你的位置:首页 > 操作系统

[操作系统][ 转载 ] kernel32.BaseThreadInitThunk



Edited by wap2k, 20 October 2014 - 07:52 PM.

This function is called to start a Win32 thread. Its purpose is to call the thread start address.
If the thread returns it will terminate the thread and delete it's stack.

Arguments:

  • DWORD LdrReserved - Should always be 0 for user threads
  • LPTHREAD_START_ROUTINE lpStartAddress - Supplies the starting address of the new thread. The address is a function that never returns and that accepts a single DWORD pointer argument.
  • LPVOID lpParameter - Supplies a single parameter value passed to the thread.

Return value is nothing.

 

Before Vista:

VOIDBaseThreadStart(IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter)

Vista+

VOID BaseThreadInitThunk(IN DWORD LdrReserved, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter);

The use of the LdrReserved is used by the system in several places by NTDLL referred to as 

Kernel32ThreadInitThunkFunction)(1, 0, 0) as you can see this allows the lpStartAddress and lpParameter to be NULL.

 

I can only guess that this is for use only by the windows loader functions it checks if this parameter is null and then calls BasepInitializeTermsrvFpns() if a flag is set in an unknown variable.

 

Before Windows Vista the function looked like this:

VOIDBaseThreadStart(  IN LPTHREAD_START_ROUTINE lpStartAddress,  IN LPVOID lpParameter  ){  try {    //    // test for fiber start or new thread    //    if ( NtCurrentTeb()->NtTib.Version == OS2_VERSION ) {      if ( !BaseRunningInServerProcess ) {        CsrNewThread();        }      }    ExitThread((lpStartAddress)(lpParameter));    }  except(UnhandledExceptionFilter( GetExceptionInformation() )) {    if ( !BaseRunningInServerProcess ) {      ExitProcess(GetExceptionCode());      }    else {      ExitThread(GetExceptionCode());      }    }}

After Vista similar to this:

VOID BaseThreadInitThunk(DWORD LdrReserved, LPTHREAD_START_ROUTINE lpStartAddress, LPVOID lpParameter){ int tUserThread; if ( !LdrReserved ) {  tUserThread = (lpStartAddress)(lpParameter);  RtlExitUserThread(tUserThread); } if(Flag_v7FFE02D0 & 0x10) BasepInitializeTermsrvFpns();}