570 likes | 1.19k Views
Microsoft's .NET Implementation. Matthew Conover April 2002. What is .NET?. .NET = dumb name .NET != web services .NET is a framework .NET is platform independent .NET is language insensitive .NET specs are publicly available. Topics of Discussion. Introduction to .NET Assemblies
E N D
Microsoft's .NET Implementation Matthew Conover April 2002
What is .NET? • .NET = dumb name • .NET != web services • .NET is a framework • .NET is platform independent • .NET is language insensitive • .NET specs are publicly available
Topics of Discussion • Introduction to .NET • Assemblies • Microsoft’s implementation of .NET • .NET Hook (dotNetHook) tool
Introduction to .NET • .NET CLI specifications (ECMA) • Partition I – Architecture • Partition II – Metadata • Partition III – CIL • Partition IV – Library • Partition V – Annexes • Class Library (XML specification)
Introduction to .NET • Base Class Library (BCL) • Shared among all languages • Common Language Runtime (CLR) • Common Type System (CTS) • Common Language Specification (CLS) • Execution Engine
Base Class Library • Similar to Java’s System namespace. • Has classes for IO, threading, database, text, graphics, console, sockets/web/mail, security, cryptography, COM, run-time type discovery/invocation, assembly generation
Common Language Runtime • Common Type Specification • Specifies certain types required to be hosted by CLR • Specifies rules for class, structure, enumeration, interfaces, delegates, etc. • Everything is actually an object
Common Language Runtime • Execution Engine • Handles object layout/references • Handles garbage collection • Managed heap • Enforces code access security • Handles verification • Safe methods can only do safe things • Compiles MSIL (bytecode) into native code
Common Language Runtime Assembly BCL Class Loader External Assembly JIT Execution Engine Machine Code
Assemblies • Single-file or multi-file assemblies • Components: • Manifest • Metadata • MSIL (or native) code • Resources
Manifest • Defines assembly • Strong name • Files in the assembly • Type references • Referenced assemblies
Metadata • Contains all .NET data • Streams • #Strings • #Blob • #GUID • #US • #- or #~ • Tables (stored in #- or #~) • In a predefined order • I.e., MethodDef, AssemblyRef, Constant
Metadata Signature, Version, Flags Stream count Metadata Header Data offset Stream size Name Stream Header 1 … Stream Header 2 … Stream bodies
#~ and #- Stream Version Heap sizes Valid tables Sorted tables Tables Header Table row count Valid Table 1 … Valid Table 2 … Table bodies
MethodDef Table (0x06) RVA Offset to method Implementation flags Method flags Method name Offset into #Strings Signature Offset into #Blob Parameters Index into Param table (0x08)
MethodDef Table (0x06) Param Table (0x08) Flags Sequence number Parameter name Offset into #Strings Signature Blob Flags Parameter count Return type Parameter types
MSIL • Pseudo-assembly • nop, break, ret, call, callvirt, newobj, newarr, add, mul, xor, arglist, sizeof, throw, catch, dup • 0xFE = first byte of two byte opcodes • Uses “tokens” instead of offsets/pointers • All calls are stack based • “this” pointer passed as first argument • Arguments passed left-to-right by default • varargs passes an extra signature
MSIL IL Assembler 0x1f 0x09 0x28 0x06000006 ldc.i4.s 9 call Print(Int32) Method token Token Table Number Row Index Upper 8 bits Lower 24 bits
Call Stack ldc.i4.1 ldc.i4.2 call ClassType::func(Int32, Int32) ClassType a; a.func(1, 2) 1 2 this pointer Stack top Left-to-right ordering
MSIL Samples • Ldloc • Puts value on stack from a local variable • Ldarg • Puts an argument on the stack • Ldlen • Puts the length of an array on the stack • Ldelem • Puts the value of an element on the stack • Ld*a • Puts the address of something on the stack
MSIL Samples (cont.) • Brtrue <target> • Branch to target if value on stack is true • Dup • Duplicate a value on the stack • Ldnull • Puts a null value on the stack
Microsoft’s .NET Implementation • %SystemRoot%\Microsoft.NET • %SystemRoot%\Assembly + • \GAC • \NativeImages*
System Libraries • mscoree.dll (execution engine) • mscorjit.dll (contains JIT) • mscorsn.dll (strong name) • mscorlib.dll (BCL) • fushion.dll (assembly binding)
.NET Application • Jumps to _CorExeMain (mscoree) • Calls _CorExeMain in mscorwks.dll • _CorExeMain calls CoInitializeEE • CoInitializeEE calls: • EEStartup • ExecuteEXE
EEStartup • GCHeap.Initialize • Managed heap = Doug Lea’s malloc? • ECall.Init • SetupGenericPInvokeCalliStub • PInvokeCalliWorker • NDirect.Init • UMThunkInit.UMThunkInit • COMDelegate.Init • ExecutionManger.Init • COMNlsInfo.InitializeNLS
EEStartup (cont.) • Security::Start • SystemDomain.Init • Loads BCL • SystemDomain.NotifyProfilerStartup • SystemDomain.NotifyNewDomainLoads • SystemDomain.PublishAppDomainAndInformDebugger (ICorPublish/ICorDebug)
SystemDomain.Init • LoadBaseSystemClasses • SystemDomain.CreatePreallocatedExceptions
LoadBaseSystemClasses • SystemDomain.LoadSystemAssembly • Loads mscorlib.dll • Binder::StartupMscorlib • Binder::FetchClass(OBJECT) • MethodTable::InitForFinalization • InitJITHelpers2 • Binder::FetchClass(VALUE) • Binder::FetchClass(ARRAY)
LoadBaseSystemClasses • Binder.FetchType(OBJECT_ARRAY) • Binder.FetchClass(STRING) • Binder.FetchClass(ENUM) • Binder.FetchClass(ExceptionClass) • Binder.FetchClass(OutOfMemoryExceptionClass) • Binder.FetchClass(StackOverflowExceptionClass)
LoadBaseSystemClasses • Binder.FetchClass(ExecutionEngineExceptionClass) • Binder.FetchClass(DelegateClass) • Binder.FetchClass(MultiDelegateClass)
.NET Application (review) • Jumps to _CorExeMain (mscoree) • Calls _CorExeMain in mscorwks.dll • _CorExeMain calls CoInitializeEE • CoInitializeEE calls: • EEStartup • ExecuteEXE
ExecuteEXE • StrongNamesignatureVerification • In mscorsn.dll • PEFile::Create • Loads executable • ExecuteMainMethod • FushionBind.CreateFushionName • Assembly.ExecuteMainMethod
ExecuteMainMethod • Thread.EnterRestrictiedContext • PEFile::GetMDImport • SystemDomain.SetDefaultDomainAttributes • Sets entry point • SystemDomain.InitializeDefaultDomain • BaseDomain.LoadAssembly
BaseDomain.LoadAssembly • BaseDomain.ApplySharePolicy • AssemblySecurityDescriptor.Init • Module.Create • BaseDomain.SetAssemblyManifestModule • AssemblySecurityDescriptor.AddDescriptorToDomainList
ExecuteEXE (review) • StrongNamesignatureVerification • In mscorsn.dll • PEFile::Create • Loads executable • ExecuteMainMethod • FushionBind.CreateFushionName • Assembly.ExecuteMainMethod
Assembly.ExecuteMainMethod • Assembly::GetEntryPoint • ClassLoader::ExecuteMainMethod • EEClass:FindMethod(entry point token)
EEClass.FindMethod • ValidateMainMethod • CorCommandLine.GetArgvW • MethodDesc.Call • MethodDesc.IsRemotingIntercepted • MethodDesc.CallDescr calls MethodDesc.CallDescrWorker • CallDescrWorker calls Main()
.NET Application • Main() needs to be compiled • Main() calls PreStubWorker (mscorwks) • PreStubWorker • Compiles all IL methods • Calls MethodDesc.DoPrestub
MethodDesc.DoPrestub • MethodDesc.GetSecurityFlags • MethodDesc.GetUnsafeAddrofCode • MethodDesc.GetILHeader • MethodDesc.GetRVA • COR_DECODE_METHOD • Decode tiny/fat format • Security._CanSkipVerification
MethodDesc.DoPrestub • EEConfig.ShouldJitMethod • MakeJitWorker • JITFunction • GetPrejittedCode
JITFunction • ExecutionManager::GetJitForType • EEJitManager::LoadJIT • Loads mscorjit.dll (in LoadJIT) • Calls getJit in mscorjit (in LoadJIT) • CallCompileMethodWithSEHWrapper • Debugger.JitBeginning • CILJit.compileMethod • Debugger.JitComplete
CILJit.compileMethod • Calls jitNativeCode • jitNativeCode • Compiler.compInit • Compiler.compCompile
Compiler.compCompile • Compiler.eeGetMethodClass • Compiler.eeGetClassAttribs • emitter.emitBegCG • Compiler.eeGetMethodAttribs • Compiler.comptInitDebuggingInfo • Compiler.genGenerateCode • emitter.emitEndCG
Compiler.genGenerateCode • emitter.emitBegFN • Compiler.genCodeForBBlist • Compiler.genFnProlog • Compiler.genFnEpilog • emitter.emitEndCodeGen • Compiler.gcInfoBlocKHdrSave • emitter.emitEndFN
.NET Application • Show flowchart
.NET Hook • Reads through method table • Reads method • Parses header, code, EH data • Hooks interest functions • Inserts hooked code at front of method • Stored at the end of the .text section • Updates PE and section headers • Changes function RVAs in Metadata
Method Definition (review) RVA Offset to method Implementation flags Method flags Method name Offset into #Strings Signature Offset into #Blob Parameters Index into Param table (0x08)
Tiny Method Body • Header size = 1 byte • Used when: • Maximum stack size is less than 8 • The method has no local variables • No extra data section • No exceptions
Tiny Method Header (flags and code size) Method body (IL)
Fat Method • Header size = 12 bytes Flags Header size Max. stack size Code size Local var. signature Describes local variables Method body (IL) Extra data sections Currently only used for exceptions