由于Reactos是以线程为最小的调度单位,如果仅仅创建进程的数据结构,不足以运行进程的任务,每个进程至少需要一个线程才可以运行,下面就来分析系统进程的线程创建,代码如下:
#195 /* Setup the system initialization thread */
#196 Status = PsCreateSystemThread(&SysThreadHandle,
#197 THREAD_ALL_ACCESS,
#198 &ObjectAttributes,
#199 0,
#200 NULL,
#201 Phase1Initialization,
#202 LoaderBlock);
#203 if (!NT_SUCCESS(Status)) return FALSE;
#204
这段代码里是调用函数PsCreateSystemThread来创建一个系统的线程。
#001 /*
#002 * @implemented
#003 */
#004 NTSTATUS
#005 NTAPI
#006 PsCreateSystemThread(OUT PHANDLE ThreadHandle,
#007 IN ACCESS_MASK DesiredAccess,
#008 IN POBJECT_ATTRIBUTES ObjectAttributes,
#009 IN HANDLE ProcessHandle,
#010 IN PCLIENT_ID ClientId,
#011 IN PKSTART_ROUTINE StartRoutine,
#012 IN PVOID StartContext)
#013 {
设置目标进程为空。
#014 PEPROCESS TargetProcess = NULL;
保存了进程句柄。
#015 HANDLE Handle = ProcessHandle;
#016 PAGED_CODE();
#017 PSTRACE(PS_THREAD_DEBUG,
#018 "ProcessHandle: %p StartRoutine: %p StartContext: %p/n",
#019 ProcessHandle,StartRoutine,StartContext);
#020
检查进程句柄是否为空,如果为空,就是系统进程的线程,否则是用户进程的线程。
#021 /* Check if we have a handle. If not,use the System Process */
#022 if (!ProcessHandle)
#023 {
#024 Handle = NULL;
#025 TargetProcess = PsInitialSystemProcess;
#026 }
#027
#028 /* Call the shared function */
#029 return PspCreateThread(ThreadHandle,
#030 DesiredAccess,
#031 ObjectAttributes,
#032 Handle,
#033 TargetProcess,
#034 ClientId,
#035 NULL,
#036 NULL,
#037 FALSE,
#038 StartRoutine,
#039 StartContext);
#040 }