On Mon, 23 Mar 2020, Marvin wrote: [...]
=== w1064v1507 (64 bit report) ===
kernel32: process:208: unhandled exception 00919230 in child process 0ba4
Ignore this patch: this failure is indeed caused by it. (as per IRC)
To summarize: test_SuspendProcessState() arranges for ExitProcess() to be called by the child process but in the x86_64 case it does not specify the exit code to use (no exit_code field is set on the stack).
So the child process exit code is the result of a race between the parent's TerminateProcess() call (0 exit code) and the child ExitProcess() call (random exit code).
In the 32 bit case the exit code is set to 0 in the child too (remote_rop_chain.exit_code) so there is no issue.
Setting the child process exit code in the 64 bit case is presumably tricky and not the point of the test so the exit code should just be ignored.
I'll resubmit the patch.