to speak English. The target audience was not foreigners but rather native Taiwanese who learned English as a second language. My friend didn't have any problems with this rule, but many of the guests appeared to be struggling to conform. My friend paid a visit to the ladies' room, and there she overheard a conversation between two other guests. (They were speaking in Mandarin. Apparently, the rules aren't enforced in the bathroom.) "There's this cute guy out on the ...
If it's not yours, then don't mess with it without permission from the owner
It's surprising how many principles of real life also apply to computer programming. For example, one of the rules of thumb for real life is that is that if something doesn't belong to you, then you shouldn't mess with it unless you have permission from the owner. If you want to ride Jimmy's bike, then you need to have Jimmy's permission. Even if Jimmy leaves his bicycle unlocked in his driveway, that doesn't mean that it's available for anyone to take or borrow. In computer programming, the code that creates an object (or on whose behalf the object is created) controls what is done with the object, and if you'r...
A short puzzle about heap expansion
At the 2008 PDC, somebody stopped by the Ask the Experts table with a question about the heap manager. I don't understand why the heap manager is allocating a new segment. I allocated a bunch of small blocks, then freed nearly all of them. And then when my program makes a large allocation, it allocates a new segment instead of reusing the memory I had just freed. Under the classical model of the heap, the heap manager allocates a large chunk of memory from lower-level operating system services, and then when requests for memory come in from the application, it carves blocks of memory from the big chunk a...
What happens to the contents of a memory-mapped file when a process is terminated abnormally?
The same thing that happens when the handle is leaked.
He bought the whole seat, but we only needed the edge
After the Windows 95 project was released to manufacturing, but before the launch event itself, the team finally had a chance to relax and unwind after many years of hard work. The project manager decided to have a morale event to get everyone together to do something fun. A typical morale event might be going to see a baseball game, renting out a movie theater to watch the latest action flick, or something as simple as a picnic or a softball game. But this time, the project manager decided to do something different, something wild, something crazy, something everybody would talk about for days: He bought ...
Why doesn't TryEnterCriticalSection try harder?
Bart wants to know why the gives up if the critical section is busy instead of trying the number of times specified by the critical section spin count. Actually, there was another condition on the proposed new behavior: "but does not release its timeslice to the OS if it fails to get it while spinning." This second condition is a non-starter because you can't prevent the operating system from taking your timeslice away from you. The best you can do is detect that you lost your previous timeslice when you receive the next one. And even that is expensive: You have to keep watching the CPU cycle counter, and if...
Our legal department suggests you skip our salad dressing and just eat an avocado
Strange fine print.
Why can't I get my regular expression pattern to match words that begin with %?
A customer asked for help writing a regular expression that, in the customer's words, matched the string when it appeared as a standalone word. One of the things that people often forget to do when asking a question is to describe the things that they tried and what the results were. This is important information to include, because it saves the people who try to answer the question from wasting their time repeating the things that you already tried. That last entry was just to make sure that the test app was working, a valuable step when chasing a problem: First, make sure the problem is where you think it...
Email tip: When asking for help with a problem, also mention what you've already tried
When you ask a question, you should also mention what steps you've already taken when attempting to solve it on your own. First of all, it saves the people who decide to help you with your problem from exploring lines of investigation which you've already tried (and which you know don't work). "I tried setting the timeout to 60 seconds before issuing the call, but it still failed with the error ." Second, it cuts down on noise on the discussion list. — Try setting the timeout to a higher value. "I already tried that; it didn't work." Third, it demonstrates that you cared enough about the problem to try...
Email tip: When you say that something didn't work, you have to say how it didn't work
I illustrate this point with an imaginary conversation, inspired by actual ones I've seen (and, occasionally, been a frustrated party to). From: X I want to do ABC, but I don't have a DEF. Anybody know of a workaround? Somebody has an idea: From: Y Try mounting this ISO file into a virtual machine and trying the ABC from there. Unfortunately, it didn't work: From: X I tried that, but it didn't work. Any other ideas? When somebody suggests a troubleshooting step or a workaround, but when you try it and it doesn't work, you need to say how it didn't work. The person who made the suggestion had...
The difference between your job and your hobby
There was an internal discussion about what Microsoft employees should be doing that do not directly relate to their job responsibilities, such as what text editor programmers should be using to write and edit code. Should anybody who uses a programming editor other than Visual Studio be branded a traitor? How about somebody who prefers a smartphone made by a certain Cupertino company? (And for some reason, this discussion took place on the Microsoft bloggers mailing list, because many people consider it a mailing list whose members are bloggers, as opposed to a mailing list for discussing blogging. I happen to...
Why does the wireless connection dialog ask for your password twice?
Martin wonders why the wireless networking dialog asks you to type your password twice when connecting to an existing network. Yeah, that bothers me too, and I don't know why either. But while we're on the topic of wireless networking, I thought I'd share a little program that is just as useless as my answer above. (If other people get to hijack the topic, then I want to also.) Back in the early days of Windows XP, I found that my wireless networking adapter would constantly disconnect and reconnect. I never figured out why, but I did have a theory. (Theory: The wireless zero configuration service sa...
The mysterious stock bitmap: There's no way to summon it, but it shows up in various places
A number of stock GDI objects are made available by the function, but one stock GDI object that is mysteriously missing is the stock bitmap. You can't summon the stock bitmap, but it manages to show up in various places, some of them perhaps unexpected. The stock bitmap is a monochrome 1×1 bitmap which GDI uses in various places where it has to produce a even though there really isn't any bitmap worth speaking of. In other words, it's used when GDI has to return something but would rather return nothing. When you create a memory DC, the current bitmap selected into it is the stock bitmap. When yo...
Why are there two values for NoDriveTypeAutoRun which disable Autoplay on drives of unknown type?
The Windows 2000 Resource Kit described the policy as consisting of a bitfield whose values are as follows: Hey, wait, two of the entries are the same. What's the difference between 0x1 (Disables Autoplay on drives of unknown type) and 0x80 (Disables Autoplay on drives of unknown type)? The values in the bitfield correspond to return values of the function: The value 0x1 corresponds to bit zero, which means that the function could not tell what type of drive it is. On the other hand, the value 0x80 does not correspond to any known return value of . It's reserved for future use. My guess as to ho...
When you create an object with constraints, you have to make sure everybody who uses the object understands those constraints
Here's a question that came from a customer. This particular example involves managed code, but don't let that distract you from the point of the exercise. I am trying to create a object using the constructor that takes an as input. In my .cs file, I create the native file handle using , as shown below. Then I create the object as so: The gets created fine. But when I try to do: it fails with the error "IO operation will not work. Most likely the file will become too long or the handle was not opened to support synchronous IO operations." Gives as (). The stack trace is as below. Can so...
It's a miracle humanity has survived this far, if reaction to the inability to make or receive a telephone call is to be believed
In one of the mailing lists devoted to chatting among people who work in a particular cluster of Microsoft office buildings, there was some discussion of the quality of mobile phone coverage in the parking garage. "I can't get a signal in any of the underground levels. This is intolerable!" — Here's an idea: Walk to ground level and make your call there. "But what if it's an emergency?" — Then run. (Or use one of the emergency phones.) Sometimes I wonder how humanity had managed to survive prior to the installation of mobile phone cell towers. Had these people been born just 30 years earlier, th...
How do I switch a window between normal and fullscreen?
Frederic Delhoume wants to know if there is a simple example of code that switches an application from windowed to fullscreen. He then included a code fragment that did some crazy things with parent windows and hiding and showing. You're making it way, way harder than it needs to be. Let's start with our scratch program and make these changes: To avoid getting into the intricacies of hotkeys and accelerators, I opted to toggle to fullscreen on a click. When the button goes up, we check whether we are currently in normal mode or fullscreen mode by sniffing at our window styles. If we are in normal mode, w...
Why can't you use WM_CTLCOLORSTATIC to change the color of a SS_BLACKRECT?
If you specify one of the static control styles which draw a frame or rectangle the control will be drawn with the corresponding color (which, as we saw last time, isn't actually black, gray, or white). If you try to customize the color by handling the message, you'll find that it has no effect. Well, yeah, because you said you wanted a black rectangle. If you want some other color, you could set the style to then draw the solid color in your handler. Or you can just use a text static control with no text. In that case, you can respond to in the usual way. Since you specified no text, all that will be dr...
Why doesn't SS_WHITERECT actually draw a white rectangle?
There are six styles available to the static controls which draw frames and rectangles in one of three fixed colors: But if you actually create a static control with one of these styles, you'll find that the color isn't actually black, gray, or white. So why are they called black, gray, and white? Because they used to be black, gray, and white. Knowledge Base article 125684 gives the history behind these styles. Back in the 16-bit days, these styles really did give you black, gray, and white, or at least they did if you used the default color scheme. Windows 95 shifted from using the window colors to t...
How to edit the security attributes of more than one file at a time
In Windows XP, you could select multiple files, right-click them, then select Properties. The resulting property sheet includes a Security page which lets you edit the security attributes of those files. But when you repeat this exercise on Windows Vista or Windows 7, the Security page is missing. Why doesn't Explorer let you edit the security attributes of more than one file at a time? Windows might need to display an elevation prompt if any of the files in the collection require administrator privileges in order to modify the security attributes. The security prompt needs to tell you why you are...
Microspeak: SQMmed
The letters SQM originally stood for Service Quality Monitoring, but that doesn't really answer the question, "What is SQM?" SQM is the internal code name for the technologies behind what is publically known as the Microsoft Customer Experience Improvement Program. This is a voluntary program that customers can opt into, which gathers information about Office (say), information such as which menu options you use most often, how often you undo an autocorrection, what types of "impossible" things the program had to recover from, which error messages you've been shown, and which file format converters you use. (T...
When people ask for security holes as features: Non-administrators reading other users' stuff
Via the suggestion box, Aaron Lerch asks whether a non-administrator can retrieve/evaluate environment variables as they would appear for another user. This falls into the category of asking for a security hole as a feature, specifically an information disclosure security hole, because you are extracting information from a user's private data which has security access controls that do not grant everybody access. Generally speaking, users have full access to their data, as does the operating system itself, but nobody else. Administrators can get access to the data by taking ownership and modifying the ACL or ...
Why do non-folders in my shell namespace extension show up in the folder tree view?
A customer was having trouble with their shell namespace extension: When we click the [+] button next to our shell namespace extension in the folder tree view, the tree view shows both files and folders, even though it's supposed to show only folders. Our does return the correct values for (including it for the folders and omitting it for the non-folders). What are we doing wrong? The tree view enumerates the children of a folder by calling and passing the flag while omitting the flag. This means that it is only interested in enumerating child folders. Child non-folders should be excluded from the enumer...
EnumClaw, the function that never was
bhiggins asks about the mysterious function that existed in some versions of the Win32 documentation. I went digging through the MSDN archives and was close to giving up and declaring the cause lost, but then I found it: A copy of the documentation. EnumClaw The EnumClaw function returns the child or the parent of the window whose HWND is passed in. Parameters hwndParent [in] Handle to the parent window. Return Values If the function succeeds, the return value is the HWND of the child of the hwndParent window. If the window has no child, the return value is the HWND of the parent of the hwndPa...
2010 Q1 link clearance: Microsoft blogger edition
It's that time again: Sending some link love to my colleagues.
The great thing about URL encodings is that there are so many to choose from
A survey.
Non-Microspeak: Boiling the ocean
Some time ago, MSN Careers listed Boil the ocean as a workplace phrase you should learn. Thankfully, the phrase (meaning "to attempt something impossibly ambitious") is not currently in wide use in Microspeak. However, a friend of mine who works in another industry tells me that it is not only very much alive in his line of work, it became corrupted as it was imported. My friend's industry involves companies from around the world, and although the working language for meetings is English, most of the participants are not native speakers of the language. He suspects that the phrase boil the ocean was introduced ...
Ruth Bader Ginsburg, the yardstick for Wikipedia entries
I use Ruth Bader Ginsburg's Wikipedia entry as a yardstick for other Wikipedia entries. At the time I'm writing this blog entry, her Wikipedia article is 1600 words long. So 1600 words is how many words Wikipedia assigns to the 20th most powerful woman (and the most powerful female lawyer) in the world. By comparison, Wikipedia has collectively decided that the 2007 Philadelphia Eagles season merits 5500 words. The exploits of a lackluster last-place American football team therefore clocks in at 3.4 Ginsburgs. In a sense, Wikipedia says that a last-place football team's exploits is over three times more signif...
What happens to the control names in the IDE when my program is running?
nick_journals demonstrates some confusion about names in source code and their relationship to runtime behavior. A topic I am particularly interested in is the naming of controls, how it works... Every control gets a name from a developer...via the IDE (e.g btnOK) When using this function: GetWindowLong(handle,GWL_ID) it doesn't return the name itself but mostly a number or nothing. What is GWL_ID, the documentation isn't very clear on this. How does this whole system work, what are these numbers and where are the 'real' names? I'm going to answer the questions most technical first. That way you can...
WaitForInputIdle waits for any thread, which might not be the thread you care about
We saw last time that the function waits only once for a process to go input idle. Even if the process later stops processing messages, will return immediately and say, "Yeah, he's idle." The way a process is determined to be input idle is that it is waiting for user input when there is none. This translates into the process sitting in a function like or when there are no messages. But what if a process has more than one thread? And what if one of the threads is waiting for input, while the other is busy and unresponsive? The function will treat the process as having gone input idle, even if the ready thre...
WaitForInputIdle should really be called WaitForProcessStartupComplete
The function waits for a process to finish its initialization, which is determined when it reaches a state where it is just sitting around waiting for messages. The documentation for doesn't even get around to the initialization part until the Remarks section. If all you read is the one-sentence summary, Waits until the specified process is waiting for user input with no input pending, or until the time-out interval has elapsed, it would not be unreasonable for you to conclude that a process goes into and out of the input idle state each time it processes a message. But no, it's a one-time transition. If you ...
First, try reading the error message, episode 3: Even programmers see error messages without reading them
As we all know, users don't read error messages. And, sad to say, this behavior extends to the group of people you would think pay the most attention to error messages, namely, programmers, who are the people who cause your computer to display the error messages! Today's example comes from an internal programmer's tool which I will call Program Q. I'm trying to back out an update I made to record 19 of our table (which was entered as transaction 512), but I can't get it to work: What is the problem here, and how do I fix it? The transaction couldn't be backed out because somebody else made a chan...
Why does it take longer to reject an invalid password than to accept a valid one?
You may have noticed that it takes longer to reject an invalid password than to accept a valid one. There are a few reasons for this. First of all, it simply takes longer to confirm that a password is invalid. Your local computer retains a password cache. This password cache improves performance of local authentication operations, such as unlocking a workstation. If you unlock the workstation with the same password you used to log on, then the password is assumed to be good. This allows the workstation to unlock quickly. Without the password cache, unlocking the workstation would require going back to the dom...
Germans are falling for the same trap as the Japanese: Importing words from English and changing the meaning, but the Germans do it even though the words didn't need to be imported at all
Languages borrow from each other all the time. English has historically been a happy perpetrator of word-theft, but in recent decades, it has been serving as the source for a lot of theft, too. What I find particularly interesting, though, is when a word is borrowed and given a meaning in its new language different from its meaning in the source language. Japanese is famous for this, For example, they take the English phrase white shirt and import it as waishatsu, which means not white shirt but dress shirt. In Swedish, the phenomenon of importing English into Swedish is known as svengelska, a blend of svenska ...
Why does SHFileOperation have internal error codes for DVD?
Because that's what you do when DVDs show up.
How many days long is a one-day sale? The answer might surprise you
A friend of mine received a flyer for a major department store proudly proclaiming that they were having a One-Day-Only sale. Sale prices were in effect on Saturday and Sunday. Previously on the subject For large values of 1. If this keeps up, I may have to create a subcategory for it.
How does delay-loading use binding information?
In the documentation for delay-loading, there's a remark that says that the call to can be avoided if there is binding information. A customer who received the explanation of why you can't delay-load pointed out that paragraph and asked whether this means that you can delay-load if you bind to it. (Getting around to answering this question was the point of the past few days.) Let's take another look at what that -avoidance optimization does. Actually, it's just another look at what the module loader does when it's time to resolve imports to a bound DLL: At build time, the actual function pointers are pre...
What is DLL import binding?
Last time, we saw how hinting is used to speed up the resolving of imported functions. Today, we'll look at binding. Recall that the module loader resolves imports by locating the function in the export table of the linked-to DLL and recording the results in the loaded module's table of imported function addresses so that code from the module can jump indirectly through the table and reach the target function. One of the consequences of this basic idea is that the table of imported function addresses is written to at module load time. Writeable data in a module is stored in the form of copy-on-write pages....
What is DLL import hinting?
Binding and hinting are two types of optimizations to improve the load-time performance of a module (executable or DLL). We'll start with hinting, then look at binding, and then look at how it affects delay-loading. The import table for a module contains a list of DLLs and a list of functions from that DLL which the module wishes to link to. The basic idea is that for each target DLL, the linker loads the DLL and then obtains the address of each imported function and from that DLL, records the results in the loaded module's table of imported function addresses. Hinting is a technique for speeding up this look...
Raymond's highly scientific predictions for the 2010 NCAA men's basketball tournament
Once again, it's time for Raymond to come up with an absurd, arbitrary criterion for filling out his NCAA bracket. This year, we go to the well-known dispute arbiter Google Fight. The criterion is the number of Google hits for the quoted phrase "%s basketball", divided by the school's seed. (I would have used Bing hits, except Bing's numbers are highly erratic. Only 291 hits for "Arkansas-Pine Bluff basketball"? The results may be more meaningful, but I'm not looking for meaningful results; I'm looking for numbers I can plug into my bracket-o-matic.) Once the field has been narrowed to eight teams, the result...
Why does my control send its notifications to the wrong window after I reparent it?
Because it's still talking to the old parent.
Robots and humans coexisting, can it be done peacefully?
Everybody who follows science fiction knows that if you have robots and humans living in the same world, eventually something bad happens to the humans.¹ But we're going to chance it one more time. Every so often, I stumble across a Web site that translates my articles into another language. I occasionally see a Japanese translation, and I think there's a Russian translation out there somewhere. In addition to those human translations, there are also robot translations available through your favorite online translation service. Now the two can coexist. There's a new widget on this page which generat...
A window can have a parent or an owner but not both
One of the five things every Win32 programmer should know.
Simplifying context menu extensions with IExecuteCommand
The interface is a simpler form of context menu extension which takes care of the annoying parts of so you can focus on your area of expertise, namely, doing the actual thing the user selected, and leave the shell to doing the grunt work of managing the UI part. I've never needed a scratch shell extension before, so I guess it's time to create one. This part is completely boring, and those of you who have written COM inproc servers can skip over it. I'm assuming that the above code is all old hat. Consider it a prerequisite. Okay, now the good stuff. The interface is used when you create a static reg...
Why does the OLE variant date format use 30 December 1899 as its zero point?
It's a long, sad story.
Application compatibility layers are there for the customer, not for the program
The customer is the victim, not the program.
One of the consequences of accepting a job offer is that you might end up working with an interviewer who didn't like you
At an informal gathering, my colleagues and I started talking about our experiences being interviewed at Microsoft. One of the people there remembered how one of the pieces of feedback on the interview lo these many years ago was that although my colleague was certainly smart enough and hardworking enough, there seemed to be insufficient enthusiasm for the subject matter. I mean, my colleague cared about the subject matter but apparently didn't care enough to satisfy the interviewer. The offer was extended despite this reservation, and my colleague joined the team. Years passed, and the details of the encounter w...
Why is the fine for a basic traffic infraction in the state of Washington such a random-looking number?
Willy-Peter Schaub was puzzled by a sign reminding drivers that the fine for obstructing an intersection is $101 and wonders what the extra $1 is for. The laws of the State of Washington defer the monetary value of traffic fines to the Infraction Rules for Courts of Limited Jurisdiction (more commonly known as the IRLJ), specifically section 6.2: Monetary Penalty Schedule for Traffic Infractions [pdf]. But wait, the fine listed in the IRLJ is only $42. Where did $101 come from? In addition to the base fine in the IRLJ, RCW 3.62.090 specifies additional assessments: Section (1) specifies a 70% assessment f...
PSM_ISDIALOGMESSAGE is to modeless property sheets as IsDialogMessage is to modeless dialog boxes
Dialog boxes and property sheets are similar in that most of the time, you use them modally. You call or , and the function doesn't return until the user closes the dialog box or property sheet. But you can also use dialog boxes and property sheets modelessly, using or by including the flag when you call . One of the more common problems people have when managing a modeless property sheet is finding that keyboard navigation doesn't work. The reason is the same as with modeless dialog boxes: You forgot to process dialog messages. But if you use the wrong function to process the dialog messages, then you don't...
The best actors in the business still lean into the microphone when they talk
Now let me get this straight. The Oscars honor, among other things, the best actors in Hollywood. These are people who have devoted their professional careers to reciting dialog in front of a camera and making it look spontaneous and natural. But for some reason, put them on stage at the Oscars, and instead of reciting dialog spontaneously and naturally, they read it stiltedly and lean into the microphone while doing it. And these are the best actors in the business?¹ It's like hosting a music award show and finding that all the performers suck at singing. ¹Oh wait, sorry, it's not a business. It'...
Why doesn't double-right-click bring up the Properties dialog?
kip asks why double-right-click isn't a shortcut for Properties. Recall the logical consequences of the way Windows converts single-clicks into double-clicks. The double-click action is an extension of the single-click action. In the case of context menus, the proposed double-right-click action is not an extension of the single-right-click, because the single-right-click displays a menu, whereas the double-right-click would go directly to the Properties dialog. Indeed, the way context menus are positioned on the screen specifically negates the possibility of double-right-click, for the context menu positions ...
Delegation of responsibilities within a family during pregnancy
When friends of mine were expecting their first child, the wife frequently received comments like "That's okay. You're eating for two now." The husband had a response ready: "If she's eating for two, I'm drinking for three!"
How do I access the magic IEEE floating point values like NaN in code?
There are functions like , , , and for detecting that a floating point value is one of the special values like NaN, but how do you actually generate one of these values? You can access these values from the template. Wait, where's negative infinity? The compiler folks provided these handy little definitions for when you need to generate a special value (as opposed to merely detecting one), and for which the template comes up short. Disclaimer: Applies to Microsoft Visual Studio. Your mileage may vary. Use the template when available. Bonus chatter: Note that you must use functions like to detect...
Everyday is Grammer Day
March fourth is not just a pun on march forth, but it's also National Grammar Day, sponsored by the Society for the Promotion of Good Grammar.
What happens if I drag the mouse by exactly the amount specified by SM_CXDRAG?
The drag sensitivity is specified by the system metrics and . What happens if I drag the mouse by exactly the amount specified by these two parameters? Nothing. These parameters control the drag insensitivity of the mouse. If your mouse motion is less than or equal to this amount, then nothing happens. This is spelled out in the documentation for : The number of pixels on either side of a mouse-down point that the mouse pointer can move before a drag operation begins. It's how far the mouse can move before the system detects a drag. In code, the algorithm is as follows: Some people appear to have re...
Voicemail security, even stronger than bank security
Microsoft's telephone department takes security very seriously. Your voicemail password must be at least eight digits long. By comparison, the password for my ATM card is only four digits long. Because voicemail is that important, I guess. (Yes, I know about two-factor authentication. I'm writing this only half-jokingly.)
Microspeak: Dialogue
Why have a conversation when you can dialogue? I think this is minimal work, but do others care? If they don't, then this is one for the ideas that failed bin. If they do, well let's dialogue... No need to talk when you can dialogue.
Chilly Hilly 2010 kicked my butt
This year, I was woefully unprepared for the annual Chilly Hilly ride, not having gotten on my bicycle for the entire month of February. And I paid dearly for this lack of preparation, conking out and ending up walking up some of the last few hills. I rode with a few other people, but I quickly ended up lagging behind them. They would sometimes stop to let me catch up, but I told them not to bother and just go at their own pace. At one point, I ran over a nail and lost precious time to a flat tire. (I took the flat tire as an opportunity to take my midpoint break, since it occurred just a half mile or so from t...
When does STARTF_USESHOWWINDOW override the parameter passed to ShowWindow()?
kokorozashi wants to know what the rules are which govern when the second parameter to is overridden by the flag. The guiding principle is that the parameter is ignored if the window manager thinks that the window you're creating is the application's main window. The details behind the implementation of this principle change over time, so everything from here down is implementation detail and should not be relied upon. I'm providing it merely to satisfy your curiosity. To reiterate, do not rely on information in the second half of this article because it can and will change. In fact, just to emphasize the ...
Microwave popcorn enthusiast proudly proclaims, "I *am* popcorn!"
Oscar Night is a few weeks away, but when you settle in to watch the show with your bowl of popcorn, please be aware that inhaling deeply from the fumes of a freshly-opened bag of microwave popcorn is not the greatest decision you can make from a health standpoint. (Then again, you probably ought to reconsider eating microwave popcorn in the first place, but let's leave that aside.) A disease informally known as popcorn lung afflicts people who work in popcorn factories and has been known since 2002. But in 2007, doctor diagnosed the first case of popcorn lung in an end-user. The risk is not from eating the popc...
It's fine to use fibers, but everybody has to be on board with the plan
We saw fibers a long time ago when I looked at how you can use fibers as a form of coroutines to simplify the writing of enumerators. A fiber is a handy tool, but it's a tool with very sharp edges. Since fibers are promiscuous with threads, you have to be careful when running code that cares about what thread it is running on, because that code may discover that its thread changed out from under it. For example, critical sections and mutexes remember which thread owns them. If you enter a critical section on a fiber, and then you unschedule the fiber, then reschedule it onto a different thread, and then you l...
Food products that are offenses against nature: Bagel-fuls
Wow, it's been a long time since my last rant against food products that are offenses against nature. Today's rant is against Bagel-fuls, a product which Kraft launched in April 2008. Bagel-fuls (note the hyphen and the lowercase "f") are a dense, doughy material formed into a log shape, with a cream cheese filling. Think of them as Twinkies, but with cream cheese instead of a sugar cream filling, and with a dense, doughy substance instead of whatever alien material it is they make Twinkies out of. The great thing about this product is that it is an attempt by Kraft to learn its lesson from a previous faile...
What happens to the fibers which ran on a thread when the thread exits?
What happens to the fibers which ran on a thread when the thread exits? Are all the fibers destroyed? No, only the currently-executing fiber is destroyed. Fibers running on other threads and fibers which are not running on any thread at all are not affected. Fibers do not have thread affinity (when not running), and they do not remember what threads they have been run on. Indeed, one of the features of fibers is that you can switch away from a fiber on one thread, then switch to that same fiber on another thread, and that fiber will resume execution on the new thread. Fibers are the social butterflies of schedu...
German language tip: Matratzen = mattresses, Matrosen = sailors
Be careful not to confuse the two. Since we're sharing: During a conversation in German, I talked about seeing Unfall (accident) instead of Abfall (garbage) on the street. To my credit, I immediately corrected my error. To my discredit, the error was made at the state finals of a German language contest.
Why does the CBS_SORT combo box style sort the left square bracket so strangely?
Some time ago, Michael Kaplan asked (and answered), How the @#%&*! does choose to sort it all out? One detail in his answer is that the sorting algorithm used by is basically , with special treatment for the left square bracket U+005B. Why is the left square bracket so special? It goes back to the message (which is in turn used by , , , and related functions). If you ask for drives to be added to the list or combo box, they are added in the form , where is the drive letter. The left square bracket is special-cased so that the drive letters sort to the top of the list. Of course, and related functions...
Le Chatelier's principle in action: Announcements
As I noted some time ago, one of the most important lessons I learned from Systemantics is Le Chatelier's Principle for complex systems which states, "Every complex system resists its proper functioning." At Microsoft, there are processes galore. For example, when a server is taken down for planned maintenance, you can expect a series of messages, perhaps following this pattern: The problem with this is that you often receive notifications for servers you have no interest in, indeed whose mere existence you were previously entirely unaware of. The notification messages don't include instructions on how to st...
On the Internet, everybody wants to know if you're a dog
On Slate, Michael Agger expounds on increasing pressure for people to provide pictures of themselves online. I've managed to resist so far. That article also tipped me off to a phenomenon I didn't even know had a name: MySpace angles.
Custom navigation in dialog boxes, redux
SuperBK asks, "What's the proper way to add keyboard support to a dialog box?" There are many options available to you. The most traditional way is to pick them off in the dialog loop, either hard-coding the keys in code or putting them into resources by moving them to an accelerator resource. Moving them to an accelerator resource is a good idea if the keys are subject to translation (for example, if they are mnemonic). On the other hand, picking them off in code is your only choice if the action you want to take cannot be mapped to a message (or if you simply don't feel like creating such a mapping). Super...
How many servings are there in a single-serve cup? The answer might surprise you
I was in the grocery store, and there was a sign advertising a new product. Delight in a cup Your favorite XYZ Ice Cream Now in convenient single-serve cups. I took a look at the cup. Seemed kind of big for a single serving. I picked one up to read the nutritional information. Servings per container: 2
The normal string manipulation functions stop on a null terminator, so be careful when manipulating double-null-terminated strings
One of the many gotchas of working with double-null-terminated strings is accidentally using functions on them which were designed to operate on single-null-terminated strings. Now, you do need to use those single-null-terminated strings, but you also need to know when they won't do what you want. One of the responses to my psychic detection that somebody passed a single-null-terminated string to is, "Oh, no, I double-null-terminated it. Look: See, I put an extra at the end." Well, yeah, you put an extra at the end, but all that does is terminate the format string. The function accepts its format st...
Don't forget to double-null-terminate those strings you pass to SHFileOperation
About once every two months for the past six months (I stopped checking further back), somebody reports a problem with the function. Often, they don't include very much information at all. They just say, "I call the function and it doesn't work." Here's an example: I'm hitting a problem with when using it to frob files in the gonzo directory when the user's SID ends in an odd number. The function returns file not found, but the file is definitely there. If you read the variable names carefully, you can see the problem. The and members of the structure are double-null-terminated strings. (There's...
Happy birthday, Windows 2000, and try not to get too hung over
On this date ten years ago, Windows 2000 launched in San Francisco. One of my colleagues was working as a staff member at the Windows 2000 Conference and Expo in San Francisco, an event which accompanied the Windows 2000 launch event. Also working at the event was his boss's boss, and the two shared a hotel room. Their flight back to Redmond wasn't until late in the afternoon, so they decided to spend their last day in San Francisco being tourists in their host city. Hopping on a cable car, walking down the crooked street, seeing the sights in Chinatown and Fisherman's Wharf, all the standard tou...
The fundamental rule of rocket science
Pretty straightforward.
It rather involved being on the other side of this airtight hatchway: Dubious escalation
Consider this type of dubious security vulnerability: There is a buffer overflow bug in kernel driver X. To exploit it, call this function with these strange parameters. The exploit works only if you are logged on as administrator, because non-administrators will get . Yes, this is a bug, and yes it needs to be fixed, but it's not a security bug because of that only if you are logged on as an administrator clause. It's another variation of the dubious elevation to administrator vulnerability. After all, if you're already an administrator, then why bother attacking kernel mode in this complicated way? Ju...
Advocating the overthrow of the government of the United States by force or subversion
It has been widely reported that South Carolina now requires "subversive groups" to register with the Secretary of State (and pay a $5 filing fee). Curiously, the list of organizations which must register include "an organization subject to foreign control." I wonder if this means that all consulates have to register, and that when any foreign dignitary visits South Carolina, they have to pay a $5 filing fee. (Not to mention all foreign-owned companies like Shell Oil.) Actually, it has been pointed out that a "subversive organization" includes one which advocates, teaches, or practices the propriety of contro...
Private classes, superclassing, and global subclassing
In the suggestion box, A. Skrobov asks why it's impossible to superclass , but the example that follows is not actually superclassing. When I register my own class under this atom, and leave NULL in WNDCLASS.hInstance, Windows fills it in for me. Then I have two distinct classes registered: (0,WC_DIALOG) and (hMyInstance,WC_DIALOG), and DialogBox functions all use the first one. This question is a bit confused, since it says that the goal is to superclass the dialog class, but registering is not superclassing. First, I'll refer everyone to this MSDN article which describes the various ways of manipulati...
A decidedly Canadian response to the shambles that was the running portion of the modern pentathlon in Beijing
Living so close to the United States-Canada border means that there's a lot of friendly teasing of the many Canadians in our midst. It's a good thing Canadians as a whole seem to have a pretty good sense of humor about it. (Well, except the Quebecers. Those humorless grumps.) The final stage of the modern pentathlon is supposed to be a cross-country course, run through grassy fields, with occasional obstacles like a brook that needs to be hurdled. At the 2008 Olympics in Beijing, however, the course didn't so much resemble a cross-country run as it did waiting in line at Disneyland. Instead of traversing an outd...
How do I get information about the target of a symbolic link?
Functions like and , when asked to provide information about a symbolic link, returns information about the link itself and not the link destination. If you use the function, you can tell that you have a symbolic link because the file attributes will have the flag set, and the member will contain the special value . Okay, great, so now I know I have a symbolic link, but what if I want information about the link target? For example, I want to know the size of the link target, its last-modified time, and its name. To do this, you open the symbolic link. The I/O manager dereferences the symbolic link and gives...
A sense of the term anonymous with which I had previously been unfamiliar
I was filling out one of those online satisfaction surveys, and in the introduction, it reassured me that This survey is anonymous. The first question on the survey: Enter the support request (SR) number below. Yeah, because they'll never be able to trace the support request number back to me. (I suspect that the reason for this contradiction is that the organization that wanted to conduct the survey used a site that supports either anonymous surveys or tracked surveys, and they opted for the anonymous survey for whatever reason—maybe it's cheaper?—but they actually wanted a tracked survey, so...
Those annoying satisfaction surveys
It seems that the United States has gone satisfaction survey mad. You get your oil changed, they ask you to fill out a satisfaction survey. You make a doctor's appointment, they ask you to fill out a satisfaction survey. You call the company technical support phone line, they ask you to fill out a satisfaction survey. These surveys typically ask you to rate how well various aspects of the interaction went, be it how easy it was to make the appointment, how knowledgeable the person who helped you was, how long you had to wait, whether the music in the waiting room was soothing, and what really bothers me is that ...
No matter what you do, someone will call you an idiot, part 2
There was quite a bit of reaction to what I thought was a simple "Hey, here's what's going on" article from last year, specifically on how the Adaptive Display Timeout means that Windows doesn't always start the screen saver exactly on time. As you may recall, this feature adjusts the time it takes for the screen saver to activate if the user keeps dismissing it immediately after it starts. One of those small things that makes the computer adapt to you rather than vice versa, and an adaptation that you probably don't even notice when it happens. I think these two responses below summarize the extremes of the ty...
Moving by staying put
A few years ago, Michael Kaplan opined on his distaste for office moves, particular the ones for which there appears to be very little benefit. One of his options was "interview with whatever group moves into Building 24 and work for them instead." Many years ago, an organizational change to the project I was working on resulted in my group ceasing to exist. The reason isn't important to the story; what's important is that the members of that group were redeployed to other parts of the project. At the time, I hadn't yet learned that material goods are a burden, and I dreaded moving offices because of all the ...
The 2010/2011 Seattle Symphony subscription season at a glance
Every year, I put together a little pocket guide to the Seattle Symphony subscription season for my symphony friends to help them decide which ticket package they want. As before, you might find it helpful, you might not, but either way, you're going to have to suffer through it. Here's the at-a-glance season guide for Gerard Schwarz's final season as the orchestra's music director. For those not familiar with the Seattle Symphony ticket package line-ups: Most of the ticket packages are named Masterworks nX where the number is the number of concerts in the package, and the letter indicates which variation....
For better performance, set all your monitors to the same color format
Pplu wonders why programs run more slowly when the system is running with multiple monitors. Well, for one thing, of course, when you have more than one monitor, there's more stuff on the screen for the system to keep track of. It's the same reason that programs run more slowly on a large monitor than on a small monitor. And if there's only one monitor, then functions like become trivial if the flag is something like , because when there's only one monitor, answering questions like "What monitor is closest to this point"? becomes very easy. If your two monitors are not the same dimensions, then the union of ...
A simple Venn diagram teaches you the difference between Norway and Sweden
Not sure it helps, though.
Why doesn't my program receive the WM_DWMSENDICONICTHUMBNAIL message when I ask for an iconic representation?
A customer was having trouble adding Windows 7 taskbar integration features to their application: I'm trying to use the new Windows 7 taskbar integration features, but am running into a problem. I've made certain that my program has the and [corrected 8am] attributes set, yet I never receive a message in my window procedure. A member of the taskbar team invoked psychic powers: Is your program running elevated by any chance? If so, then you need to add the message to your UIPI message filter: Psychic powers once again save the day. That was it. Thanks! Note that forcing someone to in...
The Brits once again come up with a clever solution to the problem of the scatterbrained client
My friend :: Wendy :: got into a state where she kept misplacing her passport. (I guess she keeps moving it around.) The first time she misplaced her passport and gave up looking for it, she reported it missing and received a replacement. Then she misplaced the replacement, and while searching for it, she found the original. She reported the first passport as found; this keeps the issuing government happy since they can take it off their If Somebody Tries To Use a Passport with This Number, Arrest Her list. But they can't reactivate the original passport, because it takes time for the updated list t...
Why doesn't the shell animation control tell me the dimensions of the animation it is displaying?
As we saw some time ago, the shell animation control suffers from many limitations because its job is to be a scaled-down animation control instead of one of its more full-featured counterparts. One customer wanted to know how to load an animation into the shell animation control and then query its dimensions. Well, there is no message that reveals the dimensions of the animation. Why not? Because you should already know. You can't use the shell animation control a general-purpose animation control because of those pesky limitations. You can only use animations that you yourself authored to conform to the cont...
Long-term temporary parking?
On my way to work, I saw a Notice of Proposed Land Use Action. The proposed new use for the property was listed as long-term temporary parking. What the heck is long-term temporary parking?
What is the maximum length of an environment variable?
Depends on who is setting it.
It appears that car park computers revert to their native language, German, when placed under stress
A car park in Birmingham switches from English to German in times of stress. That reminded me that over a decade ago, a colleague of mine noticed an error message on the screen at the exit to the parking garage at the Seattle-Tacoma International Airport. The way the airport works, you pick up a ticket as you enter, and you pay your parking fee at vending machines stationed around the parking garage, and at the exit, you insert the (paid) ticket into the machine, which verifies that you paid your parking fee and opens the gate. When my colleague pulled up to the machine, instead of displaying the expected Plea...
Microspeak: Future-proofing
It has been famously said that England and the United States are two countries separated by a common language. The same holds true for Microspeak. In the Redmond dialect of Microspeak, we talk about extensibility: Designing a system with specific points where features can be added in the future, often by outside parties. For example, an example of an extensibility point in the shell would be a context menu handler or a namespace extension. In the Reading dialect of Microspeak, the term for this is future-proofing. On the other hand, if you use the term future-proofing in Redmond, people will interpret it di...
It looks a little like CMD except there is white on the background
Surely by now you've seen the video where NextGenHacker101 shows you how to use the "Tracer T" program to view "how many IP's are looking at Google", their name, and connection speed (to then to then to then). (And commenter squizz explains why it "worked" in spite of the http prefix.) But more awesome is the fact that somebody ported the video to linux! Bonus video craziness: It's in Korean but somehow that just adds to the insanity. (Warning: Five minutes of your life you will never get back.) The comments on the YouTube video identify the song as "Bo Pee...
Why can't I use the linker to delay-load a function from kernel32?
For some time (I am too lazy to look up when it was introduced), the Visual Studio linker has supported a feature known as delay-loading. But why can't you use this feature to delay-load a function from ? It would be very handy: If you write the program fails to load on versions of Windows which do not support the function because the Win32 load rejects loading a module that contains unresolved references. On the other hand, if you could mark as delay-loaded, then the code above would work, since the call to would be redirected to a stub that calls . Since the is performed only when the code path is hit...
How do I suppress full window drag/resize for just one window?
A customer asked, Is there a way to turn off Full Window Drag on a single window? I have a resizable control that I would like not update itself while resizing. It so happens that I wrote a sample program ages ago to illustrate how to do this. You can find it in the Platform SDK under . The source code is also reproduced in this Knowledge Base article. In addition to deferring painting, you may also want to defer layout if layout is expensive for your window.
Microsoft phenomenon: The annual award that winds up being awarded only once
The Grammy Awards will be handed out this upcoming weekend, an annual award that seems to have survived. A not uncommon phenomenon at Microsoft is the annual award that winds up being awarded only once. Because all the excitement is in the announcement, not in the actual award. Every year, we want to uniquely call out and recognize a set of people. I'm proud to kick off the XYZ Awards, which we will be given every year, starting this year, which recognize employees who best represent ABC and DEF. The XYZ Awards were indeed handed out that first year with great pomp and circumstance. And were never heard from...
What idiot would hard-code the path to Notepad?
There seemed to be a great deal of disbelief that anybody would hard-code the path to Notepad. Here's one example and here's another. There's a large class of problems that go like this: I'm running Program X, and when I tell it to view the error log, I get this error message: What is wrong and how do I fix it? Obviously, the file is missing. But how can that be? Well, Windows Server 2008 bit the bullet and removed one of the copies of Notepad. Once you learn this, troubleshooting the above problem becomes a simple exercise in psychic debugging. My psychic powers tell me that you're running Wi...
If you are trying to understand an error, you may want to look up the error code to see what it means instead of just shrugging
A customer had a debug trace log and needed some help interpreting it. The trace log was generated by an operating system component, but the details aren't important to the story. I've attached the log file. I think the following may be part of the problem. Any ideas? Thanks, Bob Smith Senior Test Engineer Tailspin Toys What struck me is that Bob is proud of the fact that he's a Senior Test Engineer, perhaps because it makes him think that we will take him more seriously because he has some awesome title. But apparently a Senior Test Engineer doesn't know what error 2 is. There are some error c...
Microspeak: Zap
You may hear an old-timer developer use the verb zap. That proposed fix will work. Until everybody gets the fix, they can just zap the assert. The verb to zap means to replace a breakpoint instruction with an appropriate number of NOP instructions (effectively ignoring it). The name comes from the old Windows 2.x kernel debugger. (Actually, it may be even older, but that's as far back as I was able to trace it.) The (zap) command replaces the current instruction with a NOP if it is an (the x86 single-byte breakpoint instruction), or replaced the previous instruction with NOPs if it is an (the x86 two-by...
Why doesn't the window manager have a SetClipboardDataEx helper function?
Jonathan Wilson asks why the clipboard APIs still require GlobalAlloc and friends. Why is there not a or something that does what does but without needing to call ? Okay, here's your function: Whoop-dee-doo. Historically, Windows doesn't go out of its way to include functions like this because you can easily write them yourself, or you can at least find a framework library that did it for you. Windows focused on doing the things that only Windows could do, providing you the building blocks with which you can create your own programs. Besides, the classic clipboard is so old-school. The OLE clipboard...
During process termination, the gates are now electrified
It turns out that my quick overview of how processes exit on Windows XP was already out of date when I wrote it. Mind you, the information is still accurate for Windows XP (as far as I know), but the rules changed in Windows Vista. What about critical sections? There is no "Uh-oh" return value for critical sections; doesn't have a return value. Instead, the kernel just says "Open season on critical sections!" I get the mental image of all the gates in a parking garage just opening up and letting anybody in and out. In Windows Vista, the gates don't go up. Instead they become electrified!...
Historically, Windows didn't tend to provide functions for things you can already do yourself
Back in the old days, programmers were assumed to be smart and hardworking. Windows didn't provide functions for things that programs could already do on their own. Windows worried about providing functionality for thing that programs couldn't do. That was the traditional separation of responsibilities in operating systems of that era. If you wanted somebody to help you with stuff you could in principle do yourself, you could use a runtime library or a programming framework. You know how to open files, read them, and write to them; therefore, you could write your own file copy function. You know how to walk a l...
The wrong way to determine the size of a buffer
A colleague of mine showed me some code from a back-end program on a web server. Fortunately, the company that wrote this is out of business. Or at least I hope they're out of business!
The hardest part of writing the video game Monty Python's Complete Waste of Time
Many years ago, I happened to have lunch with one of the programmers who worked on the video game Monty Python's Complete Waste of Time (read a review). This program was notable in many ways, most geekily that it was brought on board the Mir space station by astronaut Michael Foale. Anyway, during the course of lunch, I learned something unusual: "The hardest part of writing that program? Synchronizing the farts [sounds] to the video." Vaguely related : How the Space Shuttle and International Space Station use Outlook. Not really related: Trailer for IMAX Hubble 3D movie.
People just like you, for certain values of you
I received a brochure in the mail for a local church which says that it's "full of people just like you." Everybody in the brochure is white. "You'll fit right in!" it concludes. Bonus chatter: My friends guessed that perhaps the church members are all computer programmers who work at Microsoft and speak Swedish badly.
It's fine to rename a function in your DEF file, but when you do, you have to link to that function by its new name
Jeffrey Riaboy asks why, if he renames a function in his DEF file, attempts to link to the function by its old name fail. Well, um, yeah, because you renamed it. Let's take the situation apart a bit; maybe it'll make more sense. I'm going to ignore a lot of details (, calling conventions) since they are not relevant to the discussion and would end up just being distracting. I'm also going to assume we are running on an x86-class machine, just for concreteness. The same discussion works for other platforms; you just have to adjust the conventions accordingly. First, here is some source code for a DLL, let...
How you might be loading a DLL during DLL_PROCESS_DETACH without even realizing it
As you are I'm sure aware, you shouldn't be doing much of anything in your function, but you have to watch out for cases where you end up doing them accidentally. Some time ago, I was investigating a failure which was traced back to loading a DLL inside . Wait, what kind of insane person loads a DLL as part of shutting down? Shouldn't you be cleaning up stuff, not creating new stuff? The following is not the actual code, but it captures the same spirit: There is some global variable that contains a pointer to memory that was allocated by . In this case, I made it a cache, but the details aren't important...
I could just use a picture of a regular-sized shopping cart from farther away
Internet retailer woot! went to CES 2010 and covered it on their blog. (CES category.) But they don't cover what the media elite cover, the big announcements, the hot products. Nope, they cover the weird stuff. They have uncrating photos of CES itself, they infiltrate the The Consumer Breakfast Buffet Show, and they take super secret spy pictures of a miniature shopping cart.
It rather involved being on the other side of this airtight hatchway: If they can inject code, then they can run code
One category of the dubious security vulnerability is designing an insecure system, putting together an exploit, and then blaming one of the components of the exploit rather than the insecure system in the first place. I have found a critical security vulnerability in the XYZ scripting object which permits modifying files on the Web server itself. To effect this exploit, write a script which instantiates the control and use the method to tell it to save its contents. The method does not attempt to block directory traversal, so you can pass any path to the method and overwrite any file on the server. To d...
News flash: Wearing clothing keeps you warm
Every so often, I'll run across a statement of the obvious disguised as news and post it to the News flash tag, but the ones I've found have nothing on this collection of the 11 Most Painfully Obvious Newspaper Articles Ever. Just click through and slap your forehead. Bonus News Flash: Mark McGwire used steroids. I can't wait to see what other breaking news stories we'll have in the coming days. "Pope's religion identified." "Bear feces found in forest."
Why does GetCommandLine give me a corrupted command line?
A customer had the following problem: We're calling to retrieve the command line, and the documentation says that it returns a single null-terminated string. However, when we call it in our application, we find that it is actually a double-null-terminated string. The buffer returned consists of a series of null-terminated strings, one string per word on the command line, all stored one after the other, and with two null terminators at the end. How do I get the original string? Recall that the command line is just a conveniently-initialized variable in a process and once it's set up, the kernel doesn't really...
But that's not all: The story of that cheesy Steve Ballmer Windows video
While it's true that the cheesy Steve Ballmer Windows video had bad music, bad hair, and bad acting, it's also true that all that cheese was intentional. That video was produced for and shown at the Company Meeting, back when a mainstay of the Company Meeting was spoofs of popular television advertisements—what today would be called "virally popular"—with Bill Gates and other senior executives taking the starring roles. The "Crazy Steve" video was a spoof of late-night television advertisements, the most direct influence being the popular-at-the-time Crazy Eddie commercials. So enjoy the "Crazy St...
Weight Gain 4000, the competition
Some years ago, one of my colleagues mentioned at the lunch table, "I went hiking this weekend, and man, my backpack was so heavy. I weighed it, and it was like 35 pounds. And then I realized, wait a second, I'm overweight by 35 pounds. I'm carrying this heavy backpack all the time!" Thus began a collective weight loss competition we called Weight Gain 4000, named after an episode of South Park which had aired recently. ("I'm not fat; I'm big-boned!") I set up a Web page where people could enter their current weight, and it charted everyone's pounds over target weight as a function of time. Oh, and the goal was...
Pros and cons of using a four-year-old as your language instructor
I have a niece who is a native speaker of Chinese. Playing with her is a free language lesson, and there are advantages and disadvantages. One advantage is that you will learn all the basic words, and you won't run the risk that your instructor will accidentally use some advanced vocabulary that will throw you off. (You also learn some words that are very important to young children like butt and fart.) Fortunately, my niece's pronunciation is very good, so it's not like I'm accidentally learning to speak with a lisp or a childhood speech impediment. One disadvantage is that you're learning kiddie-talk: My nie...
Why aren't compatibility workarounds disabled when a debugger is attached?
Ken Hagan wonders why compatibility workarounds aren't simply disabled when a debugger is attached. As I noted earlier, many compatibility workarounds are actually quicker than the code that detects whether the workaround would be needed. Now suppose you find a compatibility problem with some applications that expect the function to return exactly or . You then change the function to something like this: Now, we add code to enable the compatibility workaround only if the application is on the list of known applications which need this workaround: What was a simple flag test now includes a check to ...
What is the hSection parameter to CreateDIBSection for?
The function creates a special type of bitmap known as a DIB section. We've worked with these guys before: The feature of DIB sections that is by far the most interesting is that the raw pixels in the bitmap are mapped into your process space as if they were normal memory, which you can read from and write to directly. But what is the deal with that funky parameter? Although the parameter receives "a pointer to the location of the DIB bit values," the documentation also says that if you pass , then "an application cannot later obtain a handle to this memory." That second part makes no sense. Why would I wan...
Learning how to cheat at Candy Land
My young niece received the game Candy Land and wants to play it several times a day. Naturally, I am frequently drafted as an opponent. I discovered that my niece cheats rampantly. Sometimes, she will advance three green squares instead of two. Or if a yellow card will take her to a licorice square (lose a turn), she will ignore it and go to the yellow square after that. But the best cheating takes place when she draws a pink location card which sends her backward. My niece is always careful to draw the card and turn it so only she can see what it is. If the card is an unfavorable one, she will hide it under ...
How to change the debugger attached to a process
Suppose your application crashes and debugger X is automatically connected because that's how the system happened to be configured. But you would prefer to use debugger Y. After installing debugger Y, how do you switch the debugger from X to Y? If you try to connect debugger Y to the process, you get the error code , because only one debugger can be connected to a process at a time. But if you disconnect the old debugger, the application will disappear with it. How do you escape from this Catch-22? Here's what you do. This trick works because the non-invasive mode of debugging do...
The wisdom of seventh graders: Success
Seventh grade students (ages 12 to 13, roughly) were asked to write an essay on what success is and how you know when you've achieved it. The assignment was given under standardized test conditions: 90 minutes with nothing but pencil and paper, with an additional hour available upon request. (In practice, few students ask for the extra hour.) Remember, these are only the funny sentences/excerpts. Do not assume that all students write like this. On the nature of success Recognizing success Steps which do not lead to success The fleeting nature of success The recipe for success Personal stories of succ...
Can you get rotating an array to run faster than O(n²)?
Some follow-up remarks to my old posting on rotating a two-dimensional array: Some people noticed that the article I linked to purporting to rotate the array actually transposes it. I was wondering how many people would pick up on that. I was surprised that people confused rotating an array (or matrix) with creating a rotation matrix. They are unrelated operations; the only thing they have in common are the letters r-o-t-a-t-i. A matrix is a representation of a linear transformation, and a rotation matrix is a linear transformation which rotates vectors. In other words, applying the rotation matrix to a vec...
Thanks for coming together to enjoy the holiday together, now get off my lawn
Due to a confluence of circumstances involving parents on an overseas vacation and other older relatives choosing not to attend (probably related to parents being out of town), I ended up being the oldest person at the extended family holiday dinner table. This was a first for me, and I resisted the urge to shout "Get off my lawn!" to the assembled masses or to bore younger relatives with rambling pointless stories from my youth. I guess this is the converse to a friend of mine who presided over a holiday family gathering at his house some years ago, and who realized that if seating at the dinner table were don...
Microspeak: Engagement
Meetings are so passé. You no longer have a meeting with a customer; you have an engagement: I have a customer engagement tomorrow and they have a question surrounding Feature X. Note that this use of the phrase customer engagement is different from the process known as customer engagement. The process is an ongoing interaction, a long-term activity to build customer loyalty. The author of the above sentence is not using it in the process sense (because you don't have "a" customer engagement; rather, a meeting is one component of the overall process of customer engagement). Nope, the author is jus...
How many sides are there to a snowflake? The answer may surprise your marketing department
Joe McManis runs the Snowflake Fail blog, which chronicles the various places non-hexagonal snowflakes are found in nature marketing. Bonus snowflake failage:
How about not granting debug privileges to users?
Commenter Yuhong Bao suggests, "How about not granting debug privileges on the user? This will make bypassing the protection impossible." This is such a great idea that Windows has worked that way for years. Normal non-administrative users do not have debug privilege. They can only debug processes that they already have to. In other words, non-administrative users can only pwn processes that they already pwn. No protection is being bypassed since you had full access in the first place. The SeDebugPrivilege allows you to debug any process, even those to which you do not have full access. This is clearly dang...
The goggles, they do nothing!: Gemulator advertisement from 1992
Darek Mihocka, proprietor of emulators.com, and whom I linked to a few years ago, released the source code to Atari ST emulator Gemulator 9.0, and in celebration, he also posted his 1992 promotional video to YouTube: Part 1, Part 2, Part 3. Warning: It's a really bad video. The music, the hair, the cheesy video effects, the bad acting, oh did I mention the hair? But it's also a trip in the wayback machine. Pre-emptive snarky comment: "You idiot, you got the quote wrong. It's 'My eyes! The goggles do nothing!'"
Your program assumes that COM output pointers are initialized on failure; you just don't realize it yet
We saw last time that the COM rules for output pointers are that they must be initialized on return from a function, even if the function fails. The COM marshaller relies on this behavior, but then again, so do you; you just don't realize it yet. If you use a smart pointer library (be it ATL or boost or whatever), you are still relying on output pointers being when not valid, regardless of whether or not the call succeeded. Let's look at this line of code from that article about : If the method puts a non- value in on failure, then when is destructed, it's going to call on itself, and something bad ha...
2009 year-end link clearance
Time for the semi-annual link clearance. And, as always, the obligatory plug for my column in TechNet Magazine:
Why does COM require output pointers to be initialized even on failure?
One of the rules of COM is that if a parameter is marked as an output pointer, then you have to initialize the thing it points to, even if your function failed and you have nothing to return. For example, we saw the problems that can occur if you forget to set the output pointer to in the method. Why does COM have this rule? Doesn't it know that a failure is a failure? Because there are failures and there are sort-of failures. A function can return an error code despite having partially succeeded. For example, if a function receives a buffer that is too small to hold all the data that is available, it might ...
Join the Seattle Symphony for a New Year Eve's performance of Beethoven's Nin… wait a second…
One of the regular events of the Seattle Symphony season is a New Year's Eve late night performance of Beethoven's Ninth Symphony followed by a post-concert party to ring in the new year. Last year I received an advertisement in the mail promoting that year's concert, and one page of the brochure contained the message {Ring in the New Year} printed atop a photo of an impressive array of musical forces crammed onto the Benaroya Hall stage. But if you look closely at the instruments being played and the composition of the chorus, you quickly realize that they aren't performing Beethoven's Ninth Symphony. Beethoven...
Even your folder icons can be used as a Rorschach test
Jenny Lam (now at Jackson Fish Market) forwarded me this picture of a USB thumb drive. She also reminded me of another one of those Windows as Rorschach test incidents that surrounded the Windows Vista folder icons. It was reported during one of the betas that the 16×16 folder icon looked like someone flipping the bird. Sure, this interpretation required some creativity, and it perhaps reflects more on the person making the observation than on the folder icon itself, but the report still had to be taken seriously, because one thing you don't want is a newspaper headline saying that your product uses c...
How do I minimize a group of windows in Windows 7 from the taskbar?
The Windows 7 taskbar automatically groups similar windows, and when you right-click on the grouped icon, you may get fancy stuff like a jump list or a task list, but you will also get a very small repertoire of window management options. In particular, the only option that operates on the group is Close all windows. What about the other group options? To get a list of more group window options, hold the shift key when you right-click on the grouped icon. Then you'll get more options like Cascade and Minimize all windows. Since the contents of the regular right-click pop-up window are dynamic, when you hit...
How does the keyboard autorepeat setting work?
Commenter eric johnson wonders how that control panel keyboard autorepeat setting works. This is one of those questions that has many answers, depending on how deep you want to dig. The first layer of the question is how the control panel changes the keyboard autorepeat rate. That's simple: It uses . From the documentation, you can see that the keyboard speed is an integer in the range 0..31, where 0 indicates 2 characters per second and 31 indicates approximately 30 characters per second. The next layer of the question is why the expresses the keyboard autorepeat setting in a 0..31 range, and why the upper ...
Merry Christmas to me: Zune headphones
My article some time back about accidentally destroying my beloved Zune headphones resulted in a number of people sending me their unwanted Zune headphones via inter-office mail. This was not my intention when I posted the article—if that were my goal, I would have posted the article immediately instead of waiting a year and a half!—but it was nevertheless a pleasant surprise. Every so often strangers come through. Thanks, everybody.
No, you didn't win the Jethro Tull box set, and please tell everybody else in your area code to stop calling me
Some time ago, a fellow employee started receiving mysterious fax calls at the office four or five times a day and had to call the Microsoft telephone services folks to block the caller. But this reminded another colleague of a much more annoying problem, and one for which caller-block would not have worked. A local radio station had a contest line in the 206 area code. If someone in the 425 area code dialed this number without dialing the 206 area code prefix, they rang the phone of a new Microsoft employee. That employee's phone was set up incorrectly, and the calls ended up auto-forwarded to my phone. Every ...
The NPR Planet Money one-hour story competition: The shopping mall convention
Voting closed last night on the second NPR Planet Money one-hour story competition. Three reporters were sent into a convention (this time, the International Council of Shopping Centers conference) and given one hour to collect tape for a story. Listen to the results, either in the full podcast format or just to the three individual stories. Each of the stories was interesting in its own way. From Adam Davidson, I learned some mall restaurant jargon. From Chana Joffe-Walt, I learned about the pursuit of the cool kids. And from Alex Blumberg, I learned why a guy dressed in a bright red blazer known only as McGui...
Why don't we create a special class of programs which can break the normal rules?
In response to a discussion of why the window handle limit is 10,000, commenter Juan wondered why we don't create a special class of programs which can exceed the 10,000 handle limit and otherwise bypass the normal operation of the system. This is another case of the tragedy of special treatment: Eventually, nothing is special any more. If there were a way for an application to say, "Hey, I don't want to be constrained by the normal rules that apply to your everyday boring applications," then every application would simply say it, and the net effect would be that the constraint no longer applies to anybody. ...
Exploiting the inattentive: The posted wine rating may not match the wine on the shelf
The Washington Post did a spot check of area wine stores and found that of the "shelf talkers" signs (those things that describe the wine and tell you what score it received from Wine Spectator magazine) it found, a quarter of them were incorrect, usually by attributing a good score to the correct wine vineyard but from a different year. So when you cruise the wine store, make sure to double-check that the information placard actually matches the wine it's posted next to.
Why is it possible to destroy a critical section while it is in use?
Some time back, Stu wondered why it is possible to destroy a critical section while it is in use. Well, there's nothing stopping you from creating a file that contains these lines: and then telling your compiler to turn it into a program. It's not like a bolt of lightning is going to come out of the sky and zap you before you hit the Enter key. So obviously, it's possible. On the other hand, it's a bug, just like closing a handle to a file that another thread is reading from, or like closing an event handle that another thread is waiting on. Critical sections are one of those low-level I sure hope yo...
Tweeting Too Hard: Best of Twitter
We had Best of Craig's List. We had Lamebook. Now we have Tweeting Too Hard, "where self-important tweets get the recognition they deserve." Examples: The people who say I'm arrogant and shallow don't see me when I'm at home with my wife. Did I mention that she's a former swimsuit model? How was it I got invite to last yrs White House Xmas party when Bush was prez; and nothing this year? I guess I must try harder 2 be fab.
No, you can't lock icons to the user's desktop
In another installment of I bet somebody got a really nice bonus for that feature, I submit this question for your consideration. My customer wants to know how to lock a specific icon to the upper left hand corner of the desktop. This company must be writing the most awesome program to end all programs, a program so amazingly awesome that it should appear as the very first thing on the desktop so you won't forget how awesome it is. I think their users may disagree with that assessment. And the answer is, no, there is no supported way to force a particular icon to appear at a particular desktop position.
Christmas gift idea for your favorite Microsoft fanboy geek with no sense of fashion or taste
Then again, the "no sense of fashion or taste" may be redundant. Perhaps you are so enamored of the Microsoft-branded Snuggie you received at the Company Meeting that you can't keep your excitement to yourself and want to share the joy with a friend. No problem. You can now pick one up at the Microsoft Company Store in Redmond, right across the hall from the Visitor Center. (The Rapture Index ticks up another notch.) "You shouldn't have." Previously, in Christmas gift ideas.
What version of the compiler does Raymond use?
From the suggestion box, BrianK asks, "What compiler do you and other developers use? Are you using VS2005 yet?" To be honest, I don't know what compiler I use. There is a separate part of the team that worries about things like "What compiler should we use?" They deal with nitty-gritty details like "What version of the compiler should we use and what optimizations should we enable?" as well as higher-level planning like "How are we going to organize our source code so that different parts of the project can take advantage of each others' work while still not requiring all members of the Windows team to compil...
The economic inefficiency of gift-giving
Economist Joel Waldfogel explains why gift-giving is bad for the economy, and why a charity gift card is the best luxury gift of all. He goes into more detail in his new book, Scroogenomics, which you can buy somebody for Christmas just to tell Waldfogel where he can stick it. ("In the bank!" he'll say as he heads out with his royalty check.) Related: Economist Tim Harford writes an advice column called Dear Economist for the Financial Times. But instead of applying economic theory to economic problems, he applies economic theory to personal problems. As Harford himself explains, "Every advice columnist n...
I got an array with plenty of nuthin'
A customer reported a memory leak in the function : We found the following memory leak in the function . Please fix it immediately because it causes our program to run out of memory. If the 's type is , then the corresponding is leaked and not cleaned up. Right now, we are temporarily working around this in our program by inserting code before all calls to to free the , but this is clearly an unsatisfactory solution because it will merely result in double-free bugs once you fix the bug. Please give this defect your highest priority as it is holding up deployment of our system. The value is not a va...
Surprising things injected into Mozart cadenzas
This review of a Seattle Symphony concert from 2007 mentioned that back in 1998, soloist Jon Kimura Parker inserted the theme from The X-Files into one of his cadenzas. Cadenzas were originally points in a concerto at which soloists could improvise and show off their technical skills, but over the years, the contents of cadenzas have become more and more rehearsed, with most composers having switched over to fully-written-out cadenzas over a hundred years ago. That's why it's so exciting when an improvised cadenza reappears on the scene. All of a sudden, anything can happen. Reading the article reminded me of ...
What was the ShowCursor function intended to be used for?
Back in the days when Windows was introduced, a mouse was a fancy newfangled gadget which not everybody had on their machine. Windows acknowledged this and supported systems without a mouse by having keyboard accelerators for everything (or at least that was the intent). But if the design stopped there, you'd have a dead cursor in the middle of your screen all the time, which you could move around if you had a mouse, which you didn't. Enter the function. The function takes a parameter that indicates whether you want to show or hide the cursor. (It would perhaps be more verbosely named .) If you call then ...
Just like in real life, you can hire someone to do your programming taxes for you
Commenter denis bider considers accessiblity an altruistic endeavor and suggests that it would be more efficient to outsource accessibility to another company. Sure, why not. Just like in real life, you can hire someone to do your programming taxes for you. If you would rather hire another company to come in and add accessibility support to your application, then more power to you. Yes, accessibility is one of those altruistic things, but so too is not consuming 100% of the CPU all the time, or being usable at high DPI or color schemes different from the Windows default. Sure, you can write your program so it ...
You are listening to Radio Free Bob, a pirate radio station broadcasting on the Microsoft corporate network
Saturating the network with broadcast packets.
Why did the word Start disappear from the Start button?
Commenter Mike Dunn would like to know why the word Start disappeared from the Start button in Windows Vista. After all, adding the word Start helped new users figure out what they should click first. I don't know but I can guess. To emphasize that these are guesses, I went back in after I wrote them and added all sorts of weasel words. It sort of saps the punch from the statements, but it's one of those things I've learned that I have to do to avoid the more egregious forms of willful misunderstanding. First of all, it might have been a leftover from one of the older designs for the Vista taskbar, one whic...
Lamebook: The best of Facebook
Craig's List has a Best of Craig's List, but Facebook doesn't. Well now it does: LameBook (warning: often NSFW). My favorite: Lameonella.
The format of bitmap resources
Another in a sporadic series on the format of Win32 resources. Here's a question from a customer: I'm noticing some strange behavior: When I call then on an embedded bitmap, the data being returned by is not a properly formatted bitmap. The data is missing the , but the rest of the file is there. also states that the bitmap resource is 14 bytes smaller than it actually is. 14 bytes happens to be equal to . However, if I load the bitmap directly using , everything works fine. If I look at the resource using Visual Studio, the Bitmap displays correctly and the binary data correctly includes the . Anyone h...
Those houses are too small for anyone to live in
Not Always Right is a collection of brief stories told by people in customer service. One of my favorites is from somebody who lives on Catalina Island and had to answer the question, "What time does the island close?" Runners-up: (I've left off the punch lines so as not to spoil the surprise.) The stories have been collected into a book, The Customer Is Not Always Right: Hilarious and Horrific Tales of Customers Gone Wrong. It's almost certainly a funnier and more enjoyable read than my own book. What's more, they have a Facebook group and I don't. Maybe I should start one?
Only an idiot would have parameter validation, and only an idiot would not have it
The great thing about parameter validation is that there are people who say that only idiots would have it, and other people who say that only idiots wouldn't. Back in the old days, Windows didn't do parameter validation. If you called a function with an invalid window handle, your application crashed. If you called a function with an invalid pointer, your application crashed. If you called a function with an invalid bitmap handle, your application crashed. There was a lot of crashing going on. These crashes manifested themselves in the infamous Unrecoverable Application Error dialog, commonly known as the UAE...
What are those little overlay icons: Windows 7 edition
Some time ago, I summarized the overlay icons that come with Windows. There have been some changes in Windows 7, so I figured it'd be worth coming up with a new list. A private item is an item where the only user account with access is you.¹ You create one of these, for example, by going to the sharing wizard and saying Share with: Nobody. To avoid clutter, the overlay is shown only when there is a transition from non-private to private. (Otherwise you'd have a lock overlay on everything in your Documents folder, for example.) No longer present as an overlay is the sharing hand. Why was the sharing...
How do I determine the processor's cache line size?
When doing high-performance computing, you need to worry about the CPU cache line size in order to avoid issues like false sharing. But how can you determine the processor's cache size? The function will give you characteristics of the logical processors in use by the system. You can walk the returned by the function looking for entries of type . Each such entry contains a which tells you which processor(s) the entry applies to, and in the , it tells you what type of cache is being described and how big the cache line is for that cache. Windows 7 adds the function which does the filtering for you.
Things I've written that have amused other people: Episode 6
On an internal discussion group, somebody decided to quote one of my blog entries. Jim Medding was amused by my response: Bloggers are just idiots with a Web site. (My blog was dug up in order to refute a claim, even though the blog entry applied to a situation different from the one under discussion.)
I'm sorry, Brian/Bryan Gregory, that confirming the spelling of your name is too much for you to handle
At 10am on November 30, I received a telephone call at work with "Anonymous" as the caller ID. Strange. But maybe it's the same person who called my office phone from New York at 1am on the day after Thanksgiving and didn't leave a message, and they're just following up on the first business day after the holiday weekend. "Hello?" — Hello, this is Brian Gregory from Fred Asher Associates and I'm calling blah blah blah blah blah are you interested in this opportunity or know someone who is? I may have gotten the names wrong since he spoke so quickly. "I'm sorry, that was a bit fast. Your name is Brian Gr...
What is the story behind multimon.h?
Commenter asdf wonders what the deal is with that header file. Let's set some context. That header file was written back in the time when Windows 98 was still under development. Windows 98 was the first version of Windows to support multiple monitors. At the time, most application authors had Windows 95 as their target platform. And even after Windows 98 shipped, the expectation was that programmers would target both Windows 95 and Windows 98 for at least a little while longer. The problem then is convincing programmers to write their code in a manner that works well in the face...
Why do some comments have a star?
Every so often, someone posts a really funny comment, and I feel stupid just posting the remark "Haha, that was funny" or even worse "LOL". So I'm going to try giving them a star instead. Chris Blackwell wins the first star. Hopefully people won't post comments just fishing for a star. (I realize that this is a vain hope and that I will probably have to cancel the star program within the week.)
When there is a long line of people waiting for a shared resource, you want to investigate the person who is hogging the resource, not the people waiting in line for it
If you see a long line of people waiting for a phone booth (note: this analogy assumes you remember how phone booths work), and you want to understand the reason for the long line, do you Go to a person waiting in line and begin your investigation there? Go to the phone booth (and the person inside) and begin your investigation there? If there is a long line of people waiting for a single resource, a resource that there is not normally a long line for, you would probably look at the person who is using the resource to see if, for example, they are a chatterbox who will be on the phone for an hour, or if ...
Why do Swedes count "1, X, 2"?
Occasionally, when an article in Swedish needs to count off three items, they are not labelled "1, 2, 3" but rather "1, X, 2". Why is that? I asked Jesper Holmberg, and he was kind enough to explain. (The entire exchange naturally was conducted in Swedish. Here's my translation.) As with most of the good things in life, it has to do with football [soccer]. In Sweden, it is not only legal to bet on horse races, football, and other stuff, but the Swedish government even has its own betting agency. "One, cross, or two" comes from the betting ticket, the slip of paper you fill in when you be...
What is the effect of setting the /3GB switch on my 64-bit Windows machine?
Nothing.
Fake trend watch: Bridesmaid pre-nuptial agreements
The only actual citation was a joke, yet it's a trend?
A shell extension is a guest in someone else's house; don't go changing the carpet
A customer was running into this problem with a shell extension: I am writing a shell namespace extension. I need to get data from a COM server, which requires impersonation via with . As I am just writing an extension into , I am not able to call , anymore from my extension. Is there a way I can start by setting in its COM initialization? I was browsing through web, and seems to take some settings from registry, but couldn't find anything related to this one. First of all, who says that the host process is ? If I open Notepad, then do a File.Open, and then navigate to your shell extension, boom, your sh...
Intelius cancels its cell phone directory, saving me the trouble of having to opt out of it every three months
A few years ago, I wrote about a new cell phone directory that charges $15 to give you incorrect information, and from which you have to renew your opt-out every three months. Well, apparently, less than a year later, due to "complaints from consumers and Verizon Wireless," Intelius decided to discontinue the service. Intelius is back in the news, because they have filed a preliminary prospectus with the SEC for an initial public offering. (According to TechCrunch, this is their second attempt at an IPO.) "It's important to know the history. Many investors looking at his history would be very careful." The pe...
Microspeak: Cookie licking
Now nobody else can have it.
Umpires are the lymphatic system of the baseball diamond
When I go to a baseball game, I try to remember to watch the umpires. They move around in a counter-intuitive way: They don't run toward the ball. They don't run toward the runner. Even when the ball is far away, the umpire runs from what appears to be one irrelevant position on the field to another equally irrelevant position. Yet no matter what eventually happens, there's always an umpire there to make the necessary call. (As opposed to the players on the field, who sometimes forget to cover third base.) That's because the umpires aren't playing the game of baseball as it happens on the field. They're playing...
Where did WIN32_LEAN_AND_MEAN come from?
Commenter asdf wonders where came from. The symbol was introduced in the Windows 95 time frame as a way to exclude a bunch of Windows header files when you include . You can take a look at your file to see which ones they are. The symbol was added as part of the transition from 16-bit Windows to 32-bit Windows. The 16-bit header file didn't include all of those header files, and defining brought you back to the 16-bit Windows philosophy of a minimal set of header files for writing a bare-bones Windows program. This appeased the programmers who liked to micro-manage their header files, and it was a bi...
How does Raymond get rid of his excess pennies?
Commenter Boris mentions that he uses NJ Transit to get rid of his excess pennies. But what do you do if your area isn't served by NJ Transit? I use the self-checkout line at the grocery store. The machine has a slot for accepting coins, and you can drop pennies in there until your arm falls off. I don't do this when the grocery store is crowded, since this holds up the line. (Yes, banks also have change-counting machines, but using the machine is overkill when you have only thirty pennies to get rid of.)
Caches are nice, but they confuse memory leak detection tools
Knowledge Base article 139071 has the technically correct but easily misinterpreted title FIX: OLE Automation BSTR caching will cause memory leak sources in Windows 2000. The title is misleading because it makes you think that Oh, this is a fix for a memory leak in OLE Automation, but that's not what it is. The is the string type used by OLE Automation, and since strings are used a lot, OLE Automation maintains a cache of recently-freed strings which it can re-use when somebody allocates a new one. Caches are nice (though you need to make sure you have a good replacement policy), but they confuse memory leak ...
I want to take all your chocolate milk
My older niece visited me at work one day, and I got her a carton of chocolate milk, which she very much enjoyed. Some days later, she told me, "I want to go to your work." "Why?" I asked. "I want to take all your chocolate milk." Missing from the story is that upon returning home after that first visit, she told everybody about her awesome visit with her uncle, and that he even got her a chocolate milk from the refrigerator. "And the chocolate milk is free, you can just take it!" Her uncle (not me, a different uncle) told her, "Then you should go there with a knapsack and take all the chocolate milk." That ...
When you want to copy a file into a folder, make sure you have a folder
This story is inspired by an actual customer problem. The program is used for TPS management, and when you want to create a new TPS report, you have to pick a cover sheet. The program shows you the cover sheets that have been defined, which it loads from the directory. The customer found that on one of the machines, the cover sheets weren't showing up, even though the standard system setup copies a sample cover sheet into the directory. The error message they got was Cannot load cover sheets. The directory name is invalid. The customer did some troubleshooting and determined that "The cover sheet direc...
The magic of chocolate milk
While enjoying a meal with my nieces (at the time, ages 3 and 5), I diluted my chocolate milk to cut the sweetness. The nieces then demanded that I dilute their chocolate milk as well, because as far as they could determine, it was a magical way to create more chocolate milk.
How do I get the command line of another process?
Win32 doesn't expose a process's command line to other processes. From Win32's point of view, the command line is just a conveniently initialized parameter to the process's startup code, some data copied from the launching process to the new process and forgotten. We'll get back to the Win32 point of view a little later. If you look around in WMI, you'll find a object, and lo and behold, it has a property. Let's check it out, using the standard WMI application: I fully anticipate that half of my readers will stop right there. "Thanks for the script. Bye!" And they won't bother reading the analysis. "Bec...
When computer programmers dabble in making change
My colleague who dabbled in economics when deciding how many lunch vouchers to buy had a number of other money-related quirks. One of the ones that I remember is that when paying for a purchase, my colleague would double the balance and give the cashier that much money. For example, if the total was $5.20, my colleague would hand over $10.40. Why? Just to see if the cashier reacted when pressing the Enter code appeared to have no effect. Total is $5.20. Cash tendered is $10.40. Change is $5.20. Most of the time, the cashier wouldn't pay any attention. Heck, the cashier wouldn't even question why my collea...
Can I talk to that William fellow? He was so helpful
His friends call him Bill.
The difference between assignment and attachment with ATL smart pointers
Last time, I presented a puzzle regarding a memory leak. Here's the relevant code fragment: The problem here is assigning the return value of to a smart pointer instead of attaching it. The function creates a memory stream and returns a pointer to it. That pointer has a reference count of one, in accordance with COM rules that a function which produces a reference calls , and the responsibility is placed upon the recipient to call . The assignment operator for is a copy operation: It s the pointer and saves it. You're still on the hook for the reference count of the original pointer. Observe that as...
We're using a smart pointer, so we can't possibly be the source of the leak
A customer reported that there was a leak in the shell, and they included the output from Application Verifier as proof. And yup, the memory that was leaked was in fact allocated by the shell: On the other hand, is an object creation function, so it's natural that the function allocate some memory. The responsibility for freeing the memory belongs to the caller. We suggested that the customer appears to have leaked the interface pointer. Perhaps there's a hole where they called and managed to avoid the matching . "Oh no," the customer replied, "that's not possible. We call this function in only one pla...
News flash: Healthy people live longer
Researchers have determined that people in good physical condition live longer. Who'd'a thunk it?
How do I move the Windows.edb and other search index files?
Nothing profound today, just a little tip. My customer is looking out for a way to change the location of the windows.edb file to another (larger) drive. From the Indexing Options Control Panel, click Advanced, and then under Index location, click Select new.
We found the author of Notepad, sorry you didn't go to the award ceremony
I've received independent confirmations as to the authorship of Notepad, so I'm inclined to believe it. Sorry you didn't get to go to the award ceremony. The original author of Notepad also served as the development manager for Windows 95. His job was to herd the cats that made up the programmers who worked on Windows 95, a job which you can imagine falls into the "not easy" category. After Windows 95, he retired from the software industry and became a high school science teacher. At a social event some years later, I met him again and asked about the transition from software development manager...
How to tell when your patent has been approved
There are a variety of ways of finding out when your patent is granted, but the quickest mechanism is to check your mailbox. But the thing to look for is not what you might think. Even before you receive word from your company's patent department, you will start receiving junk mail delivered to your home address from companies that sell patent-related novelties, pointless trinkets like pencils and mugs with your patent number on it. Nevermind that you can probably order personalized pencils for much less than what the patent-chasers were offering.
How to pretend that you attended my talk at UIUC Reflections|Projections 2009
Step 1: Buy a 1.55-ounce Hershey's Milk Chocolate Bar from a convenience store, supermarket, or (if truly desperate) online. Step 2: Print out this candy bar wrapper. Step 3: Trim wrapper on registration marks and wrap around candy bar. Step 4: Stay up late the night before you plan on watching the video by partying with Ryan North and teaching him how to play beer pong. Step 5: Force yourself to wake up the next morning and watch the recorded video of my talk while trying desperately to stay awake. The candy bar might help. Note: Although most steps are optional, they are essential if you want a...
Why does shlwapi import a nonexistent function?
Commenter charless asks why shlwapi.dll imports a nonexistent function from mpr.dll, which shows up in dependency tools as a broken import. Because that function did exist at one point, although it doesn't exist any more. The function in question was available only on Windows 95-series versions of Windows. It never existed on Windows NT or any of its successors. But remember that was originally developed for Internet Explorer, which ran on Windows 95 as well as Windows NT. Internet Explorer checked the operating system and called the Windows 95-only function only after verifying that ...
What a drag: You can be a drag in managed code, too
David Anson digests my earlier series on virtual drag/drop and translates it into managed code. His example of dragging his entire RSS feed is an excellent illustration of dragging dynamically-generated virtual content. (I didn't use an example like that because the purpose of the What a drag series was to get something done in the least amount of code, and generating a stream from a URL takes an awful lot of code when doing it from the unmanaged side, which would ultimately detract from the point of the example.) Bonus: He takes the example further by adding asynchronous support.
You thought reasoning about signals was bad, reasoning about a total breakdown of normal functioning is even worse
When things are bad, don't be surprised that they don't work.
Why can you create a PIF file that points to something that isn't an MS-DOS program?
James MAstros asked why it's possible to create a PIF file that refers to a program that isn't an MS-DOS program. (That's only part of the question; I addressed other parts last year.) Well, for one thing, there was indeed code to prevent you from setting PIF properties for something that isn't an MS-DOS program, so the precaution was already there. But it didn't stop anybody who was really determined to try. All you had to do was create an MS-DOS program, then create a PIF file for it, and then overwrite the MS-DOS program file with something else. Since time travel has not been invented, the PIF creator code...
Leave it to the Taiwanese to think of wrapping a donut inside another donut
The food known in Mandarin Chinese as 油條 (yóutiáo), but which in Taiwanese goes by the name 油炸粿, is basically a fried stick of dough, similar to a cruller, but puffier rather than cakey. The traditional way of eating it is to wrap it inside a 燒餅 (a sesame-coated flatbread), and dip the entire combination into a bowl of hot soy milk. I prefer salty soy milk, but some people prefer sweet. (Those people who prefer the sweet version are clearly wrong.) Obviously, the donut sandwich was invented before the low-carb diet craze. Sidebar: Salty soy milk (...
Trying to avoid double-destruction and inadvertently triggering it
We saw some time ago the importance of artificially bumping an object's reference count during destruction to avoid double-destruction. However, one person's attempt to avoid this problem ended up triggering it. The explanation for the line was that it was done to avoid the double-destruction problem if the object receives a temporary during destruction. While it's true that you should set the reference count to an artificial non-zero value, choosing has its own problem: integer overflow. Suppose that during the object's destruction, the reference count is temporarily incremented twice and decremented...
I reorganized your kitchen for you, sweetie
I suspect most people are familiar with the It may be a mess, but it's my mess and I know where everything is phenomenon. That doesn't necessarily mean that items are in the best location, but at least you know which suboptimal location you chose. :: Wendy :: told me a story some time ago about something that happened while her parents were visiting. When she returned from work, her mother said, "Oh, Wendy, darling, I reorganized your kitchen for you. You had everything in the wrong place." Wendy's mother was trying to be helpful, but of course it was a net loss for poor Wendy, who couldn't find an...
Little-known command line utility: clip
Windows Vista includes a tiny command line utility called . All it does is paste its stdin onto the clipboard. For the opposite direction, I use a little perl script:
Stories of anticipating dead computers: Windows Home Server
Like most geeks, I have a bit of history with dead computers. In the past, I used the "wait until it breaks, and then panic" model, but recently I've begun being a bit more anticipatory, like replacing an old laptop before it actually expires. Anticipating another future dead computer, I bought an external USB hard drive for backing up important files, but upon reading the description on the box, I started to have second thoughts. It came with its own backup software that reportedly installed automatically when you plugged in the drive (!). I didn't want that; I just wanted a boring USB hard drive. One o...
How do I create a toolbar that sits in the taskbar?
Commenter Nick asks, "How would you go about creating a special toolbar to sit on the taskbar like the Windows Media Player 10 minimised toolbar?" You would look at the DeskBand API SDK Sample in the Windows Platform SDK. The magic word is DeskBand. This MSDN page has an overview. Bonus chatter: I've seen some online speculation as to whether a DeskBand counts as a shell extension, because of the guidance against writing shell extensions in managed code. As with all guidance, you need to understand the rationale behind the guidance so you can apply the guidance intelligently instead of merely following it ...
Signs that the symbols in your stack trace are wrong
One of the things programmers send to each other when they are trying to collaborate on a debugging problem is stack traces. Usually something along the lines of "My program does X, then Y, then Z, and then it crashes. Here is a stack trace. Can you tell me what's wrong?" It helps if you at least glance at the stack trace before you send it, because there are often signs that the stack trace you're about to send is completely useless because the symbols are wrong. Here's an example: We are testing our program and it gradually grinds to a halt. When we connect a debugger, we find that all of our threads, no ...
The day the coffee machine exploded
Some time ago, Microsoft began installing Starbucks coffee makers in the kitchens, and caffeine addicts waited anxiously for the machines to reach their building. Or at least that's what happened on the main Redmond campus. But what about the satellite offices? I'm told that each satellite office qualified for an iCup machine when the number of employees at the office reached some magic value. One of my colleagues who works at the office in New York City told me that they eagerly awaited the arrival of the machine when they learned that they reached that threshold. The long-anticipated day arrived: The coffee ...
In the product end game, every change carries significant risk
Exposure.
Good advice comes with a rationale so you can tell when it becomes bad advice
A customer asked for guidance in software design: Is there an issue with creating and using COM objects from a UI thread which was initialized as STA? I have heard that it is a best practice to create and use COM objects on a background thread which is MTA. I would like to have some more information as to why. Any help? (I still have trouble with the phrase best practice, especially when it is combined with the indefinite article: a best practice. It's like asking "Where is a tallest building?") Good advice comes with a rationale so you can tell when it becomes bad advice. If you don't understanding why somet...
When asked to choose among multiple options, the politician will pick all of them
During the run-up to a local election some time ago, the newspaper posed the same set of questions to each of the candidates and published the responses in a grid format so the readers could easily compare them. The candidates agreed on some issues, had opposing positions on others, but the question whose answers struck me was one of the form "If budget cuts forced you to eliminate one of the following four programs, which would you cut?" Notice that the first two candidates, when asked to make a tough decision, opted to make no decision at all. (Compare another election in which the mainstream candidates ra...
Microspeak: Net out
It started out in finance, but the term has crept into more mainstream usage (at least within Microsoft) and along the way picked up its own meaning: Where did we net out on this? Customers want you to net out the business value. Note any significant changes to the forecast and explain the reasons why. Net out changes to start conversation. Include the following points in your presentation: The next citation is a bullet point from a PowerPoint slide: Agenda Each district/vertical will answer/report back on: (I also have some finance citations, but they aren't relevant to Microspeak, so I've left ...
Hey, is there somebody around to accept this award?
Back in the late 1990s, some large Internet association conducted a survey in order to bestow awards in categories like Best Web server and Best Web browser, and one of the categories was Best Web authoring tool. We didn't find out about this until the organization contacted the Windows team and said, "Hi, we would like to present Microsoft with the award for Best Web authoring tool. Please let us know who the author of Notepad is, so that we can invite them to the award ceremony." Yup, Notepad won the award for Best Web authoring tool. The mail went out to the team. "Hey, does anybody remember who wrote Notep...
Still working out the finer details of how this Hallowe'en thing works
Here's an excerpt from a conversation on the subject of Hallowe'en which I had with my niece some time ago. Let's call her "Cathy". (This is a different Cathy from last time.) "Cathy, what do you do on Hallowe'en?" "You get all dressed up and people give you candy." "What do you say when people come to the door?" "Chuck-E-Cheese!"
What is the format for FirstInstallDateTime on Windows 95?
It tries to be DOS date/time format but misses.
What this batch file needs is more escape characters
(Employing the snowclone "What this X needs is more Y.") Each time you add a parsing pass to the batch processor, you have to add another layer of escaping. This is just a special case of the more general rule of thumb: any problem in quoting can be solved by adding another layer of escaping. (Okay, it's not actually true, nor is it a rule of thumb, but it's still something to keep in mind.) When you enable delayed variable expansion, you add another parsing pass to the batch processor. It used to expand % variables at the time the line is ready, but now you told it that, oh wait, just before executing t...
Warning: Not much useful content inside
Remember, this Web site is for entertainment purposes only. Sometimes it takes people a little while before they realize this: I apologize for posting the link to the "Old New Thing" blog. [...] I have read a few articles in the "Old New Thing" blog and so far I have not seen much that is useful there.
Why does the Photo Gallery show all my photos with a colored tinge?
When you view your pictures with the Photo Gallery program which comes with Windows Vista, and which is also available for download from live.com, you might see a colored tinge. Where is the tinge coming from, and how do you get rid of it? Ironically, what you're actually seeing is the absence of a tinge, but you got so used to seeing the tinge, your eyes established the tinge as the new baseline. Not all display devices show exactly the same color when you ask them to display a particular RGB. The Windows Color System takes into account the color characteristics of output devices so that these variations can ...
If aluminum pull tab redemption is a rumor, what happens to all the tabs?
Everybody should know by now that it is not true that pull tabs from aluminum cans can be redeemed for time on a dialysis machine. Of course, not everybody actually knows this, and then the next question is, well, what happens to all those pull tabs collected by misinformed people? The Snopes article explains that it depends on where you turn in the tabs. They might get recycled at the going scrap rate and the proceeds donated to the National Kidney Foundation or the Ronald McDonald House. But I was most fascinated by this resourceful researcher who played the game of "follow the tabs" from a State Police of...
Freudian typo: The accidental emoticon
Some time ago, I ran across the following Freudian typo in a mail thread discussing plans for the project after Milestone 3, commonly abbreviated M3. I'd like to talk with you about your plans for this area after <3. On the US-English keyboard layout, the M and comma keys are adjacent, and a shifted comma is a less-than sign. A simple off-by-one-key typo resulted in M3 turning into an emoticon.
Why won't my computer go to sleep? Where is the energy going?
The utility has been around for a while, but in Windows 7, it gained a little bit more awesome. will analyze your computer's power consumption and report on things like devices that prevent the computer from sleeping, devices which won't suspend, and processes which are increasing your battery drain. Another neat flag is which will report on why your computer can't go to sleep, for example, because it has open files on the network, or because the clown will eat it.
Yes, there's a new desktop window manager, but no, I don't know any more about it than you do
Sean W. requests, via the suggestion box, "an in-depth discussion of the use of the shell's new Desktop Window Manager (Dwm*) functions in Win32." The desktop window manager is not actually part of the shell. It operates at the window manager level. (Notice that DWM is active even when Explorer isn't running.) You probably should have posted your suggestion to Greg Schechter's request for DWM topics which was not too old at the time you posted your topic suggestion. But then again, "Best practices for applications under the DWM" was on his list of future topics, so it looks like what you wanted was already on ...
If you have to cast, you can't afford it
A customer reported a crash inside a function we'll call : The title of today's entry gives the answer away. (The title is also an exaggeration, but it's a pun on the saying If you have to ask, you can't afford it.) The last parameter to the function is declared as a : A pointer to a generic pointer. Note that it is not itself a generic pointer, however. A generic pointer can point to anything, possibly unaligned. But this is an aligned pointer to a generic pointer. Therefore, the memory for the generic pointer must be aligned in a manner appropriate to its type. But this caller didn't pass a pointer to...
Once you announce a date, you’re already late
Time overrides the message.
Please, sir take a seat, sit anywhere you like, but oh, no, not there, rats
Here's a joke: Question: Where does Bill Gates sit? Answer: Anywhere he wants. (Naturally, substitute the chairman of your company for Bill Gates.) I was told this story by a manager who was preparing a demo for Bill Gates. Bill was going to pay a visit to the offices of one particular project which was still under development and be taken on a tour, stopping by offices to see how things are going and get demos of different parts of the project. This manager was in charge of one of the features and naturally was called upon to prepare a little demo. Chance favors the prepared, and our manager took great care...
How to write like Raymond: Start a sentence with a question mark
Another installment in the extremely sporadic series on how to write like Raymond. I use the question mark as an emoticon to indicate befuddlement or confusion. (This is not to be confused with the use of an inverted question mark in Spanish.) Here's an imaginary example: To: Cakes and Cookies Discussion Hi, I'm trying to bake a carrot cake, but I'm having trouble finding the right staple gun. Does anybody have any recommendations? My reply might go something like this: ? What the heck are you planning to do with that staple gun?
Leaving Reflections | Projections 2009, travel marathon part two
Thanks, everybody, for coming out to the Job Fair and attending my talk at Reflections | Projections 2009. Though I should have predicted that scheduling a talk on Saturday morning means that attendance will be somewhat sparse. Thanks to the conference staff with special shout-outs to Kim Vlcek, Bhargav Nookala, Jim Wordelman, and Matt Dordal for taking care of me during the conference. Returning to Seattle was also a minor adventure. On my way out out of town, I stopped by Papa Del's, generally considered the benchmark for Chicago-style pizza, but they don't sell single slices for take-out, and I didn't feel...
Thinking inside the box
Commenter Nick asks whether any though has been given to running applications in a sandbox where they are given access only to their installation directory, My Documents, and a handful of other directories and registry keys. "I feel that this would seriously prevent viruses/spyware from being as effective, and apps would not be able to dump files all over the users' HD." Yes, a lot of thought has been given to sandboxing (most of which I am not at liberty to discuss) but the compatibility consequences have been a constant source of trepidation. For example, if you restrict the application just to My Documents ...
Arrived in Urbana-Champaign for Reflections|Projections 2009
Today was a long travel day. I left my office at 9:30am to catch the bus from Redmond to downtown Seattle, then took the train to the Tukwila station, then took the shuttle bus to Seattle-Tacoma International Airport (because Airport Station doesn't open until later this year), then flew to Chicago O'Hare airport, and then drove to Urbana-Champaign, with a stop at the Bourbonnais Steak and Shake on the recommendation of a friend as a good stopping point—about halfway—and an introduction to classic Midwest road food, arriving (after several wrong turns) at my hotel at midnight. If only there were a ...
Important window message numbers to memorize
You probably know them already, but if you're new to Win32, here are some key window messages. I would normally suggest that you commit them to memory, but if you do enough debugging, you'll end up memorizing them anyway because you see them all the time. I include in the list even though it is a low-traffic message because you do see it a lot when you are investigating hangs. The (which also goes by the name ) is a common culprit when investigating why your program has wedged: You're broadcasting a notification and there's a window in the system that isn't responding. I know that Visual Studio has a shortc...
Don't use global state to manage a local problem, practical exam
There was much speculation as to how the "Ignore other applications that use Dynamic Data Exchange" setting got set. Well, one possibility is that somebody used global state to manage a local problem. "Why on earth does this setting exist?" I don't know, but there appear to be scripts which rely on it. The setting is exposed to scripts, and perhaps at some point you ran a script which didn't want Excel to be interrupted while it was running. The documentation for the Excel Application Object does say that it contains application-wide (global) settings. I'm not saying that's why you are encountering the pr...
Viral video: Pianotrappan
Yes, it's an advertisement for Volkswagen, but still, it's a fun video, and it features Scarlatti's keyboard sonata in C (K159) as a bonus. Even the old guy who shuffles along slowly at 1:23 tries the stairs. Double bonus: You can watch the original Swedish version.
When you want to pass a parameter on the command line, don't forget to pass the parameter on the command line
This happens to me, too. I once got so distracted by the process of purchasing some tickets in person, choosing the performance date and the seats, fumbling for my credit card, signing the receipt, and when I was done, I left the ticket booth without my tickets! Here is a question that came in from a customer. The details have been changed but the underlying point is the same. According to the documentation, the command prints a history log of all the tags in the system. I can pass the option to limit the date range, and that works too. It also says that that I can pass a specific tag name to limit the li...
You always hurt the things you love
I've tried all sorts of miniature headphones, and the only ones that I like are the ones that come with my Zune. What makes them special? They fit and don't fall out. I try not to be too demanding. But the other day, I was getting out of my car, and due to a badly-stowed Zune, the headphones dangled out of my pocket and got caught in the door. Before I realized what happened, I had taken a few steps away from the car, and the headphones snapped. You always hurt the things you love, because if you didn't love them, you wouldn't use them all the time and accidentally break them. (Well, and when you hurt the thi...
Why do we have import libraries anyway?
Last time we looked at the classical model for linking as groundwork for answering Adam's question why do we need import libraries? Why can't all the type information be encoded in the export table? At the time the model for DLLs was being developed, the classical model still was the primary means by which linking was performed. Men were men and women were women. Compilers generated object modules, and linkers resolved symbols, connecting the loose ends of the object modules, in order to produce an executable. The linker didn't care what language the object modules were written in; in fact it had no way of fin...
The classical model for linking
Commenter Adam wonders why we need import libraries anyway. Why can't all the type information be encoded in the export table? This goes back to the classical model for linking. This model existed for decades before Microsoft was even founded, so at least this time you don't have Bill Gates to kick around. (Though I'm sure you'll find a way anyway.) Back in the days when computer programs fit into a single source file, there was only one step in producing an executable file: You compile it. The compiler takes the source code, parses it according to the rules of the applicable language, generates machine cod...
LoadString can load strings with embedded nulls, but your wrapper function might not
Whenever somebody reports that the function or the member of the structure is not working, my psychic powers tell me that they failed to manage the double-null-terminated strings. Since string resources take the form of a counted string, they can contain embedded null characters, since the null character is not being used as the string terminator. The function knows about this, but other functions might not. Here's one example: The problem is that you're using a function which operates on null-terminated strings but you're giving it a double-null-terminated string. Of course, it will stop copying at...
In Hawaiʻi, "mahalo" might officially mean "thank you"
In Hawaiʻi, you see the word Mahalo on signs everywhere. In theory, the word means Thank you, but my friend Joe Beda pointed out that in practice the word has a completely different meaning. Here are some examples: In practice, the word mahalo means You're screwed. Obligatory clarification: This was a joke, an attempt at observational humor.
What is the format of a double-null-terminated string with no strings?
One of the data formats peculiar to Windows is the double-null-terminated string. If you have a bunch of strings and you want to build one of these elusive double-null-terminated strings out of it, it's no big deal. But what about the edge cases? What if you want to build a double-null-terminated string with no strings? Let's step back and look at the double-null-terminated string with two strings in it. But I'm going to insert line breaks to highlight the structure. Now I'm going to move the lines around. This alternate way of writing the double-null-terminated string is the secret. Instead of viewin...
I will be speaking at Reflections|Projections 2009
The way to get me to show up at your conference is to invite me. The folks who run the Reflections|Projections 2009 conference figured that out. I will be there on Friday the 16th for the job fair in the Siebel Atrium, and my talk How Microsoft is Different from School is scheduled for Saturday morning at 11:15. Attendance is free, but that's not much consolation seeing as you first have to get there. It's always a weird situation I find myself in when I'm invited to give a talk at a conference, because if I give a talk on the stuff I usually write about, you'll get something like a one-hour discussion of the...
The ways people mess up IUnknown::QueryInterface, episode 3
Today we'll combine information you already know, some of which I covered in The ways people mess up IUnknown::QueryInterface with additional clues from The layout of a COM object. There's still not enough information for you to solve the problem entirely on your own, but maybe you can demonstrate your nascent psychic debugging powers and solve the problem. A customer contacted the shell team because their shell extension was causing the shell to crash. Perhaps they were doing something wrong, but they couldn't see what. The crash looked like this: Your next hint is that the crash takes place while the sh...
Proto-Microspeak: Efforting
I have only two citations, so it may not be proper Microspeak. We're efforting that for you. They're not just trying, they're efforting. Solution efforting seems to fall in a gap between teams so there's no clear owner or resourcing focused on it. Bonus jargon: resourcing. Actually, that one sentence came from a longer document packed with management-speak. Here's another beauty from that longer document: "A lot of effort goes into availing efficient systems to streamline incident handle time." Of course, what the person really meant to write was "A lot of efforting..." It appears that the term has been h...
Trying to come up with the most annoying meal ever
The other night, I had a small fish for dinner. The small fish combines two annoying features: (1) Lots of tiny bones, and (2) not a lot of meat. The challenge then occurred to me: Come up with the most annoying meal ever. Specifically, the criterion for most annoying meal would be a meal in which the diner expends the most amount of effort to obtain the least amount of food, while still adhering to the general shape of a traditional dinner. Here's what I came up with: Appetizer: Dried watermelon seeds. To eat dried watermelon seeds, you insert the seed vertically between your back teeth and bite down...
Why doesn't the mail image resizer check the image size before offering to resize?
Commenter Igor lambastes the image resizer dialog that appears when you select Send To Mail Recipient. (And people think I'm the one with the social skills of a thermonuclear device.) This dialog pisses him off so much, he complained about it again. The root of the diatribe appears to be that the image resizer dialog appears, even if it turns out the resizer won't do anything. For example, the resizer dialog appears even if the images are already small, or if the files have a .jpg extension but aren't actually JPG images, Why is it so idiotic that it fails to check these simple things before offering to do i...
The mystery of the other girlfriend
Many of my married friends have "other girlfriends", or at least that's how their wives tease them. I don't know for certain, but if you ask my wife, she'll probably say that my "other girlfriend" is this Web site.
When you commit memory, you get a commitment to receive memory when you need it, but no sooner
Just-in-time memory.
A Few Seconds of Panic: Life as an NFL kicker
Although I don't follow him regularly when he appears on All Things Considered and didn't when he wrote for The Wall Street Journal, I'm a quiet fan of Stefan Fatsis's books because he writes about joining a world most of us don't get to see. I previously wrote about his excursion into the world of competitive Scrabble. Today, it's his book A Few Seconds of Panic, or more formally, A Few Seconds of Panic: A 5-Foot-8, 170-Pound, 43-Year-Old Sportswriter Plays in the NFL, another example of the Catchy title: Long boring subtitle book title fad. [Update: Now available in paperback.] Fatsis convinces a profession...
In the search for the subtle source of the problem, you sometimes overlook the obvious one
A customer was encountering a problem with lots of duplicate GUIDs. How is that possible? The whole point of the GUID generation algorithm is to work hard to avoid duplication. Was one of the fundamental assumptions of the algorithm broken? Maybe there was a duplicate MAC? Was the clock regressing? One of my colleagues pointed out that in the search for the subtle source of the problem, you sometimes overlook the obvious one. In fact, this is the most common source of problems with so-called duplicate GUIDs. As he so tersely puts it: "A GUID can easily be duplicated by simply copying it." In other words, you h...
2009 Q3 link clearance: Microsoft blogger edition
It's that time again: Sending some link love to my colleagues.
Why do messages posted by PostThreadMessage disappear?
The only thread message you can meaningfully post to a thread displaying UI is , and even then, it's only because you want to wake up the message loop for some reason. A common problem I see is people who use to talk to a thread that is displaying UI and then wonder why the message never arrives. Oh, the message arrived all right. It arrived and then was thrown away. This is actually a repeat of an earlier entry with the title Thread messages are eaten by modal loops, but I'm repeating it with a better subject line to help search engines. But since I'm here, I may as well augment the existing article. Obvi...
Microspeak: Net net
In finance, the net is the total after you have cancelled positive values against negative values. For example, if you took in $30 and paid out $20, then your net is $10. In Microspeak, this term has moved into project planning and has undergone redoubling, so it's not just net; it's net net. The doubling of the word was probably added to create a sense of impatience. Here's an imaginary conversation that illustrates the term: Speaker 1: We're five days over on component X, but component Y is ahead of schedule, and we can have some of them h... Speaker 2: (interrupting) What's the n...
Why doesn't Explorer have an interface for creating hard links?
Nick asks why Explorer doesn't have UI for creating hard links. Heck, while you're at it, why not ask "Why doesn't Explorer have a UI for hex-editing a file?" Remember, all features start out with minus 100 points. Explorer is not under any obligation to expose every last NTFS feature, and it's certainly not going to help to expose an NTFS feature that even technical people don't understand. Just look at all the people who ask questions like "How can I tell if a file name is a hard link instead of a normal file?" or online explanations of hard links which claim that "A hard link is only a reference to the ori...
The ways people mess up IUnknown::QueryInterface, episode 2
Sadly, I get to add another entry to The ways people mess up : Blindly responding to everything. Some people are just too eager to please. No matter what the interface is, they say, "Sure, we do that!" Furthermore, no matter what you ask for, they always return the same interface. Even if it's not what you asked for. Exercise: Some people say that "these problems wouldn't be there if Microsoft Windows had enforced correct behavior to begin with." My exercise to you, commenter "foo", is to come up with a list of all bugs in which Windows should enforce and describe how to enforce it. (If your respon...
Don't panic, it's just H1N1
The media simply can't resist a good panic story, even when there is no panic to be found. On the Media interviews sociology professor Eric Klinenberg on what happens when the media ask you to talk about the nonexistent widespread panic over H1N1. Klinenberg says to the reporter, effectively, "There is no panic." Undaunted by the lack of support for his thesis, the reporter places Klinenberg's remarks on the last page of the story, under the subhead Not Enough Panic? Read the article to learn about the White House press conference where a reporter repeatedly asks whether the flu outbreak is a bioterrorist a...
When people ask for security holes as features: Privileged execution
A customer wanted to know if there was a way to execute privileged instructions without having to write a driver. "I just need to execute a few instructions, and writing a driver would be overkill since it's only three instructions. Is there a way I can execute these privileged instructions without a driver?" The whole point of having a class of modules called drivers is to prevent somebody from doing exactly what you're asking for. Only drivers can execute privileged instructions; that's why they're called privileged instructions. "Yeah, but I just need three instructions. Do I have to write a whole driver ju...
The COM marshaller uses the COM task allocator to allocate and free memory
It should be second nature to you that the code which allocates memory and the code which frees memory need to use the same allocator. Most of the time, you think of it as "If you allocate memory, you need to free it with the corresponding mechanism," but this sentence works in the reverse direction as well: If you hand memory to a function that will free it, you have to allocate the memory with the corresponding mechanism. Let's look at this question that appeared on a discussion group: I have the following method defined in my IDL file: My server implementation of this method goes like this: When I ...
We’ve got your hotel surrounded (on one side) (and not even the entire side)
A local hotel advertises itself like so: Surrounding the hotel are popular Seattle attractions such as Pike Place Market, the Space Needle, Safeco Park, home of baseball's Seattle Mariners, and Qwest Field, home of football's Seattle Seahawks, all just a short drive away. Okay, first, it's Safeco Field, not Safeco Park. Mind you, I've misspelled Qwest Field in the past, so maybe I shouldn't complain. But let's look at those Seattle attractions which "surround" the hotel: They all lie in the same direction and subtend a total of twelve degrees of arc. This is a sense of the word "surround" I was previously u...
Things I've written that have amused other people, Episode 5
A question was sent to an internal discussion list for users of the XYZ tool: From: Q To: XYZ Users The GHI function in the JKL tool doesn't work for me. «description of problem deleted» I responded with this message: To: Q, XYZ Users The JKL tool is not part of XYZ. You should contact the author of the JKL tool. The reason why people were amused by this is that the author of the JKL tool is me. (Says so right there in the online help.) As a final punch line, the person never did contact me.
We accept cash, credit cards, and Microsoft cardkeys
One of the restaurants that opened at the new Microsoft Commons is Spitfire, which opened under its own name instead of one of the many wonderful alternatives proposed. At The Commons, the dining establishments operate in a variety of ways (cafeteria, buffet, fast casual, deli, etc.) but they share the common characteristic that you pay for your meal before you sit down to eat, and you clear your own table when you're done. In other words, it's a giant upscale food court spread out over two buildings. Except for Spitfire, which has its own building and operates as a sit-down restaurant with table service. One...
What is the logic behind the thumb size and position calculation in scroll bars?
Commenter sarathc asks, "How do we implement a custom scroll bar as Windows does? What is the logic behind the thumb size and position calculation? How we could dynamically manage it?" Let's look at the three questions in turn. To implement a custom scroll bar... don't do it. It's just not worth the effort, and there will almost always be little seams, like not lighting up when the mouse hovers over them. The logic behind the thumb size and position calculation I thought I covered in my scroll bar series. The size of the thumb relative to the size of the scroll bar is the same as the page size relative to t...
Windows 95's ticking death
A few years ago, Larry Osterman explained the famous beeping death. Windows 95 had its own noise-related death, what nobody has called ticking death, but that's what I'm going to call it. (Let's see how long before somebody decide to add it to Wikipedia.) When your machine fell into ticking death, each time you moved the mouse or pressed a key, it was acknowledged with nothing more than a tiny click from the speaker. What was the cause of ticking death? When the hardware drivers report a mouse or keyboard event on Windows 95, they call the or function. Since this happens at hardware input time, th...
Should I fix the spelling in the United States Constitution?
Commenter Dave jokingly remarked, "I've grown used to handling characters with ASCII. (If it was good enough to represent every character in the US Constitution, it's good enough for me.)" But there's a double-joke in there. You see, not every character in the United States Constitution can be represented in ASCII! If you take a close look, you'll see that some words appear to be "misspelled": At the end of the second line, it says "Bleſsings of Liberty", and Article 1 Section 1 declares that "All legislative Powers herein granted shall be vested in a Congreſs of the United States." That f...
Rentonites concerned about Hooters opening in their town, but not for the reason you think
To support my claim that Renton has a reputation for being a working-class town, I submit this article from last week's news: Hooters too pretentious for us, some Renton, South Park locals say.
Whoa there, logging on awful fast now are we?
What happens when you log on too quickly.
Crazy Eddie: His prices were insane because it was all a criminal operation
If you lived in the New York metropolitan area in the 1980's, you couldn't avoid the advertisements for electronics store Crazy Eddie. What I didn't realize until now was that the retail establishment was a criminal operation from day one. Sam Antar, Crazy Eddie CFO, and nephew of company namesake Eddie Antar, talks us through the entire operation in this riveting interview. Along the way, you'll learn why it was at first advantageous to under-report revenues, then later why it became advantageous to return the unreported money back to the system. Unexpected skill you develop as a money launderer: You can loo...
Why does the Start menu search box autoselect some items but not others?
When you open the Start menu and type into the search box, sometimes the first search result is autoselected (so you just have to hit Enter), whereas sometimes See more results is autoselected. Is there a method to this madness? If an item is found in the Programs and Control Panel sections, then the first such is autoselected. Otherwise, the default item is See more results. The theory is that if you are typing a program or control panel name from muscle memory and make a typo, you don't want this to result in a random file opening. (Why are programs and control panels treated differently? Because the list of...
A complex family calculus
I spent the other night at a relative's house, and I was woken the next morning by my young niece who politely asked me to make her breakfast. (Her technique for waking me up is to come in and call my name. If the door is closed, she pounds on the bedroom door and shouts, "Wake up! Wake up!" If I fail to open the door, she opens it herself. If the door is locked, she jiggles the handle until she forces the door open. I just leave the door open now. Making the best of a bad situation.) Anyway, later that morning, the following conversation took place between my niece and an adult family member (which conversation...
Can you create an information context for the display?
Adrian McCarthy asks, "Can you create an information context for the display? ... I can call CreateDC("DISPLAY"), but perhaps that wouldn't generalize for a multiple-monitor display with different settings on each screen. I'm trying to avoid constantly creating and destroying DCs when all I need to do is measure strings, check color depth, dpi, etc." I admire the effort of trying to avoid creating a whole DC when all you want is to perform some inquiries. Some inquiries are monitor-independent, like getting the DPI or measuring strings, so you can just use to get a temporary DC. This is cheaper than a full-on ...
Most people who go to an open house aren't actually interested in buying it
You have a house for sale. You hold an open house. But not everybody who attends is there because they're interested in buying the house. The first wave are neighbors who are curious about the house they've seen for years only from the outside. Then there are the people who just enjoy looking at other people's houses. And occasionally, people drop by looking for chicken wings.
If you're handling an out of memory exception, you probably shouldn't allocate memory
With the assistance of Application Verifier, specifically, low resource simulation (also known as fault injection), a tester found a stack overflow condition. As we learned earlier, the important thing to look at when studying a stack overflow is the repeating section. When this stack trace was shown to the development team, they instantly recognized the cause of the problem. And you also have enough information to figure it out, too. Hint: Of the most likely reasons that a method named would throw an error, which of them match the scenario? Since we are simulating low resources, the error being thrown...
Start with a $50,000 grant, hold a fundraiser, lose $47,000
Phase three: Not profit. Coolidge High School received a $50,000 grant from AOL Time Warner to help keep the school computer systems running. Add a bizarre and disastrous fundraiser run by a confessed fraudster, and the next thing you know, nearly all of the money vanished before the year was out.
Management-speak: Focus
Management likes to use the word focus. They like it so much, that anything important is called a focus. That's an interesting scenario, one which we hope to address, but it's not our main focus. We're focusing on three features for this release. But how can you focus on more than one thing? The first citation implies that there's more than one focus (a main focus, and maybe some secondary foci); the second citation makes explicit the mutiplicity of foci. But a lens doesn't focus on more than one thing. There is one focus, the point at which parallel rays from infinity converge. Then again, if a lens is de...
Hey, you look Chinese, we have a class for people like you
(The title is a callback to this article from a few months ago.) A member of my extended family grew up near the city of Nanaimo, Canada. While it's true that she's ethnically Chinese, it's also true that she's a fourth generation Canadian. The community is overwhelmingly English-speaking, and English is her first language. She grew up going to an English-language school, she watched English-language television, spoke English with her friends and family, and probably dreamed dreams in English. Yet when the family moved to Vancouver when she was a child (I don't know the exact age, so let's say eight years old...
When you agree to write to a particular length, make sure your content is actually that length
One of the lesser-known skills of writing for print is the ability to write to length. Remember in school when your teacher assigned you a five-page paper? Yeah, it's sort of like that. If your first draft comes up short, you'll have to sit down and come up with some more information. If you have too much, you'll have to decide what to cut. When writing a book, your length target has a bit of flexibility. You may have contracted to write a 500-page book, but your editor is unlikely to get upset if you turn in 499 pages or 501. But if you're writing for a magazine, your length requirements are much tighter. If yo...
Why are developer tools orange?
The Secret Geek Leon Bambrick wonders why developer tools are orange. Coincidence? Worldwide conspiracy?
Things other people have written that have amused me, Episode 2
Somebody posted a time-saving tip and concluded with "You'll save yourself at least 5 minutes per year." I jokingly wrote back, "I already do XYZ which does this automatically, and besides, saving 5 minutes per year isn't much anyway. I spend that much time picking my nose." The response: "Yeah, but now you can do both nostrils."
Thanks for identifying the good programmers for us
Many years ago, my manager told me about a recruiting trip he made. In response to a large number of job applications submitted from a city where a major competing software company had its offices, a small group of Microsofties travelled to that city to interview those applicants and hold a mini-job fair, so that other interested parties could also show up and interview for positions. When the company learned that Microsoft was coming to interview people, they called an emergency meeting which all their top programmers were required to attend, timing it to coincide with the job fair. The theory must have been th...
Two-year-old as finite state machine
Some time ago I joined a family for dinner, and they had a two-year-old. During dinner, the two-year-old accidentally knocked over her glass, and liquid quickly spread across the table. The adults at the table sprang into action, containing the spill on the table, wiping it up, and checking for leakage onto the floor. After all the excitement died down, the two-year-old looked down, saw the empty glass, and threw her hands up in the air, proudly announcing, "I drank it all!"
Reading the error message carefully can help you see how the computer misinterpreted what you typed
The details have been changed since they aren't important but the lesson is the same. A customer had the following problem with a command-line tool: I've created a taglist but I can't seem to get it to work with the command. When I ask it to track the taglist, it can't find it. But if I ask for all my taglists, there it is. Yes, the command isn't working, but let's take a closer look at that error message. It says . Strange, because you are trying to track a taglist, not a tag. Shouldn't the error message be ? Aha, the problem is that the command takes a list of tags on the command line, not a tagl...
Grown in the middle of some very respectable Seattle suburbs, such as Renton
"The marijuana is grown in the middle of some very respectable Seattle suburbs, such as Renton." This is a funny sentence if you're a longtime resident of the greater Seattle area, because Renton has historically been a working-class town. (Here's Almost Live's parody of South King County to give you an idea of what Renton is up against.) The city is working to change its reputation. I wish them luck.
Woe unto PROGMAN.INI
Sad but true: Once you document a file format, it becomes a de facto API. The Windows 95 team learned this the hard way when they set out to replace Program Manager with Explorer. Not only were the settings in the file documented, so too was the binary file format of files. The binary file format was included for diagnostic purposes: If you have a corrupted file, you can use the binary file format documentation to try to recover what you can out of it. But many people treated this documentation not as a FYI, but as a backdoor API. Instead of using the formal DDE interface for creating program groups and...
Welcome to the 11th annual Mid-Atlantic Road-E-O
The top sanitation truck drivers in the mid-Atlantic area converged on Pen Arygl, Pennsylvania for the regional finals of the SWANA Trash Collectors Road-E-O. And the results have been posted [pdf]. Only A Game's Ron Schachter reports [mp3]. (Despite the wackiness, the competition does highlight skills that all truck drivers need to master in order to complete their rounds.) And there's plenty of beeping.
The wheels of government bureaucracy turn slowly: Green cards
When foreign nationals come to work at Microsoft, the legal department gets to work with the paperwork of applying for permanent residency (colloquially known as a green card even though the cards haven't been green for a long time). Obtaining permanent resident status in the United States takes a ridiculous amount of time, and I remember the irony when one of my colleagues finally received his green card... on his last day working at Microsoft. Still, at least it arrived in time, if only barely. :: Wendy :: received her green card two months after she left the country.
Walt Mosspuppet: The return of the fake blog
Fake Steve Jobs put on the map the wonderful insanity of the fake celebrity blog. (I'm sure there were others before Fake Steve Jobs, but that's the one that made it cool and hip.) Copycats sprung up, from Fake Steve Ballmer to Mock Mark Cuban, but none of them really had the staying power of good old Fake Steve Jobs. (movie trailer voice) Until now. Introducing Walt Mosspuppet, a fake video blog starring a puppet version of the technology reporter. I love this guy.
One way to make sure nobody sends you feedback
Last year, somebody sent out a message to very large group of people describing a change to, well, what it described isn't important to the story. What's important is that the message ended with the following sentence: If you have questions, please send them to abcdef. If you don't see why this was a brilliant move, go back and check what that "abcdef" link really does. One of my cynical colleagues noted, "Maybe this was intentional. That way, when they get no feedback, they can say, 'See, this was an awesome decision. Nobody complained!'"
And they don't take American Express
A conversation between two friends of mine. Friend 1: Here's the fifteen dollars I owe you. Oh wait, I only have a twenty. Do you have a five? Friend 2: I don't carry cash. Everybody takes credit cards. Friend 1: I don't take credit cards. In my imagination, Friend 1 would have responded to "Everybody takes credit cards" with "Well, in that case, here ya go. Put it on my credit card." (The title is a tag line from a Visa credit card advertising campaign from years past.)
Why do new controls tend to use COM instead of window messages?
Commenter David wonders why new controls tend to use COM instead of window messages. "It seems that there must have been a decision to only develop COM controls after the invention of COM." There have been plenty of Win32 controls invented after the invention of COM. In fact, the entire common controls library was developed after the invention of COM. All your old friends like the list view, tree view, and property sheets are good old Win32 controls. But it's true that the newer stuff tends to use COM. Why is that? I am not aware of any grand pronouncement on this subject. Each team makes a decision that th...
A different perspective from the first row of the symphony
On the weekend of November 10 during the 2007–2008 Seattle Symphony season, the symphony performed both Brahms piano concerti and two of his symphonies in consecutive concerts. My subscription included one of them, and I bought a separate ticket to the other one, and the seat I was given was in the very front row. You notice all sorts of things when you're in the very front row, things that elude your notice from even the second or third row. When you're that close, you're within an arm's reach of the musicians. I had to look away when the concertmaster bent over to tune the orchestra; otherwise I wo...
The great thing about naming conventions is that not everybody will follow them
The naming convention for is «facility»«severity»«name», where the facility portion (and the underscore) is omitted if the facility is or . Good luck finding anybody who follows this naming convention. Okay, fine, if you look closely you might be able to find some people who do. Actually, I guess I was a bit too pessimistic when I said nobody follows it. It seems that the majority of Windows components do follow this convention, although there are some notable exceptions. There are also some people who decided to confuse matters further by using the convention for erro...
Isn't every dinner at a technology conference a geek dinner?
I'm always amused when somebody announces that they're having a geek dinner at a technology conference. I mean, at a conference like that, every dinner is a geek dinner. The geek density is so high, +4 enchanted vorpal swords quiver in fear. [Update 8am: Fixed broken permalink. Yay, they broke a permalink...]
What is the maximum number of timers a program can create?
As MSDN correctly notes, "Timers are a limited global resource." How limited are they? (We're talking about timers created by .) Not as limited as they once were. Originally, there were eight timers total for the entire system. When there are only eight timers, you have to be very careful not to waste them and to destroy them when they aren't needed. Windows 3.0 increased this to 32. Windows 95 increased this to around 2500, although the debug version of Windows got mad at you if a single program created more than 32. Windows NT 3.1 would create timers until you exhausted the desktop heap...
The way to stop people from copying files to a folder is to use NTFS security, not to block drag/drop
A customer wanted to prevent users from copying files to certain locations, and they did it by hooking functions like and failing the operation if the parameters were not to its liking. The customer found that the hooks stopped working in Windows Vista because Explorer in Windows Vista uses the new COM interface instead of using the old function. The customer wanted assistance in getting their hook working again so they could prevent users from copying files to directories they wanted to block. Well, first of all, arbitrary function hooking is not supported by any version of Windows, so the customer was alrea...
In Ephesus, you juggle or die
In 1987, The Flying Karamazov Brothers performed their interpretation of Shakespeare's A Comedy of Errors. When I watched this show (part 1, part 2) when it first aired, it was my introduction both to the juggling team and to the play. It also reinforced my impression that Shakespeare was meant to be performed and not merely read. The jokes simply don't work as well when you merely read them. For some reason, I still remember the tiny juggling mishap in the final seconds of the show (part 2, time code 1:05:14): The actress at the far left edge of the screen (Luciana) drops a pin but covers up t...
Meta-content: Suggestion Box 4 will open sometime next year
Yesterday, I finished composing the last entry taken from an item in Suggestion Box 3. My prediction that the backlog would clear in early 2010 was off by exactly one year: The last Suggestion Box 3 entry is scheduled to be posted on January 3, 2011. I figure I'll open Suggestion Box 4 sometimes next year. But I'll leave it open for only a little while, to avoid the problem with Suggestion Box 3 where I left it open for so long that it took six years to clear out. (Then again, maybe I should stick to a six-year cycle for emptying the Suggestion Box. That would certainly discourage people fr...
My phone just DoS'd my office network
The other day I was working in my office minding my own business when I suddenly lost network connectivity. I couldn't contact any machines other than the ones in my office. When this happens, I go through some basic troubleshooting steps. Is my neighbor's network okay? How about power-cycling the affected machines? Refreshing the TCP/IP security policies? None of that seemed to work, so I called the network helpdesk, on the assumption that my port was shut down because I somehow missed an e-mail message announcing a mandatory security patch that I had failed to keep up with. My office has an IP phone. It's har...
City noises and their effects on songbirds
Robins in Sheffield sing at night because it's too noisy in the daytime. That reminds me that when I was in Antigua, Guatemala, I was told that the songbirds in the city have started mimicking car alarms. Apparently this is also happening in Oregon with birds mimicking car alarms and cell phone ring tones.
The operating system doesn't know which language programs are written in – by the time the code hits the CPU, they all look the same
Reader Will Rayer asks about "the degree to which 'plain vanilla' C Windows API code works under Vista with the native look and feel." It works just as well as code written in any other language. The operating system doesn't know which language programs are written in. By the time the code reaches the CPU, they all look the same. It's just a bunch of instructions that occasionally call an API function. You can write it in C, C++, assembly, Delphi, Perl, whatever. Of course, some languages are better-suited to calling Win32 than others. Win32 is a C-based API, in the sense that the way you call an exported fu...
Restating the obvious about the WM_NOTIFY message
It appears that people seemed to appreciate restating the obvious about the message, so I'll try it again with the message. The message is typically used by a control to communicate with its parent, either to provide information, request it, or both. Although that is the typical use, there are exceptions. For example, property sheets send the to their children. Property sheets are this sort-of backwards model, where the common controls provide the parent window (the property sheet) and applications provide the child windows (the property sheet pages). The window manager doesn't care who sends the message ...
Why does Windows wait longer than my screen saver idle timeout before starting the screen saver?
You may find yourself in a situation where Windows takes longer than your specified screen saver idle timeout to start the screen saver. First of all, there are ways for programs to block the screen saver entirely. Calling , is how a program says, "Even though there is no mouse or keyboard input, the screen is indeed in use, so don't blank it or start the screen saver." Media playback programs use this so the screen saver doesn't kick in while you're watching a movie on your DVD, and presentation programs use it so the screen saver doesn't start in the middle of your multi-million-dollar proposal. But even if n...
There's no law that says a meeting can't end early
Meetings run over all the time. In fact, you might say that that's their natural state. Meetings think gases are lazy. Whereas a gas expands to fill its container, a meeting expands to exceed the size of its container. It requires good management skills to keep all your meetings on schedule. And it takes great management skills to get them all to finish early. Even someone with poor management skills sometimes valt met je gat in de boter and a meeting will finish early by some fluke. And unfortunately, I've been at meetings where the meeting organizer decides that this is not an acceptable state of affairs. "...
Microspeak: Action on
I have been fortunate to have been spared exposure to this particular corner of Microspeak, but others have not been so lucky. Have you actioned on this ask? It's not clear whether actioning on something means that you've started it or you've finished it. As a result, this is another case of using jargon to impede communication. The inventors of this particular form of Microspeak must be proud of themselves, for not only have they verbed a noun, they coupled it with an unnecessary preposition. But they aren't content to stop there. It wasn't long before the noun that got verbed got re-nouned! Here is our l...
The format rectangle is recalculated whenever the window resizes, and that's a good thing
Reader asmguru62 asks why a custom format rectangle of a multi-line edit control is lost when the edit control is resized. That's right, the format rectangle is recalculated whenever the window resizes, and that's a good thing. Imagine if it weren't recalculated. You create a multi-line edit control. Like many programs, you might create it at a temporary size while you try to figure out what its real size should be. You might even resize the control dynamically as the container is resized. (After all, everybody wants resizable dialogs.) What you definitely don't want is the format rectangle of the edit control...
It's not just on the Internet that nobody knows you don't have a real office
Sure, your company don't have an office, but that's okay. You can rent a fake one, with a fake receptionist, fake staff, and fake conference rooms, and whenever somebody stops by asking for you, the receptionist is trained to say that you're "out".
Why can't I declare a type that derives from a generic type parameter?
A lot of questions about C# generics come from the starting point that they are just a cutesy C# name for C++ templates. But while the two may look similar in the source code, they are actually quite different. C++ templates are macros on steroids. No code gets generated when a template is "compiled"; the compiler merely hangs onto the source code, and when you finally instantiate it, the actual type is inserted and code generation takes place. This is a perfectly legal (if strange) C++ template class. But when the compiler encounters this template, there are a whole bunch of things left unknown. What is th...
Landing the Space Shuttle is hard enough as it is
I was at The Museum of Flight and was waiting my turn at the Space Shuttle landing simulator. A six-year-old settled into the control seat, and as the simulation began I heard him ask his father, "Where are the bad guys?" I'm pretty sure the Space Shuttle doesn't come with onboard missiles. That didn't stop the kid from pressing the trigger on the joystick a lot, though. By the way, I cratered the Space Shuttle.
Common gotchas when writing your own p/invoke
If you're looking to get into some p/invoke action, you'd be well-served to check out the pinvoke wiki to see if somebody else has done it too. If what you need isn't there, you may end up forced to write your own, and here are some gotchas I've seen people run into: C++ and Win32 are not the same as C# (aka ). In Win32, is a 4-byte type, and is a 1-byte type. [See also MadQ's remarks about .] Meanwhile, C++ is not standardized by Win32, so the size will vary based on your compiler, but most compilers use a 1-byte value. And then C# is even weirder: T...
The wisdom of sev^H^H^Heighth graders: What it means to be an adult
Since I'm obviously a glutton for punishment, I also helped read eighth grade essays on the same topic: Describe the qualities you consider to be those which make someone an adult. As always, remember that these are just the funny sentences/excerpts. Let me tell you about my parents Entering a no fun zone It's harder than I thought Tautology corner Assorted commentary Misspelling corner. I've included more context; that may make the game a bit easier. And just so you won't think all eighth graders are terrible writers:
Why can't I pass a reference to a derived class to a function that takes a reference to a base class by reference?
"Why can't I pass a reference to a derived class to a function that takes a reference to a base class by reference?" That's a confusing question, but it's phrased that way because the simpler phrasing is wrong! Ths misleading simplified phrasing of the question is "Why can't I pass a reference to a derived class to a function that takes a base class by reference?" And in fact the answer is "You can!" Our call to passes a reference to the derived class to a function that takes a reference to the base class. This is perfectly fine. When people ask this question, they are typically wondering about passing a...
The wisdom of seventh graders: What it means to be an adult
I didn't participate in the reading of the seventh grade essays, but I did get some of the more entertaining sentences from that batch. As you may recall, the topic was to describe the qualities you consider to be those which make someone an adult. Students were given 90 minutes, plus one additional hour upon request, equipped only with paper and pencil. Remember, these are just the funny sentences/excerpts. Do not assume that all students write like this. Better get your butt in gear Let me tell you about my parents How'd they get that way? Assorted commentary Misspelling corner. I've included more con...
Actually, FlagsAttribute can't do more; that's why it's an attribute
A few years ago, Abhinaba wondered why FlagsAttribute didn't also alter the way enumeration values are auto-assigned. Because attributes don't change the language. They are instructions to the runtime environment or (in rarer cases) to the compiler. An attribute can instruct the runtime environment to treat the function or class in a particular way. For example, you can use an attribute to tell the runtime environment that you want the program entry point to run in a single-threaded apartment, to tell the runtime environment how to look up your p/invoke function, or to tell the compiler to suppress a particular...
Why doesn't String.Format throw a FormatException if you pass too many parameters?
Welcome to CLR Week 2009. As always, we start with a warm-up. The method doesn't throw a if you pass too many parameters, but it does if you pass too few. Why the asymmetry? Well, this is the type of asymmetry you see in the world a lot. You need a ticket for each person that attends a concert. If you have too few tickets, they won't let you in. If you have too many, well, that's a bit wasteful, but you can still get in; the extras are ignored. If you create an array with 10 elements and use only the first five, nobody is going to raise an exception. Similarly, the message doesn't mind if you pass too ma...
The wisdom of seve^H^H^H^Hsixth graders: What it means to be an adult
I was out of town for the grading of the seventh grade essays, so I pitched in with the sixth grade essays instead. The students were asked to think of an adult and describe the qualities that make that person an adult. This topic was not very well received by the students, who deemed it uncreative and boring. While I understand their lack of enthusiasm, it's also true that for most of your life, you're going to have to write on topics that are uncreative and boring (and the stakes are going to be higher), so you'd better get good at it. The difference in writing skill between sixth and seventh graders (between...
Not beany enough
The other night, I was playing a friendly game of Scrabble®, and I managed to play BEANIER* (meaning "with a stronger flavor of beans") onto a triple-word score, crossing the B with an open Y, scoring over 100 points in the process. This sufficiently demoralized the other players that the game turned into "play anything that vaguely resembles a word, with creative spelling encouraged." It turns out that BEANIER* is not listed in the online versions of the SOWPODS or TWL Scrabble word lists, although I made the move in good faith. If the others had thought to challenge, they would've succeeded. My ...
SHCIDS_CANONICALONLY is the moral equivalent in the shell namespace of the Unicode ordinal comparison
One of the flags you can pass to the method is . This flag means that the method should determine whether the two pointers refer to the same underlying object, and if they do not, then it should determine which one should come first by whatever mechanism it wants. It doesn't matter which one is declared as coming before the other one, as long as it is consistent. I like to think of this as the moral equivalent of the Unicode ordinal comparison. In both cases, you use the comparison if you have two items that you wish to keep in sorted order, but you don't care what the ordering rules are, as long as they are...
The great thing about regular expression engines is that there are so many to choose from
Back in the days before perl ruled the earth, regular expressions were one of those weird niche features, one of those things that everybody reimplements when they need it. If you look at the old unix tools, you'll see that even then, there were three different regular expression engines with different syntax. You had , , and . Probably more. The regular expression language supported character classes, the dot wildcard, the asterisk operator, the start and end anchors, and grouping. No plus operator, no question mark, no alternation, no repetition counts. The program added support for plus, question mark, and ...
Searching for Evil: Spot the scam
Security researcher Ross Anderson gives a talk on how a search engine can be used to shed light on the various evils that lurk on the Web. It starts off slow, but picks up when he gets to the "Can you spot the scam?" game that he plays with each Web site. (If you're in a hurry, skip ahead to a little past the 20 minute mark.)
How do you drop on the background of an Explorer window when it is in details view?
When you set your Explorer to Details view, it can become tricky to drop an item onto the window background (in order to move it into the folder) because Details view sets full row select (starting in Windows Vista). This helps users of tablets and touch screens, because it increases the size of the target when dragging and dropping into a folder. On the other hand, when you have more items than fit on the screen, every pixel in the view corresponds to an item; there is no background any more. So how do you drop on the background? If you're using Windows 7, you can take advantage of a little gutter spa...
Programming means that sometimes you have to snap two blocks together
Part of the challenge of programming (and for some people, the reason why programming is fun in the first place) is looking at the building blocks provided to you and deciding how to assemble them to build something new. After all, if everything you wanted a program to do already existed ready-made, it wouldn't be called programming any more. It would be called shopping. Is there an API or a quick way to find out which window the mouse is in? I replied, "The LEGO Group does not make a piece for every possible object. Sometimes you just have to take two LEGO blocks and click them together. Here are some interes...
A burglar tells you the best place to hide your money
Jeffrey Strain chats with a former burglar and learns the best place to hide money. ("The bank," responds the former burglar. Oh, the best place to hide money in the house...) A month later, the follow-up article discussed the worst places to hide money (that sound like good ideas but aren't).
When giving a presentation with a diagram, pretend the diagram doesn't exist
::Wendy:: suggested enabling a means of displaying pictures on the blog without messing up the display of the whole post. Actually, I've simply given up on the pretty diagrams since everybody seems to hate them. You may have noticed that I've been using ASCII art instead. It's certainly easier for me to write, though it's also a bit uglier. One thing readers may not have noticed is that I try to make the article readable even without any diagrams or pictures at all. Sure, you can look at the diagrams if you want, but the article should still make sense if you don't. (And if the image is essential, I'll at lea...
How organizations inadvertently confirm facts when they try not to
On the Media in its story "Fact? Check!" forwarded the revelation (uncovered by the PBS program Frontline in the first part of their "News War" series) that the fact that the United States Justice Department launches a leak investigation implicitly confirms the leak! That's because one of the prerequisites for a leak investigation is that the leaked information actually be true. Lowell Bergman: The information has to be accurate? Dave Szady: Yes. Lowell Bergman: So when the government announces a leak investigation and it comes to your office, it's confirming that the report in the newspaper, for example...
What is the difference between Directory and DirectoryBackground?
One item I left off the list of special progids is . Recall that is the progid for file system folders (a subset of which represents all shell folders, both file system and virtual). Closely related is , which isn't really a progid, but it is a place where shell extensions can register themselves. Specifically, it's where context menu handlers can register if they want to appear when the user right-clicks on a blank space of a file system folder.
How do I quickly position two windows side by side using only the keyboard?
alexx is looking for a keyboard-only equivalent to the ctrl+click trick I mentioned a few days ago. Not as quick, but it still works. And it works even if the windows you want got converted into a group. Of course, on Windows 7, you can use the Win+Left and Win+Right hotkeys. (Users with multiple monitors can couple this with Win+Shift+Left and Win+Shift+Right.)
What is the difference between CSIDL_DESKTOP and CSIDL_DESKTOPDIRECTORY?
Among the various values you can pass to functions like are and . What's the difference between them? The is the virtual folder that represents the desktop. The contents of this virtual folder is what gets displayed on top of your wallpaper. The virtual folder is populated from various locations, some of them virtual, and some of them physical. The special folder is a physical folder that contains the files that you think of as on your desktop. These are the files that you've saved to your desktop, files that you've dragged to your desktop, that sort of thing. Some files on the desktop come from , which i...
The advantage of knowing your limits of discrimination
A story a while back about ridiculously expensive speaker cables and James Randi's challenge to tell the difference between them and modestly-priced cables reminded me of a conversation I had with a wine-loving friend of mine. He went on a wine tasting tour and sampled wines of varying quality and price. His conclusion was that he could detect the correlation between price and quality up until about $75/bottle. Beyond that point, the wines all tasted roughly equally great. Conclusion: There's no point in my friend spending more than about $75 on a bottle of wine. Once you know the limit of your discriminatio...
How do I put a window at the edge of the screen without triggering the automatic positioning behavior?
Grab it far from the edge you care about.
Mr. Lee CatCam lets you see what a cat does all day
Jürgen Perthold modified a lightweight camera and hung it around his cat's neck, snapping a picture every few minutes. Join Mr. Lee on a trip through the neighborhood. If those trips aren't enough, you can also see what Jacquie is up to.
How do I quickly position two windows side by side?
Commenter n/a posted a laundry list of feature requests. I'm not going to address all of them here (though I inadvertently addressed one of them a while ago). But today I'm going to address request number two, "A simple switch to create two windows, one alongside the other, vertically split." That feature has been around since Windows 95, possibly even before that but I haven't bothered to check. In the taskbar, click the button for the first window you want to position, then hold the Ctrl key and right-click the button for the second window. Select Tile Vertically. Bingo, the two windows are positioned ...
Conway-Kochen Free Will Theorem: Lecture series
Some time ago, there was a bit of excitement when researchers John H. Conway (best known to geeks as the inventor of The Game of Life, a Turing-complete cellular automaton) and Simon Kochen (best known to geeks as, um, okay, he's not known to geeks) concluded that if human beings have free will, then so too do elementary particles. In 2009, Conway gave a series of six one-hour lectures on this theorem. The lectures have been recorded and are available online. (I also found a nice summary of a public lecture by John Conway on the same subject, for those who are impatient and just want the one-page versi...
Polling by sleeping versus polling by waiting with a timeout
Commenter Francois Boucher asks it's better to write a background worker thread that polls with and a flag, or polls by waiting for an event with a timeout? "Which scenario is better? The first one uses only 1 handle for the thread. The second one will use 2. But is the first scenario wasting more thread time? Is it worth using the event (kernel object)?" Yeah, whatever. I don't quite understand why you want to pause every so often. Why not just do the work at low priority? When there are more important things to do, your background thread will stop doing whatever it's doing. When there is an available C...
The guerilla wedding
When two of my friends were getting married (to each other), there was of course a lot of effort spent on finding the right wedding location. To relieve the tension, when we got together, we would amuse ourselves by coming up with guerilla wedding locations, which was our term for surreptitiously holding a wedding ceremony at a location without the site owner's knowledge. Everybody would converge on the designated location, wait for the secret signal, and then spontaneously assemble for a wedding ceremony, wrapping it all up before anybody else knew what happened. Here are some ideas in the Seattle area we came ...
If you wished a language supported the preprocessor, you know, you can fix that
A customer had the following question about the message compiler, something that I had noted almost nobody uses. Well how do you do, we found somebody who actually uses it. Anyway, the question went like this (paraphrased, as always): Can I use symbolic constants in my .mc file? For example, I have a message file that goes like this: I have symbols defined in a header file and that I, of course, have to keep in sync with the error messages. One way to do this is to change the messages: And in my function that prints error messages, I can insert these magic parameters: This is obviously a rather h...
Changes to the the 2009/2010 Seattle Symphony subscription season, part 2
The Seattle Symphony made a large number of changes to their 2009/2010 program line-up. I've updated the 2009/2010 Seattle Symphony subscription season at a glance accordingly. The Brahms Variations on a Theme by Hadyn, the Brahms/Schoenberg Piano Quartet in g minor, and the Shostakovich Symphony #15 moved to different dates, and a large number of substitutions or single-piece additions/subtractions were made. The concert for the week of October 30 was cancelled outright; ticket-holders will be issued tickets for the week of May 6 instead.
Your debugging code can be a security hole: Contest tickets
Last year, the Microsoft cafeterias ran a promotion which involved scratch-off tickets and prizes ranging from a free bagel to a new Zune to free airplane tickets. But it turns out that the people who ran the contest left some debugging code behind that became a security hole. As people compared notes on what they did or didn't win, they noticed that the tickets all looked identical save for the scratch-off area (naturally) and some tiny numbers printed in the corner of the back of the card. After some study, it became clear that all the losing tickets had a code that ended in 01, all the tickets for a free ba...
I saw a fascinating documentary about bugs
In the September 20, 2007 Dilbert comic, Dilbert says to his date, "I saw a fascinating documentary about bugs." A Year in the Life of Ants.
Microspeak: Whale Boy
Today is the tenth anniversary of Windows Live Messenger. My colleague Danny Glasser provides some history behind the product, and you can watch a tenth anniversary celebration video created for the occasion. And thus is inspired today's Microspeak: Whale Boy. Whale Boy is the nickname for the pawn-shaped Messenger buddy icon. His normal state is green, but he changes color or picks up a piece of flair to indicate various changes in status, such as busy or away. I don't know the etymology of the term, but I suspect it came from his somewhat rotund appearance. Sample usage (which I made up just now; not from ...
Proto-Microspeak: Coceptualize
Many years ago, to see whether anybody was paying attention, a colleague and I slipped the made-up word "coceptualize" into a document. Nobody said a thing. Either nobody read that part of the document, or they did and thought it was a real word.
Why was MoveTo replaced with MoveToEx?
Commenter Ulric asks, "Where did MoveTo(HDC, int, int) go?" Back in the 16-bit days, the function to move the current point was called , and its return value was a which encoded the previous position, packing two 16-bit coordinates into a single 32-bit value. As part of the transition to 32-bit Windows, GDI switched to using 32-bit coordinates instead of the wimpy 16-bit coordinates of old. As a result, it was no longer possible to encode the original position in a single . Something new had to be developed. That new thing was the function. Instead of returning a single , it accepted a final parameter whic...
The disembodiment of DIBs from the DIB section
So far this week, we've separated the DIB metadata () from the pixels of a DIB section. But there's really no need for the DIB section at all! As long as you have the pixels and the metadata, you can draw bits. We demonstrate this by drawing a rather stupid-looking bitmap onto the screen, but doing so without the use of s at all! Start with a brand new scratch program and make these changes: We are drawing a bitmap without using an ! The technique is the same one we've been using all week: Building a and using it to guide the interpretation of a chunk of memory containing pixels. Just to make things eas...
Caption contest: The pinball machine: Results
It's been quite a while, but a winner in the caption contest has been selected and the prize finally reached its destination. (Mostly due to procrastination on my part. Don't blame the postal service.) The winner is Scott from Australia with his entry Only 5,000 more referrals until MULTIBALL Even though it's kind of low-brow, it made me laugh spontaneously. For his efforts, Scott wins a deluxe prize package consisting of Here's Scott's acceptance speech: I'd like to thank all the letters that made the caption possible - the O, the N, the R, and especially the L - that little guy r...
Separating the metadata from the DIB pixels: Changing the raster operation
For a few days now, we've used the function in conjunction with a precomputed to draw a DIB with an alternate color table without modifying the . The function operates like a with raster operation . If you want another raster operation, you can use , which has a final raster operation parameter. Despite its name, you don't have to stretch with . Just pass a source and destination of equal size, and you've performed a NOP stretch, but you get the benefit of the raster operation. I changed the call from to , setting the source and destination rectangles to the same size (so no actual stretching occurs),...
On gender differences in expectations of thinness, and the impact on guys who live in their parents' basement
At dinner a few years ago, one of my friends brought up a study (which I can't find, so who knows if it's actually true, but let's assume it's true for the sake of the story) that examined the effect of gender differences in expectations of thinness. One of the factors that the study considered was sexual orientation, and they found that homosexual men were, on average, thinner than their heterosexual brethren, and conversely that heterosexual women were thinner on average than their homosexual um, what's the female counterpart to "brethren"? In other words, the conclusion of the study was that the pressure to b...
Separating the metadata from the DIB pixels: Precalculating the BITMAPINFO
Last time, we saw that you can use the function to draw a DIB with an alternate color table without having to modify the . In that version of the function, we selected the into a device context in preparation for drawing from it, but in fact that step isn't necessary for drawing. It was merely necessary to get the original color table so we could build our grayscale color table. If you don't care what the original colors are, then you can skip that step. And even if you care what the old colors are, and if you assume that the colors don't change, then you only need to ask once. To demonstrate, that all the ...
What happens to your restaurant tip?
Some time ago, the Seattle Times ran an article on how your restaurant tip gets divided up among the staff. A week later, they ran an entire article of responses to the original article, some from customers, but many from restaurant staff (both cooks and servers). And, now on a roll, the next week's food section looked at the sociology of splitting the bill with a sidebar looking at how hard it is for different types of restaurants.
The fun and profit of manipulating the DIB color table can be done without having to modify it
If I were Michael Kaplan, I'd have a more clever title like I'm not touching you! or Look but don't touch or maybe Looking at a DIB through -colored glasses. We saw some time ago that you can manipulate the DIB color table to perform wholesale color remapping. But in fact you can do this even without modifying the DIB color table, which is a handy trick if you want to do color remapping but you don't want to change the bitmap itself. For example, the bitmap is not one that is under your control (so you shouldn't be modifying it), or the bitmap might be in use on multiple threads (so modifying it will result ...
Failed follow-up: The case of the dubious dental work
I've been waiting for an opportunity to do a follow-up on this story, but the trail appears to have gone cold. Here's the story as we know it so far: In 2004, a woman (who had previously run unsuccessfully for a city council position) files a $6,370 claim for dental work against McDonald's, claiming that she injured her teeth biting into a cherry pie. Less than three months later, she files a $6,006 claim against McDonald's for dental work resulting from biting into a piece of bone in a cheeseburger patty. The insurance company investigates and determines that both claims were false: The dentist who allegedly ...
Speculation on how a mishandled 13-character string can result in a blue screen
Commenter nolan reminisces about an old Windows 95 bug in the networking layer that crashed if a string was exactly 13 characters long. "So for the past 10 years or so, I've been wondering exactly how one could write code with that bug. Any bug that weird has to have a great story behind it." I don't know what the story behind it is, but if after ten years you still can't imagine how such a bug could be possible, you don't have a very active imagination. If the host name is exactly 13 characters, then this code overflows the buffer by one character, corrupting the stack. A crash is hardly surpris...
The world reaction to the unexpected death of Michael Jackson extends to young children
I had occasion to meet up with the same family whose two-year-old was learning to lie in an earlier story. It was only a day or two after the death of Michael Jackson, and the older sister (five years old) told me, "Did you know? Michael Jackson, he went to sleep and he is never going to wake up." Her younger sister (now three), corrected her. "No, he's dead!"
If dynamic DLL dependencies were tracked, they'd be all backwards
Whenever the issue of DLL dependencies arises, I can count on somebody arguing that these dynamic dependencies should be tracked, even if doing so cannot be proven to be reliable. Even if one could walk the call stack reliably, you would still get it wrong. The example I gave originally was the common helper library, where loads via an intermediate function in . You want the dependency to be that depends on , but instead the dependency gets assigned to . "But so what? Instead of a direct dependency from to , we just have two dependencies, one from to , and another from to . It all comes out to the same t...
Film students and The Bicycle Thief
The current generation of young people grew up in a very different world from us older folks. There has always been an Internet. Everybody is accessible by mobile phone. Cars have always had power windows. (Which reminds me of a story of a friend of mine who has an older-model car and was giving a ride to an eight-year-old relative. The youngster pointed at the window crank and asked, "What's this?" Upon learning its purpose, the young passenger spent the remainder of the trip opening and closing the window, giggling with glee. "You know, most people pay extra so they don't have to do that.") But it's not just e...
MS-DOS also allowed spaces in file names, although vanishingly few programs knew how to access them
A little-known fact about MS-DOS is that it allowed spaces in file names. Sure, you were limited to 8.3, but a file called "" was legal in MS-DOS, and you could indeed create such a file. Good luck finding programs that didn't treat you as insane when you asked for that file, though. Although the file system supported files with spaces, practically no programs supported them. Command line tools saw the space as the end of the file name. You couldn't quote the file name because no command line tool supported quotation marks to protect spaces. After all, if you believed that spaces were illegal characters in file ...
Up and down often substitute for compass directions, but you have to know when you've taken it too far
The official curriculum for seventh grade students in the state of Washington includes Washington history and geography. My friend the seventh grade teacher typically includes as part of this curriculum an assignment wherein each student is assigned one of the state's counties on which to produce a brief report. It is common to substitute up and down for north and south when speaking informally, but it is also important to know when you've taken the substitution too far. One student's report on Pierce County began with the following sentence: Pierce County is at the bottom of Puget Sound.
Attack of the rogue feature: Oh no, where did my Explorer icon labels go?
A customer reported that on Windows Vista, if you hold down the shift key and repeatedly click the View button in the command bar of an Explorer window, you will eventually reach a state where all the labels under the icons have disappeared! Where did they go, and how do I get them back? Congratulations, you stumbled across a rogue feature. One of the developers who worked on Windows XP decided to add a cute shortcut: Holding down the shift key when switching to Thumbnail mode will cause the labels to disappear. (At least, that was the intent of the rogue feature, but it so happens that as a side effect,...
More musings on the peculiar linguistic status of languages acquired in childhood
You don't even notice.
Command line parsers look at what you typed, not what what you typed looks like
Command line parsers are stricter than human beings. The computer cares about what you typed. If you type something else that superficially resembles what you want, but is not actually what you want, then you won't get what you want, even though it sure looks like what you want. I covered a special case of this topic earlier when I described smart quotes as the hidden scourge of text meant for computer consumption. You think you typed a quotation mark, but the editor secretly "improves" it from U+0022 to U+201C. Then you paste the text into a command line and you get strange output because the command line pa...
If somebody speaks a language I’m not expecting, sometimes I don’t understand it, even though I should
It depends on whether the language is in the instinctive part of my brain.
A 32-bit application can allocate more than 4GB of memory, and you don't need 64-bit Windows to do it
Commenter Herb wondered how a 32-bit program running on 64-bit Windows can allocate more than 4GB of memory. Easy: The same way it allocates more than 4GB of memory on 32-bit Windows! Over a year before Herb asked the question, I had already answered it in the tediously boring two-week series on the myths surrounding the /3GB switch. Here's a page that shows how you can allocate more than 2GB of memory by using shared memory (which Win32 confusingly calls file mappings). That code fragment allocated 4GB of memory at one go, and then accessed it in pieces (because a 32-bit program can't map an entire 4GB memor...
The most unwanted song ever
A follow-up to why ABBA songs are so catchy: Vitaly Komar, Alex Melamid, and David Soldier developed a song scientifically engineered to be the most unwanted song ever: By their calculations, "fewer than 200 individuals of the world's total population would enjoy this piece." Ah, opera rap. Also check out The Most Wanted Paintings. America's Most Wanted Painting contains "an autumnal landscape with wild animals, a family enjoying the outdoors, the color blue, and George Washington."
Why does my screen go black when an emergency hibernation is in progress?
Sometime last year a customer wanted to know why the screen goes black when the system automatically hibernates due to critically low battery power. Shouldn't there be some sort of feedback to tell the user, "Hey, like, I'm hibernating, don't worry"? The power management folks explained that they turn off the screen for a reason: They're trying to save your data while they still can. When the system gets the "Oh no, the battery is about to die!" notification from the hardware, there's no time to lose, and even less power to waste. Keeping the screen lit takes a lot of power, so turning it off might make the dif...
Foreign languages can be used to impede communication
One of the reasons people give for studying a foreign language is to increase the number of people one can communicate with. But what people don't mention is that foreign languages can also be used to impede communications, and that can be just as useful. (Be careful, though, because it can backfire.) During my visit to Sweden some years ago, I was walking back to my hotel room from the Göteborg train station. I had spent the afternoon visiting the nearby city of Alingsås, whose claim to fame is that they are the birthplace of the man who introduced potatoes to Sweden, although he is probably more ...
You can use a Coke slogan as your password, but not a Pepsi one
When Larry Osterman mentioned News Flash: Spaces are legal characters in both filenames and passwords, I was reminded of my own little experiment with passwords and spaces. Over a decade ago, I tried using spaces in my password, and they were accepted, but I ran into a different problem: Brand name bias. The password system accepted "Coke adds life" as my password, but it rejected "Pepsi the choice of a new generation". Why did the password system accept a Coke slogan but not a Pepsi one? Hint.
The New York Times says I'm doing it all wrong, but maybe that's for the better
Some time ago, The New York Times ran a story titled In Web World of 24/7 Stress, Writers Blog Till They Drop, which mentions that "those on the lower rungs of the business can earn as little as $10 a post." Dude, if that's what people on the lower rungs earn, then I'm below ground level! (Nevermind that just the previous month, an article in The New York Times wrote about the business of blogging: Don't expect to get rich.) Then again, I probably shouldn't complain, seeing as what most people took away from the article was that blogging kills. Slate's Timothy Noah noted in his article Death by Blogging t...
2009 mid-year link clearance
Time for the semi-annual link clearance. And, as always, the obligatory plug for my column in TechNet Magazine:
Microspeak: The plan for the plan
I ran across an old document that contained a phrase I hadn't heard before: The Plan for the Plan for the XYZ Team Summary XYZ is at ZBB and we are now at a recall class only bug bar until RTM. The team has also started working on a plan for a plan to address the requests made from the XYZ Leadership Team several months ago. Details of the planning ... ... 3. Bob would like a more concrete plan for a plan. Milestone breakdowns, entry/exit dates, etc... ... Plan for a Plan We established some deliverables to begin creating the plan for a plan: Development/Design Code Review Due date: Next week Pr...
Learning to lie: Early forays
Some time ago, I was visiting a family with small children, and I found the two-year-old middle child with a marker in her hand suspiciously close to some fresh marks on the living room couch. The following conversation ensued: "Who drew on the couch?" — My older sister. "Your older sister isn't home." — The baby. "The baby can't reach this." — The dog. "You don't have a dog."
If you want to consume all the virtual address space, well, then go ahead and consume it, you don’t need my help
Commenter Matthew Chaboud asks if there's an easy way to consume all the virtual address space below 4GB, short of, well, actually allocating it. "It seems like there should be a cleaner way to do this." If you want to consume all the virtual address space, then call until you turn blue. Programs shouldn't care what address they get back from a memory allocation function; they should handle values below 2GB and above 2GB with equal facility. It's not like there's a function. (Is there a function?) What would be the point of such a function? Once you call it, you have run out of memory! If Mr. Chabou...
John Swansburg deftly declines the fine print disclaimer on his Heelys
Before field-testing his Heelys for a report in Slate, John Swansburg reads the legal disclaimer and declines it.
The thread that gets the DLL_PROCESS_DETACH notification is not necessarily the one that got the DLL_PROCESS_ATTACH notification
The thread that gets the notification is not necessarily the one that got the notification. This is obvious if you think about it, because the thread that got the notification might not even exist any longer when the DLL is unloaded. How can something that doesn't exist send a notification? Even so, many people fail to realize this. You can't do anything with thread affinity in your or handler since you have no guarantee about which thread will be called upon to handle these process notifications. Of course, you're not supposed to be doing anything particularly interesting in your handler anyway, but thin...
News flash: Children are influenced by advertising
Anything in a McDonald's wrapper tastes better, according to children ages 3 to 5. Even something like carrots taste better if you put them in a McDonald's wrapper or cup.
First, try reading the error message, episode 2: Even programmers see error messages without reading them
I will occasionally note that users don't read error messages; they just click Cancel. And the phenomenon isn't just restricted to naïve users. Even programmers ignore error messages. All they see is "Blah blah blah an error occurred." For example, there's this message that appeared on a peer-to-peer discussion group: I tried to submit an update to our database and I got this error. What does it mean? Is the error on the client or the server? Opening transaction 34508. Locking record 14 for update. Updating record 14 in table BLUECHEESE. Operation failed. write: The file or directory is corrupted a...
Spam trackback attack week 3 statistics
The people who run this site think they have a handle on the trackback spam attack that raged for three and a half weeks. All the bad IP addresses have been blocked, and hopefully we didn't lose any babies with the bathwater. Here are the statistics for the final wave:
Yet another experiment in motivating people to find and fix bugs
Everybody has probably heard about some project where management decided to motivate testers and programmers by rewarding testers for finding bugs and programmers for fixing them. In the absence of high ethical standards, this can devolve into the situation known to Dilbert fans as I'm gonna write me a new minivan. I experimented with this idea once, over a decade ago. Well, not exactly this idea, but a variation of it: For each bug in my code which I fixed, I paid the tester who found it. The risk here would be that I would intentionally resolve bugs as INVALID (or WONTFIX or anything other than FIXED) in...
Oh great, and my phone even has a CPU meter
These fancy-dancy IP phones never cease to make me wonder what our world has come to. I remember when a telephone was a bucket of carbon granules and a momentary switch, and the rotary dial was just a mechanism for going on and off hook at a precise frequency. (Indeed, sometimes for fun, I'll pulse-dial a phone by tapping on the hook.) The other day, somebody sent out an email message: I'm amusing myself watching the "CPU Load" graph on the phone. Then again, I'm easily amused. Naturally, the CPU meter is useless, because you can only switch to it when you're not using the phone. Once you pick up the hand...
High school students guess what happens to money deposited into checking accounts
In August 2007, the results of the first nationwide high school economics graduation tests were released. (Download the report [pdf].) It appears that the results were better than expected, but let's not celebrate too quickly: The results were that 42% of students rated "Proficient" and 3% "Advanced". And only 52% of the students could answer this multiple-choice question correctly: What happens to most of the money deposited in checking accounts at a commercial bank? I guess 48% of the students have never seen It's a Wonderful Life.
Why does a flashing taskbar result in a fullscreen console returning to windowed mode?
Commenter Daniel wonders why a flashing taskbar results in a fullscreen console returning to windowed mode. I didn't know the answer to this, but I formulated a guess, and I was ready to just post my guess. (Because everything I write is just conjecture anyway. Informed conjecture, but still.) But I had some time, so I went spelunking through the code history and about a half hour later, I found confirmation for my guess, so now it's not just a guess but a fact. (Don't expect me to go to all this effort in general. Guessing is a lot less time-consuming.) The code to force a fullscreen console into windowed ...
The butter and the money for the butter
In a discussion a few years ago, I saw the phrase, "Now you have the butter and the money." This was new to me, and a little Web searching (guided in part by a guess at the author's nationality) revealed it to be a French proverb, the full version of which is On ne peut pas avoir le beurre et l'argent du beurre: "You can't have the butter and the money for the butter." It's a really nice phrase, and maybe someday I'll be able to use it. Bonus butter idiom: Reading the blog of a German colleague, I ran across the phrase alles wieder in Butter ("everything back in butter"), which from context appeared to mean som...
You can’t leave a critical section you never entered
If you call on a critical section you never entered, the behavior is undefined. Critical sections are an extremly high-traffic code path. Intense work goes into making them as fast as possible. Customers like to ask questions like "Exactly how many cycles does it take to enter a critical section? We're not going to use them if they're too slow." They don't say what they are going to do if critical sections are too slow for them, but the threat is real (even if the justification is bogus). I've seen programmers respond to code feedback of the form "You need a critical section here" with "No, I'm not going to bo...
Don’t you hate it when someone leaks a ref to your clothes?
The other night I had a dream in which one of my friends said, "Check out my clothes closet. This dress is hideous, but I can't get rid of it because there's still a reference to it from my blog." The dresses were labeled through .
The dangers of mixing synchronous and asynchronous state
The window manager distinguishes between synchronous state (the state of the world based on what messages your program has received) and asynchronous state (the actual state of the world this very instant). We saw this earlier when discussing the difference between GetKeyState and GetAsyncKeyState. Here are some other functions and their relationship to the queue state: Use synchronous state Use asynchronous state GetActiveWindow GetForegroundWindow GetMessagePos GetCursorPos GetMessageTime GetTickCount If you query the asynchronous state while processing a message, you can find yourself cau...
Welcome to Leavenworth, Washington’s faux-Bavarian village
The dying logging town of Leavenworth, Washington reinvented itself in the 1960's as a faux-Bavarian village. Today, over a million tourists visit annually to enjoy the scenic mountain views, soak in the fake Bavarian atmosphere, and revel in events like the Leavenworth International Accordion Celebration which starts tomorrow, or the three-weekend-long Leavenworth Oktoberfest every October. (Mind you, the Leavenworth Oktoberfest doesn't actually start until the Munich Oktoberfest is nearly over, because Oktoberfest starts in September.) I found during a brief visit to Leavenworth that the people there may d...
Sure, I can get spurious WM_MOUSEMOVE messages, but why do they keep streaming in?
I wrote some time ago that the window manager generates spurious messages in order to let programs know that the mouse has entered the window even if the reason was a window hierarchy reshuffle rather than a physical motion of the pointing device. But some people have noticed that that explanation fails to account for all the messages that are being delivered. In particular, the reasoning fails to explain why a stream of messages is being generated. So where is this infinite stream of messages coming from, even when the window hierarchy is stable? They're most likely coming from some third party so-called...
Management-speak: Upping the sats and stimulating the ecosystem
Here's another sentence that's so loaded with buzzwords and buzzphrases I'm not sure what language it's written in. I just want to have creative control over how my audience can interact with me without resorting to complex hacking in a way that is easy to explain but ups our blogging audiences sats to a new level that may also stimulate a developer ecosytem that breeds quality innovation... The ellipses are in the original, if that helps any. The scary thing is: The person who wrote this isn't even a manager.
Happening to be at the same post-concert restaurant as symphony performers
Getting out of the parking garage immediately after the symphony ends is usually a bit of an ordeal, so my symphony group tends to linger downtown for some coffee or dessert, allowing time for the post-symphony traffic jams to clear out. The other night, we went to the Union restaurant just a block from Benaroya Hall. (Verdict: Not a good dessert restaurant.) After we placed our orders, violinists Elisa Barston (my current "favorite symphony performer") and Mikhail Shmidt came in and were seated at the table next to us. I tried not to stare, but even though I've sat quite close to Elisa Barston before, this ti...
Why do some file operations take file names and others take handles?
Commenter Brian Friesen asks why some functions (like SetFileAttributes) take a file name, while others (like SetFileTime) take a handle and why we can't have two versions of every API, one for each pattern. Second question first: No need to wait for the kernel folks to write such a function; you can already do it yourself! // Following "pidgin Hungarian" naming convention, which appears // to be dominant in <winbase.h>... BOOL SetFileTimesByNameW(LPCWSTR lpFileName, CONST FILETIME *lpCreationTime, CONST FILETIME *lpLastAccessTime, ...
Fortune cookie fortunes are getting less and less interesting all the time
I remember reading a story about the history of fortune cookie fortunes, and how the pool of fortunes has been getting smaller because people keep complaining about them. In the article, they gave as an example that the fortune "You will meet a stranger" was removed from the fortune library because somebody complained that it was too scary. The effects of this trend toward meaningless fortunes continue to be felt. A few years ago, I opened a fortune cookie and looked at the slip of paper inside. It read simply Someone will give you something.
A concrete illustration of practical running time vs big-O notation
Memory access time changes the math.
Spam trackback attack week 2 statistics
The trackback spam attack is well into its second week now. The people who run blogs.msdn.com blocked all access from the IP address block, which not only blocks trackbacks but also prevents them from reading the content (and therefore prevents them from scraping). Undaunted, the sites just moved to a new IP address.
Why does Explorer use the term KB instead of KiB?
Although the International Electronic Commission established the term kibibyte for 1024 bytes, with the abbreviation KiB, Windows Explorer continues to use the abbreviation KB. Why doesn't Explorer get with the program? Because nobody else is on the program either. If you look around you, you'll find that nobody (to within experimental error) uses the terms kibibyte and KiB. When you buy computer memory, the amount is specified in megabytes and gigabytes, not mebibytes and gibibytes. The storage capacity printed on your blank CD is indicated in megabytes. Every document on the Internet (to within experimenta...
Foreign languages can be used as a secret code, but it’s not always a good secret code
Some years ago, I went out to dinner with a group of friends to a Chinese restaurant, and when the check was delivered to the table, one of my friends looked at it and handed it to me. "It appears to be written in some sort of secret code." It was written in Chinese. I pointed out that they probably chose the worst possible code in the world, seeing as they chose something known to over a billion people. Using a foreign language as a secret code is common when walking around out in public. You can say whatever you want about the people around you, and you can have a certain degree of confidence that your ...
Why does MS-DOS use 8.3 filenames instead of, say, 11.2 or 16.16?
When I discussed years ago why operating system files tend to follow the old 8.3 file name convention, I neglected to mention why the old MS-DOS filename convention was 8.3 and not, say, 11.2 or 16.16. It's a holdover from CP/M. As I noted when I discussed the old MS-DOS wildcard matching rules, MS-DOS worked hard at being compatible with CP/M. And CP/M used 8.3 filenames. Why did CP/M use 8.3 filenames? I don't know. There's nothing obvious in the CP/M directory format that explains why those two reserved bytes couldn't have been used to extend the file name to 10.3. But maybe they figured that eigh...
Mixed messages from the IT department regarding email safety
TipTalk wrote some time ago about the urban legend of the Reading Pane. In the conclusion, the article mentions the "read all standard mail in plain text" setting. And that reminded me of a story. Some time ago, the IT department sent out a message to all users on the subject of email safety. The gist of the message was that for increased safety, everybody should go to that options dialog and check the box to set Outlook to read email in plain text mode. It's not clear whether they expected anybody to take their message seriously, though: They sent the message in HTML format.
On the importance of sanity-checking values where money is involved
Last year, one of my colleagues noticed that one particular company's stock, which normally trades in the mid- to upper-$20 range, showed one day of extremely unusual results, very similar to the last example in this series of funny screenshots. Closer inspection revealed that there was an order to buy 28 shares at $100,000. Obviously, somebody got the "number of shares" and "bid price" fields backwards and ended up losing over two million dollars for the error. If this were an NYSE stock, this error would have been caught because trades on the New York Stock Exchange are still executed by human beings on...
Why isn’t there a separate British English version of Windows?
My friend ::Wendy:: asks why there is an American English version of Windows but not a British English version. I am not the expert on this subject (Michael Kaplan might be a bit closer), but I can speculate on the reasons for this. This is all conjecture, so who knows how accurate it is. (Actually, most of what I write is conjecture; I just don't bother calling it out each time it happens.) Let's look at it this way: You have the time and money to translate the American English version of Windows into 20 other languages. Do you spend one of those slots to translate it into a language that is mutually intel...
I’m sorry, Brian George, but we got cut off and I couldn’t call you back
Yesterday, at 4 o'clock in the afternoon, I receive a telephone call at work. There is that characteristic pause after connecting which tells me that I have probably just been called by a telemarketer. "Hello?" — Hello, I'm Brian George from Liquid Capital Management. Our company founder, Brian Kim, has been working closely with Microsoft employees to help them with financial matters. Are you familiar with hedge funds? I hear another voice in the background. This is almost certainly a boiler room operation. "There appears to be another voice on the line, do you hear it? Oh wait, it's gone. Could...
Bonus chatter about that virus that is responsible for the top six Explorer crashes
Last year, I wrote about a virus that is responsible for the top six Explorer crashes, by a wide margin. I learned later how the authors of this XYZ Virus operate, and it happens to answer a question posted by commenter SteveL as to why these virus writers are so incompetent that they crash so much. First, the virus authors infect your computer and crash your system every so often on purpose. Meanwhile, they also set up a legitimate-looking Web site which sells anti-virus software that claims to remove this virus. You send them your money, they send you the software. The kicker is that the removal softw...
Cool guys don’t look at explosions
Thanks to NPR's Monkey See blog for finding this:
Why can’t I rotate the display with ChangeDisplaySettingsEx?
If you have one of those cool swively LCD displays (or if you decided to build your own), you naturally want to tell your video card to display rotated output, so you can take advantage of the portrait orientation. And naturally you would think that calling the and using the field of the structure would do the trick. And then you would find that it doesn't work. Yet the annoying utility program (which gets shoveled onto your computer when you install the driver) can rotate the video output. How come they can do it, but can't? Because the video card vendor decided to do it in a nonstandard way so that...
Last tube standing: The Cardboard Tube Fighting League
Dodge, parry, thrust. Welcome to the Cardboard Tube Fighting League. (I happened to be in Gasworks Park for a totally unrelated reason and managed to catch the final battle of the Seattle branch's 2008 Tournament.)
What does the “Zw” prefix mean?
If you spend time in kernel mode, you're accustomed to seeing functions with two-letter (or occasionally, three-letter) prefixes that indicate which component they belong to. What does the "Zw" mean? Answer: Nothing. The people who chose the letters wanted to pick something that was unlikely to collide with anything. Perhaps they had a prior bad experience with having chosen a prefix, only to find that somebody ahead of them claimed it already?
Spam trackback attack returns, it’s not a matter of whether but how much
Like microsoft.com, the question isn't whether blogs.msdn.com site is under attack but rather how bad the attack is right now. There are a number of regular culprits, like , , , but those sites tend to focus on the most recent few articles. A new category of trackback spammer is here: The I'm going to scrape your entire site and create a trackback for every article trackback spammer. I'm pretty sure this will continue for at least the next week. I think I'm going to have to write a script that auto-deletes all these bogus trackbacks.
Who you calling boring?
A notice was sent out by the real estate department with the provocative subject line Campus notification — Building 7: Marking Boring Locations. What? Were the people in the real estate department saying that the people who work in Building 7 need to get some new hobbies? Or maybe they were just going to put up markers like you see in historic districts, but the markers are going to say something like On this spot in 1998, absolutely nothing interesting happened. But no, that's not what the message was about. It was announcing that, in preparation for an expansion of the parking garage, the...
Whew, I’m not doing *that* again!
When I met Sara Ford at the 2008 PDC, I got to talk to her author-a-author. I asked her how the book-writing experience was. "I'm never doing that again!" she replied. Yeah, that's pretty much how I feel about it, too. Steve Makofsky agrees. (Though, to be fair, what Sara was not going to do was write a book in three months, as opposed to swearing off writing books entirely.) By the way, my book is now available in Chinese. I don't get any royalties when people buy a translated copy, so buy it or not, I don't care. Actually, I make barely any money from the book at all. During one six-month period, I ...
Why does the CreateProcess function modify its input command line?
One of the nasty gotchas of the function is that the parameter must be a mutable pointer. If you pass a pointer to memory that cannot be written to (for example, a pointer to a page that is marked ), then you might crash. Commenter Ritchie wonders why this parameter is so weird. Basically, somebody back in the 1980's wanted to avoid allocating memory. (Another way of interpreting this is that somebody tried to be a bit too clever.) The temporarily modifies the string you pass as the in its attempt to figure out where the program name ends and the command line arguments begin. Now, it could have made a ...
Lessons from the state police, like what to do when they pull you over
NPR's Noah Adams rides along with the Idaho State Police and learns the answers to questions like what you should do when you are pulled over, and why the first thing the officer does is touch your car.
Alternatives to using the #error directive to check whether the compiler even sees you
In response to my description of how you can use the #error directive to check whether the compiler even sees you, some commenters proposed alternatives. I never claimed that my technique was the only one, just that it was another option available to you. Here are some other options. scott suggested merely typing asdasdasd into the header file and seeing if you get an error. This usually works, but it can be problematic if the code does not already compile. And of course it doesn't compile, because the reason why you're doing this investigation in the first place is that you can't get your code to compile and...
An unexpected application of the First Law of Thermodynamics
This past winter, my furnace failed catastrophically. (The furnace repair person told me that when furnaces fail, it tends to be catastrophic failure.) It was a few days before everything was back in order, and the very day everything was working again, the furnace belonging to one of my relatives stopped working. This was an application of the First Law of Thermodynamics with which I had previously been unfamiliar. Fortunately, the repair on the second furnace was very simple and was done in just a few hours. After I informed my friends of my discovery of this law of the universe, one of them wrote, "Our...
I’m sorry, you don’t have permission to know where this shortcut file should show up in the Explorer window
Commenter Gabe suggested that the shortcut file should contain a bit that indicates whether the target of the shortcut is a folder, so that shortcuts to folders can sort with real folders. "That would allow them to sort properly without doing any additional work beyond that required to see its icon." (Commenter Josh agreed that "The performance reason doesn't really apply here, since explorer is already looking at the target to get the icon," rejecting commenter AndyC's argument that performance may have been a concern.) Well, first of all, shortcuts do remember whether the target is a file or a folder, or at...
Before designing and implementing around an assumption, it helps to check that your assumption is true
When your component depends on another component in the project, and that other component is missing features you need, you have a few ways of resolving the situation. Most people would recommend working with the people responsible for the other component during the project planning phase and coming to some sort of understanding about what you require from them and when they might be able to provide it, if at all. And then there's this approach. This imaginary email conversation takes place about halfway through a project: From: David Doe Hello, widget team. I'm David Doe, from the doodad team. Do widgets...
How to hide privacy violations in a privacy disclosure statement, part 2
It seems that nearly every privacy statement somebody sends me doesn't actually protect my privacy. They start out saying all sorts of great things, like Company X is committed to maintaining the privacy of its customers. After the section listing what information they collect, there's the section describing who they will disclose it to. We do not share non-public personal information with outside parties except as permitted by law... Oh, gee, thanks. Your policy is not to do anything illegal. And you need a privacy statement for this? Actually, it's worse, The full sentence goes like this: ...
What do you call a gadget that is used for debugging which looks at the properties of other gadgets?
Why, the Inspector Gadget, of course. Computer geeks think they're so clever.
The latest installment of Wallace and Gromit coming to Seattle
The Seattle International Film Festival is under way, and you get only one chance to see Wallace and Gromit: A Matter of Loaf and Death, featuring our favorite inventor/cheese-aficionado and his trusty sidekick on their latest animated adventure. Be there on Saturday morning, but please leave the Stinking Bishop at home.
Why can’t you change the alignment of an edit control after it has been created?
Commenter Kevin Eshbach asks why you cannot programatically change the text centering style of an edit control after the control has been created. The edit control is one of the original window manager controls, so it comes with a lot of history. First thing to note is that the message did not exist until Windows 95. The edit control predates Windows 95 by over a decade, so the short answer is "It can't respond to the change in styles because it doesn't even know that you changed them!" Back in the old days, the only time a control was informed of its styles was in the passed as parameters to th...
Chicken chicken chicken chicken
Chicken chicken chicken chicken. [pdf] Chicken: Chicken chicken chicken.
If an event is signaled more than once, are they delivered in the order in which they were signaled?
A customer asked the following question: Is it guaranteed that the events when signaled multiple times on an event object are delivered in the order in which they were signaled? For example, a thread is waiting on the event handle and performs some operation each time it is signaled. The ordering of those operations should be in the same order in which the event is signaled. Do events provide this guarantee? In case it matters, we're using an auto-reset event. We're finding issues when the system is under heavy load. This question is confusing because events don't "remember" who signaled them. When an ev...
First, try reading the error message: Episode 1
Quite some time ago, a customer had forgotten that they were using an evaluation edition of Windows, and they were awakened one morning with the following error message: The evaluation period for this installation of Windows has expired. This system will shut down in 1 hour. To restore access to this installation of Windows, please upgrade this installation using a licensed distribution of this product. The customer submitted an urgent request for assistance. "Please advise how we can get this machine working again. We need it to run a demo for a major client later this week." In the customer's panic, th...
Signs that your new building was originally designed for another purpose: Rest rooms
There's always a settling-in period when you move offices, learning where things are, like the rest room, the kitchen, the printer room, the cafeteria, the locker room, your boss... My new office is conveniently close to the rest room. Actually, this building is laid out kind of weird. There are two sets of rest rooms within a short distance of each other, on opposite sides of a stairwell. You can wave hello from one to the other and have a conversation. My office is nearly halfway between them. But I can use only one of them. On the south side, there are two rest rooms, a men's room and a women's room. On t...
Just letting you know I had to reboot my telephone
Shortly after my group got switched over to new fancy-dancy IP phones, one of my colleagues sent me email to say "This morning, when I picked up the phone, I kept getting a 'URL not allowed' error. I fixed it by rebooting my phone." So this is what the world has come to. Bonus chatter: As many readers surmised, these "new" IP phones arrived over a year ago. On the other hand, I never did get to learn all the features of the device before it was replaced with a different model of IP phone. Progress.
How do I know whether a window message was processed?
Commenter Skeets Norquist asks how to tell whether the original window procedure processed a message when you use to call the original window procedure. "CallWindowProc() always seems to return an LRESULT of 0." No, actually, returns whatever the window procedure did. If the window procedure returned zero, then returns zero. If the window procedure returned 5, then returns 5. Anyway, back to the original question. You actually know the answer, if you think about it the right way, and there are many right ways of thinking about it. Technique number 1: Reading the contract from the other side. ...
Windows Vista User Experience Guidelines is online and downloadable
Get it before it's obsolete. The Windows Vista User Experience Guidelines document is available in PDF format.
Imagine our luck when we found one of the fancy conference rooms available for our meeting
Some time ago, the group I was a member of was looking for a conference room in which to hold their weekly team status meeting. The group leader went to the so you want to book a conference room for your weekly meeting internal Web site and, hey wow, there was a slot available in one of the fancy conference rooms for Tuesdays at ten in the morning. Not all conference rooms are created equal. Most of them are pretty utilitarian in nature with a central table, standard-issue chairs, a speaker phone, a whiteboard against one wall, all the stuff you need for a meeting but nothing particularly noteworthy. But in thi...
Parents billed when kids miss school: Pay for play
The Scotts Valley school system is asking parents to compensate the district when they take their kids out of school to go on vacation. Adds a new wrinkle to the phrase "pay for play". I remember the days when we were taught the difference between the things you must do (obligations, responsibilities) and the things you want to do.
Creating shortcuts in the same folder as the target isn’t as stupid as you may think
Commenter Mihai wonders, "Why would I want to keep the original file and the link in the same folder?" Dragging a file, and in particular right-dragging a file, is not easy for all people. There are people with poor dexterity who have trouble with dragging; for them, right-dragging would be even worse. But even people with normal levels of dexterity have problems with dragging: Just put them in front of a Tablet PC. On a Tablet PC dragging with the fingertip can get tricky because your hand obscures the drag target, and most people don't have very pointy fingers, so the precision of the drop is prett...
People become more trustworthy the more you trust them
My faith in humanity goes up when I see an unattended self-service stand where customers are trusted to pay for what they take. It works because the system is open to public view, and any passer-by (or even just a poster of a pair of eyes) can spot the cheater. (Then again, it takes only a tiny percentage of cheaters to ruin it for everyone.) I remember reading a story on self-checkout devices which said that product theft actually went down after the devices were installed. Apparently the customers were more trustworthy than the employees when it came to retail theft. People will rise to the occasion and...
Microspeak: T-shirt sizing
Larry Osterman discussed the buzzword T-shirt sizing, which means "making extremely rough estimates in terms of a small number of predefined categories." The term comes from the traditional way T-shirt sizes are specified in the United States. Instead of having T-shirts in sizes 4, 5, 6 and so on, there are only a small number of sizes: Small, medium, large, and extra-large. (Sometimes augmented by extra-small, extra-extra-large, etc.) Forcing the estimate into one of a fixed set of sizes allows the process to go quickly while still producing a result that is at least within the same zip code as a more detaile...
How do I get a window back on the screen when it moved far, far away?
Commenter Aggravated notes that some programs remember their location when the window is closed and restore to that location when the window is reopened, even if that position is off the screen. These programs clearly were using screen coordinates instead of workspace coordinates to save and restore the window. Okay, so you've got a program that restored its window position incorrectly and ended up putting it off the screen. Now what do you do? The keyboard interface comes to the rescue. Switch to the application, say by clicking on its taskbar button or by Alt+Tab'ing to it. Then type Alt+Space to call...
Writing a sort comparison function, redux
Prerequisites: Experience with sort functions such as qsort. Overqualifications: Familiarity with sort algorithms. If you break the rules for sort comparison functions, then don't expect the result of a sort call to be meaningful. In fact, if you really mess it up, you can corrupt memory or go into an infinite loop. My program hangs when I used this sort comparison function (pseudocode): int compare(x, y) { return x >y ? +1 : -1; } What's even more strange is that sometimes instead of hanging, the program crashes. It all works correctly if I add one line: int compare2(x, y) { if (x == y) retur...
A puzzle: Why are so many fake LiveJournal blogs written by 29-year-olds?
NPR's All Tech Considered blog notices a huge spike of LiveJournal users who claim to be 29 years old. They conclude (almost certainly correctly) that these are all fake journals created by spam bots. But why 29 years old? One possible answer.
When you subclass a window, it’s the original window procedure of the window you subclass you have to call when you want to call the original window procedure
When you subclass a window, you set the window procedure to a function of your choosing, and you remember the original window procedure so you can pass it to the CallWindowProc function when your subclass function wants to pass the message to the original window procedure. For example, if you subclass a window like this: SubclassWidgetDialog(HWND hdlgWidget) { HWND hwndButton = GetDlgItem(hdlgWidget, ...); wndProcOrig = (WNDPROC) SetWindowLongPtr(hwndButton, GWLP_WNDPROC, (LONG_PTR)SubclassWndProc); // -or- // wndprocOrig = SubclassWindow(hwndButton, SubclassWndProc); ... } then your subclass ...
You can tell which people listed blogging as a performance review goal
I had been kind of baffled by some of the Microsoft employee blogs that appear to consist almost entirely of rehashes of Knowledge Base articles, or sometimes even just "A new Knowledge Base article on topic X has been published." Now, that's useful information to have if you're interested in topic X, but is it really something you can build a blog around? Can't you just sign up for KB notifications manually? (That's probably how the blog author found them anyway.) And then there are the head-scratcher blog entries like There are no new KB articles this week. But I never really thought too much abou...
The social skills of a thermonuclear device: Why did you hang up?
One morning I'm working in my office and I'm interrupted by a telephone call. The caller-ID shows that it came in through the switchboard. (I.e., somebody called the main Microsoft number and asked for me by name.) Me: Hello? Caller: [angrily] Mr. Chen, why did you hang up? I don't recognize the voice, and I haven't received a phone call in several days, so I have no idea who this person is or what he's talking about. But if somebody starts out rude to me, that doesn't put me in the friendliest of moods. Still, I use a polite tone of voice. Me: Oh, I'm sorry. I'll do it again. [click] A few minutes ...
The dummy icon that doesn’t know that its fifteen seconds are over
Commenter Myron A. Semack asks via the Suggestion Box why there is a hardware notification icon that doesn't do anything. This is the notification icon that is left behind if you dismiss the hardware notification balloon. I don't know, but I can figure it out based on information both you and I already know. First of all, notice that the only way to show a notification balloon is to associate it with a notification icon. After all, the tip of the balloon has to point to something. Therefore, it's not surprising that when the balloon shows up, a notification icon also appears. You can't display "just a ball...
When advanced users outsmart themselves: The device removal notification icon
A customer submitted a suggestion to the user interface team about the device removal notification icon. The device removal notification icon is far too hard to use. When I click on it, I get a menu that says Safely Remove Hardware, and when I click on that menu item, I get a dialog box that lists all the removable devices, with vague names like USB Mass Storage Device and propeller-beanie details like Connected on Port 0006, Hub 0004. When I click the Display device components check box, I'm presented with a tree view of hardware devices that only a geek could love. This is far too complicated. When I click...
Identity theft via repeated name changes
In the United States, it is legal to change your name as many times as you like, and you don't even have to have a reason, as long as you're not doing it with fraudulent intent. The ease with which name changes can be accomplished has been exploited by people who use it to carry out identity theft. Creditors coming after you? Change your name, attach it to a stolen Social Security number, and off you go. The story about name changes reminds me of a friend of a friend who lives in Taiwan. As a teenager, she was somewhat unhappy and changed her name on the advice of a fortune teller. (I get the impression that f...
Those notification icons, with their clicks, double-clicks, right-clicks… what’s up with that?
(A completely feeble attempt to mimic Michael Kaplan's blog entry titles which carry a much stronger voice.) Jonathan Hardwick made a short table of inconsistencies in how various programs handle clicks on their notification icons. How are these supposed to work? The final decision is up to the application, since it is the one that receives the mouse clicks and decides what to do. But what were the intended semantics for clicks on the notification icon? Left single click: Display a simple interface item targetting the casual user. In most cases, this would be a context menu, but if you are something lik...
Qrystal does more research into those spam blogs
Blogger Qrystal got hit with blog trackback spam and did research into the phenomenon, even discovering the author trying to sell the spam blog. And he had to cut the price because Google AdSense has cut him off. Ha, ha, haaahhhhh~! (Read the blog entry for the spammer's for-sale offers and other linkity goodness.)
Why is there sometimes a half-second delay between the click and the action?
There are places in the user interface where you may click to perform an action, but the action doesn't actually take place until a half second later. Why is there a half-second delay? Because it's waiting to see if the user is on the way to a double-click. Some users simply double-click everything in sight, and depending on what the single click action is, this may or may not be a problem. If the click launches a modal dialog, then the second click is mostly harmless because the modal dialog appears on the same thread group as the window that received the stray second click. When that thread group next ...
A simple bar chart on letter distribution
I was visiting a colleague's office in another building and I spotted a whiteboard on which the following enigmatic bar chart was drawn. The source data for the analysis was left unspecified. It looks like there's an entire Web site devoted to profound charts like this. For example, a graph of beer bottle distribution as a function of the number of bottles taken down and passed around. When I showed this Web site to one of my friends, he responded, "Oh, great, now I'm not going to get anything done for a week and it's all your fault." Unfortunately, the charts on graphjam appear to have diverged in re...
What kind of uncle am I?
The terminology of family relationships.
The Start menu pin list is just a list of items; there’s no magic
Commenter Kevin Dente asks, "Is it possible to put a folder on the Start Menu Pin list and have it cascade?" No. The last time I checked (which was back in Windows XP), the Start menu pin list was a list, not a menu. (Specifically, a list view in tile mode.) When you click on the icon, it launches. There is no code to say "Oh, if this flag is set, then let me draw a little menu arrow next to the item, and if the user clicks the arrow, bind to the target of this shortcut, enumerate its contents, and create a menu from it." Remember, features don't exist by default; somebody has to implement them.
No, we’re not nerds, why do you ask?
Last year, to celebrate successful completion of a project milestone, our group went on a "cultural expedition" to a glass-blowing studio where we were to learn about the craft of glass blowing and even do some of it ourselves. (By the way, it was fun.) One of the glassblowers had been making a lot of little jokes about Frodo and Mount Doom. Working with molten glass does that to a person, I guess. When it came time to break up into smaller groups, each working with a different glassblower, the Tolkein-obsessed glassblower announced, "Okay, let's do it this way. Lord of the Ring fans on this side of the room, S...
Fashion is something that can be acquired by looking at lots of different fashions
Actress Brenda Dickson teaches us how to be awesome. Update: Apparently that video link died within days of my finding it, but there are plenty of other copies floating around the Intertubes. Here's one of many series on YouTube: Part 1 (Fashion), Part 2 (Make-Up), Part 3 (Exercise). and Part 4 (Diet and Nutrition),
Why are there two values for PSH_WIZARD97?
Welcome, Slashdot readers. Remember, this Web site is for entertainment purposes only. If you go cruising through the commctrl.h header file, you'll find that there are two different definitions for PSH_WIZARD97: #if (_WIN32_IE >= 0x0400) ... #if (_WIN32_IE < 0x0500) #define PSH_WIZARD97 0x00002000 #else #define PSH_WIZARD97 0x01000000 #endif ... Why are there two values for PSH_WIZARD97? Set the wayback machine to 1997. (Note: Dates are approximate.) The user interface design team studied how Windows 95 wizards have been faring and have begun using what they've learned t...
If you can’t find the statistics you want, then just make them up
Yesterday, the Wall Street Journal reported on America's Newest Profession: Bloggers for Hire and included this handy little chart: I found this number hard to believe, so I followed the Source link to the information from the Bureau of Labor Statistics. I found that, yup, in a May 2007 survey, the Bureau of Labor Statistics estimated that there were indeed 555,770 lawyers, 394,710 computer programmers, 299,160 chief executives, and 289,710 fire fighters in the United States. Bloggers? Didn't even make the list. The number 452,000 appears nowhere in the Bureau of Labor Statistics report. If you can't f...
What structure packing do the Windows SDK header files expect?
/Zp8 In words, integral types and pointers up to eight bytes in size are stored at their natural alignment. Larger types are stored at eight-byte alignment. In other words (saying it a third time), let be an integral or pointer type. If ≤ 8, then is aligned at a -byte boundary. If ≥ 8, then is aligned at an 8-byte boundary.
How to answer the telephone, according to the manual
I have a fancy new office telephone with a bajillion features (most of which I will never even find, much less use). The telephone comes with a helpful manual, explaining how to carry out various tasks. For example: Answering a Call Using the Handset: Pick up the handset. Cool, I was wondering about that.
Principles of economics, translated
Yoram Bauman, the stand-up economist translates Mankiw's ten principles of economics into English. The proof presented in the footnote to principle 5, as well as an extended version of the translation, can be found in the Annals of Improbable Research.
The dangers of destroying a window while it is processing a sent message
Commenter BryanK wonders why weird things happen if you destroy a window while it is processing the message. He suspects that it's similar to the problems you encounter when you destroy a window in response to the message. Although I haven't studied the situation, I wouldn't be surprised if the problem is indeed entirely analogous. It just follows from general programming principles: After all, you are destroying the active window. The message is sent as part of the activation change, and the documentation says that the message is sent "when a window belonging to a different application than the active wi...
Why is the animation common control limited to RLE8-compressed animations?
The animation common control is very limited in the type of animations it can play. The animation must be in AVI format, it cannot have any sound, and it must be either uncompressed or use RLE8 compression. Why so many restrictions? Because if it could handle other file formats, play sound, and support arbitrary codecs, it would just be a reimplementation of the multimedia animation control. (We saw this principle earlier when discussing why you can't do everything with registry values that you can do with registry keys.) The point of the animation common control is to play very simple animations without th...
The frustration of people who are not interested in why something works but only interested in the magic phrase they need to type
It's frustrating when people who are presumably smart (or who are at least pretending to be) have a problem and are satisfied to receive the magic phrase they need to type with no interest at all in understanding why the magic phrase works. For example, here's a question sent to an internal mailing list for users of something I'll call Program Q. From: X Why is it that after I use program Q to create a table, nothing else works? Here's a batch file I've written: q create table newtable pause q create table newtable2 The pause command never executes; in fact, nothing in the batch file executes after t...
Taxes redux: You can’t open the file until the user tells you to open it
One of the so-called taxes of software development on Windows is being respectful of Hierarchical Storage Management. You can't open a file until the user tells you to open it. This rule has consequences for how Explorer extracts information about a file, because what you definitely don't want is for opening a folder full of archived files in Explorer to result in all the files being recalled from tape. (Actually, file recall is just an extreme case of the cost of opening the file. You run into a similar problem if the file is on a slow medium or over a slow network connection. But just to motivate the discussio...
Microspeak: The plate
To have a lot on one's plate means to have a lot of tasks and responsibilities. We shouldn't give this task to Bob. He already has a lot on his plate. (Or: He already has a full plate.) At Microsoft, this common English language idiom is treated as a normal part of the language. The metaphorical plate has become a synonym for assigned tasks and responsibilities and can be used as a basis for new idioms. That feature moved off their plate onto ours. Feature X got postponed to the next release, so there's room on our plate for Feature Y. Update: Apparently there are some people who believe ...
Why is there no support in the window manager for mouse button chording?
Commenter Nekto2 asks why there is no mouse action associated with "click both buttons at the same time". The window manager doesn't fire a special event for both mouse buttons held down simultaneously like it does for double-clicks. As with higher-order clicks, mouse chording is something that you have to put together yourself from the basic mouse events that the window manager generates. Add these lines to our scratch program: void OnButtonDown(HWND hwnd, BOOL fDoubleClick, int x, int y, UINT keyFlags) { if ((keyFlags & (MK_LBUTTON | MK_RBUTTON)) == (MK_LBUTT...
When people ask to disable drag and drop, they often are trying to disable accidental drag and drop
We occasionally get customers who ask, "How do I disable drag and drop?" This is an odd request, so we ask the frequent follow-up question, "What are you really trying to do?" For many of these customers, the answer goes something like this: We've found that our employees often accidentally move or copy items around on the desktop and in Explorer windows because the act of pressing the mouse button causes the mouse itself to slide slightly across the table, resulting in a drag operation instead of a single click. We then have to spend a good amount of time searching for where those files ended up and trying to ...
Being able to call a function without using GetProcAddress is not a security vulnerability
Another genre in the sporadic category of dubious security vulnerability is people who find an unusual way of accomplishing something perfectly normal but declare it a security vulnerability because they found an unusual way of doing it. Security is important to all computers users, from families at home to employees of government agencies, and people who use Microsoft Windows are no exception. Trojans, backdoors, and spyware (collectively known as malware) have taken many forms, most recently those of so-called rootkits, which modify the operating system itself in order to prevent their detection. Firewalls a...
Let GDI do your RLE compression for you
This is another trick along the lines of using DIB sections to perform bulk color mapping. GDI will do it for you; you just have to know how to ask. Today's mission is to take a 4bpp bitmap and compress it in BI_RLE4 format. Now, sure, there are programs out there which already do this conversion, but the lesson is in the journey, not in the destination. The secret is the GetDIBits function. You give this function a bitmap and a bitmap format, and out come the bits in the format you requested; GDI will convert as necessary. Note: I'm going to take a risk and write "sloppy" code. This is code that is not pro...
Clap and the filter graph claps with you
One of my colleagues was a fount of ideas, some of them crazy, some of them clever, and some of them both. I think this one counts as both. To render multimedia content with DirectShow, you build a so-called filter graph. A filter graph represents a series of transformations that are applied to data as it travels through the graph. For example, bytes from a video file may go through a splitter filter which separates the audio from the video data, then the two data streams each go through a respective audio and video decoder, which converts the compressed data into uncompressed sound or video data, and then to a...
There’s nothing wrong with making bold treeview items
Commenter Frans Bouma asks, Why is the text of a treenode chopped off when you switch the font from normal to bold? It apparently is for backwards compatibility but I fail to see why this is necessary for backward compatibility... Actually, bold treeview items work just fine. Watch: Start with our scratch program and make these changes: BOOL OnCreate(HWND hwnd, LPCREATESTRUCT lpcs) { g_hwndChild = CreateWindow( WC_TREEVIEW, NULL, WS_CHILD | WS_VISIBLE | WS_TABSTOP | TVS_HASBUTTONS | TVS_HASLINES | TVS_LINESATROOT, 0, 0, 0, 0, hwnd, (HMENU)1, g_hinst, 0); TVINSERTSTRUCT tvis; ...
On the almost-feature of floppy insertion detection in Windows 95
Gosh, that floppy insertion article generated a lot of comments. First, to clarify the table: The table is trying to say that if you had a Style A floppy drive, then issuing the magic series of commands would return 1 if a floppy was present, or 0 if the floppy was not present. On the other hand, if you had a Style B floppy drive, then issuing the magic series of commands would return 0 if a floppy was present, or 1 if the floppy was not present. That's what I was trying to say in the table. The answer was consistent within a floppy style, but you first had to know what style you had. The downsid...
Windows 95 almost had floppy insertion detection but the training cost was prohibitive
One feature which Windows 95 almost had was floppy disk insertion detection. In other words, Windows 95 almost had the ability to detect when a floppy disk was present in the drive without spinning up the drive. The person responsible for Windows 95's 32-bit floppy driver studied the floppy drive hardware specification and spotted an opportunity. Working through the details of the specification revealed that, yes, if you issued just the right extremely clever sequence of commands, you could determine whether a disk was in the floppy drive without spinning up the drive. But there was a catch. T...
Office redecoration: The classic Microsoft prank
Tim Sneath reminds us that it is a long-standing tradition Microsoft tradition to prank someone's office while they are out (here's a video of Larry Osterman's tales of prankdom). When I went to see a Thunderbirds hockey game a few years back, I avoided mentioning at the time that seeing the game served a secondary purpose. I attended the game with a couple of friends, one of whom had never seen a live hockey game before. It so happened that his fiancée wanted to prank his office, so our little hockey outing was a way to keep him occupied for a while, giving his fiancée the opportunity to sneak...
2009 Q1 link clearance: Microsoft blogger edition
It's that time again: Sending some link love to my colleagues. Updates: Fixed name of product Microsoft Expression (no "s"). Also, I think Arvin's blog is still up—it's just being masked by a doppelganger. Will update as information becomes available.
Freudian typo? The spinlock
I was typing up a document and somehow accidentally misspelled spinlock as sinlock. I was tempted to leave it.
What is the implementation of WM_PRINTCLIENT?
Via the suggestion box, Martin Filteau asks Could you explain the implementation of WM_PRINTCLIENT? It seems that even MS got it wrong in the LISTBOX control. Try to AnimateWindow a window that as a LISTBOX control as a child. The LISTBOX displays correctly if it is NOT empty. However, if it is empty... nothing is drawn. I got a similar problem when embedding an Internet Explorer control. Thanks. -mf As I noted back in 2003, the implementation of WM_PRINTCLIENT is the same as that of WM_PAINT. In particular, the implementation of WM_PRINTCLIENT for an empty window is... to paint nothing. That's...
I drive a car the way most people use a computer
It was interesting to me reading the reactions to my adventures driving a manual transmission. People seemed to be spending a lot of time trying to convince me that if only I were to expend a bit more effort in learning the finer points of driving a manual transmission and log enough time behind the wheel, then the activity will become less taxing on my mental brainpower. But why should I care? To me, driving is not an end in itself. It is just a tool for solving the problem of getting from point A to point B. The less I have to learn about how to accomplish this task the better. My goal is not...
The inability to lock someone out of the registry is a feature, not a bug
There is no way to lock the registry. Whereas you can open a file with a deny all sharing mode to prevent anyone else from opening the file, the registry has no such provision. You can't lock a registry key and prevent others from reading from or writing to it. There is an internal lock on the registry, but that's just to ensure that registry operations are atomic; that is, that if one thread writes a value to the registry and another thread reads that same value from the registry, then the value that comes back is either the value before the write took place or the value after the write took place, but not some ...
Caption contest: The pinball machine
I may regret this, but here's something new: A caption contest. One of my colleagues saw this picture on a company's Web site. The original caption for this picture was something like Join our affiliate program or Score big with our affiliate program. Your mission is to come up with something funnier. Here are some ideas to get you started: Do you have balls of steel? Maybe you can become an affiliate. We love to flip off our affiliates. When you become an affiliate, you're going to get whacked around a lot. Sooner or later you'll end up in the hole. We like to play games with you. Become an affiliate today...
Double secret auto-arrange probation
When you view a folder for the first time, Explorer arranges the items in a nice default pattern. And when items are added to the folder, they get added to the end. And when you delete an item from the folder... the other items auto-arrange to close the gap? But wait, if you look at the View options, the Auto-Arrange option is not set. So are we auto-arranging or not auto-arranging? Well, yes, but only until you touch it. As long as you express no interest in the placement of icons in a folder (and the desktop counts as a folder), then Explorer will auto-arrange them. But once you move an icon around, Exp...
What’s the point of the MoveWindow function when we already have SetWindowPos?
Commenter Phil Quirk notes via the suggestion box, " is just a weird function. I guess it's easier to call than , but that's the only thing it seems to have going for it." Yup, that's about right. The function doesn't really do anything you couldn't already do yourself with . It's just a convenience function. And it you look at it pretty closely, it's really not that big of a convenience either, saving you one parameter () and replacing the flag with a boolean parameter. Whoop-dee-doo. It shouldn't take too much imagination to figure out how this situation came about. It's the same reason why you hav...
How to write like Raymond: Intentional typographical errors
I'm a pretty good speller. If I want to show impatience, I will type very fast and make no attempt to fix the typographical errors. Here's an example: Somebody asked me what the correct name is for a particular user interface element. i don't nkow. call up the online hep and see what the ycall it. It may surprise you to know that I am not part of the committee that decides on the names for all user interface elements. If you want to know the correct name for a user interface element (for example, the Start menu), you don't need to ask me. You can look it up yourself: It's in the help. The list of agreed-...
Defense in depth means that you protect against exploits that don’t exist yet
Defense in depth is about protecting against threats that are already being protected against, just in case the existing protection fails. This is why there is not merely a lock on your safety deposit box, but also a lock on the door to the safety deposit box room, and then a lock on the doors of the bank itself. This is why you wear your seat belt even though the car is equipped with air bags. This is why factories have multiple safety systems. It's why, when you put away a gun, you set the safety and remove the ammunition and lock the gun case. An insistent anonymous commenter refused to believe in this pri...
You can’t globally reserve screen space; you can put up signs, but if somebody ignores the sign you’ll have to decide how to respond
A customer sent the following question with the rather unhelpful subject line Need Help. They're not just looking for help; they're looking for Help with a capital H. We want to make something like an appbar, but without some of the limitations of appbars. For example, like an appbar, we want applications to avoid using the edge of the screen. The section of the screen the window appears on should be "mine"; nobody else should be permitted to use it. The window should always be on top; nothing should be able to cover it. For example, Internet Explorer in fullscreen (F11) mode should not cover our window; it s...
Raymond’s highly scientific predictions for the 2009 NCAA men’s basketball tournament
Once again, it's time for Raymond to come up with an absurd, arbitrary criterion for filling out his NCAA bracket. This year, the criterion is the school's graduation rate for basketball players. Lower graduation rate wins. However, if the teams are seeded 11 or more positions apart, I'll give the win to the favorite (just to get rid of highly unlikely upsets). Update: *The Marquette/Utah State game is a draw based on graduation rates, so it went to the tie-breaker: players arrested. Update 9am: Fixed the prediction for the game between LSU and Akron. Thanks, Adam, for pointing this out. ...
Well, duh, I’d sure better get my money back
The vending machines in my building proudly announce Guaranteed to deliver or your money back. Well, duh. If I don't get the product, I'd sure better get my money back. Pre-emptive snarky comment: "I'm suing Microsoft."
Overheard conversation fragment: Shrimp is not vegetables
I walked past a woman in the grocery store who was talking on her mobile phone. I only caught one sentence. She said, in an annoyed voice, "Shrimp is not vegetables." (Then again, purple is a fruit, so anything's possible.) Update: manicmarc correctly deduced that the tone and body language of the person on the phone indicated that her previous sentence in the conversation was something like "What vegetables do you want to have with dinner?"
Why does the MoveWindow function let you suppress repainting?
Commenter Phil Quirk asks via the suggestion box why the function lets you suppress repainting. "Shouldn't the OS be able to figure out if the window needs to be repainted?" Indeed the window manager does do a very nice job of figuring it out if you pass , which is the expected value of the parameter. But if you think you're smarter than the window manager, then you can pass and tell the window manager, "Even though you think the window needs to be repainted, don't repaint it. Trust me on this." Why would you try to outwit the window manager? Maybe you have special knowledge about how your application beh...
Raymond rewrites newspaper headlines, episode 2
The local community newspaper featured a color photograph of a twelve-year-old student holding a bright orange safety flag while another student crosses the street in front of him. The caption reads as follows: XYZ School 6th-grader John Doe, at right, will be honored Friday night at Safeco Field as one of the state's top safety patrol students. "On Monday morning, he will be found stuffed inside his locker," the caption did not conclude.
The perilous quandary of including external drivers on the Windows CD
(Technically, it's probably more a dilemma than a quandary, but I like the phrase perilous quandary.) Driver coverage is always a sticking point for Windows deployments. If the Windows CD doesn't include a driver for your particular hardware, you're probably going to say, "Windows sucks. I installed the latest version on my machine and it didn't work with my video card/sound card/network card/whatever." The people who are responsible for deciding which drivers are included on the CD have to balance a lot of factors. How popular is the hardware? Will the hardware vendor allow Microsoft to include the driver...
If Michael Jackson took up bhangra dancing
If Michael Jackson took up bhangra dancing, it might look something like this
Engineering is about tradeoffs: How hard will you work to save 68KB of disk space?
One of the recurring themes in the comments to my explanation of the historical reasons why there are two copies of Notepad was to use a hard link (or possibly a symbolic link) to save having to waste the disk space for two whole copies of Notepad. As I like to say, engineering is about tradeoffs. Let's look at the cost-benefit analysis. On the one hand: Install two copies of Notepad. Cost: 68KB of disk space. On the other hand: Use hard links or symbolic links. Cost: Add support for hard links or symbolic links to the FAT filesystem, to the operating system Setup program, to file formats such as the Window...
Et tu, Fargo
Last year, our friends over in the Fargo campus mocked us wusses for shutting down the campus over something as weenie as a touch of snow. Yesterday, there was a safety alert on the internal company home page: Alert The Fargo Campus is closed effective immediately due to inclement weather. The City of Fargo is pulling the plows from the snow emergency routes. Employees are encouraged to leave the Fargo Campus. Yup, Fargo has been shut down due to inclement weather. Explanation for people who don't get it: Both this and the mock weather advisory issued by the Fargo campus are just examples of friend...
Sometimes people don’t even read what they’re typing
As an even more extreme case of people seeing something, confirming that they see it, but not actually reading it is someone who sees something, types it into an email message, yet still doesn't read it. Subject: "Invoke or BeginInvoke cannot be called on a control until the window handle has been created." exception crashes our program I'm looking for guidance on why this exception is thrown and how I can avoid it. Here's a sketch of what we're doing: void DoStuff() { try { // attempt operation X, which throws an...
The house no-electronics zone
In my house, I have designated two rooms as the no-electronics zone. No use of electronic gadgets is allowed. No television, laptops, PDAs, cell phones, handheld video games, you get the idea. The purpose of this section of the house is to interact with other people face-to-face. Now, exceptions have been made for extenuating circumstances. For example, when some of my friends were without electricity due to a power outage, I invited them to my house, and they were permitted to use their laptops in what would normally be the no-electronics zone. But those are the exceptions. So if you come to my house, reme...
Why don’t the favorites I copy into the common Favorites directory show up in the Favorites menu of all users?
The Favorites menu in Internet Explorer shows the user's favorites. And stuff in the is visible to all users. Therefore, Internet shortcuts placed into the directory should show up on the Favorites menu of all users, right? So why doesn't it work? Because features don't exist by default. It's true that there are a few highly-visible cases where the items shown to the user are a combination of files from the and the , the most commonly encountered ones being the desktop and the Start menu. But that doesn't happy as a result of magic. Somebody had to sit down and hook them up. Even the highly visible ca...
Totally Recall: The meal
At lunch, we got the crazy idea of putting together a meal menu consisting entirely of foods which had been the subject of highly-publicized product recalls. And of course, we gave it a name consisting of a really bad pun: Totally Recall. Starter Green leaf lettuce with tomatoes, green onions, and jalapeno peppers. Main course Swimming Rama: Spinach with peanut sauce and stir-fried beef. Beverage Odwalla juice. Dessert ? Suggestions welcome. (White Rabbit candies?) And if you don't like this meal, you can just go to the Jack in the Box restaurant down the street.
Why doesn’t the MoveWindow function generate the WM_GETMINMAXINFO message?
Commenter Phil Quirk asks why calling does not result in a message being sent to validate the moved window size. Well, because you moved it after all. You're being trusted to respect your own rules. After all, if you didn't want the window to be wider than 200 pixels, you shouldn't have passed , right? The message is for obtaining minimum and maximum sizing information when the sizes were chosen by a means outside the application's control, such as when you said "I'll let you choose the window size ()" or when the user grabbed the corner of the window and started dragging it around. But if you yourself c...
Why is the Win32 epoch January 1, 1601?
Public Service Announcement: This weekend marks the start of Daylight Saving Time in most parts of the United States. The structure records time in the form of 100-nanosecond intervals since January 1, 1601. Why was that date chosen? The Gregorian calendar operates on a 400-year cycle, and 1601 is the first year of the cycle that was active at the time Windows NT was being designed. In other words, it was chosen to make the math come out nicely. I actually have the email from Dave Cutler confirming this.
Race you to the top: The Empire State Building Run-Up
The winner completes the race in just ten minutes and seven seconds, but the vertical climb is a killer: Straight up the 1576 steps of the Empire State Building to the Observation deck. (When I visit the Observation Deck of the Empire State Building, I use the elevator.) And when it's over, everybody goes to work. What else am I going to do, like go celebrate? Am I going to go have martinis at 11:30 in the morning? No, you slink into work and you sit at your desk, and you work all day, and when you're done you stand up and your back is stiff, and you call your wife, and you get yelled at, and you go home to ...
Fixups are not the same as rewriting code, they’re just fixups
Classically speaking, a linker cannot rewrite the code the compiler generated; its job is merely to resolve symbols. Of course, resolving symbols means that references to those symbols in the code generated by the compiler turn from "I don't know" to "Here it is." Somebody named George appeared to be confused by this, believing that all changes by the linker counted as "rewriting code." Obviously if the linker weren't allowed to change anything at all, there wouldn't be much point to having a linker. For example, you wouldn't be able to access functions or variables in a separate compilation unit (for example,...
Microspeak: Year-over-year
In economics, the attributive adjective year-over-year means compared to the same time last year. Examples: "Year-over-year sales show a marked improvement." "Expenses continue to fall year over year." (The hyphens disappear when the adjective is used predicatively.) I have only one citation, but it appears that the term has broadened its meaning inside Microsoft and is now merely a synonym for annual or year after year. We hold decision-makers accountable year over year for carrying out their plan. There is no obvious compared to the same time last year going on here. It's not like you are 15% more accountab...
If Twitter is micro-blogging, then is what I’m doing macro-tweeting?
Here are a collection of brief messages not worthy of a full blog entry. I think I'm going to call it macro-tweeting.
Why is there a dry fountain in the Redmond North campus?
One of the things that may strike you if you visit Microsoft's Redmond North campus is that there's a large, dry fountain outside the cafeteria. Why isn't the fountain running? The Redmond North campus was purchased from Safeco, and with the purchase, Microsoft obtained title to a fountain whose design had two fatal flaws: Having large quantities of water dripping into a parking garage is not a good situation, and the Facilities people shut off the water and drained the fountain to prevent any further water damage. Further investigation revealed that the problem was quite serious and was not a simple fi...
Do QueryProcessCycleTime and QueryThreadCycleTime include cycles spent in kernel mode?
Do and include cycles spent in kernel mode? Yes, they do. They count cycles spent both in user mode and in kernel mode.
The Suggestion Box is for suggestions, that’s why it’s called a Suggestion Box
As you may have noticed, Mondays are generally used for responding to suggestions posted to the Suggestion Box. But often people post things into the Suggestion Box that aren't actually topic suggestions. Commenter Ulric decided to take up a slot in the suggestion box by pointing me to a funny video because he "couldn't resist." Actually, I was wrong about saying that it's not a topic suggestion. The video itself is the topic, so there you have it. Though I think some people may need to do a little better at exercising self-restraint. Commenter Yuhong Bao posted a series of entries to the suggestion box whic...
What are your high school language students complaining about today?
One of my friends is a high school language teacher, and I used to ask her, "So, what are your students complaining about today?" That was back when her school used the traditional "First we learn the personal pronouns, then we learn the present tense of regular verbs, then we learn nouns in nominative case..." grammar-based language acquisition system. That system works reasonably well for me (although I prefer to learn the major points all at once rather than in pieces), but it requires an appreciation for rules (and their exceptions) that most high school language students don't really have. That's why I li...
How does Raymond decide what to post on any particular day?
Occasionally somebody asks about the timing of an entry I've written and wants to know how far ahead with this blog thing I really am. To give you an idea of how far in advance I write my blog entries, I wrote this particular entry on February 13, 2008. Generally, the articles are published in the order I wrote them; this particular entry ended up on February 27, 2009 because that was the next available open day. If the big news topic of February 27th, 2009 happens to be related to this entry, it's just a coincidence. Now, with a buffer of over a year, I do have quite a bit of leeway in choosing when any pa...
Pressing a registered hotkey gives you the foreground activation love
One category of application that people complained about is the application launcher which keys off a hotkey and doesn't get the foreground love. Well, except that windows with registered hotkeys do get the foreground love. After you call the function to register a hotkey, the window manager will send you a message when the user presses that hotkey, and along with it, you will get the foreground love. If you call from inside your hotkey handler, the foreground window will change according to your instructions. A special administrator-only list of programs which are exempt from rules would just be ad...
Star Trek meets The A-Team
Rumors swirl that there's a movie version of The A-Team in the works. If they haven't decided on the casting yet, here's an option they may have overlooked: The cast of Star Trek. (I like how in the clips used in the fake trailer, they use one of an episode where Kirk is old. And in Hollywood, making a character older means graying their hair. They never gain weight when they age, unlike the actors themselves.)
Smart quotes: The hidden scourge of text meant for computer consumption
They look pretty but act differently.
Rob Cockerham investigates those companies that pay cash for gold
Rob Cockerham seems to have a lot of spare time, which is great for the rest of us, because he investigates all those things we simply don't have the time for, and then posts the results on his Web site ("The sixth-best website in the world"). Today's highlight is a pair of investigations he performed some time ago which seem to show two sides of one industry. That Web site is a sinkhole of time-wastage. If you're not careful, you'll find yourself clicking around from story to story, like the How much is inside? adventures, in which he investigates things like how many threads per inch are there in 360-thr...
Email tip: Just because you get answers when you misuse a mailing list doesn’t doesn’t mean you should continue to misuse it
A few years ago, there was a question on a mailing list for topic X, but the question was about unrelated topic Y. The question was nevertheless answered by the people on the topic X mailing list out of the kindness of their hearts (above and beyond the heart-sourced kindness that powers most mailing lists in the first place). I pointed out that the question really had nothing to do with topic X, and consequently the Y-Users list was a better place for the question. The person responded, Yes, I know, but X-Users always provides a quick reply and a quick solution. In other words, the pe...
Why is there no supported way to get the command line of another process?
Commenter Francisco Moraes wonders whether there is a supported way of getting the command line of another process. Although there are certainly unsupported ways of doing it or ways that work with the assistance of a debugger, there's nothing that is supported for programmatic access to another process's command line, at least nothing provided by the kernel. (The WMI folks have come up with Win32_Process.CommandLine. I have no idea how they get that. You'll have to ask them yourself.) That there isn't is a consequence of the principle of not keeping track of information which you don't need. The kernel has...
Announcements on the ferry, and hills that grew while I was away
This weekend is the annual Chilly Hilly bike ride, an early wake-up call to bicyclists in the Seattle area to get their act together and hit the road. Last year, I joined my 2999 closest friends up and down the hills of Bainbridge Island. Unfortunately, the hills had grown taller in the two years since my last ride. There was an announcement on the ferry. It went something like this: "Your attention please. There is a bicycle on the car deck that has fallen over onto its side. Repeat: A bicycle has fallen onto its side." It took a few seconds for the joke to sink in with all the people on the ferry, ...
Foreground activation permission is like love: You can’t steal it, it has to be given to you
This is the blog entry that acted as the inspiration for the last topic in my 200 PDC talk. When somebody launches a second copy of your single-instance program, you usually want the second copy to send its command line to the first instance (and deal with the current directory somehow), and then you want the first instance to come to the foreground. But a common problem people run into is that when the first instance calls , it fails. The problem with this design is that as far as the window manager is concerned, what happened is that the first instance received a message and then decided to steal foregr...
Why do my file properties sometimes show an Archive check box and sometimes an Advanced button?
When you view the properties of a file and go to the General page, there are some check boxes at the bottom for file attributes. There's one for Read-only and one for Hidden, and then it gets weird. Sometimes you get Archive and sometimes you get an Advanced button. What controls which one you get? It depends on whether there is anything interesting in the Advanced dialog. If the volume supports either compression or encryption (or both), then you will get an Advanced dialog with check boxes for Archive, Compress and Encrypt. On the other hand, if the volume supports neither compression nor encryption, then ...
Guest TCP psychic debugging: Why the remote server keeps RSTing the connection
My colleague Keith Moore (who occasionally comments on this site) shared with me one of his recent triumphs of psychic debugging. First the question: The customer is getting an RST response from IIS and they would like to know why. Here is a fragment from a network capture that illustrates the problem. (Fragment deleted.) The full capture is available on ... Keith didn't look at the full capture; he barely even glanced at the fragment. Because his psychic powers told him the answer: The amount of data they are sending does not match the Content-Length header. He goes on to explain: If there's unrea...
Another Seattle bus tool: One Bus Away
I was recently tipped off to yet another Seattle bus tool: One Bus Away, which not only provides real-time bus arrival information for every stop in the Metro system, but does so in a variety of formats. You can use the Web-based interface (which is close to what you can already get from the Tracker Location View), but the real magic is that the information is also available via SMS, Web-enabled handheld devices, and—most important to me—any mobile phone. I have One Bus Away on my speed dial, and I've set bookmarks on the stops I use the most, so I'm never more than a few taps of the phone away fr...
Why doesn’t the file system have a function that tells you the number of files in a directory?
There are any number of bits of information you might want to query from the file system, such as the number of files in a directory or the total size of the files in a directory. Why doesn't the file system keep track of these things? Well, of course, one answer is that it certainly couldn't keep track of every possible fragment of information anybody could possibly want, because that would be an infinite amount of information. But another reason is simply a restatement of the principle we learned last time: Because the file system doesn't keep track of information it doesn't need. The file system doesn't...
Don’t keep track of information you don’t need
This is sort of an extreme corollary to Don't save anything you can recalculate. Sure, it sounds like such an obvious principle, but many people fail to understand its consequences. Let's look at the principle again. Don't keep track of information you don't need. I remember being asked to look at a customer's program, and one thing that struck me was that the program had a bazillion different flag variables that it spent a lot of time setting and clearing. Here's an oversimplified example: void CConfiguration::ShowDialog(HWND hwnd) { m_fShowingDialog = true; DoModal(hwnd); m_fShowingDialog = false; ...
The love bus, also known as Metro Bus Route number 308
Four years ago, Troy Kleweno spotted Christine Hsieh on the 308 bus. He saw her twice a day, once in the morning on the way to work, and again in the evening on the way home. His co-workers teased him about the "bus girl" he pined after for six months before he finally said hello. That led to a date, and soon they were a couple. It's only fitting then that when Troy decided that it was time to propose marriage, that he do it on the 308 bus. Watch it here. Happy Valentine's Day, everybody.
The checkbox: The mating call of the loser
(Cultural note: The phrase the mating call of the loser is a term of derision. I used it here to create a more provocative headline even though it's stronger than I really intended, but good writing is bold.) When given a choice between two architectures, some people say that you should give users a checkbox to select which one should be used. That is the ultimate cowardly answer. You can't decide between two fundamentally different approaches, and instead of picking one, you say "Let's do both!", thereby creating triple, perhaps quadruple the work compared to just choosing one or the other. It's like you'...
Superthunderstingcar is go!
If you are an old geezer, you'll remember supermarionated shows, the most famous of which is Thunderbirds. And if you're not an old geezer, then this amazing spoof by Peter Cook and Dudley Moore will mean nothing to you. (You will also have no idea who Peter Cook and Dudley Moore are.)
What does the COM Surrogate do and why does it always stop working?
The process goes by the name COM Surrogate and the only time you're likely even to notice its existence is when it crashes and you get the message COM Surrogate has stopped working. What is this COM Surrogate and why does it keep crashing? The COM Surrogate is a fancy name for Sacrificial process for a COM object that is run outside of the process that requested it. Explorer uses the COM Surrogate when extracting thumbnails, for example. If you go to a folder with thumbnails enabled, Explorer will fire off a COM Surrogate and use it to compute the thumbnails for the documents in the folder. It does this becaus...
In order to serve you bett… wait, it really is better: Fuel surcharges
Normally, the phrase In order to serve you better means that you're about to get screwed. Imagine my surprise to discover that United has stopped imposing a fuel surcharge for flights between Canada and the United States due to the decrease in fuel prices. But wait, that's only for flights between Canada and the United States. Flights within the United States appear to have the surcharge in place as usual. Hey, I've got an idea. How about getting rid of this surcharge nonsense and just raise the price of the ticket? Naw, that's just crazy talk. I can see the Calvin & Hobbes cartoon already. "Lemo...
If you get confused by a register dump, then you’ll just have to accept that some of my postings won’t make any sense
This Web site is not for beginners. I try to write for advanced programmers, and if you're not an advanced programmer, then you'll just have to accept that there will be times you are baffled by what I write. Often I dial the geek back a notch, explaining some things which should be "obvious" to an advanced programmer, such as why storing a constant pointer into a stack location from dynamically-generated code is a clear indicator of a framework thunk. But I will dial it back only so far, and eventually you may just be forced to (horrors!) do your own background research to get yourself up to speed or simply gi...
A different type of writing exercise, this time in preparation for buying a house
One of my colleagues was overwhelmed by how many times papers need to be signed when you buy a house. A seemingly endless stack of papers. Sign and date here, initial here, initial here, now sign this, and this, and this, and sign and date here, and sign here, and initial here... By the time it's over, your arm is about to fall off. Some years later, my colleague was about to buy a new house and began to dread the signature-fest that would invariably ensue at the closing. Another ten-foot-tall stack of papers that needed to be signed and initialed. In preparation, my colleague actually did hand exercises to ...
Changes to the the 2009/2010 Seattle Symphony subscription season
A thank-you to commenter Greg for pointing it out that the Seattle Symphony made changes to their UBS Masterworks 13 series after the brochures were printed. I compared my printed brochure against the online one and updated the 2009/2010 Seattle Symphony subscription season at a glance accordingly. They deleted five concerts and added six, so the Masterworks 13 series actually has 14 concerts. They probably kept the name for backward compatibility.
What is the purpose of the RunAsCommand value?
Commenter c_e_pizano asks what the purpose of the registry value is. Well, for starters, it isn't documented, so the official answer to that question is "Don't mess with it." Kind of makes me wonder why you're asking about the registry value anyway, seeing as it's undocumented in the first place. Are you trying to reverse-engineer Windows? To be honest, I don't know what its purpose is, but I do know what happens when you set it: Everything stops working. This is one of those abandoned features like . When it got abandoned, not all of the pieces got cleaned up, and there is still code that queries for the...
A process shutdown puzzle: Answers
Last week, I posed a process shutdown puzzle in honor of National Puzzle Day. Let's see how we did. Part One asked us to explain why the thread no longer exists. That's easy. One of the things that happen inside is that all threads (other than the one calling ) are forcibly terminated in the nastiest way possible. This happens before the notification is sent. Therefore, the code in that waits for the thread completion event waits forever because the is no longer running. There is nobody around to see the shutdown event and respond by setting the completion event. Okay, that was the easy part. Part Two ...
What the various registry data types mean is different from how they are handled
Although you can tag your registry data with any of a variety of types, such as or or . What do these mean, really? Well, that depends on what you mean by mean, specifically, who is doing the interpreting. At the bottom, the data stored in the registry are opaque chunks of data. The registry itself doesn't care if you lie and write two bytes of data to something you tagged as . (Try it!) The type is just another user-defined piece of metadata. The registry dutifully remembers the two bytes you stored, and when the next person comes by asking for the data, those two bytes come out, along with the type . Gar...
Being lucky is observing what you weren’t expecting: An illustration
I decided to begin searching for a replacement for my current laptop computer since it was by this point literally being held together with electrical tape, and I decided to go against my more common computer replacement policy of "Wait until it breaks, and then panic." There was one model I had my eye on, and it was on sale at a local big-box store as one of those doorbuster deals. I didn't feel like waking up at 4am to stand in line for the slim chance of actually snagging one, so I figured I would just wait, and maybe it'll go on sale again after the shopping season. (This is a strategy that isn't availab...
What is the terminology for describing the various parts of the registry?
Hives, keys, values, types, and data. As I noted some years ago, the file that holds the registry data is called a hive. A hive contains a tree of keys. Keys contain a list of values. Associated with each value is a type and data. The terminology is weird and counter-intuitive thanks to the history of the registry. Back in the days before named values, you queried the data associated with (the default value of) a key by calling , which was a rather natural name since it matches the key/value pattern. But the introduction of named values threw this pattern into disarray. Perhaps a better name could...
The 2009/2010 Seattle Symphony subscription season at a glance
Microspeak: Recommends (noun)
I have only one citation, but the usage is so egregious to me that one citation is all I need. I'm looking for XYZ recommends. My requirements are... Why write recommendations when you can shorten it to recommends and sound buzzwordier at the same time!
Welcome to Groundhog Day, a holiday where the same thing happens over and over
Today is Groundhog Day, a holiday celebrated in the northeastern United States, the day when, according to tradition, the groundhog emerges from hibernation. If it sees its shadow, then the frightened groundhog returns to its burrow, and cold winter weather will continue for six more weeks. It has never been more than a minor holiday, good for an amusing story on the evening news, but not much else. I recall listening to a BBC World Service news report on the radio. They were reporting on a speech or press conference given by somebody or other, and the speaker commented on how any progress made during the day ...
How do I programmatically show and hide the Quick Launch bar?
Commenter Mihai wants to know how to show or hide the Quick Launch bar programmatically. That's not something a program should be doing. Whether the Quick Launch bar is shown or hidden is an end user setting, and programs should not be overriding the user's preferences. Explorer consciously does not expose an interface for showing and hiding taskbar bands because it would just be a target for abuse. Much like the program that wants to uninstall other programs, the taskbar would become a battleground among programs that each wanted to force themselves on and force their opponents off. The user is the arbite...
The problem with The Month Where Everyone Focuses on Improving Documentation is that most people are terrible technical writers
Why not have a month where everybody focuses on improving documentation like that month a few years ago where everybody focused on security? Well, part of it is that most people suck at technical writing. The technical part, maybe, but the writing almost definitely not. Writing is hard (as I've learned firsthand), and technical writing is a special genre of writing that requires a comparatively rare skill set, combining technical background with strong writing skills. Because it doesn't matter how much technical information you know if you are unable to convey this information to anyone else clearly. Also, ...
Games to play at your Battlestar Galactica watching party
It is common among my circle of friends to have Battlestar Galactica-watching parties, and one way of making it a party is by playing games. Things we've done (or plan on doing):
A process shutdown puzzle
In honor of National Puzzle Day, I leave you today with a puzzle based on an actual customer problem. Part One: The customer explains the problem. We have this DLL, and during its startup, it creates a thread with the following thread procedure: DWORD CALLBACK ThreadFunction(void *) { HANDLE HandleArray[2]; HandleArray[0] = SetUpStuff(); if (HandleArray[0]) { HandleArray[1] = ShutdownEvent; while (WaitForMultipleObjects(2, HandleArray, FALSE, INFINITE) == WAIT_OBJECT_0) { ProcessStuff(); } CleanUpStuff(HandleArray[0]); } SetEvent(ThreadCompleteE...
The great thing about being popular is that everybody wants to see you go down
The servers that run this Web site are under heavy load, even when things are operating normally. And on top of that, they have to fend off a lot of attacks. There's the usual spam pingbots, but usually when the site starts to get all bogged down, it's because there is an active attack on the site at the network level. And it doesn't matter what software is running the site. It's not like the bad guys are going to say, "Oh, this site is using PHP. I guess we'll leave them alone." For example, the problems earlier this week were caused by two IP addresses saturating all the connections to the server. Last Octo...
When you have only 16KB of memory, you can’t afford to waste any of it on fluffy stuff
The original IBM PC came with 16KB of memory. That's not a lot of space in which to squeeze an operating system, especially since you had to leave enough memory for the user to actually get work done. A product of its time, the MS-DOS kernel is written entirely in assembly language, pretty much standard procedure for programs of the era. It also meant that the code takes all sorts of crazy shortcuts to shave a few bytes here, a few bytes there, in order to squeeze into as little memory as possible. For example, one very common trick was to have jump into the middle of an instruction, knowing that the second ha...
There’s camping, and then there’s luxury camping, and then there’s ridiculous luxury camping
Back in 2002, I read an article about luxury camping in the Wall Street Journal, and it struck me as kind of missing the point of camping. For campers too busy to shop for marshmallows, one place stocks a s'mores kit -- skewers included -- in its gourmet general store. Another provides blow dryers, putting an end to "river hair." When Karen Schaupeter and her husband arrived at El Capitan Canyon in Santa Barbara, Calif., they were chauffeured to their campsite in a golf cart. Dinner was tamales with mango salsa prepared by the staff, in front of a roaring bonfire -- also prepared by the staff. In the mornin...
Why can’t I see all of the 4GB of RAM in my machine?, redux
Phil Taylor gives another few reasons why machine with 4GB of RAM doesn't show up as such. (Here's my earlier posting on this subject, for reference.) These articles about possible reasons for memory not showing up are not intended to be comprehensive. It is entirely possible that the problem you are experiencing is not one described here.
I think I can read the bassoonist’s music from here
An insane 1.4-gigapixel image of Obama's inaugural address. All it needs is a guy in the audience dressed like Waldo.
But then we ran into problems when we started posting 10,000 messages per second
Once upon a time, a long, long time ago, there was a research team inside Microsoft who was working on alternate models for handling input. I don't know what eventually came of that project, and I don't even remember the details of the meeting, but I do remember the punch line, so I'm just going to make up the rest. The research project broke up the duties of their system into a few components. The two that are important to the story are a driver component which received information from various hardware devices and transmitted that information via the function to another component whose job it was to study th...
Why can’t you apply ACLs to registry values?
Someone wondered why you can't apply ACLs to individual registry values, only to the containing keys. You already know enough to answer this question; you just have to put the pieces together. In order for a kernel object to be ACL-able, you need to be able to create a handle to it, since it is the act of creating the handle that performs the access check. Creating a handle to the value means that we would need a function like and corresponding and functions which take not a registry key handle but a registry value handle. And then you've basically come full circle. You've reinvented the 16-bit reg...
Why do I get the error REGDB_E_IIDNOTREG when I call a method that returns an interface?
This is another manifestation of the missing marshaller problem. IContextMenu *pcm; HRESULT hr = psf->GetUIObjectOf(hwnd, 1, &pidl, IID_IContextMenu, NULL, &pcm); // fails with REGDB_E_IIDNOTREG The IContextMenu interface does not have a proxy/stub factory (as of this writing). Recall that shell objects, as a rule, are apartment model. If you create the object from a multi-threaded apartment, COM needs to build a wrapper object which can marshal calls from off-thread back onto the original thread, in order to adhere to the threading rules for apartment-model objects. And if the C...
If you have full trust, then you can do anything, so don’t be surprised that you can do bad things, too
This is another example of the dubious security vulnerability known as wrapping a simple idea inside layers of obfuscation and then thinking that somehow the obfuscation is the source of the problem. First of all, consider this: Suppose a program calls one of its own functions but gets the calling convention wrong and ends up corrupting its stack. Is that a security vulnerability in the operating system? No, it's a bug in the program. Now, maybe a bad guy can try to exploit this bug in the program, but if such an exploit could be found, it's naturally a vulnerability in the program, not in the operating syste...
If you didn’t like the answer, asking the same question again is unlikely to help
I find it surprising how often this happens. A customer liaison will send a question to a mailing list like this: From: X To: Gizmo Discussion Hi, everybody. My customer is using the Gizmo Toolkit and wants to frob a gizmo without first registering as a frobber. They created the gizmo with , passing all the default flags, and then they call to attach the gizmo to a sprocket. When the sprocket detects that its host is decycling, it tries to frob the gizmo by calling , but the call fails. They can't register the sprocket as a frobber because the sprocket doesn't have the right frob context. They tried setti...
May the Horse Be With You: Stories from the racetrack
Only a Game interviews Harvey Pack [real], author of May the Horse Be With You, a collection of stories about horse racing. I don't really care much about horse racing, but I do love a good story, and Harvey Pack has a bazillion good stories.
Why isn’t the screen resolution a per-user setting?
Via the suggestion box, Dominic Self asks why screen resolution is a global setting rather than a per-user setting. Well, first of all, it's not even a global setting. It's a session setting. That it's not a global setting is not readily apparent most of the time since only Windows Terminal Server is set up to support multiple simultaneous interactive sessions. On Windows Terminal Server, you specify the properties of the virtual monitor you wish to connect with, including resolution, and the server accommodates your wishes. Well, up to a point. I mean if you ask for a 1,000,000×1,000,000 pixel screen, t...
You cannot pre-emptively reserve a file extension
The following question came in from a customer: If our program isn't installed and users double-click our document, they get sent to a Web site that presents a list of programs, but we want to send the user directly to our download site. How do we claim a file extension for our application? Um, you don't. You cannot pre-emptively reserve a file extension. If your program uses the extension and somebody off in another country working out of a garage also uses the extension , then that's fine. Of course, things get exciting when a user installs both your program and the garage program, but that's a conflic...
If you’re at a Thai restaurant with a Thai person who’s ordering food in Thai, and she asks you if you like your food spicy, think twice before answering
I think you see where this is going. I'm at a Thai restaurant with my sister-in-law, who is Thai. She's talking with the waitress in Thai, and she discovers that the restaurant's cook is someone she knows. And since she's from Thailand, she assumes the task of ordering the food, since she knows what's good and what isn't. During their conversation (entirely in Thai, so I don't understand a word of it), she turns to me and asks, "So, is spicy food okay?" I say, "Yeah, I like spicy food." Classic rookie mistake. I think that by the end of the meal, I had just started to regain the ability to taste th...
What is this magic setting that synthesizes Unicode from non-Unicode?
Commenter dan g. wonders how Windows can treat non-Unicode applications as Unicode via the Regional and Language Options control panel, specifically the part that lets you choose the Language for non-Unicode programs. "Having always believed that the only way to display, say, Chinese characters correctly was to compile with _UNICODE, this facility seems all the more remarkable." This setting is really not as magical as it appears. (After all, we had Chinese versions of 16-bit Windows that displayed Chinese characters just fine, and they certainly didn't use Unicode since Unicode hadn't been invented yet.) Mic...
The day shell.windows.com went down
When the file association Web service was first being developed, the programmer responsible for implementing the feature just scrounged around and found an old unused computer and set it up as a simple Web server under his desk, so there would be something to test the code against. That server happily churned away serving out file extension information, and when people asked for their program to be added, he would manually add it to the server. The server worked just fine, and like most things which work just fine, it was forgotten. And then remembered once things no longer worked just fine. I think it was ...
Excessive speed appeared to be a factor in the crash
In February 2007, a serious automobile accident took place in southwest Washington. A twelve-year-old boy was at the wheel of an SUV when he lost control and struck another vehicle. According to the sheriff's office, "Excessive speed appeared to be a factor in the crash." I dunno, I think a major factor is that a twelve-year-old was behind the wheel. Tragically, the boy sustained critical injuries and died the following day. There was an adult in the car who conveniently doesn't remember what happened, although there are rumors that this wasn't the first time that adult let the boy drive, and that the boy ha...
Where does shell.windows.com get information about file extensions, and how do I get in on that action?
If you double-click a file for which there is no registered handler, Windows will offer to visit the Web service on shell.windows.com to locate a program that can open it. But where does this information come from, and how can you add your program to the database? Knowledge Base article Q929149, titled Windows File Association System On-Boarding Process, provides step-by-step instructions on how you can add your file extension. If you look at the existing entries on shell.windows.com, most of them have relatively straightforward and neutral descriptions. "This document is a PowerPoint presentation." "This ...
xkcd breaks the news on the new Windows 7 user interface
Last week, Web comic xkcd covered the new Windows 7 user interface. Unfortunately, they got the wrong operating system. It was Windows XP that had a picture of Hitler (according to a few of our beta testers).
How does PostQuitMessage know which thread to post the quit message to?
Commenter bav016 asks how functions like and know which thread the messages should go to. Unlike some functions such as which have a window handle parameter that lets you say which window you want to operate on, and don't say which thread the or message should go to. How do they decide? The messages go to the current thread; that is, they are delivered to the thread that called the function in the first place. There are many functions which operate on an implicit message queue, and those cases, they operate on the message queue associated with the thread making the call. If you call you retrieve the...
It’s surprising how suddenly those new skins started pouring in
A friend of mine told me a story of a project from over ten years ago. Part of the product design was that it would include a bunch of skins (visual styles). The development team had written up the skinning infrastructure, but the company which was hired to create the actual skins hadn't delivered anything. My friend's assignment was to test the skin-switching interface, but since there were no skins, there was nothing to test. My friend was responsible for testing a bunch of other product features, so it's not like the days were spent thumb-twiddling. But eventually, it got to the point where the automated tes...
The programmers don’t design skins; they just make skins possible
Not all skill sets are interchangeable. That's why we have concepts like division of labor and specialization. But it appears that not everybody understands this. I was reminded of this topic when I read the reactions to the Microsoft Exchange Team announcing that they had added Xbox and Zune themes to OWA. Many people were shocked, such as Loren, who was furious that "development time" was wasted on something frivolous like new themes when there are so many bugs that need to be fixed. Loren appears to believe that the people who do graphic design and the people who are up to their elbows in the code base fi...
Raymond misreads flyers: A Taste of WWL
There were flyers in our building inviting people to attend a food event called A Taste of WWL. The letters WWL stand for Windows and Windows Live, but the font they chose for the sign was confusing to me. The capital L looked like a capital I, and I misread the poster as an invitation to attend A Taste of WWI. And then I thought, "Who the heck thought World War I was a fun event we'd want to re-experience?" One of my colleagues, who also misread the poster, had a much more succinct response: "Mmmm... mustard gas..."
When debugging a stack overflow, you want to focus on the repeating recursive part
When your program breaks into the debugger with a stack overflow, you will get a ridiculously huge stack trace because your program has gone into some sort of recursive death. (This is not a statement of metaphysical certitude, but it is true with very high probability.) But the place where the program crashed is usually not interesting at all. Here's a sample stack trace. (Warning: Ridiculously long stack traces ahead because stack traces from stack overflows are always ridiculously long. Apologies to my blind readership.) ntdll!RtlpAllocateHeap+0x394f2 ntdll!RtlAllocateHeap+0x151 ntdll!RtlFormatCurrentUserKe...
Microspeak: Learnings
If things you teach are teachings, then things you learn must be learnings, right? Good Microspeak citations for this word are hard to find since the word is rarely used in a sentence; it's just a heading in a slide presentation. I found dozens of presentations that had a slide titled Learnings from XYZ, or, for those who want to sound really fancy, Key Learnings from XYZ, but very few actual sentences. Here are two: Alice will send an email to Bob with regards to any learnings from the XYZ program being incented to do ABC. What are our key learnings for this project? There's that word key again, along wi...
Not my finest hour: Misreading a product label
I had finished some store-bought soup and thought to myself, "That was a pretty good soup. What brand was it? I'll buy it again." I went to my recycle bin to fish out the aseptic box that the soup came in, and looked for the brand name. And I found it: dnos. I thought to myself, "That's a strange name for a soup company."
Even if you have code to handle a message, you’re allowed to call DefWindowProc, because you were doing that anyway after all
Just because you write case WM_SOMETHING: doesn't mean that you have to handle all possible parameters for the WM_SOMETHING message. You're still allowed to call the DefWindowProc function. After all, that's what you did when you didn't have a case WM_SOMETHING: statement in the first place. switch (uMsg) { case WM_CHAR: OnChar(...); return 0; default: return DefWindowProc(...); } The above code fragment doesn't handle the WM_SOMETHING message at all. Suppose the WM_SOMETHING message uses the wParam parameter to specify what type of something occurred, and you only want to override the default p...
Kids love cake, but that doesn’t make them good judges of cake
My friend who got married last year went to the Seattle Wedding Show (here are some pictures from the 2007 show courtesy of a vendor's blog) and, through a series of circumstances not relevant to the story, combined the visit with a brief stint of babysitting for her nieces, one a tomboy and the other a girly-girl. The children's father came to pick them up after a half hour, but that half hour at the wedding show was quite exciting for two little girls. It was hardly surprising that the "I want to be a princess when I grow up" girly-girl would be completely enthralled by the wedding show. What was unexpected w...
Why doesn’t Windows 95 format floppy disks smoothly?
Welcome, Slashdot readers. Remember, this Web site is for entertainment purposes only. Who spends all day formatting floppy disks? From the reaction of geekdom, it appears that there are lots of geeks who sit around formatting disks all day. (Psst, you can buy them pre-formatted.) But why did Windows 95 get all sluggish when you formatted a floppy disk? It's that pesky MS-DOS compatibility again. As we saw a while ago, MS-DOS acted as the 16-bit legacy device driver layer for Windows 95. Even though the operation was handled by the 32-bit file system, all I/O calls were routed through 16-bit code...
Follow-up: A new DUI record set in the state of Washington
A year ago, I noted that a new DUI record had been set for the state of Washington. It took a while, but the story finally settled out. Recapping the story so far (links in the original article): The driver's attorneys eventually succeeded in having her released from jail (where she had been held on $300,000 bail) to a treatment center. In April 2008, the driver pled guilty to driving while intoxicated and in June 2008 was sentenced to one year in prison for that offense, plus additional days for other offenses, totalling 440 days in jail; plus 90 days of electronic home monitoring, fines, attendance at a...
How do I write a program that can be run either as a console or a GUI application?
You can't, but you can try to fake it. Each PE application contains a field in its header that specifies which subsystem it was designed to run under. You can say to mark yourself as a Windows GUI application, or you can say to say that you are a console application. If you are GUI application, then the program will run without a console. The subsystem determines how the kernel prepares the execution environment for the program. If the program is marked as running in the console subsystem, then the kernel will connect the program's console to the console of its parent, creating a new console if the parent doe...
2008 year-end link clearance
Time for the semi-annual link clearance. Finally, we have the traditional plug for my column in TechNet Magazine:
Sorry, I don’t get calls on this phone often
Many years ago, I was in a small meeting: It consisted of the project manager, me, and one other person. Just a quick little status meeting to discuss how things were going. We were a few minutes into the meeting when the project manager's cell phone rang. Now, this was back in the days before cell phones were ubiquitous. They were pretty spendy gadgets; pulling out your shiny $400 Nokia 8810 was an ostentatious move, allowing you to demonstrate your alpha position in the social hierarchy. Anyway, when the cell phone rang, the project manager answered it and started talking. After a little while, it became...
Crazy or cell phone?
You've seen it, I'm sure. People walking down the street talking to themselves. Crazy or cellphone? What really gets me are the people who wear the headsets even when they aren't talking on the telephone, but rather in anticipation of receiving a telephone call. To those people, I have this to say to you: You're not that important. Get over yourself. I remember a few years ago, I was in Los Angeles attending a little party and got a ride home from somebody who was heading my way. We got in the car, and she put on her headset before putting the car in gear. It was a half-hour drive. No telephone call.
Every crash is a potential security vulnerability
Whenever I post about a programming error that can lead to crashes, the security team gets all excited and starts looking for ways to exploit it. For example, when I wrote about the fundamentally flawed flag, the security folks went scouring through the Windows source code looking for anybody who passed that flag, and then tried to come up with ways they could trick the code into loading an unintended DLL and causing trouble. I wouldn't have known about this exercise at all if one of the team members hadn't forwarded me some email discussing their preliminary investigations as if to say, "See what you starte...
Undecorating names to see why a function can’t be found
Here's a problem inspired by actual events. When I build my project, it compiles fine, but it fails during the link step with an unresolved external: program.obj : error LNK2001: unresolved external symbol "public: virtual wchar_t const * __thiscall UILibrary::PushButton::GetName(class UILibrary::StringHolder * *)" (?GetName@PushButton@UILibrary@@UAEPB_WPAPAVStringHolder@2@@Z) The function I'm trying to call exists in the source code for uilibrary.lib; I'm looking at it right now. And the definition in the source code matches the declaration in the header file: namespace UILibrary { ... class PushButt...
Why are all computers shown with a Printers folder even if printer sharing is disabled?
When you visited a computer on the network by typing into the address bar, Explorer showed you a Printers folder if the computer had printer sharing enabled. But starting in Windows Vista, the Printers folder is shown regardless of whether the remote computer is sharing any printers. Why did this change? Communicating with the remote computer to ask it about its printers simply took too long. The method returns an enumerator that produces a list of items in the folder. Think of it as the shell namespace version of . When the method is called, it must produce the next item in the folder or return a code...
Then again, sometimes the improvement is merely incremental
Several years ago, the security department sent out a company-wide memo: Over the next few months, we will be upgrading the card readers on all of our major campuses. The old card readers show a solid red light when the door is locked, whereas the new card readers show a blinking red light. Aw-right, a blinking light. Now we're cookin' with gas!
Foiled by my withered hand
A few years ago, some email was sent out to the product team asking for a volunteer hand model to demonstrate how to open the Windows Vista box. Alas, I withdrew myself from consideration due to my withered hand.
Misheard lyrics as applied to Christmas songs
While visiting my young nieces, we sang some Christmas songs, and when it came to sing Toyland, the four-year-old sang it with misheard lyrics: "Toi-let! Toi-let!"
Why isn’t there a SendThreadMessage function?
Here's an interesting customer question: Windows has and . It also has but no . Why isn't there a function? Am I forced to simulate it with an event? What would this imaginary function do? Recall that delivers the message directly to the window procedure; the message pump never sees it. The imaginary function would have to deliver the message directly to.... what? There is no "thread window procedure" to deliver it to. Okay, maybe you still intend to process the thread message in your message pump, but you want the caller of the imaginary function to wait until you've finished processing the messag...
On 64-bit Windows, 32-bit programs run in an emulation layer, and if you don’t like that, then don’t use the emulator
On 64-bit Windows, 32-bit programs run in an emulation layer. This emulation layer simulates the x86 architecture, virtualizing the CPU, the file system, the registry, the environment variables, the system information functions, all that stuff. If a 32-bit program tries to look at the system, it will see a 32-bit system. For example, if the program calls the function to see what processor is running, it will be told that it's running on a 32-bit processor, with a 32-bit address space, in a world with a 32-bit sky and 32-bit birds in the 32-bit trees. And that's the point of the emulation: To keep the 32-bit pr...
The Fargo campus responds to Redmond’s December 2008 storm conditions
Apparently it's no big deal to them.
What is the mysterious fourth message box button?
When you call the MessageBox function, you pass flags specifying which of a fixed set of button patterns you want (for example, Yes/No and OK/Cancel) and which button you want to be the default (MB_DEFBUTTON1 through MB_DEFBUTTON4.) Wait a second. What's with this MB_DEFBUTTON4? None of the button patterns are four-button patterns. The highest number of buttons you can specify is three: Abort/Retry/Ignore. How can you set a nonexistent button to be the default? Let's do some header file spelunking. The flag for this magical fourth button is defined here: #define MB_DEFBUTTON1 0x00000000L #def...
How do I obtain the computer manufacturer’s name?
One customer wanted a way to determine the name of the computer manufacturer. For example, they wanted to make some function call and get back "IBM" or "Compaq" or "Dell". I don't know why they wanted this information, and for the moment, I don't care. And of course, when you're looking for information, you don't search MSDN; that's for crazy people. No, let's just fire up regedit and hit Ctrl+F. (I can't imagine how many application compatibility bugs were created by that "helpful" Ctrl+F dialog in regedit.) The customer found the registry keys that are used to customize the System control panel, as well as...
How to create a Zune podcast from an audiobook or other files you already have
Here's a trick one of my friends taught me. The Zune has two styles of audio playback, one for music, and another for podcasts. For music, clicking right and left move you by song, and when you switch to another album, then come back to the first album, it starts you over at the beginning of the album. On the other hand, for podcasts, clicking right and left seeks through the episode, and when you return to a podcast, it resumes from where you left off. This is nice, because podcast episodes tend to be long, and the sequence is usually important. But what if you want the podcast behavior for songs? For exam...
The worms go in, the worms go out
Neuroscientist Daniel Levitin, author of This Is Your Brain on Music: The Science of a Human Obsession (another book in the Catchy title: Long boring subtitle category), explains why ABBA songs get stuck in your head. Meanwhile, the Earworm Research Institute has some tips on how to get them out.
Microspeak: Suited and booted
At Microsoft's consulting divisions, customer visits are a part of the job. A shorthand has developed to describe how formally dressed you should be at the meeting with the customer. (I leave it as an exercise to develop the comparable attire for women.) Note: This Microspeak entry was submitted by a colleague from the UK, so it may be peculiar to the UK dialect of Microspeak.
Today, we use a GPS to locate Baby Jesus
When Baby Jesus disappears from a Nativity scene, he might be wearing a tracking device: For two consecutive years, thieves made off with the baby Jesus figurine in Wellington, a town of 60,000 in Palm Beach County, Fla. The ceramic original, donated by a local merchant, was made in Italy and worth about $1,800... Last year, officials took a GPS unit normally used to track the application of mosquito spray and implanted it in the latest replacement figurine. After that one disappeared, sheriff's deputies quickly tracked it down. It's sad that the world has come to this, but nice to know that technology is ...
Why does the Explorer address bar reset itself while you’re typing into it?
When you ask Explorer to navigate to a new location, the steps go roughly like this (vastly oversimplified): Pretty straightforward, right? Well, commenter dhiren asks: Any idea why the address bar in Explorer randomly decides to reset itself while you're typing in it? It's not like Explorer is saying, "Ha, ha! Sucker!" Explorer is just doing its thing, following its happy little checklist, and when it finally locates the navigation target, it moves on to step three and switches the view and synchronizes the address bar to match the view. If you've messed with the address bar in the meantime, the s...
PDC 2008 notes: The aftermath
The Web page associated with my PDC 2008 talk has been updated to include the source code that I used for all of the demos. Other remarks:
Being lucky may be a matter of observing things you weren’t planning to observe
On BBC's The One Show, presenter Michael Mosley tests a theory of Professor Richard Wiseman that part of being lucky is simply being more aware of incidental information in your surroundings, information seemingly unrelated to the task at hand but which may ultimately help you achieve your goal. (Professor Wiseman has many interesting videos on YouTube. I particularly like the colour-changing card trick. (Spoiler: I noticed only one of the changes myself. What I found fascinating was that he made no effort to hide the sound of the backdrop changing, because he knew nobody would notice.) We've seen mani...
The Washington 2008 unclaimed property auction
After five years, the contents of abandoned safe deposit boxes are turned over to the state, which attempts to contact the owners, but if the owners cannot be located after three years, they are put up for auction. Things like this antique watch with a Swedish dedication: "Till min kära syster Nanny fr. Elin — Mors klocka" = "To my dear sister Nanny, from Elin — Mom's watch". It's sad that something with such obvious sentimental value is being sold off. Or, if you are more of the nerdy type, you could bid on Star Trek comic books graphic novels or a Michael Jordan rookie trading card.
Don’t use global state to manage a local problem
We've seen a few instances where people have used a global setting to solve a local problem. For example, people who use the function to prevent a window from redrawing, toggle a global setting to see what its value is, or who change the system time zone as part of an internal calculation. To this, I'll add as an example a program which figures that if you don't want the program's feature, you don't want that feature in any competing products either. The first service pack of Windows XP introduced the Set Program Access and Defaults control panel. Among other things, media players can register here to ...
A bar on Microsoft main campus? What should we call it?
When my colleagues discovered that Seattle bar Spitfire is opening a bar on the main Microsoft campus, a quick game of Name that bar sprung up. (Todd Bishop has his suggestions.) Here are some names we came up with: Though I suspect they'll just call it Spitfire. Sidebar: Although alcohol is available at many company-sponsored social events, there is no pressure to drink an alcoholic beverage, and people don't even notice one way or the other. (Just like nobody notices that you had the vegetarian appetizers and avoided the meat ones.)
How do I change the directory Windows uses for user profiles?
To change the directory Windows uses for user profiles (by default, the directory), set the setting in your unattend file. This setting is available only via the unattend file. There is no GUI interface for this, nor can it be changed after Windows has been installed. Sorry.
The role of vitamin D in beta cell function: The dance
In January 2008, John Bohannon held a contest titled Dance your PhD, wherein contestants were invited to express their PhD thesis in five minutes through the medium of dance. It was such a hit that it came back for a sequel: The 2009 Dance Your Ph.D. contest. Only a Game interviews John Bohannon [mp3]. You can also watch the winning dance, The role of vitamin D in beta cell function on YouTube, along with the other winners.
Email tip: If you want people to look at a screen shot, you have to tell them what they’re looking at
Some time ago, Ry Jones decided to take something that I wrote and condense it to make it funnier: Don't embed pictures. ... This isn't Highlights magazine. Those ellipses are deceptive, because they hide a change of topic! As a result, the two unrelated sentences appeared to be connected to each other. The comment about Highlights magazine was not a response to "Don't embed pictures." It was a response to a different part of that message. Here's the complete message, or an approximation thereof: Don't embed pictures. Send a link to your pictures. And when you ask us to look at the pictures which de...
A file can go by multiple names, but two files can’t have the same name
Thanks to short file names and hard links, a single file can go by multiple names. (And for the purpose of today's discussion, I'm treating the full path as the name instead of just the part after the last backslash. Don't make me bring back the nitpicker's corner.) For example, C:\PROGRA~1 and C:\Program Files are two possible names for the same directory thanks to short names. [Typo fixed 7:15am.] If you've created hard links, then you can give a single file two entirely unrelated names, and those names need not even be in the same directory. On the other hand, you can't have two files with the same name. Wha...
Thrift stores drowning in Christmas impulse gifts from yesteryear
Last year, the Washington Post covered the fates of The Thing, that Christmas impulse gift that stores place in enticing locations in the store to convince you that you simply gotta have it. The twirling apple peeler, the liquor carousel, the portable chocolate fountain (for your fancy party, no doubt). After a few years, some of them show up by the garbage-bagful at the Opportunity Shop thrift store. "We get three or four fondue sets a month... Sometimes we get stuff and I don't even know what the stuff is."
Why are the generic version numbers called NTDDI?
In my earlier discussion on the variety of symbols that describe the target Windows version, I pointed out that the symbols attempt to cut through the mess and consolidate everything into a single symbol. But why the name ? One of my colleagues contacted me privately with the story. When setting out to change the operating system version number, my colleague was shocked to find so many different version number mechanisms were scattered throughout the various Windows header files. It so happened that the DDK people were already in the process of cleaning up the version number mess and were using as their vers...
Neuroscience can be used for good or for evil; this one might fall in the evil bucket
Marketplace radio interviews Martin Lindstrom, author of Buyology: Truth and Lies About Why We Buy (another book in the series Short catchy title: Long boring subtitle) about how stores get people to buy more stuff by taking advantage of how our brains are wired. (Unfortunately, at the time I checked, the Smell and Beer bonus tracks were broken. You can try to console yourself with Paddy Hirsch's explanation of margin calls in terms of Girl Scout Cookies.) Update: The Smell and Beer links work now.
When you start getting in-page errors on your hard drive, it’s time to go shopping for a new hard drive
The describes itself as "The instruction at XXX referenced memory at YYY. The required data was not placed into memory because of an I/O error status of ZZZ." What does this mean? It means that the memory manager needed to read some memory from the disk, but the disk returned an error. (Namely, error ZZZ.) Since it has no way to return an error code to your program—I mean, after all, all your program did was read a variable from memory; there's no way to return an error code from int x = y if y cannot be read off the disk—it is reduced to raising an exception. When you see this message, and the ...
The struggle against those annoying plastic packages gains a few allies
Some companies are switching to easy-to-open packaging. Not a moment too soon, in my opinion.
High Contrast Mode is not the same as High Contrast Scheme
"High Contrast Mode" is an accessibility state controlled by the flag in the member of the structure. You can retrieve this structure programmatically by calling the function with the parameter; conversely, you update the setting programmatically with parameter. Programs are on their honor to query the "High Contrast Mode" flag and, if set, simplify their display so as to be more usable to people with low visual acuity. For example, gradients and background bitmaps should be turned off and system colors should be used for screen elements. End users can enter and exit "High Contrast Mode" by going to the A...
That guy in the neighborhood who has way too many Christmas lights
Weekend America profiles Dominic Luberto, that guy with his house so covered in Christmas lights that you're sure it's a fire hazard or something. I like how he pulls out the classic argument stopper when challenged that his display is too much. "Whoever comes against me - listen - goes against the kids." There you go. In the United States, all you have to do is accuse your opponent of hating children and you have instantly won the argument.
Raymond’s technique for getting people to leave a meeting room when their meeting runs over
It's certainly common at Microsoft, and probably common at many places, that a meeting runs over. The next group who has booked the room gathers outside waiting for the previous meeting to wrap up. Sometimes they wait timidly outside the door, and the group inside never realizes that they are running over. Late meetings have a cascade effect on the rest of the day, and not just for the specific conference room. Of course, if the 9am meeting runs late, then the 10am meeting in the same conference room will start late and consequently run late. But it also makes late the 10am meeting that one of the 9am participan...
Oh, I feel so bad for those poor Wall Street folks who have to have a normal party instead of a ridiculously lavish one
Scaling back.
Don’t be helpless: You can find information too, if you try (episode 2)
Commenter Joshua Blake wonders why Word's status bar says "Word is preparing to background print the document", wondering whether there used to be other types of printing like foreground. Well, first of all, this is a question about Office, something I explicitly deny any special knowledge of: Topics I am not inclined to cover: [...] But I'm going to take this opportunity to teach you how to use information already available to you to answer this question yourself. First, let's see what the Internet says about Word and background printing. A search for ‹Word background printing› turns ...
The Ballard Locks will be empty this week
The Hiram M. Chittenden Locks (more commonly known as the Ballard Locks) are a common attraction in Seattle. But if you pay a visit for the next week, you'll find that the large set of locks will be empty. And not just empty of boats. Empty of water. The chamber has been emptied of water for annual maintenance, and if you stop by, you can take pictures of a big hole in the ground. According to The Seattle Times, items found upon draining the chamber include cell phones, a two-way radio, a boot, beer cans, and prescription glasses. Nothing too exciting, I have to admit. Now, if they had found a bicycle...
Just because a method is called Refresh doesn’t mean that it refreshes what you want
Here's a question from a customer: I made some changes related to my shell extension [details omitted], but the changes don't show up in the Explorer window when I refresh it. Any suggestions on how to solve this problem? When we asked how they were refreshing the Explorer window, we were expecting something like pressing F5 or calling with , or maybe calling or possibly even calling from script. But we definitely didn't expect this response: I'm invoking the Process.Refresh() method from the namespace. Just because a method is called doesn't mean that it refreshes what you want. I think this is...
Welcome to the 2008 holiday shopping season
Yes, maybe you're one of those crazy people who camps out in front of a store so you can be the first person in line to get this year's hot toy, or so you can snag one of the doorbuster deals. But be judicious in your rush, because the police are out there too, and they're shopping for something else.
Not my finest hour: Getting instructions on doing something I’ve already done
Last year, I sent some email to the people who run our team's check-in validation tool asking how I could add a new rule to the validation tests. One of the members wrote back, "You do it just like this guy," and sent me a reference to another check-in that added a validation rule. That other check-in was made by me. But wait, it gets better. That other check-in? It added the very rule I was thinking about adding.
The cost-benefit analysis of bitfields for a collection of booleans
How many of them are there?
Yes, I filed an expense report for a hair dryer, why do you ask?
Back in the late 1990's one of my colleagues (who is now in Office Labs—check it out, they've got some pretty cool stuff) filed an expense report for a hair dryer, and it was accepted. But what valid business purpose would there be for a tester to buy a hair dryer? At the time, my colleague worked as a tester for Windows power management. One of the things that needed to be tested was whether the motherboard accurately reported thermal stress (translation: overheating) to the operating system and whether the operating system responded appropriately to these reports. And when the project started, the mos...
When you’re walking around a city, you usually forget to look up
When you're walking around a city, you usually forget to look up. It takes a landmark building to prompt you to admire anything above the ground floor. For those in the Seattle area, the Seattle Times included a brief walking tour of Seattle architecture. The article doesn't mention one of my favorites: The roll-on deodorant building on the corner of Seneca and Second. The effect is most striking if you if you stand on Second and Union and look southeast at night. (Sadly, under the dome is just a roomful of machines.)
Consequences of the Explorer view model: If you create a view, then you succeeded, even if you’d rather fail
Commenter Anonymous asked why navigating to a drive with no media displays a dialog instead of showing the error message in the view. This is an unfortunate consequence of Explorer's browser/view model. The shell browser binds to the and asks for the view by calling . The view window calls to figure out what to show in the view—and here is where the error dialog appears asking you to insert a disc into the drive. The problem is that has to return an enumerator or an error code. There is no return value that says "Um, yeah, could you display this text instead?" In a narrow sense, there's no way to r...
Rachmaninov had big hands: An illustration
Rachmaninov's Prelude in C# minor, Op. 3, No. 2, performed as it is written, by classical music comedy duo Igudesman & Joo. I tried to learn that piece once. I didn't last long.
The great thing about priorities is that you can always go one higher
The phenomenon I call priority inflation has spread to product planning documents as well. Back in the old days, there were three priority levels: Over the past few years, I've seen a shift in the labelling of priorities in planning documents. A new priority has been introduced: Priority Zero. Nobody has explained to me what Priority 0 means, but I assume somebody invented it to emphasize that the feature is even more critical than priority 1. Mind you, I'm not sure what could be more important to a project than "If we don't do this, we're all fired." Maybe "If we don't do this, the earth will exp...
If everything is top priority, then nothing is top priority
Last time, I mentioned that eventually everything is top priority. A similar topic is what I'm calling priority inflation, which takes more than one form. Today's priority inflation is the introduction of new "top priority" items. (Chris Becker has some thoughts on this topic as well.) "XYZ is very important to our project. Please make it your top priority." A few weeks later, "ABC is very important to our project. It should take priority over all other issues." When this happens, I like to ask, "Is this even more important than XYZ?" I've done it so much that my management has changed the way it introduces...
Adventures in product testing: This phone’s so hot, it’ll set your head on fire
Actually, this is pretty cool. A phone that sets your head on fire. Most people charge extra for that. These lithium-ion polymer batteries can overheat due to an internal short circuit in the batteries, which can pose a fire hazard. The battery has only been used in the GN9120 wireless headset. Go ahead, make up your own joke.
If you wait long enough, everything is our top priority
I always crack a smile whenever I hear or read someone say that "XYZ is our top priority." The person may believe it at the moment they say it, but just wait a little while, and soon there will be a new top priority. If you call the person out on their shifting priorities, they usually come up with some hand-waving explanation that the two "top" priorities are actually the same thing. Last week, you said that customer satisfaction was our top priority, but just now you said that our employees' well-being is our top priority. Which one is the real top priority? In other words, which is more important, custome...
Is second-hand advice better than no advice at all?
Commenter Grow Up (if you're so grown up yourself, why not use your real name?) took issue with the second-hand advice I gave when the discussion of protecting sensitive data. In that discussion, I gave second-hand advice on how one could protect information, and one reader apparently thought I was trying to malign said second-hand advice or was holding it up as non-authoritative. (In case you forgot: Everything here is non-authoritative. It's all just my interpretation of the world around us. And that interpretation is often wrong. Don't make me bring back the nitpicker's corner.) I added the second-hand advi...
You’d think this sort of disclaimer on children’s modeling clay would not be necessary
"Molded results vary depending on child's age and level of skill."
Why bother with RegisterWaitForSingleObject when you have MsgWaitForMultipleObjects?
Commenter kokorozashi wonders why you should bother with when you have already. If you want to pump messages and wait for a kernel object, then you can change all calls to , , and to replacement functions that use . Isn't that enough? Why waste an entire thread just to wait for that object? If you're so clever that you can modify every call to , , and , then more power to you. But in order to do this, you'll have to restrict the functions you call, because all sorts of functions contain their own message loops. Do you call ? Or ? Those functions contain a modal loop. (After all, they don't return until the ...
Email tip: If you ask a question that can be answered in only one way, but that’s not the answer, don’t be surprised that nobody responds at all
It's not infrequent that I see somebody ask a question that can be answered in only one way. But if that's not the answer, then nobody will respond. Is there a module that does XYZ? This question can be answered in only one way: "Yes, here it is." If nobody has written such a module, nobody is going to reply saying, "No, nobody has written the module you request," because that would require the responder to prove a negative. "I have scoured the entire planet, including code sitting on a hard drive in somebody's mother's basement, and have verified that there is no module that does XYZ. Furthermore, I have...
Rearranging the cities into a much more visually pleasing arrangement
My friend the seventh grade teacher gave an assignment wherein students were to produce a map of the state of Washington with various required elements, among them, a selection of major cities in the state. Some students failed to understand that the purpose of a map is to represent where the cities are and not to dictate to the cities where they should be, for they moved the cities around in strange ways. Moving the dots around to make a more visually pleasing arrangement might work if you were designing, say, a transit map, where the topology of the connections is the important thing rather than their phy...
Why is the maximum boot.ini delay 11 million seconds?
I mentioned in passing that the maximum delay you can specify in boot.ini is about 11 million seconds. I'm disappointed but sadly not surprised that everybody focused on that number and completely missed the point of the article. First of all, the value of 11 million was not a conscious limitation. It's just an artifact of other limitations. The delay is specified in seconds in boot.ini, but internally it is converted to BIOS clock ticks. (Remember, this is a boot loader; there's not much infrastructure available yet.) The conversion is done in 32-bit arithmetic, and 4 billion BIOS clock ticks at 18.2 ticks pe...
Doesn’t matter what your marketing technique is for your compiler if nobody actually writes code in your language any more
I mentioned Terry Zink's Anti-spam blog ("Protecting your mail from the scum of the internet") during one of my quarterly "borg-edition" linkfests. The article about how much money a spammer actually makes was quite interesting. One thing that caught my eye was the insanely low sales rate that was needed in order to make the enterprise lucrative. Only 0.12% of the messages get clicked on, and of those, only 0.5% result in a sale, yet with a sales rate of just 0.0006%, the spammer pulled down an impressive $7690 per week, or over $300,000 per year. (Researchers who infiltrated the Storm botnet have their own est...
Now it’s like people buy sneakers to make money out of them
Where there are sneaker addicts you will have sneaker speculators. And not all the sneakerheads appreciate it. Such trading bothers purists like Raymond Chen, 26. "People used to buy sneakers because they love them," Chen said. "Now it's like people buy sneakers to make money out of them." Chen, an engineer from Shoreline, owns about 120 pairs of sneakers and spends about $100 a month on his hobby. If there are a number of shoes releasing within the same month, he spends more.
You can’t fight in here; this is the War Room!
(Video clip for those who don't get the reference.) The term War Room is attributed to Winston Churchill, used to describe the underground meeting room where the war effort was directed. It is the "crucial meeting room where important decisions are made" sense of the term that is used at Microsoft. Many software products (or even just components of software products) have a meeting room designated as its War Room. Depending on the stage of the project, War Meetings might be held weekly, daily, or even several times a day. The meeting is run by the War Team, with representatives from all product components i...
What do these topics have in common?
Update: The first correct answer is from Tom Smith who correctly identified the articles as having ridiculous In Popular Culture sections which mention The Simpsons. Lazbro was right: There needs to be a bot that deletes all "In Popular Culture" sections from Wikipedia.
How slow do you have to slow-double-click for it to be a rename?
In many parts of the system, you can rename an item by first selecting it, then clicking on its name. The selection step is typically done by clicking on the item, which creates the risk that your second click will be interpreted as a double-click rather than as a rename click. How slow do you have to slow-double-click for it to be a rename? Slow enough that it's not a regular double-click. The double-click time is set in the mouse control panel; I believe the current default is 500 milliseconds. If your two clicks are within a half second of each other, they will be treated as a double-click. If they occur ...
What I don’t get about bank robbers
My reaction to the news story about the so-called Barbie Bandits wasn't disbelief or shock at the crime, but rather confusion over their over-arching plan. People rob a bank and use the money to buy stuff. Dude, cut out the federal crime; just steal the stuff directly. When I expressed this disbelief at the lunch table, one of my colleagues took issue with my assessment. "Oh, no, the food in state prison is awful. Federal is much better."
Self-esteem gone overboard: The perils of a global namespace
There are items with overly generic names. , , , , . But their functionality doesn't live up to their name. refers only to kernel handles, can only close kernel handles, only gets information about GDI objects, applies only to the numerical difference between group resources and standalone resources, and only queries information about Terminal Services Remote Desktop Services. Why do functions that operate only inside a specific realm have names that suggest a broader scope? Self-esteem gone bad. You're on the kernel team. You have a handle manager. What should you call your handles? Well, since the...
What seventh grade students want to be when they grow up, an analysis
A few years ago, I listed some of the careers seventh grade students chose for themselves. But my friend the seventh grade teacher pointed out to me that the list hides the correlation between the jobs and the students. The lower-performing students chose the high-glamour jobs: Professional athlete, model, rock star, actor. Some of these students may be exhibiting boundless optimism; others may simply not have thought through the question very much and just picked the first thing that popped into their head. By comparison, the higher-performing students tended toward low-glamour but highly-skilled jobs: Contra...
Does version 6 of the common controls support ANSI or not?
I mentioned in passing a few years ago that version 6 of the common controls supports only Unicode. And then other people stepped in to say, "Well, XYZ uses ANSI and that works for me." So does it support ANSI or doesn't it? It does and doesn't. All of the controls in the common controls library are internally Unicode. But not all controls in the library are created equal. The first group is the traditional common controls. List view, tree view, those guys. These controls were never part of the window manager and have been internally Unicode on all Windows NT platforms. The ANSI messages such as ar...
Microspeak: Represent
The more conventional definition of represent is along the lines of "to act as a proxy for". An attorney represents his or her client in court. Your legislator represents you in the assembly. A token on a board represents your position in the game. At Microsoft, the word represent takes on a stranger meaning. Here are some usages inspired by actual sentences: In the first case, I'm guessing that the word represent means "to act as an advocate for" or possibly just "to serve as a source of information on". In the second case, it appears that the word represent just means "tell us in an official capacity...
Quite possibly my last in-person ballot for a long time
Most parts of the state of Washington have switched to all-mail voting. No more standing in line at the polling place and casting your vote in person. This is certainly a convenience, but to me, it dilutes the voting experience. Part of the experience is the sense that you're part of a process, and standing in a room full of voters certainly drives that point home. You may come from all walks of life, but you all have one thing in common: You all want to vote. Also concerning to me is the loss of the guaranteed secret ballot in a mail-in election. With a mail-in ballot, you have the problem that an overbeari...
How did Spicy Hot V-8 vegetable juice get added to the complimentary beverages in Microsoft kitchens?
Today is Election Day in the United States. Don't forget to vote. (Void where prohibited.) In honor of Election Day, I figured I'd tell a story about voting. One of the complimentary beverages available in Microsoft kitchens is Spicy Hot V-8. (Sure it's tasty, but watch out for the sodium content!) I remember well when Spicy Hot V-8 was added to the refrigerators. At the 1992 Company Meeting, Bill Gates and then-head of HR Mike Murray appeared on stage to read questions submitted by employees ahead of time. One of the questions was "Can we carry Spicy Hot V-8 in the kitchens?" Mike Murray decided to pu...
Sensor development kits were flying off the shelves
After the Sensor and Location Platform PDC presentation, people were stopping by the booth and grabbing sensor hardware and development kits like they were candy. Then again, to geeks, this stuff is candy. (And technically, they weren't flying off shelves. They were flying out of bins. Well, and technically they weren't flying either.) Other notes from the last day of the 2008 PDC:
If there’s already a bug, it’s not surprising that there’s a possibility for error
It's great to think about all the things that can go wrong but you also have to think about the situations that could lead to those bad things. In particular, you have to recognize when you are trying to avoid a bug that is ultimately outside your component and which you can't fix anyway. For example, consider this multithreaded race condition: Why is used in the implementation of ? The only reason I can think of is for multithread safety. But that function doesn't look multithread safe—what if another thread was about to increment ? Does the refcount incrementer have a special interlocked check fo...
Stick to the normal candy and nobody gets hurt
Hallowe'en is a family affair at Microsoft. It typically starts at around 3 or 4 o'clock, with costumed kids roaming the hallways collecting treats from offices. One year, one of my colleagues decided that the kids deserved more than the usual candy bars and chocolates. Even though he is Caucasian, he went to the local Asian foods market and stocked up on all sorts of Asian candies. Lychee-flavored gelatin, rice crackers, spiced watermelon seeds, you name it. It's a holiday and a cultural learning experience. He dumped all the candies into a big bowl and set them out for the kids. The kids didn't quite know w...
Working with ambiguous and invalid points in time in managed code
Public Service Announcement: Daylight Saving Time ends in most parts of the United States this weekend. I pointed out some time ago that Win32 and .NET deal with daylight saving time differently. Specifically, Win32 always deals with the time zone you are currently in (even if it's not the time zone that corresponds to the timestamp you are manipulating), whereas .NET deals with the time zone that was in effect at the time the timestamp was generated. For more details on the latter, I refer you to Josh Free from the BCL Team Blog, who some time ago explained how to work with ambiguous and invalid points i...
Dude, the admission bracelet goes around your wrist
Short stories from the 2008 PDC: Bonus chatter added 9am:
If you’re going to reformat source code, please don’t do anything else at the same time
I spend a good amount of my time doing source code archaeology, and one thing that really muddles the historical record is people who start with a small source code change which turns into large-scale source code reformatting. I don't care how you format your source code. It's your source code. And your team might decide to change styles at some point. For example, your original style guide may have been designed for the classic version of the C language, and you want to switch to a style guide designed for C++ and its new // single-line comments. Your new style guide may choose to use spaces instead of tabs f...
PDC 2008 notes: How to get to room 406A, and other notes
Today is the day of my talk. I'm always a bit nervous before these things, because I'm never sure if what I'm going to present matches up with what people are expecting. Most people who come to my PDC talk don't know who I am, so they aren't expecting me to toss out a few catch phrases, use my psychic powers, and tell stories about how a bug in a 16-bit scanner driver written in 1993 is the reason why TCP/IP is so complicated. (That last part was a parody.) Today's notes:
Why does my Run dialog say that tasks will created with administrative privileges?
"I don't know what happened, but now when I open the Run dialog on my Windows Vista machine by typing Windows+R, there is a shield under the edit box that says This task will be created with administrative privileges. What's going on?" One my colleagues used psychic powers to solve this problem: "I imagine that you manually killed Explorer, and then you used an elevated command prompt or an elevated Task Manager to launch a new one. An elevated Explorer shows this message. To fix it, exit your elevated Explorer, and exit your running elevated copy of Task Manager (if any). Then type Ctrl+Alt+Esc to launch a nor...
Typo patrol at the 2008 PDC
Typo patrol got off to a very quick start. One of the flyers in the attendee goodie bag is from a company which offers two free months of service to PDC attendees. The first step in obtaining the service is "Just signup and mention the PDC by January 31, 2008." Okay, just hang on while I fire up my time machine. Bonus grammar typo: signup is a noun; sign up is a verb. The second typo is kind of important. In all the PDC documents (including the voucher to pick up your attendee goodie bag), it says to go to Kentia Hall. This is incorrect. If you try, you'll find a locked door. The goodie bags (and all oth...
To climb the corporate ladder you’ll need some rope, but rope has many purposes
When KC told me about a trick she learned to get an area expert to respond to her email, I cautioned her that the trick might backfire: A friend of mine (let's call him Bob) happens also to work in the technology industry, and the manager for the part of the project he worked on was, to put it nicely, "in the wrong line of work." No matter how many times Bob would explain how the system worked on the whiteboard, his manager never really understood it. And the misunderstandings weren't just of the "oh I missed a little detail" variety; rather, they tended to elicit a "What planet are you from?" sort of reaction...
Ah, local Los Angeles television news, how I miss thee
Sitting in my hotel room the night before the 2008 PDC, I'm watching the Los Angeles local news, and the field reporter just said, "The police say this is an isolated incident, but it could happen anywhere."
If you don’t want to try to repair the data, then don’t, but you should at least know that you have corrupted data
When I wrote about understanding the consequences of , I mentioned that one of the possible responses was to try to repair the damage, but some people are suspicious of this approach. Mind you, I'm suspicious of it, too. Repairing corruption is hard. You have to anticipate the possibility, create enough of a trail to be able to reconstruct the original data once the corruption is recognized, and then be able to restore the data to some semblance of consistency. I didn't say that this was mandatory; I didn't even say that it was recommended. I just listed it as one of the options, an option for the over-achiev...
Man, this housing downturn is hitting everyone
Consider this house on Mercer Island, which happens to be for sale. Asking price: A shade under $35 million. Five bedrooms, nine bathrooms, over 22 thousand square feet, two swimming pools, space to park a 140-foot yacht, and an interior so opulent you'd be afraid to touch anything. If you were even allowed anywhere near it. But the sagging economy has taken its toll on this house. They were originally asking $40 million. Best line from the article: "But we decided we might want to simplify a little, and move to Medina." For those who aren't familiar with Seattle-area geography, Medina is the quiet li...
Sucking the trap frame out of a kernel mode stack trace
If you are placed in the unfortunate position of having to debug a user-mode crash from kernel mode, one of the first things you have to do is get back to the exception on the user-mode side so you can see what happened. We saw earlier how you can get symbols for operating system binaries to help you suck the exception pointers out of a user-mode stack trace; here's a corresponding tip for the kernel-mode side. Your stack trace will look something like this: ChildEBP RetAddr Args to Child 8fc86660 818844e3 83811e00 83811d78 83811e30 nt!KiSwapContext+0x26 8fc8669c 8184abd2 83811d78 00000000 83811d78 nt!KiSw...
Strange things happen when you let people choose their own name, part 3
Although Microsoft employees are internally assigned a cryptic email address by the IT department, the email address used for mail to and from the outside world is open to customization, to some degree. For example, consider an imaginary employee named Christopher Columbus. Christopher might be assigned an email address like or or or possibly the Slavic-sounding . But Christopher has the option of choosing the external email address: When he sends a message to somebody outside Microsoft, the "From" line will show the external address, and if somebody from outside Microsoft sends mail to the external addres...
Strange things happen when you let people choose their own name, part 2
I described last time how most parts of your entry in the company address book are closely regulated, but the differentiator is left to the honor system. Here are two and a half more examples of people who decided to do something funny with their bonus text. A message was sent to a mailing list I happen to be a member of, and the sender's name was listed as "John Doe (O|||||O)". I told John that I though the (O|||||O) was hilarious, and he wrote back, "Also, call my phone and listen to how the autobot says my name." I did, of course. The text to speech synthesizer pronounced his name as John Doe overtical b...
Strange things happen when you let people choose their own name, part 1
One of the things that happens when you arrive at Microsoft is you are assigned an email account, and the name of that account becomes your identity. The IT department has a set of rules which they follow to arrive at your account name, but you can petition for reconsideration if the result of their algorithm produces something you don't like. You have more flexibility with your display name. For example, you may commonly go by a less formal version of your legal name, or you may go by your middle name or your initials or you may choose to adopt an English name as your professional name. But even though y...
Off-Roading The Old New Thing
My friend ::Wendy:: decided that going off topic in the comments to this Web site was so much fun, she didn't want to let the Ground Rules stop her. So she created the Off-Roading The Old New Thing group, where people who get a thrill out of going off topic can do so without running afoul of this Web site's Ground Rules. Have fun, everybody!
Why can’t you thunk between 32-bit and 64-bit Windows?
It was possible to use generic thunks in 16-bit code to allow it to call into 32-bit code. Why can't we do the same thing to allow 32-bit code to call 64-bit code? It's the address space. Both 16-bit and 32-bit Windows lived in a 32-bit linear address space. The terms 16 and 32 refer to the size of the offset relative to the selector. Okay, I suspect most people haven't had to deal with selectors (and that's probably a good thing). In 16-bit Windows, addresses were specified in the form of a selector (often mistakenly called a "segment") and an offset. For example, a typical address might be . This mean...
The cult of PowerPoint, episode 2
PowerPoint is a fine presentation tool, but some people have elevated it to the level of a cult. The most recent member of the PowerPoint cult was a customer who decided to use PowerPoint in an email message. No, I don't mean that the customer attached a bad PowerPoint presentation to the email. I mean that the customer's email was itself a three-slide PowerPoint presentation. Well, not quite. What they actually did was create a three-slide presentation, then take screenshots of each slide and embed them in the email. Well, not quite. The screenshots were shrunk to save size. Each page from the Po...
Psychic debugging: Why your thread is spending all its time processing meaningless thread timers
I was looking at one of those "my program is consuming 100% of the CPU and I don't know why" bugs, and upon closer investigation, the proximate reason the program was consuming 100% CPU was that one of the threads was being bombarded with messages where the is . The program was dispatching them as fast as it could, but the messages just kept on coming. Curiously, the for these messages was zero. This should be enough information for you to figure out what is going on. First, you should refresh your memory as to what a null window handle in a message means: These are thread timers, timers which are associ...
Possessed: A documentary about hoarding
I found Possessed, a short documentary on hoarders, fascinating because I teeter on the brink of hoarding myself and have to fight it. Some days I am more successful than others. Notice how coherently the subjects talk about their obsession. They know it's pathological, but they can't stop themselves. I was able to beat my hoarding of cardboard boxes ("Hey, it'd be a waste to toss these cardboard boxes into the recycle bin; I could re-use it someday, like maybe if I have to mail a package or something") when a friend of mine was moving and needed cardboard boxes to pack up his things. I gladly handed over my s...
Disable your wireless network card to speed up VPN’ing
As a follow-up to my tip on speeding up connecting via RAS and a SmartCard, I've been told that another trick you can do is to disable your wireless networking card before initiating the VPN connection. Wireless networking cards are a huge attack surface, and the VPN software spends a lot of time trying to secure it. I don't have a wireless networking card on the machine I use at home to connect to the work network, so I haven't tried it, but who knows, maybe it'll work for you.
Why does Task Manager let me kill critical system processes?
Because you told it to. If you run Task Manager, highlight a critical system process like Winlogon, click End Task, and confirm, then gosh darn it, you just killed Winlogon, and the system will reboot. (Assuming, of course, that you have sufficient privileges to terminate Winlogon in the first place.) Task Manager in earlier versions of Windows would try to stop you from killing these critical system processes, but its algorithm for deciding which processes were critical wasn't very smart, and if you were sufficiently devious, you could fake it out and make your program seemingly unkillable.¹ To avoi...
Why does killing Winlogon take down the entire system?
Commenter Demeli asks, "Why does Winlogon take down the entire system when you attach a debugger to it? (drwtsn32 -p <pid of Winlogon>)" This question already has a mistaken in it. Running drwtsn32 on a process isn't attaching a debugger to it. Attaching a debugger would be something like , and this does work, assuming you have the necessary privileges, of course. (Indeed, this is how the Windows team debugs problems with Winlogon.) In other words, the literal answer to the question is "No, Winlogon does not take down the entire system when you attach a debugger to it." What does is take a crash dump...
How do I suppress the CapsLock warning on password edit controls?
One of the features added to version 6 of the shell common controls is a warning balloon that appears if CapsLock is on in a password control. Let's demonstrate. Take the scratch program, add a manifest that requests version 6 of the common controls (perhaps by using a Visual C++ extension), and add the following: BOOL OnCreate(HWND hwnd, LPCREATESTRUCT lpcs) { g_hwndChild = CreateWindow(TEXT("edit"), NULL, ES_PASSWORD | WS_CHILD | WS_VISIBLE, 0, 0, 0, 0, hwnd, NULL, g_hinst, 0); if (!g_hwndChild) return FALSE; return TRUE; } Run this program and hit the CapsL...
How can I increase the number of files I can open at a time?
People who ask this question invariably under-specify the question. They just say, "How can I increase the number of files I can open at a time?" without saying how they're opening them. From the operating system's point of view, the number of files you can open at a time is limited only by available resources. Call until you drop. (This remark applies to local files. When you talk over the network, things get weirder.) The fact that these people are asking the question, however, indicates that they're not using to open the files. They're using some other intermediate layer, and it's that layer that is imp...
Why does the Disk Management snap-in report my volume as Healthy when the drive is dying?
Windows Vista displays a big scary dialog when the hard drive's on-board circuitry reports that the hardware is starting to fail. Yet if you go to the Disk Management snap-in, it reports that the drive is Healthy. What's up with that? The Disk Management snap-in is interested in the logical structure of the drive. Is the partition table consistent? Is there enough information in the volume to allow the operating system to mount it? It doesn't know about the drive's physical condition. In other words, "As far as the Disk Management snap-in is concerned, the drive is healthy." Similarly, your car's on-board G...
Microspeak: Teaming
At training sessions, you don't participate in team-building exercises. No, that's old-fashioned terminology, the sort of thing those old stodgy Web 1.0 dinosaurs would say. The new word is teaming. Note: This Microspeak entry was submitted by a colleague from the UK, so it may be peculiar to the UK dialect of Microspeak. Pre-emptive clever comment: Verbing weirds language. [Raymond is currently away; this message was pre-recorded.]
Eventually, nothing is special any more
Commenter ulric suggested that two functions for obtaining the "current" window should exist, one for normal everyday use and one for "special use" when you want to interact with windows outside your process. I'd be more at ease however if the default behaviour of the API was to return HWND for the current process only, and the apps that really need HWND from other potentially other processes would have to be forced to use another API that is specifically just for that. This is an excellent example of suggesting something that Windows already does. The special function has become so non-special, you don't ...
Stories of crossing into Canada: The wedding
When I cross the border into Canada, there's almost always a story. Rarely is there an uneventful crossing. In 2007, I attended a wedding in Vancouver, BC, and here's how the conversation went at the border crossing into Canada: Me: Good morning. (As I hand over passports and green cards for everybody in the car.) Border guard: Hello. What is the purpose of your visit? Me: A wedding. Border guard: How long will you be in Canada? (Looks over the documents and compares the faces against the people in the car.) Me: Just one day. Border guard: Bringing any gifts? I didn't bring any gifts (in t...
Acquire and release sound like bass fishing terms, but they also apply to memory models
Many of the normal interlocked operations come with variants called InterlockedXxxAcquire and InterlockedXxxRelease. What do the terms Acquire and Release mean here? They have to do with the memory model and how aggressively the CPU can reorder operations around it. An operation with acquire semantics is one which does not permit subsequent memory operations to be advanced before it. Conversely, an operation with release semantics is one which does not permit preceding memory operations to be delayed past it. (This is pretty much the same thing that MSDN says on the subject of Acquire and Release Semantics....