• The Old New Thing

    Thread messages are eaten by modal loops


    Thread messages (as generated by the PostThreadMessage function) do not go anywhere when passed to the DispatchMessage function. This is obvious if you think about it, because there is no window handle associated with a thread message. DispatchMessage has no idea what to do with a message with no associated window. It has no choice but to throw the message away.

    This has dire consequences for threads which enter modal loops, which any thread with a window almost certainly will do at one time or another. Recall that the traditional modal loop looks like this:

    while (GetMessage(&msg, NULL, 0, 0)) {

    If a thread message is returned by the GetMessage function, it will just fall through the TranslateMessage and DispatchMessage without any action being taken. Lost forever.

    Thread messages are generally to be avoided on threads that create windows, for this very reason. Of course, if you're going to create a window, why not use PostMessage instead, passing that window as the target of the posted message? Since there is now a window handle, the DispatchMessage function knows to give the message to your window procedure. Result: Message not lost.

  • The Old New Thing

    Welcome to Millennium Tower, due for completion in May 2005


    The friend who brought to my attention the guide to British pub etiquette reports that Portsmouth's Millennium Tower, centerpiece of the Millennium Project, is still not finished, due for completion (scroll to the end of the article) in May 2005.

    To disguise the embarrassment, they've renamed it to Spinnaker Tower, thereby—as the Hampshire Area Guitar Orchestra describes it—replacing a name that no-one could quite remember how to spell correctly, with a name that no-one can quite remember how to spell correctly".

    If you go back to the original proposal, construction was to begin in Winter 1998 with completion in Autumn 1999. In reality, the project was so badly delayed that construction didn't even begin until 2003 (I believe). Quite an embarrassment to what was supposed to be "Millennium City". (At least it's no longer home to the Tricorn Carpark and Shopping Centre, named Britain's ugliest building.)

    If you go to the project's home page, you can catch up on everything that's going on, or at least pretend to, because the "News Update" and "The Projects" links are both 404.

    But that's okay, because there'll be "More Deatils Soon".

  • The Old New Thing

    What is the HINSTANCE passed to SetWindowsHookEx used for?


    The SetWindowsHookEx function accepts a HINSTANCE parameter. The documentation explains that it is a handle to the DLL containing the hook procedure. Why does the window manager need to have this handle?

    It needs the handle so it knows which DLL to load into each process when the hook fires. It injects the DLL you pass, then calls the function you pass. Clearly the function needs to reside in the DLL you pass in order for its code to be there when the window manager calls it.

    This is also why hook functions must reside in DLLs. You can't load an EXE into another EXE.

    The WH_KEYBOARD_LL and WH_MOUSE_LL hooks are exceptions to this rule. These two are non-injecting hooks, as explained in their respective documentation pages. Rather, the hook function is called in its original thread context.

    Okay, armed with this information, perhaps you can solve this person's problem with global hooks.

  • The Old New Thing

    The new scratch program


    I think it's time to update the scratch program we've been using for the past year. I hear there's this new language called C++ that's going to become really popular any day now, so let's hop on the bandwagon!

    #define STRICT
    #define UNICODE
    #define _UNICODE
    #include <windows.h>
    #include <windowsx.h>
    #include <ole2.h>
    #include <commctrl.h>
    #include <shlwapi.h>
    #include <shlobj.h>
    #include <shellapi.h>
    HINSTANCE g_hinst;
    class Window
     HWND GetHWND() { return m_hwnd; }
     virtual LRESULT HandleMessage(
                             UINT uMsg, WPARAM wParam, LPARAM lParam);
     virtual void PaintContent(PAINTSTRUCT *pps) { }
     virtual LPCTSTR ClassName() = 0;
     virtual BOOL WinRegisterClass(WNDCLASS *pwc)
         { return RegisterClass(pwc); }
     virtual ~Window() { }
     HWND WinCreateWindow(DWORD dwExStyle, LPCTSTR pszName,
           DWORD dwStyle, int x, int y, int cx, int cy,
           HWND hwndParent, HMENU hmenu)
      return CreateWindowEx(dwExStyle, ClassName(), pszName, dwStyle,
                      x, y, cx, cy, hwndParent, hmenu, g_hinst, this);
     void Register();
     void OnPaint();
     void OnPrintClient(HDC hdc);
     static LRESULT CALLBACK s_WndProc(HWND hwnd,
         UINT uMsg, WPARAM wParam, LPARAM lParam);
     HWND m_hwnd;
    void Window::Register()
        WNDCLASS wc;
        wc.style         = 0;
        wc.lpfnWndProc   = Window::s_WndProc;
        wc.cbClsExtra    = 0;
        wc.cbWndExtra    = 0;
        wc.hInstance     = g_hinst;
        wc.hIcon         = NULL;
        wc.hCursor       = LoadCursor(NULL, IDC_ARROW);
        wc.hbrBackground = (HBRUSH)(COLOR_WINDOW + 1);
        wc.lpszMenuName  = NULL;
        wc.lpszClassName = ClassName();
    LRESULT CALLBACK Window::s_WndProc(
                   HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam)
     Window *self;
     if (uMsg == WM_NCCREATE) {
      LPCREATESTRUCT lpcs = reinterpret_cast<LPCREATESTRUCT>(lParam);
      self = reinterpret_cast<Window *>(lpcs->lpCreateParams);
      self->m_hwnd = hwnd;
      SetWindowLongPtr(hwnd, GWLP_USERDATA,
     } else {
      self = reinterpret_cast<Window *>
                (GetWindowLongPtr(hwnd, GWLP_USERDATA));
     if (self) {
      return self->HandleMessage(uMsg, wParam, lParam);
     } else {
      return DefWindowProc(hwnd, uMsg, wParam, lParam);
    LRESULT Window::HandleMessage(
                              UINT uMsg, WPARAM wParam, LPARAM lParam)
     LRESULT lres;
     switch (uMsg) {
     case WM_NCDESTROY:
      lres = DefWindowProc(m_hwnd, uMsg, wParam, lParam);
      SetWindowLongPtr(m_hwnd, GWLP_USERDATA, 0);
      delete this;
      return lres;
     case WM_PAINT:
      return 0;
      return 0;
     return DefWindowProc(m_hwnd, uMsg, wParam, lParam);
    void Window::OnPaint()
     BeginPaint(m_hwnd, &ps);
     EndPaint(m_hwnd, &ps);
    void Window::OnPrintClient(HDC hdc)
     ps.hdc = hdc;
     GetClientRect(m_hwnd, &ps.rcPaint);
    class RootWindow : public Window
     virtual LPCTSTR ClassName() { return TEXT("Scratch"); }
     static RootWindow *Create();
     LRESULT HandleMessage(UINT uMsg, WPARAM wParam, LPARAM lParam);
     LRESULT OnCreate();
     HWND m_hwndChild;
    LRESULT RootWindow::OnCreate()
     return 0;
    LRESULT RootWindow::HandleMessage(
                              UINT uMsg, WPARAM wParam, LPARAM lParam)
     switch (uMsg) {
      case WM_CREATE:
       return OnCreate();  
      case WM_NCDESTROY:
       // Death of the root window ends the thread
      case WM_SIZE:
       if (m_hwndChild) {
        SetWindowPos(m_hwndChild, NULL, 0, 0,
                     GET_X_LPARAM(lParam), GET_Y_LPARAM(lParam),
                     SWP_NOZORDER | SWP_NOACTIVATE);
       return 0;
      case WM_SETFOCUS:
       if (m_hwndChild) {
       return 0;
     return __super::HandleMessage(uMsg, wParam, lParam);
    RootWindow *RootWindow::Create()
     RootWindow *self = new RootWindow();
     if (self && self->WinCreateWindow(0,
           TEXT("Scratch"), WS_OVERLAPPEDWINDOW,
           NULL, NULL)) {
          return self;
     delete self;
     return NULL;
    int PASCAL
    WinMain(HINSTANCE hinst, HINSTANCE, LPSTR, int nShowCmd)
     g_hinst = hinst;
     if (SUCCEEDED(CoInitialize(NULL))) {
      RootWindow *prw = RootWindow::Create();
      if (prw) {
       ShowWindow(prw->GetHWND(), nShowCmd);
       MSG msg;
       while (GetMessage(&msg, NULL, 0, 0)) {
     return 0;

    The basic idea of this program is the same as our old scratch program, but now it has that fresh lemony C++ scent. Instead of keeping our state in globals, we declare a C++ class and hook it up to the window. For simplicity, the object's lifetime is tied to the window itself.

    First, there is a bare-bones Window class which we will use as our base class for any future "class associated with a window" work. The only derived class for now is the RootWindow, the top-level frame window that for now is the only window that the program uses. As you may suspect, we may have other derived classes later as the need arises.

    The reason why the WinRegisterClass method is virtual (and doesn't do anything interesting) is so that a derived class can modify the WNDCLASS that is used when the class is registered. I don't have any immediate need for it, but it'll be there if I need it.

    We use the GWLP_USERDATA window long to store the pointer to the associated class, thereby allowing us to recover the object from the window handle.

    Observe that in the RootWindow::HandleMessage method, I used the Visual C++ __super extension. If you don't want to rely on a nonstandard extension, you can instead write

    class RootWindow : public Window
     typedef Window super;

    and use super instead of __super.

    This program doesn't do anything interesting; it's just going to be a framework for future samples.

  • The Old New Thing

    Sweden's Worst Driver


    Swedish Television announced a new reality-based television program called Sweden's Worst Driver (Sveriges värsta bilförare). I've done a bad job of translating some excerpts:

    TV4 has gathered seven of Sweden's worst drivers and subjects them to a series of tests and challenges. Those who complete each exercise the best get a prize and leave the contest.

    Thus, whoever is the last one left in the television series, which begins on the 29th of April, "wins" and is the worst at the same time.

    ... "That there exist people who aren't so good at driving, I knew that already. But people as bad as this I didn't think existed," says [race driver and judge Richard Göransson].

    ... Sven-Ingvar "Snappe" Eriksson, 39, from Hammerdal in Jämtland was nominated by his wife Lena because he has crashed his car at least 25 to 30 times since he got his driver's license 22 years ago.

    Participants get to do several exercises, among them, yielding the right of way for unexpected traffic on forest roads, backing up with a trailer, parking in a tight spot on a hill, and getting out of a parking garage.

    This is sort of in the spirit of those makeover-type programs like What Not To Wear, *** Eye for the Straight Guy, where you ridicule somebody for their general lameness. But at least in those shows, after they make fun of you, they then try to help you be better! Even in the dreadful Queen for a Day, the humiliated "winner" at least got a prize. No such luck, it seems, for Sweden's worst driver.

    It's now a simple matter of time before this show reaches the United States.

  • The Old New Thing

    The Itanium's so-called stack


    Last year I alluded to the fact that the Itanium processor has two stacks. The one that is traditionally thought of as "the stack" (and the one that the sp register refers to) is a manually managed block of memory from which a function can carve out space to use during its execution. For example, if you declare a local variable like

    TCHAR szBuffer[MAX_PATH];

    then that buffer will go on "the stack".

    But not all local variables are on "the stack".

    Recall that the Itanium has a very large number of registers, most of which participate in function calls. Consequently, many local variables are placed into registers rather than "the stack", and when a function is called, those registers are "squirreled away" by the processor and "unsquirreled" when the function returns. Where do they get squirreled? Well, the processor can often just squirrel them into other unused registers through a mechanism I won't go into. (Those still interested can read Intel's documents on the subject.) If the processor runs out of squirrel-space, it spills them into main memory, into a place known as the "register backing store". This is another stack-like chunk of memory separate from "the stack". (Here's Slava Oks artistic impression of the layout of the ia64's stacks.)

    As already noted, one consequence of this dual-stack model is that a stack buffer overflow will not corrupt the return address, because the return address is not kept on "the stack"; rather, it is kept in the "squirrel space" or (in the case of spillage) in the register backing store.

    Another consequence of this dual-stack model is that various tricks to locate the start of the stack will find only one of the stacks. Missing out on the other stack will cause problems if you think grovelling "the" stack will find all accessible object references.

    The Itanium architecture challenges many assumptions and is much less forgiving of various technically-illegal-but-nobody-really-enforced-it-before shenanigans, some of which I have discussed in earlier entries. To this list, add the "second stack".

  • The Old New Thing

    What is the DC brush good for?


    The DC brush GetStockObject(DC_BRUSH) is a stock brush associated with the device context. Like the system color brushes, the color of the DC brush changes dynamically, but whereas the system color brushes change color based on the system colors, the color of the DC brush changes at your command.

    The DC brush is handy when you need a solid color brush for a very short time, since it always exists and doesn't need to be created or destroyed. Normally, you have to create a solid color brush, draw with it, then destroy it. With the DC brush, you set its color and start drawing. But it works only for a short time, because the moment somebody else calls the SetDCBrushColor function on your DC, the DC brush color will be overwritten. In practice, this means that the DC brush color is not trustworthy once you relinquish control to other code. (Note, however, that each DC has its own DC brush color, so you need only worry about somebody on another thread messing with your DC simultaneously, which doesn't happen under any of the painting models I am familiar with.)

    The DC brush is amazingly useful when handling the various WM_CTLCOLOR messages. These messages require you to return a brush that will be used to draw the control background. If you need a solid color brush, this usually means creating the solid color brush and caching it for the lifetime of the window, then destroying it when the window is destroyed. (Some people cache the brush in a static variable, which works great until somebody creates two copies of the dialog/window. Then you get a big mess.)

    Let's use the DC brush to customize the colors of a static control. The program is not interesting as a program; it's just an illustration of one way you can use the DC brush.

    Start, as always, with our scratch program, and making the following changes.

    OnCreate(HWND hwnd, LPCREATESTRUCT lpcs)
      g_hwndChild = CreateWindow(TEXT("static"), NULL,
            WS_VISIBLE | WS_CHILD, 0, 0, 0, 0,
            hwnd, NULL, g_hinst, 0);
     if (!g_hwndChild) return FALSE;
     return TRUE;
    HBRUSH OnCtlColor(HWND hwnd, HDC hdc, HWND hwndChild, int type)
      FORWARD_WM_CTLCOLORSTATIC(hwnd, hdc, hwndChild, DefWindowProc);
      SetDCBrushColor(hdc, RGB(255,0,0));
      return GetStockBrush(DC_BRUSH);
        HANDLE_MSG(hwnd, WM_CTLCOLORSTATIC, OnCtlColor);

    Run this program and observe that we changed the background color of the static window to red.

    The work happens inside the OnCtlColor function. When asked to customize the colors, we first forward the message to the DefWindowProc function so that the default foreground and background text colors are set. (Not relevant here since we draw no text, but a good thing to do on principle.) Since we want to override the background brush color, we set the DC brush color to red and then return the DC brush as our desired background brush.

    The static control then takes the brush we returned (the DC brush) and uses it to draw the background, which draws in red because that's the color we set it to.

    Normally, when customizing the background brush, we have to create a brush, return it from the WM_CTLCOLORSTATIC message, then destroy it when the parent window is destroyed. But by using the DC brush, we avoided having to do all that bookkeeping.

    There is also a DC pen GetStockObject(DC_PEN) which behaves in an entirely analogous manner.

  • The Old New Thing

    When people ask for security holes as features: Hiding files from Explorer


    By default, Explorer does not show files that have the FILE_ATTRIBUTE_HIDDEN flag, since somebody went out of their way to hide those files from view.

    You can, of course, ask that such files be shown anyway by going to Folder Options and selecting "Show hidden files and folders". This shows files and folders even if they are marked as FILE_ATTRIBUTE_HIDDEN.

    On the other hand, files that are marked as both FILE_ATTRIBUTE_HIDDEN and FILE_ATTRIBUTE_SYSTEM remain hidden from view. These are typically files that involved in the plumbing of the operating system, messing with which can cause various types of "excitement". Files like the page file, folder configuration files, and the System Volume Information folder.

    If you want to see those files, too, then you can uncheck "Hide protected operating system files".

    Let's look at how far this game of hide/show ping-pong has gone:

    1.Normal file
    2.Hidden file
    3."Show hidden files"
    4.Hidden + System
    5."Show protected
    operating system files"

    You'd think this would be the end of the hide/show arms race, but apparently some people want to add a sixth level and make something invisible to Explorer, overriding the five existing levels.

    At some point this back-and-forth has to stop, and for now, it has stopped at level five. Adding just a sixth level would create a security hole, because it would allow a file to hide from the user. As a matter of security, a sufficiently-privileged user must always have a way of seeing what is there or at least know that there is something there that can't be seen. Nothing can be undetectably invisible.

    If you add a sixth level that lets a file hide from level five, then there must be a level seven that reveals it.

  • The Old New Thing

    Project update: Voyage to Our Hollow Earth


    In December 2003, I reported on Steve Currey's expedition to the hole at the top of the earth, which at the time was scheduled for June 26, 2005. But on May 6, 2004, the site rescheduled the trip for Jun 26, 2006 with no explanation. The reservation form reminds you that the 25% deposit is non-refundable.

    Far be it from me to suggest that these people are just stringing their loyal following along, pocketing the $4000 deposit, with no intention of actually mounting the expedition. That would be patently unfair of me. I'm certain there's a perfectly reasonable and honorable explanation for the delay.

  • The Old New Thing

    What is the HINSTANCE passed to CreateWindow and RegisterClass used for?


    One of the less-understood parameters to the CreateWindow function and the RegisterClass function is the HINSTANCE (either passed as a parameter or as part of the WNDCLASS structure).

    The window class name is not sufficient to identify the class uniquely. Each process has its own window class list, and each entry in the window class list consists of an instance handle and a class name. For example, here's what the window class list might look like if a program has two DLLs, both of which register a class name "MyClass", passing the DLL's handle as the HINSTANCE.

    HINSTANCEClass name

    When it comes time to create a window, each module then passes its own HINSTANCE when creating the window, and the window manager uses the combination of the instance handle and the class name to look up the class.

    CreateWindow("MyClass", ..., hinstA, ...); // creates class 6
    CreateWindow("MyClass", ..., hinstB, ...); // creates class 7
    CreateWindow("MyClass", ..., hinstC, ...); // fails

    This is why it is okay if multiple DLLs all register a class called "MyClass"; the instance handle is used to tell them apart.

    There is an exception to the above rule, however. If you pass the CS_GLOBALCLASS flag when registering the class, then the window manager will ignore the instance handle when looking for your class. All of the USER32 classes are registered as global. Consequently, all of the following calls create the USER32 edit control:

    CreateWindow("edit", ..., hinstA, ...);
    CreateWindow("edit", ..., hinstB, ...);
    CreateWindow("edit", ..., hinstC, ...);

    If you are registering a class for other modules to use in dialog boxes, you need to register as CS_GLOBALCLASS, because as we saw earlier the internal CreateWindow call performed during dialog box creation to create the controls passes the dialog's HINSTANCE as the HINSTANCE parameter. Since the dialog instance handle is typically the DLL that is creating the dialog (since that same HINSTANCE is used to look up the template), failing to register with the CS_GLOBALCLASS flag means that the window class lookup will not find the class since it's registered under the instance handle of the DLL that provided the class, not the one that is using it.

    In 16-bit Windows, the instance handle did other things, too, but they are no longer relevant to Win32.

    A common mistake is to pass the HINSTANCE of some other module (typically, the primary executable) when registering a window class. Now that you understand what the HINSTANCE is used for, you should be able to explain the consequences of registering a class with the wrong HINSTANCE.

Page 383 of 455 (4,546 items) «381382383384385»