I'm setting a low-level mouse hook with SetWindowsHookEx
:
HANDLE handle = SetWindowsHookEx(WH_MOUSE_LL,
&callback,
GetModuleHandle(NULL),
NULL);
Because this is a low-level callback, it will be executed inside my own process; no DLL injection is performed.
Now, I've noticed that the callback sometimes (indirectly) gets invoked from standard API functions such as GetAncestor
, GetWindowRect
and such. It seems that these can cause some message queue to be flushed.
Actually, my question is threefold…
When is the callback called?
Can it be called from inside any API function? How do I tell?
On what thread is the callback executed?
Will it only be run on the thread that installed the hook, or can the system call it on any thread?
Why are hooks implemented as a callback in the first place?
(Does Raymond Chen hang around here?) It would seem much more sensible to me to implement hooks simply as (sent) messages, like pretty much all the rest of Windows. For messages, at least I know which functions can cause pending sent messages to be processed (
GetMessage
,PeekMessage
and a handful of others), and I would know on which thread they are processed (the thread that received the message in the first place).