我想在comctl32.dll中获得函数调用的痕迹,开始于在树控件上按下鼠标左键并按住鼠标键的时候。
我可以在comctl32!TV_ButtonDown上设置一个断点,然后在遇到断点时使用wt,但这需要我释放鼠标按钮并与WinDbg交互。当我尝试对断点使用这样的命令字符串:bp comctl32!TV_ButtonDown "wt -m comctl32"时,在击中断点后立即停止跟踪:
Tracing COMCTL32!TV_ButtonDown to return address 00007ffd`57a48f1d
0 instructions were executed in 0 events (0 from other threads)
Function Name Invocations MinInst MaxInst AvgInst
0 system calls were executed
COMCTL32!TV_ButtonDown+0x5:
00007ffd`57b03bd9 48896c2418 mov qword ptr [rsp+18h],rbp ss:000000b7`746f8b00=0000000000000201
我正在尝试的可能吗?有其他选择吗?
答案 0 :(得分:1)
不是64位而是32位
提供结束地址
(堆栈顶部或返回地址是我给@ $ ra并且不释放鼠标的结果
输入@ $ ra不是强制性的,但应确保到达终点地址
最终不会释放鼠标的lsft按钮)
0:000> bl
0 e Disable Clear 6e57a2ee 0001 (0001) 0:**** COMCTL32!TV_ButtonDown "wt -m comctl32 @$ra"
0:000> g
17 0 [ 0] COMCTL32!TV_ButtonDown
10 0 [ 1] COMCTL32!GetMessagePosClient
3 0 [ 2] USER32!GetMessagePos
18 3 [ 1] COMCTL32!GetMessagePosClient
17 0 [ 2] USER32!ScreenToClient
25 20 [ 1] COMCTL32!GetMessagePosClient
20 45 [ 0] COMCTL32!TV_ButtonDown
22 0 [ 1] COMCTL32!TV_DismissEdit
14 0 [ 2] USER32!IsWindowVisible
26 14 [ 1] COMCTL32!TV_DismissEdit
10 0 [ 2] USER32!GetDlgCtrlID
33 24 [ 1] COMCTL32!TV_DismissEdit
10 0 [ 2] USER32!SetWindowLongW
48 34 [ 1] COMCTL32!TV_DismissEdit
16 0 [ 2] COMCTL32!TV_InvalidateItem
40 0 [ 3] COMCTL32!TV_GetItemRect
24 40 [ 2] COMCTL32!TV_InvalidateItem
4 0 [ 3] USER32!NtUserRedrawWindow
27 44 [ 2] COMCTL32!TV_InvalidateItem
52 105 [ 1] COMCTL32!TV_DismissEdit
4 0 [ 2] USER32!NtUserShowWindow
58 109 [ 1] COMCTL32!TV_DismissEdit
34 0 [ 2] COMCTL32!CCSendNotify
25 0 [ 3] USER32!GetParent
40 25 [ 2] COMCTL32!CCSendNotify
18 0 [ 3] USER32!GetWindow
44 43 [ 2] COMCTL32!CCSendNotify
10 0 [ 3] USER32!GetDlgCtrlID
57 53 [ 2] COMCTL32!CCSendNotify
24 0 [ 3] USER32!GetWindowThreadProcessId
60 77 [ 2] COMCTL32!CCSendNotify
1 0 [ 3] kernel32!GetCurrentProcessIdStub
1 0 [ 3] kernel32!GetCurrentProcessId
3 0 [ 3] KERNELBASE!GetCurrentProcessId
87 82 [ 2] COMCTL32!CCSendNotify
24 0 [ 3] USER32!SendMessageW
109 106 [ 2] COMCTL32!CCSendNotify
16 0 [ 3] COMCTL32!InOutAtoW
118 122 [ 2] COMCTL32!CCSendNotify
3 0 [ 3] COMCTL32!__security_check_cookie
120 125 [ 2] COMCTL32!CCSendNotify
67 354 [ 1] COMCTL32!TV_DismissEdit
4 0 [ 2] USER32!NtUserDestroyWindow
75 358 [ 1] COMCTL32!TV_DismissEdit
3 0 [ 2] COMCTL32!__security_check_cookie
77 361 [ 1] COMCTL32!TV_DismissEdit
27 483 [ 0] COMCTL32!TV_ButtonDown
3 0 [ 1] COMCTL32!__security_check_cookie
29 486 [ 0] COMCTL32!TV_ButtonDown
515 instructions were executed in 514 events (0 from other threads)
Function Name Invocations MinInst MaxInst AvgInst
COMCTL32!CCSendNotify 1 120 120 120
COMCTL32!GetMessagePosClient 1 25 25 25
COMCTL32!InOutAtoW 1 16 16 16
COMCTL32!TV_ButtonDown 1 29 29 29
COMCTL32!TV_DismissEdit 1 77 77 77
COMCTL32!TV_GetItemRect 1 40 40 40
COMCTL32!TV_InvalidateItem 1 27 27 27
COMCTL32!__security_check_cookie 3 3 3 3
KERNELBASE!GetCurrentProcessId 1 3 3 3
USER32!GetDlgCtrlID 2 10 10 10
USER32!GetMessagePos 1 3 3 3
USER32!GetParent 1 25 25 25
USER32!GetWindow 1 18 18 18
USER32!GetWindowThreadProcessId 1 24 24 24
USER32!IsWindowVisible 1 14 14 14
USER32!NtUserDestroyWindow 1 4 4 4
USER32!NtUserRedrawWindow 1 4 4 4
USER32!NtUserShowWindow 1 4 4 4
USER32!ScreenToClient 1 17 17 17
USER32!SendMessageW 1 24 24 24
USER32!SetWindowLongW 1 10 10 10
kernel32!GetCurrentProcessId 1 1 1 1
kernel32!GetCurrentProcessIdStub 1 1 1 1
0 system calls were executed
eax=00000000 ebx=00000201 ecx=422f0fd7 edx=77a370f4 esi=002d9590 edi=00000200
eip=6e542888 esp=0012fcc4 ebp=0012fd00 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
COMCTL32!TV_WndProc+0x577:
6e542888 e90a060000 jmp COMCTL32!TV_WndProc+0x5de (6e542e97)