I was doing some changes to RtlCreateUserProcess and saw the strage rotuine SmCreateUserProcess:
http://svn.reactos.com/viewcvs/trunk/reactos/subsys/smss/smapiexec.c?rev=142...
It has several bugs/problems/confusions: 1) RtlDestroyProcessParameters is not called if RtlCreateUserProcess failed. 2) If WaitForIt is TRUE and you specify a timeout, the caller in not notified if SmCreateUserProcess returned due to timeout. The process will stay running forever. 3) If TerminateIt is TRUE, handles are closed. This is wrong/confusing. Closing the handles does not terminate the process (wrong name?). 4) If you dont pass a UserProcessInfo and TerminateIt is FALSE, it will leak thread/process handles. 5) If you pass UserProcessInfo and TerminateIt is TRUE, the thread/process handles in UserProcessInfo will be invalid.
etc.etc.
VERY confusing and bug prone:
SmCreateUserProcess is used once in the end of this file and it pass FALSE for TerminateIt and pass no UserProcessInfo thus the thread/process handles will never be closed.
I should have fixed it myself if i just understod how this routine is _supposed_ to work:-D
Regards Gunnar