admin 管理员组文章数量: 1184232
Explorer源代码分析之任务栏改变窗口win32k!xxxDoPaint
BOOL xxxRealInternalGetMessage(
LPMSG lpMsg,
HWND hwndFilter,
UINT msgMin,
UINT msgMax,
UINT flags,
BOOL fGetMessage)
{
/*
* Does the caller want paint messages? If so, try to find a paint.
*/
if (fsWakeBits & fsWakeMask & QS_PAINT) {
if (xxxDoPaint(pwndFilter, lpMsg)) {
PATHTAKEN(0x100);
break;
}
}
1: kd> g
Breakpoint 10 hit
eax=00000020 ebx=bf9ebb00 ecx=000025ff edx=00000020 esi=e18b3350 edi=bf9ea2a4
eip=bf8ceb76 esp=b9eeec58 ebp=b9eeecd8 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202
win32k!xxxDoPaint:
0008:bf8ceb76 55 push ebp
1: kd> kc
#
00 win32k!xxxDoPaint
01 win32k!xxxRealInternalGetMessage
02 win32k!NtUserPeekMessage
03 nt!_KiSystemService
04 SharedUserData!SystemCallStub
05 USER32!NtUserPeekMessage
06 USER32!PeekMessageW
07 USER32!PeekMessageW_wrapper
08 Explorer!CTray::_MessageLoop
09 Explorer!CTray::MainThreadProc
0a SHLWAPI!WrapperThreadProc
0b kernel32!BaseThreadStart
1: kd> kv
# ChildEBP RetAddr Args to Child
00 b9eeec54 bf8ad5cb 00000000 b9eeed04 b9eeed58 win32k!xxxDoPaint (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\paint.c @ 760]
01 b9eeecd8 bf89b537 b9eeed04 00000000 00000000 win32k!xxxRealInternalGetMessage+0x41d (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\input.c @ 671]
02 b9eeed3c 80afbcb2 00e3ff2c 00000000 00000000 win32k!NtUserPeekMessage+0x7d (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\kernel\ntstubs.c @ 5734]
03 b9eeed3c 7ffe0304 00e3ff2c 00000000 00000000 nt!_KiSystemService+0x13f (FPO: [0,3] TrapFrame @ b9eeed64) (CONV: cdecl) [d:\srv03rtm\base\ntos\ke\i386\trap.asm @ 1328]
04 00e3fe84 77d20744 77cbe70b 00e3ff2c 00000000 SharedUserData!SystemCallStub+0x4 (FPO: [0,0,0])
05 00e3feb0 77cc410d 00e3ff2c 00000000 00000000 USER32!NtUserPeekMessage+0xc (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\umode\daytona\obj\i386\usrstubs.c @ 3891]
06 00e3fedc 77cf141a 00e3ff2c 00000000 00000000 USER32!PeekMessageW+0xf5 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\client\cltxt.h @ 661]
07 00e3ff04 01025883 00e3ff2c 00000000 00000000 USER32!PeekMessageW_wrapper+0x5a (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\windows\core\ntuser\client\cltxt.h @ 505]
08 00e3ff48 0102c3a0 00000000 00e3ffb8 771027d9 Explorer!CTray::_MessageLoop+0x22 (FPO: [Non-Fpo]) (CONV: thiscall) [d:\srv03rtm\shell\explorer\tray.cpp @ 1634]
09 00e3ff54 771027d9 0105a650 00000000 00000000 Explorer!CTray::MainThreadProc+0x27 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\shell\explorer\tray.cpp @ 1952]
0a 00e3ffb8 77e41be7 00000000 00000000 00000000 SHLWAPI!WrapperThreadProc+0x92 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\shell\shlwapi\util.cpp @ 288]
0b 00e3ffec 00000000 77102747 0006fda8 00000000 kernel32!BaseThreadStart+0x34 (FPO: [Non-Fpo]) (CONV: stdcall) [d:\srv03rtm\base\win32\client\support.c @ 533]
windbg> .open -a ffffffffbf8ad5cb
版权声明:本文标题:高手教程:利用Explorer源代码自定义任务栏窗口风格 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.roclinux.cn/b/1773653230a3564417.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论