Last week I mentioned that some of my tests for my Win32 Debug API class had suddenly started failing. It seems that I was right and the changes are due to some .Net fixes that have been rolled out recently. The code runs and the tests pass if I run on a clean instal Vista x64 VM and fail on my day to day development box.
It seems that my plan to “stick a breakpoint in mscoree.dll’s _CorExeMain()” wasn’t such a good idea after all. With the new updates installed and with an x64 process using the Win32 debug API to run a CLR 1.0 or 1.1 app (x86) the breakpoint in mscoree.dll’s _CorExeMain() never gets hit. Luckilly switching to sticking a breakpoint in mscorwks.dll’s _CorExeMain() instead seems to work on both x86 and x64, running either x86 or x64 (where appropriate) CLR apps and on both a clean install of Vista and on patched systems. So, now if the app we’re launching is a CLR app we ignore the start address entirely and use mscorwks.dll’s _CorExeMain() as our start address. This seems to give a reliable way to halt a CLR app after it has started up, when it’s in a stable state, and before it starts to do anything. Just what I need to inject my code.