懂dllcall的高手请进，完整代码，看看什么问题

justme

求教高手：
问题1：执行后会一个黑框一闪而过，结构体声明貌似不太准确
问题2：返回的结果不正确，问题出在哪里

功能 管道执行(命令行)
    var hRead,hWrite
    //  typedef struct _SECURITY_ATTRIBUTES {
    //  DWORD  nLength;
    //  LPVOID lpSecurityDescriptor;
    //  BOOL   bInheritHandle;
    //  } SECURITY_ATTRIBUTES, *PSECURITY_ATTRIBUTES, *LPSECURITY_ATTRIBUTES;

    var 安全属性=数组()
    安全属性["nLength"]=数组("long"=0,"value"=0)
    安全属性["lpSecurityDescriptor"]=数组("long"=1,"value"=null)
    安全属性["bInheritHandle"]=数组("long"=1,"value"=false)
    安全属性["nLength"]["value"]=结构体长度(安全属性)   


  //  BOOL WINAPI CreatePipe(
  //  _Out_    PHANDLE               hReadPipe,
  //  _Out_    PHANDLE               hWritePipe,
  //  _In_opt_ LPSECURITY_ATTRIBUTES lpPipeAttributes,
  //  _In_     DWORD                 nSize
  //  );

    如果(!dllcall("Kernel32.dll","int","CreatePipe","plong",hRead,"plong",hWrite,"pstruct",安全属性,"int",0))//创建匿名管道
        返回 false
    结束   

    命令行=系统获取系统路径(0)&"system32\\cmd.exe /c "&命令行

    var si =数组(),pi =数组()
    si["cb"]=数组("long"=0,"value"=0)
    si["lpReserved"]=数组("wchar"=1,"value"=null)
    si["lpDestktop"]=数组("wchar"=16,"value"="")
    si["lpTitle"]=数组("wchar"=16,"value"="")
    si["dwX"]=数组("long"=0,"value"=0)
    si["dwY"]=数组("long"=0,"value"=0)
    si["dwXSize"]=数组("long"=0,"value"=0)
    si["dwYSize"]=数组("long"=0,"value"=0)
    si["dwXCountChars"]=数组("long"=0,"value"=0)
    si["dwYCountChars"]=数组("long"=0,"value"=0)
    si["dwFillAttribute"]=数组("long"=0,"value"=0)
    si["dwFlags"]=数组("long"=0,"value"=0)
    si["wShowWindow"]=数组("long"=1,"value"=false)
    si["cbReserved2"]=数组("long"=0,"value"=0)
    si["lpReserverd2"]=数组("byte"=1,"value"=null)
    si["hStdInput"]=数组("long"=0,"value"=0)
    si["hStdOutput"]=数组("long"=0,"value"=0)
    si["hStdError"]=数组("long"=0,"value"=0)

    si["cb"]["value"]=结构体长度(si)
    var dwsi=结构体申请内存(si)

    // typedef struct _PROCESS_INFORMATION {
    // HANDLE hProcess;
    // HANDLE hThread;
    // DWORD  dwProcessId;
    // DWORD  dwThreadId;
    // } PROCESS_INFORMATION, *LPPROCESS_INFORMATION;

    pi["hProcess"]=数组("long"=0,"value"=0)
    pi["hThread"]=数组("long"=0,"value"=0)
    pi["dwProcessId"]=数组("long"=0,"value"=0)
    pi["dwThreadId"]=数组("long"=0,"value"=0)

    如果(dllcall("Kernel32.dll","int","CreateProcessW","int",null,"wchar *",命令行,"int",null,"int",null,"int",true,"int",0,"int",null,"int",null,"long",dwsi,"pstruct",pi)==0)
        返回 false
    结束   
    调试输出(pi)

    dllcall("Kernel32.dll","int","CloseHandle","int",hWrite)
    结构体释放内存(dwsi)

    var bytesRead=0
    //var dwbytesRead=获取变量指针(bytesRead)
    var buffer=4096
    var lpbuf=获取变量指针(buffer)
    var dwbytesRead=获取变量指针(bytesRead)

    // BOOL ReadFile(
    // HANDLE hFile,                                    //文件的句柄
    // LPVOID lpBuffer,                                //用于保存读入数据的一个缓冲区
    // DWORD nNumberOfBytesToRead,    //要读入的字节数
    // LPDWORD lpNumberOfBytesRead,    //指向实际读取字节数的指针
    // LPOVERLAPPED lpOverlapped

    dllcall("Kernel32.dll","int","ReadFile","int",hRead,"plong",lpbuf,"int",buffer,"plong",dwbytesRead,"int",null)
    var retbuf,retbytesRead
    retbuf=地址取值(获取变量地址(lpbuf),"wchar *")
    调试输出(retbuf)
    返回 retbuf

结束