1 / 15

The .Net Execution system

The .Net Execution system. (c) Allan C. Milne School of Computing & Creative Technologies University of Abertay Dundee. Last updated 26 th July 2006. Agenda. The Execution system IL code verification Type safety Type verification. Introduction.

kirti
Download Presentation

The .Net Execution system

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The .NetExecution system (c) Allan C. Milne School of Computing & Creative Technologies University of Abertay Dundee Last updated 26th July 2006

  2. Agenda • The Execution system • IL code verification • Type safety • Type verification

  3. Introduction • This presentation looks at some of the components that make up the run-time execution system for a .Net program. • It will be based around the functionality provided by the CLR. • Central to the .Net philosophy is the assurance of code safety and security.

  4. CLR Subsystems • The type system. • manages type access & verifies type safety. • The metadata system. • manages & checks assembly manifests. • The execution system. • manages the execution of the IL code.

  5. The Execution system • Responsible for the controlled execution of managed code. • This includes • JIT compilation • memory management • security checking. • A design goal of this system was that it should not be bound to any single hardware platform.

  6. IL Code • An object-oriented assembly language. • Targeted for an abstract stack-based machine. • Example instruction functionality • push, pop, method call, create object. • It executes on a virtual machine with no expectations of specific registers. • Can therefore be ported to a variety of hosts that support a CLR implementation.

  7. Some IL Instructions • box, unbox • convert stack values to object values on the heap. • callvirt • dynamic method call where the run-time type of the object on which the call is invoked determines the actual method call. • newobj • creates a new object on the managed heap.

  8. An IL Code Example class ILexample { public static void Main () { int i = 5; MyClass obj = new MyClass(); obj.MyMethod (i); } } ldc.i4.5 stloc.0 newobj instance void ExecModel.MyClass::.ctor() stloc.1 ldloc.1 ldloc.0 callvirt instance void ExecModel.MyClass::MyMethod(int32) ret

  9. The Method IL code class MyClass { public void MyMethod (int x) { int a; a = x + 2; } } ldarg.1 ldc.i4.2 add stloc.0 ret

  10. Starting A Program • An executable CLR program has at least 3 components • a user defined assembly with entry point • execution system (mscorsvr.dll or mscorwks.dll) • basic type system (mscorlib.dll) • The two execution systems are for server or workstation environments.

  11. Downloaded & Mobile Code • A system must protect itself from executable code that is downloaded. • Either allow it to execute or not. • Restrict access to local resources (Java sandbox approach). • Combine assurance of type safety with a flexible security system that defines permissions (.Net approach).

  12. Type Safety • An IL program is type-safe if it • accesses types only according to their contract, • cannot result in stack overflow or underflow, • correctly uses the exception handling mechanism, and • initialises all objects.

  13. Type Verification • To ensure type-safety the CLR must • verify the assembly manifest, and • verify the types within the assembly. • Verifying the metadata in the manifest ensures that all tokens and indexes are valid & there are no buffer overruns. • Verifying the assembly types ensures that all type contracts defined in the metadata are adhered to.

  14. IL Code Categories • Illegal : JIT compiler cannot process the code, e.g. because of invalid op-codes. • Legal : code can be compiled but it may contain non-type safe instructions. • Type-safe : types interact only through published contracts. • Verifiable : can be assured to be type safe through a verification algorithm.

  15. CLR Type Verification of ILCode … • is conservative. • Code that fails verification may still be type-safe. • occurs during JIT compilation. • requires that unmanaged code is fully trusted as it will not be verified.

More Related