------------------------------------------------------------------------
Known Problems With October Win32 SDK
------------------------------------------------------------------------

Microsoft is committed to providing quality products and
encouraging software development.  In response to developer
demand we have prepared the following list of bugs.  This list
reflects all of the known problems with the October Win32 SDK
utilities, documentation, headers, libraries and APIs as of the
day it was released to manufacturing.  It does not include any
system utilities, or end-user related bugs.

This list is provided for reference only. It is intended to
prevent programmers from losing valuable time debugging their
Win32 code if, for example, an API is behaving in an unexpected
way.  If you are experiencing problems with any of the SDK
components, please consult this list.

While Microsoft clearly wants to release a system with as few
bugs as possible, the appearance of a bug on this list does not
guarantee that it will necessarily be fixed in the next release.
We will continue to post updated lists with each
release.  These lists only reflect known bugs at the time of
that release.  If a bug no longer appears on the following
updated list, then it has been fixed.  There is no plan to
provide interim status information on these bugs.

Please continue to submit bugs that we have not included on
this list as you discover them.  Your feedback is essential to
ensure that Windows NT is a quality product which meets both the
end-user's and  the programmer's needs.

Thank you for your feedback and for investing time in testing
and reporting problems.

------------------------------------------------------------------------
Table of Contents:  

  Section I - USER
 Section II - GDI
Section III - BASE/Security
 Section IV - RPC
  Section V - Tools
 Section VI - Windows Sockets
Section VII - POSIX

------------------------------------------------------------------------
Section I - USER

 1. Two "Active" Windows At Same Time

    For example, start WinDbg minimized and a non-minimized console
    window. WinDbg puts up dialog with active colors, but console window
    has the focus. Dialog box is being painted incorrectly.

 2. SetTextWindow() Raises C0000037 For Strings With FFFF

 3. CreateIconIndirect() Fails to Create Color Cursor

 4. Cursor Remains Hourglass After Welcome Dialog is Displayed

 5. Access Violation Via PopState()

 6. DialogBoxParam() Not Interpreting Pen Computing Sequences

    ALC<number> activates Pen Computing Logic for edit boxes. Application
    strips sequence from the window text that is passed the CREATESTRUCT
    during WM_CREATE processing. USER is not passing the changes back to
    the server.

 7. CreateDialogIndirect() Not ORing Extended Style Bits From Template

 8. DM_SETDEFID Leaves Previous Default Button Bold

 9. Top Window is Not Window With the Focus

10. SetWindowText() Displays only Part of Long String as Window Title

11. winuser.h Mentions WinWhere(), Which Does Not Exist

    /* WinWhere Area Codes */

       should become

    /* WM_NCHITTEST and MOUSEHOOKSTRUCT Mouse Position Codes */

12. Second Parameter to ExitWindowsEx() Should be Reserved

    Second param in current prototype is ForceTimeout. This param is not
    used, so it should be renamed dwReserved.

13. Child System Menu May Not Pop Up (related to PeekMessage())

14. App Does Not Get WM_ACTIVATEAPP Message on Deactivation

    Message gets hung up behind other messages in queue. Works on 3.1
    because 3.1 posts WM_SYSCOMMAND/(SC_TASKLIST, SC_PREVWINDOW,
    SC_NEXTWINDOW) to app, causing it to fall out of its modal message
    loop.

15. Alt+nnn May Not Pass OEM Char to Console Application

16. GetAsyncKeyState() Behavior Does Not Match Doc

    GetAsyncKeyState() can read async key state even if a window in
    another thread/process has the keyboard focus. Also, it returns
    logical VK_LBUTTON, not physical, which differs if mouse buttons
    are swapped.

17. MapVirtualKey() Does Not Have a Unicode Version

18. OemKeyScan() Missing

    Can be simply implemented with OemToChar() and VkKeyScan()

19. GetMenuState() Does Not Return MF_POPUP Flag

20. GetWindowTextLength() Inaccurate For DBCS Title

21. WM_COALESCE Processing Incorrect

    May cause last message in the queue to be replaced with a WM_MOUSEMOVE

22. Journal Hook Called When Posted Message in Message Queue

23. USER Calls Journalling Hook Twice Before WinExec() Returns

24. WM_NCLBUTTONUP Message Missing From Double-Click

25. WM_SETFONT Does Not Reset Control to Default Font

    Sending the following message to a PUSHBUTTON doesn't reset the font

       SendDlgItemMessage( hDlg, IDFONT, WM_SETFONT, NULL,
	   MAKELPARAM( TRUE, 0 ))

26. Maximize, Restore, Change Size, Maximize Window is Wrong

    The window gets put in the wrong place

27. Memory Leak When Creating/Destroying CS_OWNDC Style Windows

28. CharToOem(), OemToChar() Only Work With CodePage 437

29. Radio Buttons on MIPS SVGA Disproportionately Large

30. SetActiveWindow() Fails to Set Focus Across Processes

31. SetWindowLong( hwnd, DWL_*, nnn ) Does Not Work

32. lParam of CreateMDIChild() Should Be Type LPARAM, Not Type LONG

33. JournalPlayback() Steals Input Even If In Another Desktop

34. Min/Max Icons Drawn Incorrectly on Framed Dialog Box

35. DrawIcon() With NULL HICON Succeeds

    Passing a NULL HICON to DrawIcon() should return FALSE. It currently
    returns TRUE.

36. GrayString() Tells Callback There Are 3 Characters in ""

37. Problems Receiving WM_PALETTECHANGED In Multi-threaded Applications

    Suppose an application has several top-level windows handled by their
    own threads. When each window realizes a palette for its 256-color
    bitmap, the other windows do not realize their palettes.

38. IntersectRect() Should Return BOOL, Not Int

39. LoadString(), FindResource(), etc Need Default Language

40. UnregisterClass() Returns TRUE For A Public Class

    There was no private class registered with the same name.

41. GetWindowWord()/GetWindowLong() Cause Incorrect Error

    GetLastError() will return 6L ERROR_INVALID_HANDLE instead of 1400L,
    ERROR_INVALID_WINDOW_HANDLE.

42. UnregisterClass() Returns TRUE for hInstance=NULL

43. wsprintf() Does Not Describe How To Print Unicode Strings

    specifier         wsprintfA             wsprintfW
    ---------         ---------             ---------
     %c / %s         CHAR / LPSTR         WCHAR / LPWSTR
     %C / %S        WCHAR / LPWSTR         CHAR / LPSTR
    %hc / %hs        CHAR / LPSTR          CHAR / LPSTR
    %lc / %ls       WCHAR / LPWSTR        WCHAR / LPWSTR
    %wc / %ws       WCHAR / LPWSTR        WCHAR / LPWSTR

44. Code Fragments Incorrect in Unicode Support Docs

    step 3:

       cCount = *lpEnd - *lpStart;
       correction: cCount = lpEnd - lpStart;

       cbSize = (*lpEnd - *lpStart) * sizeof( TCHAR );
       correction: cCount = (lpEnd - lpStart) / sizeof( TCHAR );

       chNext = ++*lpText;
       correction: chNext = *++lpText;

    step 4:

       while( *lpFileName++ != '\\\\' )...
       correction: while( *lpFileName++ != \\' )...

       while( *lpFileName++ != TEXT( '\\\\' ) )...
       correction: while( *lpFileName++ != TEXT( '\\' ) )...

45. Help For WM_CTLCOLOREDIT Missing

46. SetTimer() Should Mention that idTimer Is Contained in uParam Field

47. EM_LIMITTEXT Should Specify 'characters' Not 'bytes'

48. Documentation Missing For LB_GETANCHORINDEX/LB_SETANCHORINDEX

------------------------------------------------------------------------
Section II - GDI

 1. ResetDC() Not Implemented

 2. PlgBlt() Does Not Get Converted Correctly

    Happens when converting 32-bit enhanced metafile to 16-bit metafile

 3. Text Outline Filled After Converting 32-bit Enhanced Metafile to
    16-bit Metafile

 4. GetDIBits() Does Not Return Correct Color Table For Brushes

 5. Text in Path Exposes Bug In Line-widening Code

 6. GetNearestColor() Returns Bad Mapping on MIPS

 7. Brush Cleanup After Application Exit Abnormally Causes Server Side
    to Assert

 8. SPY: Icon is Not Drawn When Minimized

 9. MaskBlt() With Negative Extents Output Blackness

10. MaskBlt() With Rotation Does Not Work

11. BitBlt() Causes Server Side Access Violation

    This happens if StartDoc() is not called prior to the BitBlt() call
    on a printer DC.

12. Cannot Create Unicode Font With Only CharSet field set to
    UNICODE_CHARSET

13. Cannot Detect Which Fonts Are Unicode with EnumFonts()

14. GetTextMetrics() Returns 1 In tmPitchAndFamily Field for Fixed Pitch
    TT font

15. GetTextFace() Returns Wrong Information For Helv and Tms Rmn Fonts.

16. gdi32 Does Not Simulate TT Italic Fonts

17. Enumerating MonoType Sorts TT Font Gets Access Violation in the GDI
    Server

18. gdi32 Does Not Provide Bold Simulations For TT Fonts

19. Enhanced Metafile Record Numbers Not Included in Header Files

20. GetDeviceCaps() Returns Reference Device TECHNOLOGY For Enhanced
    Metafile Rather Than DT_METAFILE

21. Regions Generated By PathToRegion() With Opaque Text Combine Into
    One Region If the Text Overlaps in the x-coord

22. Translate Server Object Leaks on MIPS

23. StretchBlt() from MemDC to ScrnDC Not Compatible with Win 3.1

24. GDI Assertion on Long Print Runs.

    Error is "GDI Assertion Failure: HmgAltCheckLock - Lock Overflow"

25. MIPS Palette Problems

    Load 256-color bitmap into Paintbrush, use the selective color erase
    (rather than regular eraser). Note that image is corrupted when used.

26. GdiPlayJournal() Declaration Incorrect in wingdi.h

    Defined to take an LPCSTR as the document name. Should have Unicode
    and ANSI entrypoints or have one entrypoint which uses LPCWSTR.

27. StartDoc() Does Not Return JobId as Spec'd

28. Certain Complex Regions Get Corrupted

    Error is "GDI Assertion Failure: Region corrupted"

29. ExtTextOut() Clips Characters

30. QueryAbort() Not Implemented

------------------------------------------------------------------------
Section III - BASE/Security

 1. CopyFile() Does Not Copy Extended Attributes of a File

 2. CreateFile() hTemplateFile Parameter is Ignored

 3. GetVolumeInformation() Incorrectly Succeeds on Non-root Directories

 4. MoveFile() Does Not Move Files to Read-only Directories

 5. WritePrivateProfileString() Faults If .ini File Does Not Exist

 6. HeapCreate() Fails With cbMaximumSize = 0 (Growable Heap)

 7. Growing Environment > 4K With SetEnvironmentVariable() Causes Fault

 8. Linker\Loader Creates and Loads a DLL w/ Ordinals Over 64K

    The linker will create DLLs with ordinals larger than 64K
    without warning. The loader will load this DLL ok, even though
    the ordinals are out of range.

 9. GetUserName() Now Fails If Buffer Is Too Small

    GetUserName() does not require your buffer to be smaller than
    MAX_USERNAME_LENGTH. It will simply fail if the buffer is too
    small to contain the entire user's name.

10. FormatMessage() Rejects MAKELANGID(LANG_ENGLISH, ...)

    Use MAKELANGID(0, ...) as a work-around.

11. SetKeyboardState(..VK_CAPITAL..) Does Not Set the LEDs Correctly

12. GetUserName() Does Not Indicate bufsize When buf is Too Small

    GetUserName() does not indicate the correct buffer size to use if
    the buffer you pass in is too small.

13. RegEnumValue() & RegQueryValue() Are Inconsistent With NULL Data

    Both RegEnumValue() and RegQueryValue() will Be fixed to return
    NO_ERROR when lpData is NULL, and return ERROR_MORE_DATA when
    lpData is not NULL, but the buffer is not big enough.

14. DialogBox Fails If There is a LANGUAGE Statement in the .RC file

    A LANGUAGE LANG_ENGLISH,SUBLANG_ENGLISH_US statement will cause
    a dialog box to fail. Use LANG_NEUTRAL, SUBLANG_NEUTRAL as a
    work-around.

15. lstrlen() Faults When it is Passed a NULL Pointer

16. BackUpWrite() Faults When Writing BKUP_EA_DATA

17. BackupRead()/BackupWrite() Do Not Copy EAs

18. BackUpWrite() Gives Access Violation for Alternate Streams

    The ability to backup alternate streams will be included in a
    future release of NT.

19. lpContext Parameter Not Documented Well for Backup APIs

20. VerInstallFile()/VerFindFile() Buffer Sizes Not Documented Correctly

    If the various buffers for VerInstallFile() and VerFindFile() are
    not large enough, the API will tell you how large they need to
    be (in the CurDirLen/DestDirLen/TempFileLen parameters).

21. GetFileTime() lpftCreation Not Valid For FAT Files

22. hPrevInstance Is Always NULL Under NT

    The documentation was changed to reflect this fact.

23. Audio Disc in CD-ROM Can Cause Corruption of File Directories

    Doing file I/O while an audio disc is in the CD-ROM player can
    causes entire directories to become corrupted. We do not playing
    audio CD-ROM discs until this problem is fixed.

24. LZ APIs Are Not Multi-threaded Safe

    The LZ APIs are not currently safe to be called by more than one
    thread in a process at once.

25. NetUserEnum() Does Not Properly Use the resumehandle Param

    Repeated calls to NetUserEnum() will return duplicate users from
    the previous call.

------------------------------------------------------------------------
Section IV - RPC

 1. RPC Returns Server Too Busy When Server is Unavailable.

    If a RPC server is shutdown unexpectantly, the client application
    returns RPC_S_SERVER_TOO_BUSY instead of RPC_S_SERVER_UNAVAILABLE.

 2. Array of Strings Marshalled Incorrectly.

    The following:

       typedef char str[80];
       void foo( [out, length_is(*len)] str array[100], [out] short *len);

    is marshalled incorrectly in the server stubs.

 3. The MIDL -help Screen Does Not Display All Switches

    The /error memory_access switch need to be added.

 4. MIDL Produces Wrong Code for Declarations

    MIDL outputs #define statements for variable declarations. i.e:

       stub.idl
       [...] interfacename
	{
	int x=5;
	}

    The MIDL compiler outputs the following:

       #define x 5

 5. Error Message C2064 From Context Handle Declaration.

    The following:

       [context_handle] long * foo( ..args ..)

    generates the following error message from the MIDL compiler:

       C2064: inapplicable or redundantly specified attribute: context

 6. Error Message C2059 From Structure Type Definition.

    The following produces error C2059 from the MIDL compiler:
    C2059: [ procedure foo, typedef str] context handle must be a pointer.

       typedef struct { some fields .. } str;
       [context_handle] str * foo{ ..args..)

    The following doesn't yield any error:

       typedef str pstr;
       [context_handle] pstr foo (..args..);

 7. The MIDL Compiler Accepts [ignore] As Operational Attribute.

    Ignore should be accepted only as a field attribute.

       [ignore] long * foo( parms ... );

       typedef [ignore] long * IGN_PLONG;
       IGN_PLONG foo2( parms ... );

 8. MIDL: allocate(dont_free) on Double Indirection.

       .IDL file
       =========
       ...
       typedef struct foo { long l; } * pfoo;

       void get_pfoo( [out] pfoo * bar);

       .ACF file
       =========
       typedef [allocate(dont_free)] pfoo;

    Server stubs for get_foo() allocate a pfoo *, but never free it.

 9. MIDL: _alloc_total Undeclared Identifier.

    The size_is keyword is applied to conformant array MIDL-compiles
    without error; however, stubs won't compile in the 'C' compile.
    A declaration for for _alloc_total must be added to the header
    file or client stub for the 'C' compile to be successful.

       .IDL file
       =========

       /* transmit binary tree as an array */
       typedef struct _DOUBLE_XMIT_TYPE {
	   short sSize;
	   [size_is(sSize)] short asNumber[];
       } DOUBLE_XMIT_TYPE;

       client stub fragment:

       (*(DOUBLE_XMIT_TYPE **)&_xmit_type) = midl_allocate (
	    (size_t)(sizeof(struct _DOUBLE_XMIT_TYPE) - sizeof(short)
	    + _alloc_total * sizeof(short)));
       _gns__DOUBLE_XMIT_TYPE ((DOUBLE_XMIT_TYPE *)_xmit_type, _prpcmsg,
	    _alloc_total);


    Another workaround is to change the IDL file to the following:

       typedef struct _DOUBLE_XMIT_TYPE {
	 short sSize;
	 [length_is(sSize)] short asNumber[MAXSIZE];
       } DOUBLE_XMIT_TYPE;

10. Context Handle RPC Clients Don't Unbind.

    The MIDL generated RPC client stubs don't always unbind after they've
    done a bind. This leaves the named pipe open which consumes resources
    on the server. This problem seems to occur only under error conditions
    where the client side code will just raise an exception without
    unbinding.

11. Unreachable Code In Stubs

    The following idl creates unreachable code.

       .IDL File
       =========

       [   uuid(BBBAAAAA-1111-2777-3777-400000000000),
	   version(1.0), pointer_default(unique) ]
       interface badcode
       {
       typedef [ref] char *ref;
       typedef [unique] ref *unique;
       void foo([in, out] unique this);
       }

       STUB_C.C file
       =============
	 .
	 .
	 .
	 RpcTryFinally
	   {
	    .
	    .
	    .
	     if ((*this) == (void *)0)
	       RpcRaiseException(RPC_X_NULL_REF_POINTER);
	     if ((*this) == (void *)0)
	 //  ^^^^^^^^^^^^^^^^^^^^^^^^^  this will never be true.
	       {
	       (*this) = midl_allocate ((size_t)(sizeof(char)));
	       }

	     /* receive data into (*this) */
	     char_from_ndr(_prpcmsg, (unsigned char *)(*this));
	   }

12. MIDL Does Not Flag Things As Not Implemented

    A) The types ISO_LATIN_1, ISO_MULTI_LINGUAL, and ISO_UCS should be
	recognized but flaged as not in Microsoft RPC Version 1.0. MIDL
	currently does not recognize them.
    B) The [heap] attribute does not produce a "Not implemented" message.
    C) The enable_allocate attribute is not flaged as implemented
    D) explicit_handle is not recognized as a not implemented attribute
    E) comm_status is not recognized as not implemented.
    F) fault_staus is not recognized as not implemented.
    G) pipe type keyword is not recognized as not implemented.

13. MIDL Does Not Conform to OSF/DCE Compiler

    The bugs reported here are features that midl allows in osf mode but
    idl does not.

     1. UUID's in quotes
     2. in_line and out_of_line are unrecognized in MIDL. They should be
	ignored.
     3. hyper is invalid.
     4. boolean as a switch_type.
     5. typedef [handle, transmit_as(xmit_t)] record_t *pres_t;
	void foo ( [in] pres_t hin, [out] pres_t hout);
	Midl says you can only have a handle as the first argument.
     6. Can't redefine "error_status_t" as an unsigned long.
     7. [fault_status] and multiple error_status_t arguments.
     8. typedef uuid_t afsUUID;
     9. Poor errors for all the v1_* attributes.
    10. [contex_handle] void *rd_new_return( [in] handle_t hin );
	- poor error
	- OSF DCE support contex_handle as a return type.
    11. [out, cxt0_handle] void **p_wr_ctx;
	- interface is named "cxt0".
    12. Poor handling of encapsulated unions.
    13. typedef struct { byte row, column; } PRIVATE_CHAR_16;
	... [string] PRIVATE_CHAR_16 ...
    14. typedef [string] string_type[];
    15. [broadcast] void cp_op ( [out] error_status_t *st );
	MIDL asserts: gramutil.cxx, line 526.
    16. void foo ( short x );
	They require an in or out attribute on every parameter.
    17. mix_is(14), size_is(5), first_is(4), ...
	Can't use constants on ANY of the ?????_is() attributes
    18. const short i = 15,
	.. max_is(i)
	Can't use global constants either. (see 17)
	->Error: i already defined.
    19. struct foo { short x; };
	They want a typedef on all struct declarations.
	Error: unexpected ;
    20. typedef pipe struct { short j; } fault;
    21. Warning/Error if there is no pointer_default() and no
	[{ref,unique,ptr}] attribute on a pointer.
    22. [handle] can't be on an [out] only parameter.
	(must be [in] or [in,out])
    23. [align] not yet supported.
    24. void foo ( [in, out, unique] short int ** name );
	-> Error: missing [ref], [unique] or [ptr]
	(no pointer_default)
    25. (f10_2.v1)
	typedef [ref] short * pShort;
	void foo ( [in, ref] pShort p );
	->Error: [ref] parameter cannot be passed by value.
	(any of [ref] [unique] or [ptr] give the same error.)
    26. typedef short * pShort;
	(with no pointer_default)
	->Error: missing [ref], [ptr] or [unique]
    27. [unique] is not supported
    28. Midl accepts [callback] in OSF mode.
    29. typedef struct foo { struct foo *apFooChildren[2]; } Foo;
	-> Error: tag "foo" not yet complete.
    30. void foo ( [in] float f );
    31. void foo ( [out] handle_t hout );
	-> Error: handle_t must be in.
    32. void foo ( [in] pipe long x );
	->Error: pipe must occur in a typedef
    33. error_status_t does not work like dce.
    34. idl does not allow unique to be applied to a pointer that is
	qualified with the [handle] attribute.
    35. Version(1.01010) is treated as a decimal major version and an
	octal minor version number.
    36. const int 1234; accepted by MIDL
    37. const short 32768; should state "out of range".
    38. <interface>_{Server,Client}IfHandle         // from midl
	    vs.
	<interface>_v<major>_<minor>_{s,c}_ifspec   // from idl
    39. Indentifier limits
	No warning given for any indentifiers > 31 characters.
    40. No warning given for the following:
	   typedef struct _A {
	       long *size;
	       [size_is(*size)] long array[];
	   } A;
    41. No warning given for the following:
	void proc([in,out]unsigned long *psize,
		  [in,out]unsinged long *plast,
		  [in,out, size_is(*psize),
		  last_is(*plast)] long array[]);

14. MIDL Allows [ref] To Be Placed on a Return Pointer.

    Midl allows ref on a return value pointer like the following:

	[ref] char *foo();

    This violates the concept of ref.

15. MIDL Recognizes represent_as, transmit_as Outside of Brackets

    MIDL recognizes represent_as and transmit as keywords outside of [ ]

    [ uuid(FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF) ] interface represent_as
    {
       void foo();
    }

16. MIDL: Unsized Arrays Accepted If length_is Present

    An unsized array featuring only length_is() attribute is accepted.
    As a result code is generated as if the size was 1. Example:

       void foo( [length_is(s)] long * pl, short s);

    Same thing happens with [first_is()] only etc.

17. MIDL Allows Bad Constants For Array Sizes.

    MIDL accepts array sizes that are < 1.

18. MIDL: Escape Sequences Are Not Reproduced Correctly.

    Some escape sequences are not being reproduced correctly in the
    generated header file.

    A. Hex notation characters are reproduced in the header file as '\0'

       input:

       const char HexNotationChar  = '\x10';
       const char HexNotationChar2 = '\x01';
       const char HexNotationChar3 = '\x0';
       const char HexNotationChar4 = '\x1';

       output:

       #define HexNotationChar   '\0'
       #define HexNotationChar2  '\0'
       #define HexNotationChar3  '\0'
       #define HexNotationChar4  '\0'

    B. An escaped double quote character in a string is not reproduced in the header file with the escape character.

       input:

       const char *p = "some string with an escaped double quote\""

       output:

       const char *p = "some string with an escaped double quote""

19. midl_allocate() Should Be Removed From Docs

    This is not exposed to the user.

20. MIDL: Strings in Union Not Marshalled on Server.

    The strings which are contained in a union are not properly
    handled with the MIDL compiler.  The following IDL file
    demonstrates the problem.

       .IDL file
       =========
       [uuid(12345678-7000-2003-0000-200000000002),version(610.090101),
       pointer_default(ptr)] interface regress
       {
	  typedef [switch_type(short)] union _uniontype
	     {
	     [case(1)] [string] char string[10];
	     [default];
	     }
	  UNIONTYPE;

	  typedef struct _structwithunion
	     {
	     short s;
	     [switch_is(s)] UNIONTYPE u;
	     }
	  STRUCT_WITH_UNION;

       STRUCT_WITH_UNION
       in_struct_with_union(
	   [in] STRUCT_WITH_UNION p,
	   [in, out] unsigned long *pchecksum
	   );
       }


21. MIDL: void * Pointer Can Be Initialized.

    The following is accepted by the MIDL compiler.
       const void * v = 1;

22. MIDL: Multiple error_status_t Should Be Allowed

    MIDL only allows one error_status_t parameter or parameter.

23. MIDL: Struct Alignment Problems (double members by value)

    The following structure and prototype, when compiled with the
    MIDL compiler, demonstrates a problem with client and server
    parameter marshalling.

       IDL file
       ========
	  typedef struct _foo {
	       char c;
	       double d;
	       /* more */
	  } foo;

	  void StructIn(short call_num, foo afoo);

24. MIDL: Ref Parameters Not Checked For NULL

    The following prototype demonstrates a problem with the MIDL
    compiler client-generated code not checking to see if the
    reference pointer, p, is NULL.

       void foo( [ref,in,out] short *p);

25. Can't Export UUID's Without Binding Vector or Binding

    A server entry cannot be created with no bindings in it. So the
    sequence
       Export(some object uuid's);
       Export(some bindings);
    doesn't work; you must call them in the reverse order, or export
    both in the same call.

26. RPC_C_VERS_VERS_UPTO Should Be RPC_C_VERS_UPTO

    The RPCNSI.H manifest constant is misspelled.

27. MIPS Locator Fails With Autohandles.

    The third usage of a locator with autohandles fails with Windows
    3.1 clients.

28. RpcNsExport Can't Handle nil Interface Parameter.

    If the interface parameter is 0, the functionn returns
    RPC_S_NAME_SERVICE_UNAVAILABLE.  This is true regardless of the
    presence or absence of the entry.

29. RPC_S_CALL_FAILED_DNE Returned Instead of RPC_S_CALL_FAILED.

    While the server stub has control and the server program exits,
    the error returned to the client is RPC_S_CALL_FAILED_DNE instead
    of the appropriate RPC_S_CALL_FAILED.

30. No Error Returned For RpcServerListen( 2, 0 ).

    No error is returned when MaxCalls=0.  Also, no error is returned
    when Minthreads > MaxCalls.

31. RPC Server Hangs With Heavy Load

    On a server with many server processes running and six or more
    clients connected, the server will crash.

32. RPC Runtime Include File Not C++ Compliant

33. Protocol ncacn_nb_ip Does Not Work.

34. UuidCreate Does Not Start rpcss.exe

35. RPC Needs Hostname.

    RPC_S_SERVER_UNAVAILABLE returned when using a binding with
    netaddress==null and protseq==ncacn_ip_tcp.

36. MIPS TCP Can Not Use Endpoint Mapper

    Fails during RpcEpRegister().

37. LRPC Fails On IN Buffer.

    When specifying an "IN" parameter, a "data corrupt" notification
    is returned.

38. LRPC Fails on Floats and Double Parameters.

    The following prototype fails only on the LRPC (ncalrpc protocol).
       Test( float f, double d)

39. LRPC String Binding Can Not Distinguish Local/Remote Hosts

    When a server exports to the name space a binding that uses the
    RPC/LPC protocol, a client doing the lookup can't tell whether the
    binding is for a server on the same or a different host.

40. Context Handles Available to Any Process

    Context handles allow anyone to utilize a context handled opened
    by anyone else.

------------------------------------------------------------------------
Section V - Tools

 1. Testing For EOF Behaves Differently in DOS and Windows NT

    while( ! feof( file ) ) {
       if( fgets( buffer, sizeof( buffer ), file ) == NULL ) {
	  if ( feof( file ))

	   // This branch is never reached under DOS/C6; however,
	   // this section of code is always reached at the end
	   // of a file under Windows NT.

	     printf( "Should not be reached\n" );

	  else printf( "Legitimate file error\n" );
       }
    }

 2. Problems With Function Containing Register Vars and Inline Assembly

    Function has local register variables and inline assembler code. One
    register variable uses eax and so does the assembler code. At one
    point, the eax register does not get properly reloaded. This causes
    problems with the local variable, since the assembler code has
    modified it.

 3. feof() Cannot Find EOF When Input is Piped from Command Line

 4. Redirection In Console Application Via C-Runtime Fails

 5. Assert Macro Works, But Differs From C/C++ 7.0

    In the C/C++ 7.0 implementation, the ternary operator (?:) is used.
    In the Win32 SDK implementation, an if-else statement is used.

 6. Undefined Symbols _pwctype and is_wctype

    These symbols are not defined when using crtdll. They are both used
    by the isw* macro defines.

 7. _chdir() Not Only Changes Working Directory, But Also Current Drive

    It is documented to change the current working directory only.

 8. atoi() Does Not Stop At Non-digit Characters

    This problem occurs with character values >= 128 with all ato* and
    strto* functions.

 9. _fstat() With UNC Path Causes Access Violation

10. crtdll Does Not Export _fpieee_flt() (floating-point exception filter)

11. MIPSDK control-R Does Not Resynch

12. WinDbg Set Process Dialog Disabled

    The dialog was the same as for setting threads and needed to be redone

13. Function Evaluation Disabled in WinDbg

14. WinDbg Puts Wrong Value in Registers Under MIPS

    Valid characters are entered for a register in the register window.
    After leaving the field, the value will change to a random value.

15. Maximum String That Can Be Displayed in WinDbg is ~200 chars

    The string is truncated without any indication.

16. Gray BROWSE Button When Editing DLL Parameters in WinDbg

17. WinDbg Only Supports 8.3 Filenames

18. Cannot Expand Character Array With ",s" Override in WinDbg

    Double-clicking on array to expand it results in "CAN0026: Error: bad
    format string" for each element.

19. WinDbg Gives Erroneous Request to Reload File

    Pop-up says "Another application has changed the file '<name>'. Do
    you want to reload it?" after saving file, switching focus, and going
    back to WinDbg.

20. Specifying FPU Registers In the ? and FR Commands in WinDbg

    On x86, ?ST3 or ?<FPU control/status register> gets error "CAN0017:
    Error: symbol not found"

    On MIPS, ?fp0=123.456 is accepted, but ?f0 shows an incorrect value.
    Also, frfp0-1234.456 is accepted, frfp0 shows the correct value, but
    fr shows that all other registers have been changed. This is true for
    all FPU registers, including FSR.

21. Add Button in WinDbg Debug.Breakpoints Dialog Disabled

    When the breakpoint is not empty, enter another location, enabling
    the Add Button. Tab to Add. When the current list is reached, the Add
    button will be disabled until tabbing back to Break type.

22. "CAN0002: Error: error accessing user memory"

    This error may be generated incorrectly by WinDbg.

23. Problems With MIPS DISAM: COPz in WinDbg

    For Coprocessor 1, if the low 5 bits do not map to an FPU instruction,
    the opcode displayed is "????".  Should be "cop1 <n>". Coprocessor 0
    instructions ignore bits 6 to 24. There are displayed as if they were
    0, when only a few instructions have bits 6 to 24 as 0. Non-zero
    values should cause display "cop0 <n>".

24. Address Expressions In WinDbg Floating Point Register Assignments

    Address expressions must be cast to a scalar in order for this to work

25. WinDbg Options.Debug.Disasm Opts Causes Disassembly Window To Scroll

26. Long instructions in WinDbg Disassembly Window Are Misaligned

27. No Actions Should Take Place Until WinDbg Set Thread Dialog is Closed

    The Set Thread Dialog is a modal dialog, however, the freeze/thaw
    buttons take effect as soon as pressed, rather than requiring the user
    to select OK.

28. WinDbg Should Check If DLL Has Changed When Reloading

    Symbols are not actually reloaded, therefore the DLL should be checked
    to see if it has changed and the symbols reloaded.

29. WinDbg Does Not Support 64-bit integers in MIPS Expression Evaluator

30. WinDbg Does Not Accept CR/LF and LF (UNIX) For End of Line Markers

31. Odd Cursor Behavior in WinDbg Locals Window

    There is no inter-pane cursor. After moving sizer bar, cursor
    reappears to the right of where it was released. If the sizer is
    clicked (not dragged) and released, the left box grows to max size.

32. WinDbg Displays REP Prefix Instead of REPE for CMPSB/D/W, SCASB/D/W

33. WinDbg Problems Disassembling MOV

    67 26 8A F1 is disassembled as MOV DH, ES:CL. Should be MOV DH, CL
    67 36 A0 54 7B is disassebled as MOV AL, BYTE PTR [7B54]. Should be
    MOV AL, BYTE PTR SS:[7B54].

34. WinDbg DM Gets Wrong Exe Name for Non-root Processes

35. WinDbg Does Not Have Format Specifier for Unicode Strings

36. Watching Defined Type in WinDbg Results in Strange Characters

37. End Key in WinDbg Command Window Moves Cursor Extra Space to right.

    This happens if the line contains a single non-white character in the
    first column.

38. "All DLLs loaded" BP for Child Process Not Hidden from WinDbg Users

    The breakpoint exists to tell the debugger that all modules are loaded
    and the child process is ready to run. Since there are line numbers in
    some of the DLLs in the beta, we prompt for the source file (filename
    differs on x86 and MIPS). Hitting cancel will show the code that the
    default BP hit.

39. WinDbg Options.Debug.User Dlls Needs a Help Button

40. WinDbg Options.Debug.User Dlls.Browse Does Nothing First Time

41. MIPS WinDbg Debug.Quickwatch and Options.Watch/Local Do Nothing

42. MIPS WinDbg Options.Debug.Exceptions Buttons Out of Tab Order

43. Two-dimensional 8-byte Real Arrays Addressed Incorrectly

44. WinDbg Does Not Allow Editing in Locals, Watch, and FP Windows

45. WinDbg Expression Evaluator May Not Handle ~(type) *var Correctly

46. WinDbg Displays Segment Overrides Incorrectly in Mode 3

    The segment override should be ignored for LSS, IMUL, LAR, LDS, LFS,
    LGS, LES, POP, CALL, and JMP.

47. WinDbg Debug.Modify Variable Disabled for Beta

48. LOCK Prefix Not Displayed for Conditional Jump in WinDbg

    For example, F0 65 78 93 is disassembled as JS 0042031B. Should be
    LOCK JS 0042031B.

49. Setting a BP on an Absolute Symbol Causes MIPS WinDbg to Crash

    Absolute symbols are those with a section number of 0.

50. WinDbg 'p2' Does Not Stop After 2 Lines

51. Disabling Breakpoints in WinDbg Does Not Work

52. WinDbg fi<type> Handles Length as Byte Count, Not Unit Count

53. WinDbg Workspace Does Not Remember Which Window Was on Top

54. MIPS WinDbg Uses Wrong Names for Registers 26 and 27

    MIPS specifies that registers 26 and 27 be called kt0 and kt1 in
    assembly language and k0 and k1 in C. The C expression evaluator in
    WinDbg uses the assembly names, not the C names.

55. MIPS WinDbg frfp<n> Displays a 32-bit Real, not a 64-bit Real

56. x86 WinDbg Disassembles F3 66 64 6D as INSW. Should be REP INSW

    Disassembles correctly without 64 (FS override) in the instruction

57. Replacing Text in Read-Only Files in WinDbg

    Bring a read-only file into WinDbg. Replace and Replace All are
    grayed out, but the user can still do a Find Next. After doing a
    Find Next, Replace and Replace All are no longer gray. The cursor
    moves, the replacements do not occur, but are counted for the final
    message sent to the status bar.

58. WinDbg Cursor Disappears After Up-Arrow

    If the cursor is on the top line, at the start of data, the up-arrow
    appears to move the cursor above the top of the window.

59. Expanding Item in WinDbg Locals Window Causes Shift

    Open the Locals window, size so that a vertical scroll bar appears.
    Scroll so that the last expandable item is in view. Expand the item.
    The view shifts to the top of the list of locals.

60. WinDbg Defaults to Unsigned Chars, Compiler Defaults to Signed Char

61. Memory Address Expressions Ignore Current Radix, Are Always Hex

62. Not Enough Precision for 64-bit Floats in MIPS WinDbg

63. Precision Differs When Using fr fr<n> and ?fr<n> With MIPS WinDbg

64. Remote Debugger Can Deadlock With Bad Serial Cable

65. Function Specifier in Context Expression is Broken in WinDbg

66. WinDbg Remote Transport Fails When Starting More Than One Process

67. Unresolved Breakpoints With WinDbg Serial Transport Layer

    Breakpoints are resolved the first time their DLLs are dynamically
    loaded, but are not resolved on subsequent loads.

68. Thread-specific Breakpoint Not Resolved

    The thread is continued in parallel with breakpoint resolution. The
    breakpoints get resolved too late to be executed.

69. Right/left Arrows Do Not Deselect Text in WinDbg Memory Window

    Select text in a Memory window. Up and down arrows move the cursor
    and deselect the text. Left and right arrow only move the cursor.

70. Update In One Memory Window Does Not Similarly Change Second Window

    Open two Memory windows in WinDbg. Changes to data in one window
    are not reflected in the other window until it gets the focus.

71. Deletions Are Allowed in WinDbg Memory Windows

    Ability to copy should be there, but not the ability to delete.

72. WinDgb Asserts When Editing a 16-byte Real

73. State of WinDbg Memory Window Not Saved in Workspace

74. Opening WinDbg Workspace Still Requires Manual Restart

    Closing a workspace terminates a process. Opening one and then
    giving the 'p' command will cause error "Can't step exited process"

75. Setting Breakpoint When Not in Thread 0 Fails

    Error is "Breakpoint not instantiated". The problem is that during
    breakpoint binding, the context used is the first thread, not the
    current thread.

76. \samples\rpc\mandel\client Sends Invalid Cursor Handle

    The cursor handle is passed to RegisterClass() from InitApplication()

77. ERROR HmgLock From Spy

    Start several console windows, partially covered by Progman. Start
    Spy and spy on Progman. Minimizing one of the console windows will
    produce this error.

78. Last Message in Spy's Message List is Covered By Border

79. Typedef Causes Compiler Error

    typedef  struct rng_struct
    {
       char   *pch;
       short  a;
    } volatile RNGBUF, * volatile RNGBUFP;

    typedef struct com_struct
    {
       char     ach[40];
       RNGBUF   obuf;
    } COM, *COMP;

    The work-around is to redefine the structure so that it is volatile

    typedef volatile struct rng_struct
    {
       char   *pch;
       short  a;
    } RGNBUF, *RNGBUFP;

80. C1001: Internal Compiler Error msc1.cpp, line 555

    Can reproduce by adding '()' to EXCEPTION_EXECUTE_HANDLER in a
    try-except construct.

81. cl386 Generates Duplicate Instruction

    ul &= ~7;

    generates

       and    eax, -8
       and    eax, -8

82. cl386 Optimization Incorrectly Moves Return Value to SS or DS

83. cl386 Incorrectly Gives Warning C4136

    The statement float flgTest = 1.234; results in the following
    warning: "C4136: conversion between different floating-point types.

84. C1001: Internal Compiler Error msc1.cpp, line 555

    This error may occur when a source file contains many errors.

85. cl386 Strips Double Quotes From Command Line

86. cl386 Incorrectly Treats "interrupt" As a Keyword

87. C1001: Internal Compiler Error, msc1.cpp, line 564

    Can be caused by incorrect code, like the following

    static int
    foo(c)
       char *c
    );

    static int
    foo(c)
    char *c;
    {
       ;
    }

88. cl386 May Not Correctly Compile Chars > 0xFF

    Try compiling the following line of code:

       unsigned short = L"\x1234";

89. MIPS Compiler Flips Order of Bytes of a Denormalized Double

90. Changing Negative Decimal to Hex in CALC Results in FFFFFFFF

    This is due to a problems in the MIPS compiler

91. MIPS Compiler May Not Pack Structures Correctly

    The following code produces an incorrectly sized structure

    #pragma pack(1)

    typedef struct {
       WORD    wType;
       union  {
	  DWORD    ms;
	  DWORD    sample;
	  DWORD    cb;
	  struct {
	     BYTE    hour;
	     BYTE    min;
	     BYTE    sec;
	     BYTE    frame;
	     BYTE    fps;
	     BYTE    dummy;
	  } smpte;
	  struct {
	     DWORD    songptrpos;
	  } midi;
       } u;
    } MMTIME16;

    #pragma pack()

92. MIPS Compiler Attempts to Read Address 4

    The following example will reproduce (in particular, the assignment
    to 'Rom')

    int func()
    {
       typedef struct
       {
	  unsigned long off;
	  unsigned long len;
       }  MEMBLOCK, *PMEMBLOCK;

       PMEMBLOCK Rom = {
		       { 30, 30 - 8 },
		       { 40, 0X100000 - 0Xf0000 }
       };
    }

93. COFF Ignores IMPORTS Statement in DEF File

94. NMAKE Can Check Whether Directory Exists or Not

    This is different from the behavior under DOS, where directories
    are always treated as "does not currently exist" when they appear
    as a target or dependent.

95. NMAKE Uses Incorrect Time Stamp

    This happens if a list of dependents contains a mixture of wildcard
    specifications followed by one or more explicit file specifications.
    The time stamp used for the explicit specification is the one from
    the last file found from a wild card specification.

96. Error In ugen.exe During Large MIPS Compile

97. CK1009: Unknown Type Index 0x12ce

    This has been reproduced with a large test case.

98. Killing NTSD From PVIEW Hangs the System

99. WinHelp Can't Open Helpfile With Long File Name

------------------------------------------------------------------------
Section VI - Windows Sockets

1. Sockaddr sin_zero Field Non-zero

   When using getsockname() on a UDP socket, the sin_zero field contains
   two non-zero byte fields.

2. SO_REUSEADDR Not Necessary To Bind Two Sockets

   It is possible to create two sockets and bind them to the same address
   without having to use setsockopt() to set the first socket to have the
   SO_REUSEADDR characteristic.

3. socket() Returns Wrong Error Codes.

   When creating a socket with a bad address family, WSAEPROTONOSUPPORT
   is returned when WSAEAFNOSUPPORT should be returned. When creating a
   socket with a bad socket type, WSAEPROTONOSUPPORT is returned when
   WSASOCKTNOSUPPORT should be returned.

4. No Winsock API Return WSANOTINITIALIZED

5. setsockopt() Does Not Disable The SO_DONTROUTE Option

   When using setsockopt() to disable SO_DONTROUTE (the optval=zero),
   getsockopt() always returns SO_DONTROUTE as being enabled.

6. inet_addr() Returns ulong Instead of Struct in_addr.

7. Misconfigured DNR Causes Hosts Table Lookup To Fail

   If the DNR is misconfigured by putting the DNS server IP address into
   the Domain Search list and leaving the DNS list blank, calls to
   gethostbyaddr() fail the lookup in the hosts file and queries the
   DNS with no DNS available.

------------------------------------------------------------------------
Section VII - POSIX

 1. getpwnam & getpwuid Should Translate the pw_dir Struct Member
    To a POSIX Path.

 2. POSIX Can Not Interrupt Console I/O.

    When blocked on a read or write, and a signal is received, rather
    than returning a failure condition, the process may hang.

 3. alarm() API Can Fail Even Though the Standard Says It Can Not.

 4. Using stat() on an Open File Returns Incorrect Permission Information.

 5. POSIX alarm() Can Return Bad Value.

 6. POSIX Needs TZNAME_MAX. Currently Not Defined In <limits.h>

 7. POSIX Does Not Ignore SIGSEGV Properly When SIG_IGN Is Set.

 8. POSIX Needs _POSIX_SSIZE_MAX & SSIZE_MAX. Currently Not Defined
    In <limits.h> Even Though They Should Be.

 9. POSIX Subsystem Does Not Free Certain Ports Correctly When
    Applications Are Terminated Abnormally.

10. POSIX Does Not Deal With Low-memory Conditions Gracefully.

11. POSIX Structured Exception Handling (try, except) Is Broken.

12. POSIX pathconf Returns Incorrect Information On File Systems
    Other Than NTFS.

13. The uname() Call Should Return a Useful Nodename.

14. Read From a Pipe With the Other End Closed Hangs the Reader.

15. The get*id() Calls All Return Null.

16. The time() Call Should Adjust to DST.

17. Certain Error Numbers From perror() Are Not Returned Correctly.

18. Posix setlocale() Does Not Recognize the POSIX Defined Locale.

19. <time.h> Incorrectly Defines tzset, tzname, and Others.
------------------------------------------------------------------------
