CreateProcess - wine is not doing it right

Robert Shearman rob at codeweavers.com
Sat Sep 10 15:04:23 CDT 2005


Vitaliy Margolen wrote:

>Now I really need you help people.
>
>Ok, here is the problem:
>LdrInitializeThunk is called from within start_process - the first thing to be
>executed in the new process's context. But this is not right. All what I found
>so far indicates, that LdrInitializeThunk should be queued as an APC, so it
>executes first no matter what.
>  
>

That's because we run on top of other libraries and they need to be 
initialized first.

>To complicate matters more, LdrInitializeThunk calling wineserver to stop the
>process if it's created with CREATE_SUSPENDED flag set. This is wrong. New
>process should never make it to it's main thread yet.
>  
>

Unfortunately, I don't believe there is a syscall that will allow use to 
create a process truly suspended.

>And even worse, none of this happens where it should be - in ntdll.
>Functions such as NtCreateProcess and NtCreateThread are stubs. So when I'm
>looking on-line for any information, they all refer to these ntdll functions.
>  
>

I believe these functions are too low level to be reasonably implemented 
in Wine. We defer to a threading library, which roughly corresponds to 
the kernel32 API, whereas the ntdll API corresponds to us having to make 
syscalls ourselves. Also, NT process objects don't map exactly to Unix 
process objects. For example, in NT you can create a process without any 
threads.


-- 
Rob Shearman




More information about the wine-devel mailing list