Shulou(Shulou.com)06/02 Report--

In this issue, the editor will bring you an in-depth understanding of the CLR loading process in the .NET compiler. The article is rich in content and analyzed and described from a professional point of view. I hope you can get something after reading this article.

The following shows that the tool used in the CLR loading process is VS2005+sos.dll. The sample program code is as follows: using System

Using System.Collections.Generic; using System.Text; namespace hello {class Program {static void Main (string [] args) {Int32 a = 1; Int32 b = 2; b = a + b; Console.WriteLine (b); Console.ReadKey ();}

So what is the CLR loading process?

1. When you double-click a .exe file, the PE Loader provided by the Windows operating system will load the exe file into memory

(1) first of all, to be clear, PE Loader asks why the exe file can be loaded. Because exe file is a kind of PE file, PE (Portable Execute) file is a program file on Microsoft Windows operating system, EXE, DLL, OCX, SYS, COM are all PE files.

(2) it is necessary to understand the structure of PE files:

Figure 1

1) Dos stub

It consists of about 100 bytes to output something like "this program cannot be run under DOS!" Such an error message

2) PE Signature

DWORD type, PE file signature, used to indicate that this is an PE file, represented by ASCII code

3) File Header

Contains the most basic information of the PE file, can be seen through dumpbin, as shown in figure 2 can be seen here: CPU type 14c, is the number of Intel I386, I486 or I586 section for 2; the linker generated this file date; COFF symbol table of the file offset, the number of symbols for the 0 position COFF symbol table, the size of the 0 position optional COFF.

Figure 2

4) Optional Header

It is used to store other important information besides basic information. You can refer to the relevant materials of PE file format for specific meaning. Here, I will explain some fields of concern according to figure 3:

-- entry point, indicating the entry address of the PE file, is a RVA (relative virtual address);-- base of code, the RVA of the starting address of the code block, in memory, the code block usually comes after the PE header and before the data block.

-- base of data, data block;-- the memory address of the image base,PE file after being relocated by the linker, which can be optimized by the linker to save loading time and space.

-- subsystem, the type of subsystem used by the user interface of the executable. The specific value means:

1 No subsystems are required (such as device drivers)

2 run under the Windows graphical user interface subsystem

3 run under the Windows character subsystem (console program)

5 runs under the OS/2 character subsystem (for OS/2 1.x only)

7 runs under the Posix character subsystem

So you can see that our program is a console program.

Finally, some data catalogs are defined and the details will not be dwelt on.

Figure 3

5) section header

There can be one or more Section header, as shown in figures 4, 5, and 6.

-- name, indicating the name of the section, for example, the name of the section is .text

-- virtual address, which saves the RVA after the data in section is loaded into memory

-- file pointer to raw data, the offset from the beginning of the file to the data in section.

Figure 4

-- Raw data of Section

Figure 5

Figure 6

The CLR header, the RVA of the metadata table generated simultaneously with the managed code IL can be found in figure 7.

Figure 7

2. If PE loader finds that the directory is not empty by looking for the CLR header, it automatically loads mscoree.dll into the process address space. Mscoree.dll must be unique and is always under the system32 of the system directory, for example, my machine is under the C:\ WINDOWS\ system32 directory. The .net 2.0 mscoree.dll is only about 256k in size. This dll is called shim and serves as a bridge between PE files and CLR.

3. PE loader then finds entry point. For example, as shown in figure 3 in this example, the entry point address of this PE file is 0040251E, and then use this address to find the original data table of .text section. As shown in figure 6, the content of the first six bytes of 0040251E is [FF 25 00 20 40 00], which is the important information of .text section written by the compiler to the PE file. FF represents the unconditional transfer instruction Jmp in the x86 assembly language and machine code comparison table. The function of this instruction is to jump unconditionally to the address 00402000. From figure 3, you can see that image base is 00400000.2000 is the RVA address of import address table. From figure 7, you can see that the program will jump to the _ CorExeMain (_ CorExeMain is the entry method of mscoree.dll) method of mscoree.dll referenced by the address 00402000. All managed applications find and execute the _ CorExeMain method through the above process

4. The _ CorExeMain method helps the program find and load the appropriate version of CLR. The assembly that implements CLR after. Net 2.0 is mscorwks.dll or mscorsvr.dll. For example, on my machine, the location of mscorwks.dll is: C:\ WINDOWS\ Microsoft.NET\ Framework\ v2.0.50727\

5. Start the CLR service and start the initialization work, which includes:

-- allocate a piece of memory space, set up a managed heap and other necessary heaps, and the whole managed heap is monitored by GC

-- create thread pool

-- create an application domain (AppDomain): use sos.dll to see which AppDomain is created by CLR.

Open our program with VS2005 and type: .load sos.dll in the instant window.

Type the result after typing: in the instant window of VS2005), but it can still tell the point:

Figure 8

As you can see in figure 8, CLR creates System Domain, Shared Domain, and Domain1, which is the default Appdomain.

6. Then the mscorlib.dll will be loaded into the default AppDomain. As can be seen in figure 8, the first component loaded by CLR after creating the default AppDomain must be mscorlib.dll. In fact, this component defines System.Object, all primitive types, such as System.Int32, etc., you can see which classes are loaded using sos.dll. Type the command! dumpmodule-mt790c2000 in the instant window according to the Module address in Domain 1, and the result is as follows It's rather long. I'll only list some of it:

Figure 9

You can see from figure 9 that System.Object is the first to be loaded, followed by System.ICloneable, System.IEnumerable, System.Collection.ICollection, System.Collection.IList, System.Array...

7, after generating the main thread, some types in mscorlib.dll may be triggered and loaded into memory, and then, when your PE file: hello.exe is loaded, the name of the default Appdomain is changed to the name of your PE file, and the result of the loading process can be seen in figure 8.

8. The _ CorExeMain2 method contained in mscorwks.dll takes over the main thread, which calls the SystemDomain::ExecuteMainMethod method in SystemDomain, which then calls the ClassLoader::LoadTypeHandleFromToken method of the type loader, which reads the metadata table in the assembly, looks for the type that contains .entrypoint, and returns an instance of that type represented by the EECLASS structure The EECLASS structure contains important information: pointers to the parent class of the current type, pointers to the method table, instance fields, static fields, and so on.

(1) typing the command 0097c in the instant window

Figure 10

From figure 10, you can see the types defined in the current module: hello.Program and the referenced types: System.Object and System.Console.

(2) after typing the command in the instant window, the results are as follows:

Figure 11

The following information can be obtained from figure 11: the EECLASS assigned to the hello.Program type has an address of 00971260 in memory. Viewing its information through this address, we find that the parent address of the hello.Program is: 790f8a18. Type the command 790f8a in the instant window.

Figure 12

The address of the method table Method Table is 00972ff8.

(3) what is stored in the method table? It is actually the entry point for all the methods defined and referenced in the current type, which is called Method descriptors, as you can see in figure 11.

(4) in fact, Method descriptors is divided into two parts. the first part is m_CodeOrIL. When the current method is not JIT, m_CodeOrIL stores the RVA of the MSIL of this method, that is, the MSIL code of the current method can be found from this RVA. The second part is a Stub (stub) of the JIT compiler. When the method is called for the first time, CLR will call the mscorjit.dll component through this Stub, through the RVA stored in the m_CodeOrIL, find the corresponding MSIL code of the method, and then compile it to the local CPU instruction, assuming that it is saved to the address RVA1 here, and finally change the values of m_CodeOrIL and Stub to RVA1. Then when this method is called the second time, it will find the native code directly through RVA1, in other words, it will be compiled by the Jit compiler only when the method is called for the first time, and then directly use the compiled native code. At the same time, it also shows that the managed code is compiled twice, the first compilation is to compile the managed code to MSIL code and generate the Metadata metadata file at the same time, and the second compilation occurs when the method is called by the Jit compiler.

(5) typing commands in the instant window! dumpmd 00972fe8 and! dumpmd 00972f0 can see information about methods that have been Jit and have not been Jit:

Mscorlib.dll-> mscorjit.dll.

Generally speaking, you can use VS2005 to debug .NET programs, but if you want to get more detailed information, such as memory, you need to use other tools. I think sos.dll and Windbg are good tools. Windbg can be downloaded from http://www.microsoft.com/whdc/devtools/debugging/default.mspx, and if you install VS2005 Team Version, bring your own sos.dll.

The above is the editor to share with you how to learn more about the CLR loading process in the .NET compiler. If you happen to have similar doubts, you might as well refer to the above analysis to understand. If you want to know more about it, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.