Prev: Two resource files having same identifier value
Next: Problem with Double::ToString(__,__)
From: Santi on 20 Apr 2010 09:30
Hi All,

My application reads and displays system event logs. The
ReadEventLog() API fails with the error code as 87 which means "The
parameter is incorrect". Although all the parameters passed to the API
are valid but still the failure.

I came across the below link where microsoft has confirmed this
behavior as a known bug.

http://support.microsoft.com/default.aspx?scid=kb;en-us;177199

The article says that the information applies to Windows NT 4.0. My
application is running on 32-bit WinXP Professional with SP2. Is it to
be assumed by default that this bug has not been fixed in WinXP as
well or is there anyway to confirms that this bug has not been fixed
in WinXP.i.e. any link to web page or kb?

Thanks in advance.

Regards,
Santosh.
From: Santi on 21 Apr 2010 10:48
On Apr 20, 6:30 pm, Santi <santoshp...(a)gmail.com> wrote:
> Hi All,
>
> My application reads and displays system event logs. The
> ReadEventLog() API fails with the error code as 87 which means "The
> parameter is incorrect". Although all the parameters passed to the API
> are valid but still the failure.
>
> I came across the below link where microsoft has confirmed this
> behavior as a known bug.
>
> http://support.microsoft.com/default.aspx?scid=kb;en-us;177199
>
> The article says that the information applies to Windows NT 4.0. My
> application is running on 32-bit WinXP Professional with SP2. Is it to
> be assumed by default that this bug has not been fixed in WinXP as
> well or is there anyway to confirms that this bug has not been fixed
> in WinXP.i.e. any link to web page or kb?
>
> Thanks in advance.
>
> Regards,
> Santosh.

**** Some more information *****

Please find the below code used to invoke the API -

::ReadEventLog(m_hEventLogHandle,EVENTLOG_SEEK_READ|
EVENTLOG_FORWARDS_READ,
l_dwLogCounter, l_pEvntLogRecord, BUFFER_SIZE,
&l_dwReadBytes, &l_dwNeedBytes);

where,
m_hEventLogHandle is a HANDLE to a earlier successfully opened system
event log
DWORD l_dwLogCounter is equal to record number that is to be read.
l_pEvntLogRecord is a pointer to buffer
BUFFER_SIZE is the size of the buffer which is large enough to get
the data
DWORD l_dwReadBytes returns the bytes read
DWORD l_dwNeedBytes returns the bytes need if the buffer is not large
enough

The failure is seen for a random record .i.e. first few record reads
are successfull and then for a record the read fails. This failure
then remains consistent .i.e. later if we try reading this record
again the failure shows up.

There is also another weird behavior observed which is when we try to
read the latest record then ReadEventLog() returns some random record,
the latest ones are never read. Also this behavior has only been seen
when log size is more then 2 MB.



 | 
Pages: 1
Prev: Two resource files having same identifier value
Next: Problem with Double::ToString(__,__)