Breakpoint 4 hit

USER32!CreateDialogIndirectParamAorW:

001b:77cd900e 55 push ebp

2: kd> kc

00 USER32!CreateDialogIndirectParamAorW

01 USER32!CreateDialogIndirectParamW

02 USER32!CreateDialogIndirectParamW_wrapper

03 comctl32!SHFusionCreateDialogIndirectParam

04 comctl32!_RealPropertySheet

05 comctl32!_PropertySheet

06 comctl32!PropertySheetW

07 SHELL32!PropertySheetW

08 SHELL32!SHOpenPropSheetW

09 SHELL32!DrivesPropertiesThreadProc

0a SHELL32!_PropSheetThreadProc

0b SHLWAPI!WrapperThreadProc

0c kernel32!BaseThreadStart

2: kd> kv

ChildEBP RetAddr Args to Child

00 00ebf5e4 77cf5f03 6f610000 0015d3d8 0004018a USER32!CreateDialogIndirectParamAorW (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\clres.c @ 861$

01 00ebf604 77cf65a4 6f610000 0015d3d8 0004018a USER32!CreateDialogIndirectParamW+0x19 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\clres.c @ 850$

02 00ebf62c 6f6be2be 6f610000 0015d3d8 0004018a USER32!CreateDialogIndirectParamW_wrapper+0x5a (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\clres.c @ 836$

03 00ebf674 6f636799 6f610000 0015d3d8 0004018a comctl32!SHFusionCreateDialogIndirectParam+0x36 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\lib\\shfusion\\shfusion.c @ 364$

04 00ebf6fc 6f636a6a 0015d148 00000b5a 00000000 comctl32!_RealPropertySheet+0x2b5 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\comctl32\\v6\\prsht.c @ 4963$

05 00ebf72c 6f636a7f 00ebf820 00000000 00ebf774 comctl32!_PropertySheet+0x171 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\comctl32\\v6\\prsht.c @ 5219$

06 00ebf73c 77482e41 00ebf820 00000b5a 00000002 comctl32!PropertySheetW+0xd (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\comctl32\\v6\\prsht.c @ 5224$

07 00ebf774 772d02ff 00ebf820 00151948 000e56e0 SHELL32!PropertySheetW+0x4b (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\lib\\shfusion\\delaycc.c @ 395$

08 00ebf884 7731dba0 00151948 00ebf8b4 00000002 SHELL32!SHOpenPropSheetW+0x3b0 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\shell32\\shprsht.c @ 324$

09 00ebff40 772ec02b 000e56e0 00000000 00000000 SHELL32!DrivesPropertiesThreadProc+0x1ea (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\shell32\\drvx.cpp @ 447$

0a 00ebff54 771027d9 000e56e0 00000000 00000000 SHELL32!_PropSheetThreadProc+0x16 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\shell32\\util.cpp @ 158$

0b 00ebffb8 77e41be7 00000000 00000000 00000000 SHLWAPI!WrapperThreadProc+0x92 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\shlwapi\\util.cpp @ 288$

0c 00ebffec 00000000 77102747 00cbe404 00000000 kernel32!BaseThreadStart+0x34 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\base\\win32\\client\\support.c @ 533$

2: kd> dv

hmod = 0x6f610000

lpDlgTemplate = 0x0015d3d8

hwndOwner = 0x0004018a

lpDialogFunc = 0x6f635aa2

dwInitParam = 0n1429832

fAnsi = 0

2: kd> kc

00 USER32!InternalCreateDialog

01 USER32!CreateDialogIndirectParamAorW

02 USER32!CreateDialogIndirectParamW

03 USER32!CreateDialogIndirectParamW_wrapper

04 comctl32!SHFusionCreateDialogIndirectParam

05 comctl32!_RealPropertySheet

06 comctl32!_PropertySheet

07 comctl32!PropertySheetW

08 SHELL32!PropertySheetW

09 SHELL32!SHOpenPropSheetW

0a SHELL32!DrivesPropertiesThreadProc

0b SHELL32!_PropSheetThreadProc

0c SHLWAPI!WrapperThreadProc

0d kernel32!BaseThreadStart

2: kd> kv

ChildEBP RetAddr Args to Child

00 00ebf5c0 77cd9075 6f610000 0015d3d8 00000100 USER32!InternalCreateDialog+0xd0 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\dlgbegin.c @ 618$

01 00ebf5e4 77cf5f03 6f610000 0015d3d8 0004018a USER32!CreateDialogIndirectParamAorW+0x67 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\clres.c @ 884$

02 00ebf604 77cf65a4 6f610000 0015d3d8 0004018a USER32!CreateDialogIndirectParamW+0x19 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\clres.c @ 850$

03 00ebf62c 6f6be2be 6f610000 0015d3d8 0004018a USER32!CreateDialogIndirectParamW_wrapper+0x5a (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\clres.c @ 836$

04 00ebf674 6f636799 6f610000 0015d3d8 0004018a comctl32!SHFusionCreateDialogIndirectParam+0x36 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\lib\\shfusion\\shfusion.c @ 364$

05 00ebf6fc 6f636a6a 0015d148 00000b5a 00000000 comctl32!_RealPropertySheet+0x2b5 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\comctl32\\v6\\prsht.c @ 4963$

06 00ebf72c 6f636a7f 00ebf820 00000000 00ebf774 comctl32!_PropertySheet+0x171 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\comctl32\\v6\\prsht.c @ 5219$

07 00ebf73c 77482e41 00ebf820 00000b5a 00000002 comctl32!PropertySheetW+0xd (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\comctl32\\v6\\prsht.c @ 5224$

08 00ebf774 772d02ff 00ebf820 00151948 000e56e0 SHELL32!PropertySheetW+0x4b (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\lib\\shfusion\\delaycc.c @ 395$

09 00ebf884 7731dba0 00151948 00ebf8b4 00000002 SHELL32!SHOpenPropSheetW+0x3b0 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\shell32\\shprsht.c @ 324$

0a 00ebff40 772ec02b 000e56e0 00000000 00000000 SHELL32!DrivesPropertiesThreadProc+0x1ea (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\shell32\\drvx.cpp @ 447$

0b 00ebff54 771027d9 000e56e0 00000000 00000000 SHELL32!_PropSheetThreadProc+0x16 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\shell32\\util.cpp @ 158$

0c 00ebffb8 77e41be7 00000000 00000000 00000000 SHLWAPI!WrapperThreadProc+0x92 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\shlwapi\\util.cpp @ 288$

0d 00ebffec 00000000 77102747 00cbe404 00000000 kernel32!BaseThreadStart+0x34 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\base\\win32\\client\\support.c @ 533$

2: kd> dv

hmod = 0x6f610000

lpdt = 0x0015d3d8

cb = 0x100

hwndOwner = 0x0004018a

lpfnDialog = 0x6f635aa2

lParam = 0n1429832

fSCDLGFlags = 1

fWowWindow = 0n0

hwnd = 0x0004018a

lpszClass = 0x00ebf658

cyChar = 0n2147328000

dt = struct DLGTEMPLATE2

strClassName = struct _LARGE_STRING

hwndEditFirst = 0x00000000

lpszText = 0x00000000

lpStr = 0x00000000

f40Compat = 0n0

dwExpWinVer = 0

bFlags = 0

cxChar = 0n0

pMonitor = 0x0015d3d8

dit = struct DLGITEMTEMPLATE2

strWindowName = struct _LARGE_STRING

lpCreateParams = 0x0015d3d8

hMenu = 0x00000000

hmodCreate = 0x00000000

pstrClassName = 0x0015d3d8

dsStyleOld = 0x15d3d8

hdcDlg = 0x0015d3d8

pwnd = 0x00000000

hNewFont = 0x00000000

rc = {LT(0, 0) RB(0, 0) $0 x 0$ }

w = 0

fNoDialogMonitor = 0n0

rcTemplate = {LT(0, 0) RB(0, 0) $0 x 0$ }

dwExpWinVer2 = 0xebf658

lpszText = (UTCHAR *)WordSkipSz(lpszClass);

lpStr = (UTCHAR *)WordSkipSz(lpszText);

2: kd> dv lpStr

lpStr = 0x0015d3f0

2: kd> db 0x0015d3f0

0015d3f0 08 00 4d 00 53 00 20 00-53 00 68 00 65 00 6c 00 ..M.S. .S.h.e.l.

0015d400 6c 00 20 00 44 00 6c 00-67 00 00 00 01 00 03 50 l. .D.l.g......P

0015d410 00 00 00 00 04 00 7a 00-32 00 0e 00 01 00 ff ff ......z.2.......

RtlInitLargeUnicodeString((PLARGE_UNICODE_STRING)&strWindowName,

lpszText, (UINT)-1);

UserAssert((dt.dwExStyle & WS_EX_MDICHILD) == 0);

hwnd = VerNtUserCreateWindowEx(

dt.dwExStyle | ((fSCDLGFlags & SCDLG_ANSI) ? WS_EX_ANSICREATOR : 0),

pstrClassName,

&strWindowName,

dt.style,

DefShortToInt(dt.x),

dt.y,

DefShortToInt(dt.cx),

dt.cy,

hwndOwner,

hMenu,

hmod,

(LPVOID)NULL,

dwExpWinVer);

2: kd> kc

00 USER32!VerNtUserCreateWindowEx

01 USER32!InternalCreateDialog

02 USER32!CreateDialogIndirectParamAorW

03 USER32!CreateDialogIndirectParamW

04 USER32!CreateDialogIndirectParamW_wrapper

05 comctl32!SHFusionCreateDialogIndirectParam

06 comctl32!_RealPropertySheet

07 comctl32!_PropertySheet

08 comctl32!PropertySheetW

09 SHELL32!PropertySheetW

0a SHELL32!SHOpenPropSheetW

0b SHELL32!DrivesPropertiesThreadProc

0c SHELL32!_PropSheetThreadProc

0d SHLWAPI!WrapperThreadProc

0e kernel32!BaseThreadStart

2: kd> dv

dwExStyle = 0x10501

pstrClassName = 0x00008002

pstrWindowName = 0x00ebf544

dwStyle = 0x80c820c4

x = 0n283

y = 0n267

nWidth = 0n336

nHeight = 0n253

hwndParent = 0x0004018a

hmenu = 0x00000000

hModule = 0x6f610000

pParam = 0x00000000

dwFlags = 0x4000040a

lpDllName = 0x0015d5d8

ClassNameVer = unsigned short $256$

lpActivationContext = 0x00080000

strClassNameVer = struct _LARGE_IN_STRING

pActCtx = 0x00ebf2e0

bRegistered = 0n1432240

hDllMod = 0x00000000

2: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

2: kd> kc

00 USER32!NtUserCreateWindowEx

01 USER32!InternalCreateDialog

02 USER32!CreateDialogIndirectParamAorW

03 USER32!CreateDialogIndirectParamW

04 USER32!CreateDialogIndirectParamW_wrapper

05 comctl32!SHFusionCreateDialogIndirectParam

06 comctl32!_RealPropertySheet

07 comctl32!_PropertySheet

08 comctl32!PropertySheetW

09 SHELL32!PropertySheetW

0a SHELL32!SHOpenPropSheetW

0b SHELL32!DrivesPropertiesThreadProc

0c SHELL32!_PropSheetThreadProc

0d SHLWAPI!WrapperThreadProc

0e kernel32!BaseThreadStart

2: kd> dv

a1 = 0n66817

a2 = 0n32770

a3 = 0n15463748

a4 = 0n-2134368060

a5 = 0n283

a6 = 0n267

a7 = 0n336

a8 = 0n253

a9 = 0n262538

a10 = 0n0

a11 = 0n1868627968

a12 = 0n0

a13 = 0n1073742858

a14 = 0n836

a15 = 0n2009768448

2: kd> gu

USER32!InternalCreateDialog+0x790:

001b:77cd598b 85c0 test eax,eax

2: kd> gu

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> kc

00 USER32!VerNtUserCreateWindowEx

01 USER32!InternalCreateDialog

02 USER32!CreateDialogIndirectParamAorW

03 USER32!CreateDialogIndirectParamW

04 USER32!CreateDialogIndirectParamW_wrapper

05 comctl32!SHFusionCreateDialogIndirectParam

06 comctl32!_RealPropertySheet

07 comctl32!_PropertySheet

08 comctl32!PropertySheetW

09 SHELL32!PropertySheetW

0a SHELL32!SHOpenPropSheetW

0b SHELL32!DrivesPropertiesThreadProc

0c SHELL32!_PropSheetThreadProc

0d SHLWAPI!WrapperThreadProc

0e kernel32!BaseThreadStart

1: kd> gu

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

1: kd> kc

00 USER32!VerNtUserCreateWindowEx

01 USER32!InternalCreateDialog

02 USER32!CreateDialogIndirectParamAorW

03 USER32!CreateDialogIndirectParamW

04 USER32!CreateDialogIndirectParamW_wrapper

05 comctl32!SHFusionCreateDialogIndirectParam

06 comctl32!_RealPropertySheet

07 comctl32!_PropertySheet

08 comctl32!PropertySheetW

09 SHELL32!PropertySheetW

0a SHELL32!SHOpenPropSheetW

0b SHELL32!DrivesPropertiesThreadProc

0c SHELL32!_PropSheetThreadProc

0d SHLWAPI!WrapperThreadProc

0e kernel32!BaseThreadStart

1: kd> gu

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

1: kd> gu

USER32!InternalCreateDialog+0xba8:

001b:77cd5da3 8bd8 mov ebx,eax

2: kd> gu

Breakpoint 6 hit

USER32!SetForegroundWindow:

001b:77ccd6f0 55 push ebp

2: kd> kc

00 USER32!SetForegroundWindow
01 USER32!SetForegroundWindow_wrapper
02 comctl32!InitPropSheetDlg
03 comctl32!PropSheetDlgProc
04 USER32!InternalCallWinProc
05 USER32!UserCallDlgProcCheckWow
06 USER32!DefDlgProcWorker
07 USER32!SendMessageWorker

08 USER32!InternalCreateDialog

09 USER32!CreateDialogIndirectParamAorW

0a USER32!CreateDialogIndirectParamW

0b USER32!CreateDialogIndirectParamW_wrapper

0c comctl32!SHFusionCreateDialogIndirectParam

0d comctl32!_RealPropertySheet

0e comctl32!_PropertySheet

0f comctl32!PropertySheetW

10 SHELL32!PropertySheetW

11 SHELL32!SHOpenPropSheetW

12 SHELL32!DrivesPropertiesThreadProc

13 SHELL32!_PropSheetThreadProc

14 SHLWAPI!WrapperThreadProc

15 kernel32!BaseThreadStart

2: kd> gu

Breakpoint 7 hit

win32k!xxxSetForegroundWindow:

bf8cdfd1 55 push ebp

2: kd> kc

00 win32k!xxxSetForegroundWindow

01 win32k!xxxStubSetForegroundWindow

02 win32k!NtUserCallHwndLock

03 nt!_KiSystemService

04 SharedUserData!SystemCallStub

05 USER32!NtUserCallHwndLock

06 USER32!SetForegroundWindow_wrapper

07 comctl32!InitPropSheetDlg

08 comctl32!PropSheetDlgProc

09 USER32!InternalCallWinProc

0a USER32!UserCallDlgProcCheckWow

0b USER32!DefDlgProcWorker

0c USER32!SendMessageWorker

0d USER32!InternalCreateDialog

0e USER32!CreateDialogIndirectParamAorW

0f USER32!CreateDialogIndirectParamW

10 USER32!CreateDialogIndirectParamW_wrapper

11 comctl32!SHFusionCreateDialogIndirectParam

12 comctl32!_RealPropertySheet

13 comctl32!_PropertySheet

14 comctl32!PropertySheetW

15 SHELL32!PropertySheetW

16 SHELL32!SHOpenPropSheetW

17 SHELL32!DrivesPropertiesThreadProc

18 SHELL32!_PropSheetThreadProc

19 SHLWAPI!WrapperThreadProc

1a kernel32!BaseThreadStart

2: kd> gu

WARNING: Software breakpoints on session addresses can cause bugchecks.

Use hardware execution breakpoints (ba e) if possible.

win32k!xxxStubSetForegroundWindow+0xd:

bf8ce222 5d pop ebp

2: kd> kv

ChildEBP RetAddr Args to Child

00 b6f86d0c bf80b867 bc688e2c b6f86d58 00ebeeb8 win32k!xxxStubSetForegroundWindow+0xd (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\kernel\\focusact.c @ 1225$

01 b6f86d48 80b05b22 bc688e2c 0000005b 80b05a9a win32k!NtUserCallHwndLock+0x125 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\kernel\\ntstubs.c @ 4821$

02 b6f86d48 7ffe0304 bc688e2c 0000005b 80b05a9a nt!_KiSystemService+0x13f (FPO: $0,3$ TrapFrame @ b6f86d64) (CONV: cdecl) $d:\\srv03rtm\\base\\ntos\\ke\\i386\\trap.asm @ 1328$

03 00ebeea4 77cbef6c 77ccd6fd 0002018c 0000005b SharedUserData!SystemCallStub+0x4 (FPO: $0,0,0$ )

04 00ebeeb8 77cef41b 0002018c 77cc0b00 00000000 USER32!NtUserCallHwndLock+0xc (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\umode\\daytona\\obj\\i386\\usrstubs.c @ 2627$

05 00ebeed0 6f635326 0002018c 0002018c 00000000 USER32!SetForegroundWindow_wrapper+0x42 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\client.c @ 3738$

06 00ebf330 6f636090 0002018c 0015d148 00ebf45c comctl32!InitPropSheetDlg+0xcbd (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\comctl32\\v6\\prsht.c @ 1413$

07 00ebf3e4 77ce7ee3 0002018c 00000110 00020196 comctl32!PropSheetDlgProc+0x5ee (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\comctl32\\v6\\prsht.c @ 3341$

08 00ebf410 77cf2d66 6f635aa2 0002018c 00000110 USER32!InternalCallWinProc+0x1b $d:\\srv03rtm\\windows\\core\\ntuser\\client\\i386\\callproc.asm @ 102$

09 00ebf48c 77cd4af3 00086144 6f635aa2 0002018c USER32!UserCallDlgProcCheckWow+0x147 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\clmsg.c @ 228$

0a 00ebf4d4 77cbf93f 00000000 00000110 00020196 USER32!DefDlgProcWorker+0x11f (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\dlgmgr.c @ 511$

0b 00ebf504 77cd5e88 00608e2c 005f295c 00020196 USER32!SendMessageWorker+0x42a (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\clmsg.c @ 674$

0c 00ebf5c0 77cd9075 6f610000 0015d4d4 00000100 USER32!InternalCreateDialog+0xc8d (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\dlgbegin.c @ 1309$

0d 00ebf5e4 77cf5f03 6f610000 0015d3d8 0004018a USER32!CreateDialogIndirectParamAorW+0x67 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\clres.c @ 884$

0e 00ebf604 77cf65a4 6f610000 0015d3d8 0004018a USER32!CreateDialogIndirectParamW+0x19 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\clres.c @ 850$

0f 00ebf62c 6f6be2be 6f610000 0015d3d8 0004018a USER32!CreateDialogIndirectParamW_wrapper+0x5a (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\windows\\core\\ntuser\\client\\clres.c @ 836$

10 00ebf674 6f636799 6f610000 0015d3d8 0004018a comctl32!SHFusionCreateDialogIndirectParam+0x36 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\lib\\shfusion\\shfusion.c @ 364$

11 00ebf6fc 6f636a6a 0015d148 00000b5a 00000000 comctl32!_RealPropertySheet+0x2b5 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\comctl32\\v6\\prsht.c @ 4963$

12 00ebf72c 6f636a7f 00ebf820 00000000 00ebf774 comctl32!_PropertySheet+0x171 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\comctl32\\v6\\prsht.c @ 5219$

13 00ebf73c 77482e41 00ebf820 00000b5a 00000002 comctl32!PropertySheetW+0xd (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\comctl32\\v6\\prsht.c @ 5224$

14 00ebf774 772d02ff 00ebf820 00151948 000e56e0 SHELL32!PropertySheetW+0x4b (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\lib\\shfusion\\delaycc.c @ 395$

15 00ebf884 7731dba0 00151948 00ebf8b4 00000002 SHELL32!SHOpenPropSheetW+0x3b0 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\shell32\\shprsht.c @ 324$

16 00ebff40 772ec02b 000e56e0 00000000 00000000 SHELL32!DrivesPropertiesThreadProc+0x1ea (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\shell32\\drvx.cpp @ 447$

17 00ebff54 771027d9 000e56e0 00000000 00000000 SHELL32!_PropSheetThreadProc+0x16 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\shell32\\util.cpp @ 158$

18 00ebffb8 77e41be7 00000000 00000000 00000000 SHLWAPI!WrapperThreadProc+0x92 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\shell\\shlwapi\\util.cpp @ 288$

19 00ebffec 00000000 77102747 00cbe404 00000000 kernel32!BaseThreadStart+0x34 (FPO: $Non-Fpo$ ) (CONV: stdcall) $d:\\srv03rtm\\base\\win32\\client\\support.c @ 533$

2: kd> bp 77cd5e88

2: kd> g

Breakpoint 4 hit

USER32!CreateDialogIndirectParamAorW:

001b:77cd900e 55 push ebp

2: kd> kc

00 USER32!CreateDialogIndirectParamAorW

01 USER32!CreateDialogIndirectParamW

02 USER32!CreateDialogIndirectParamW_wrapper

03 comctl32!_CreatePageDialog
04 comctl32!_CreatePage
05 comctl32!PageChange
06 comctl32!InitPropSheetDlg
07 comctl32!PropSheetDlgProc

08 USER32!InternalCallWinProc

09 USER32!UserCallDlgProcCheckWow

0a USER32!DefDlgProcWorker

0b USER32!SendMessageWorker

0c USER32!InternalCreateDialog

0d USER32!CreateDialogIndirectParamAorW

0e USER32!CreateDialogIndirectParamW

0f USER32!CreateDialogIndirectParamW_wrapper

10 comctl32!SHFusionCreateDialogIndirectParam

11 comctl32!_RealPropertySheet

12 comctl32!_PropertySheet

13 comctl32!PropertySheetW

14 SHELL32!PropertySheetW

15 SHELL32!SHOpenPropSheetW

16 SHELL32!DrivesPropertiesThreadProc

17 SHELL32!_PropSheetThreadProc

18 SHLWAPI!WrapperThreadProc

19 kernel32!BaseThreadStart

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> kc

00 USER32!VerNtUserCreateWindowEx

01 USER32!InternalCreateDialog

02 USER32!CreateDialogIndirectParamAorW

03 USER32!CreateDialogIndirectParamW

04 USER32!CreateDialogIndirectParamW_wrapper

05 comctl32!_CreatePageDialog

06 comctl32!_CreatePage

07 comctl32!PageChange

08 comctl32!InitPropSheetDlg

09 comctl32!PropSheetDlgProc

0a USER32!InternalCallWinProc

0b USER32!UserCallDlgProcCheckWow

0c USER32!DefDlgProcWorker

0d USER32!SendMessageWorker

0e USER32!InternalCreateDialog

0f USER32!CreateDialogIndirectParamAorW

10 USER32!CreateDialogIndirectParamW

11 USER32!CreateDialogIndirectParamW_wrapper

12 comctl32!SHFusionCreateDialogIndirectParam

13 comctl32!_RealPropertySheet

14 comctl32!_PropertySheet

15 comctl32!PropertySheetW

16 SHELL32!PropertySheetW

17 SHELL32!SHOpenPropSheetW

18 SHELL32!DrivesPropertiesThreadProc

19 SHELL32!_PropSheetThreadProc

1a SHLWAPI!WrapperThreadProc

1b kernel32!BaseThreadStart

1: kd> bl

0 d Enable Clear bf8914ab $d:\\srv03rtm\\windows\\core\\ntuser\\kernel\\ntinput.c @ 5970$ 0001 (0001) win32k!RawInputThread

1 d Enable Clear u 0001 (0001) (winsrv!ConServerDllInitialization)

2 d Enable Clear bf8e60f1 $d:\\srv03rtm\\windows\\core\\ntuser\\kernel\\ntinput.c @ 180$ 0001 (0001) win32k!xxxInitInput

3 d Enable Clear 77ce7599 $d:\\srv03rtm\\windows\\core\\ntuser\\client\\client.c @ 2447$ 0001 (0001) USER32!CreateWindowStationW

4 e Disable Clear 77cd900e $d:\\srv03rtm\\windows\\core\\ntuser\\client\\clres.c @ 861$ 0001 (0001) USER32!CreateDialogIndirectParamAorW

5 e Disable Clear 77ced8c5 $d:\\srv03rtm\\windows\\core\\ntuser\\client\\client.c @ 5083$ 0001 (0001) USER32!VerNtUserCreateWindowEx

6 e Disable Clear 77ccd6f0 $d:\\srv03rtm\\windows\\core\\ntuser\\client\\client.c @ 3741$ 0001 (0001) USER32!SetForegroundWindow

7 e Disable Clear bf8cdfd1 e 1 0001 (0001) win32k!xxxSetForegroundWindow

8 e Disable Clear 77d20148 $d:\\srv03rtm\\windows\\core\\umode\\daytona\\obj\\i386\\usrstubs.c @ 2839$ 0001 (0001) USER32!NtUserCreateWindowEx

9 e Disable Clear 77cd5e88 $d:\\srv03rtm\\windows\\core\\ntuser\\client\\dlgbegin.c @ 1309$ 0001 (0001) USER32!InternalCreateDialog+0xc8d

1: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

1: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

1: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

1: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

1: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

1: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

1: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

1: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

1: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

1: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

1: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

1: kd> g

Breakpoint 8 hit

USER32!NtUserCreateWindowEx:

001b:77d20148 b856110000 mov eax,1156h

1: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

1: kd> bd 8

1: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 5 hit

USER32!VerNtUserCreateWindowEx:

001b:77ced8c5 55 push ebp

2: kd> g

Breakpoint 9 hit

USER32!InternalCreateDialog+0xc8d:

001b:77cd5e88 8b4d14 mov ecx,dword ptr $ebp+14h$

2: kd> g

Breakpoint 9 hit

USER32!InternalCreateDialog+0xc8d:

001b:77cd5e88 8b4d14 mov ecx,dword ptr $ebp+14h$

USER32!CreateDialogIndirectParamAorW函数分析之驱动器上点击右键属性后

ChildEBP RetAddr Args to Child

ChildEBP RetAddr Args to Child

ChildEBP RetAddr Args to Child