I have a .net application that is doing COM interop and calling some native library APIs. One of these APIs are returning some data that is unexpected and causing headaches for me. I am looking for some way of forcing the return value of the managed API. This is not going to solve my problem but help me narrow a few things down. I am simplifying things a bit below.
Keeping all this in mind, Let's say my managed class name MyClass and it has two methods ParentMethod() and ChildMethod(). ParentMethod calls ChildMethod which internally calls those native APIs. The ChildMethod itself returns a bool.
After breaking into my app via Windbg I first ran !dumpheap -type MyClass command that gave me following output
0:027> !dumpheap -type MyClass
Address MT Size
0ac7e7e4 04ac5030 100
total 0 objects
Statistics:
MT Count TotalSize Class Name
04ac5030 1 100 MyNamespace.MyClass
Total 1 objects
I then ran following command trying to get the address of the methods in this class.
0:027> !dumpmt -md 04ac5030
EEClass: 04ac1b20
Module: 04ac49c8
Name: MyNamespace.MyClass
mdToken: 02000002
File: MyAssemblyName, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
BaseSize: 0x64
ComponentSize: 0x0
Slots in VTable: 61
Number of IFaces in IFaceMap: 4
MethodDesc Table
Entry MethodDesc JIT Name
04b20270 04ac4fd0 JIT MyNamespace.MyClass..ctor()
04b20230 04ac4ffc JIT MyNamespace.MyClass..cctor()
04acc081 04ac4fd8 NONE MyNamespace.MyClass.ParentMethod()
04acc085 04ac4fe4 NONE MyNamespace.MyClass.ChildMethod()
04b202c0 04ac4ff0 JIT MyNamespace.MyClass.InitializeComponent()
I have found Naveen's blog entry where he describes some technique of doing something along the same line but I couldn't figure out what exact step should I take from here. Any help will be highly appreciated.
Here are simple steps
bp 04acc085 - Which is the ChildMethodbp poi(@esp) which sets the break-point on return registerr eax=00000001 . The eax register stores the return value in x86Or another way is to bp 04acc085 "gu;r eax=00000001;gc" which will do the same in one line