Am 25.05.2020 um 20:09 schrieb Paul Gofman <pgofman@codeweavers.com>:

goes in the lower
address space, so a bit later an .exe without relocations cannot be
mapped to 0x40000.

It's been a while since I understood the library load code well enough (if I ever understood it), but shouldn't we map the .exe file before we map kernelbase.dll? How does ntdll figure out kernelbase is needed without looking into the .exe import section?

I think we want kernelbase and kernel32 at their fixed addresses regardless, some DRMs or just too much inventive applications may depend on that.