C++ is a powerful language, with features like templates, exception handling, native machine-code generation, and classes. These are some of its attractive features. But almost anyone who tried to use C++ in native NT application development may have wondered why their applications fail to start (it's obvious already you cannot start one directly from Win32, right?) even though there are no unresolved DLL references (these can be seen using a program such as Dependency Walker.)
That same program can answer why, if your program uses the dynamic CRT in a DLL (e.g. msvcr90.dll): the runtime DLL requires the graphical-user interface (GUI) subsystem, which is in the server process (Csrss.exe), which is executed usually after any other native applications are done. So, by the time your native NT application runs, the required subsystem (GUI) has not been started yet, thus explaining the reason why the DLL fails to load.
The answer isn't so obvious when the CRT is statically linked (e.g. using libcmt.lib). Looking at the 'Subsystem' column for both Ntdll.dll and Kernel32.dll, we see that they are both using the 'Console' subsystem. The Console subsystem is already loaded very early in the boot process, because Ntdll.dll sits directly above the kernel. So why it can't start? Well, even I had to wonder until people working on Wine (many thanks to them! :D) made their source available on the Net. I pilled a file from the set belonging to Kernel32.dll, and I saw a code that communicates with the server process, in its DllMain function. No wonder the Kernel32 module cannot load...
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment