By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,483 Members | 3,261 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,483 IT Pros & Developers. It's quick & easy.

MC++ Mixed DLLs: how to create pure IL (really) and other issues

P: n/a
Hi folks,

I'm looking at moving a large base of C++ code to .Net under tight time
constraints. The code runs in mission-critical environments, and I am
extremely concerned about the loader lock problem and the potential for
deadlocks.

After pouring over the available information, and trying a few experiments,
I am still left with a few questions and issues I hope someone out there can
shed some light on.

1) Is it even possible to create a DLL using MC++ that is not subject to the
mixed dll/loader lock issue -- or at least. is it actually doable in a
real-world development environment?

To wit: I created a project using the .Net Class Library template and added
a trivial class with a single trivial method.

namespace Test {
class TestClass {
public: int foo() { return(0); }
};
}

I then made sure /noentry was there; removed nochkclr.obj from the link
targets; added the explicit __check_commonlanguageruntime_version and
_flt_used definitions; and added the SkipVerification attribute -- all per
the instructions on MSDN for creating pure IL Managed C++ assemblies. The
result was still not pure IL; peverify complains about an "unverifiable PE
header/stub." I searched for the mythical SetILOnly.exe that is also
referenced in MSDN to no avail (even the link to it on MSDN online is
broken). OK, a little research turned up that there's an "IL Only" flag in
the clr header, so I used ildasm and ilasm to reconstitute the assembly with
that flag set. Peverify still complained about "unverifiable PS
header/stub."

Then I noticed that there was a VTableFixup:

.vtfixup [1] int32 retainappdomain at D_00003004 // 06000001

Why is this? In such a trivial project that is purely managed code? In any
case, manually removing from the il and assembling with ilasm then made the
assembly verify.

So I'm left wondering what all of this means. How can I remove whatever is
causing that fixup to get generated in the first place? And is there
anything I can do as general programming practice to ensure that these don't
creep into my code? And are there other constructs besides vtable fixups
(and unmanaged exports) that could creep into my code that would prevent the
assembly from being pure IL?

2) What actually triggers the loader lock problem -- it can't possibly be
that the DLL is unverifyable. Because C# unsafe code also produces an
unverifiable dll, but which is not subject to the loader lock problem. Is is
the simple absence of the "pure IL" flag in the clr header? Is that enough
to trigger the "mixed" loading behavior where the loader lock problem can
occur?

3) Where is setilonly.exe?

4) Let's say I solve all of the above and produce a dll that really is all
managed code. No CRTs, no unmanaged code, etc. What happens if I then make a
native Win32 API call (note: *not* P/Invoke)? Does that automatically force
me back into being a mixed dll, i.e., can a dll that calls a routine in
kernel32.dll legitimately set the "pure IL" flag in the CLR header?

Thanks for any information that anyone can provide. Note that I am not
interested in debating the likelihood of encountering the loader lock/mixed
dll problem. I am interested in hard facts about how I can use MC++ to
create assemblies that are guaranteed to be 100% free of it, given that I am
willing to forego use of the CRTs and adhere to other restrictive
guidelines.

Thanks!
Nov 16 '05 #1
Share this Question
Share on Google+
8 Replies


P: n/a
mk
Hi,
Unfortunately it seems as though you're a caught a
little, at least regarding loader lock issues. Its a
known bug, check the following:

http://www.devx.com/DevX/HTML/11470

watch out for word wrap...

http://msdn.microsoft.com/library/default.asp?
url=/library/en-
us/dv_vstechart/html/vcconMixedDLLLoadingProblem.asp

You've probably seen this one already, but just in case:

http://www.codeguru.com/cpp_managed/kmg19.html
I find that using a managed core, loading native elements
at runtime can help to ameloriate these issues - sure,
its not exactly a 'pure' solution, but it may help, I
appreciate that you're upgrading pre-existing code, but
some architectural review can be extremely helpful -
assuming you can get the time and the budget.

Hope this helps,

martin
-----Original Message-----
Hi folks,

I'm looking at moving a large base of C++ code to .Net under tight timeconstraints. The code runs in mission-critical environments, and I amextremely concerned about the loader lock problem and the potential fordeadlocks.

After pouring over the available information, and trying a few experiments,I am still left with a few questions and issues I hope someone out there canshed some light on.

1) Is it even possible to create a DLL using MC++ that is not subject to themixed dll/loader lock issue -- or at least. is it actually doable in areal-world development environment?

To wit: I created a project using the .Net Class Library template and addeda trivial class with a single trivial method.

namespace Test {
class TestClass {
public: int foo() { return(0); }
};
}

I then made sure /noentry was there; removed nochkclr.obj from the linktargets; added the explicit __check_commonlanguageruntime_version and_flt_used definitions; and added the SkipVerification attribute -- all perthe instructions on MSDN for creating pure IL Managed C++ assemblies. Theresult was still not pure IL; peverify complains about an "unverifiable PEheader/stub." I searched for the mythical SetILOnly.exe that is alsoreferenced in MSDN to no avail (even the link to it on MSDN online isbroken). OK, a little research turned up that there's an "IL Only" flag inthe clr header, so I used ildasm and ilasm to reconstitute the assembly withthat flag set. Peverify still complained about "unverifiable PSheader/stub."

Then I noticed that there was a VTableFixup:

.vtfixup [1] int32 retainappdomain at D_00003004 // 06000001
Why is this? In such a trivial project that is purely managed code? In anycase, manually removing from the il and assembling with ilasm then made theassembly verify.

So I'm left wondering what all of this means. How can I remove whatever iscausing that fixup to get generated in the first place? And is thereanything I can do as general programming practice to ensure that these don'tcreep into my code? And are there other constructs besides vtable fixups(and unmanaged exports) that could creep into my code that would prevent theassembly from being pure IL?

2) What actually triggers the loader lock problem -- it can't possibly bethat the DLL is unverifyable. Because C# unsafe code also produces anunverifiable dll, but which is not subject to the loader lock problem. Is isthe simple absence of the "pure IL" flag in the clr header? Is that enoughto trigger the "mixed" loading behavior where the loader lock problem canoccur?

3) Where is setilonly.exe?

4) Let's say I solve all of the above and produce a dll that really is allmanaged code. No CRTs, no unmanaged code, etc. What happens if I then make anative Win32 API call (note: *not* P/Invoke)? Does that automatically forceme back into being a mixed dll, i.e., can a dll that calls a routine inkernel32.dll legitimately set the "pure IL" flag in the CLR header?
Thanks for any information that anyone can provide. Note that I am notinterested in debating the likelihood of encountering the loader lock/mixeddll problem. I am interested in hard facts about how I can use MC++ tocreate assemblies that are guaranteed to be 100% free of it, given that I amwilling to forego use of the CRTs and adhere to other restrictiveguidelines.

Thanks!
.

Nov 16 '05 #2

P: n/a
Thanks for the reply -- I was hoping to get commentary from someone "in the
know" about whether I can truly produce pure IL with MC++, whether it's
feasible to maintain a project that does so (given that the compiler doesn't
produce any warnings when you do something that violates "pure il' rules),
and whether calling a Win32 API is a violation of "pure il" rules.

Anyone?

"mk" <mk@nospam.com> wrote in message
news:03****************************@phx.gbl...
Hi,
Unfortunately it seems as though you're a caught a
little, at least regarding loader lock issues. Its a
known bug, check the following:

http://www.devx.com/DevX/HTML/11470

watch out for word wrap...

http://msdn.microsoft.com/library/default.asp?
url=/library/en-
us/dv_vstechart/html/vcconMixedDLLLoadingProblem.asp

You've probably seen this one already, but just in case:

http://www.codeguru.com/cpp_managed/kmg19.html
I find that using a managed core, loading native elements
at runtime can help to ameloriate these issues - sure,
its not exactly a 'pure' solution, but it may help, I
appreciate that you're upgrading pre-existing code, but
some architectural review can be extremely helpful -
assuming you can get the time and the budget.

Hope this helps,

martin
-----Original Message-----
Hi folks,

I'm looking at moving a large base of C++ code to .Net

under tight time
constraints. The code runs in mission-critical

environments, and I am
extremely concerned about the loader lock problem and

the potential for
deadlocks.

After pouring over the available information, and trying

a few experiments,
I am still left with a few questions and issues I hope

someone out there can
shed some light on.

1) Is it even possible to create a DLL using MC++ that

is not subject to the
mixed dll/loader lock issue -- or at least. is it

actually doable in a
real-world development environment?

To wit: I created a project using the .Net Class Library

template and added
a trivial class with a single trivial method.

namespace Test {
class TestClass {
public: int foo() { return(0); }
};
}

I then made sure /noentry was there; removed

nochkclr.obj from the link
targets; added the explicit

__check_commonlanguageruntime_version and
_flt_used definitions; and added the SkipVerification

attribute -- all per
the instructions on MSDN for creating pure IL Managed

C++ assemblies. The
result was still not pure IL; peverify complains about

an "unverifiable PE
header/stub." I searched for the mythical SetILOnly.exe

that is also
referenced in MSDN to no avail (even the link to it on

MSDN online is
broken). OK, a little research turned up that there's

an "IL Only" flag in
the clr header, so I used ildasm and ilasm to

reconstitute the assembly with
that flag set. Peverify still complained

about "unverifiable PS
header/stub."

Then I noticed that there was a VTableFixup:

.vtfixup [1] int32 retainappdomain at D_00003004 //

06000001

Why is this? In such a trivial project that is purely

managed code? In any
case, manually removing from the il and assembling with

ilasm then made the
assembly verify.

So I'm left wondering what all of this means. How can I

remove whatever is
causing that fixup to get generated in the first place?

And is there
anything I can do as general programming practice to

ensure that these don't
creep into my code? And are there other constructs

besides vtable fixups
(and unmanaged exports) that could creep into my code

that would prevent the
assembly from being pure IL?

2) What actually triggers the loader lock problem -- it

can't possibly be
that the DLL is unverifyable. Because C# unsafe code

also produces an
unverifiable dll, but which is not subject to the loader

lock problem. Is is
the simple absence of the "pure IL" flag in the clr

header? Is that enough
to trigger the "mixed" loading behavior where the loader

lock problem can
occur?

3) Where is setilonly.exe?

4) Let's say I solve all of the above and produce a dll

that really is all
managed code. No CRTs, no unmanaged code, etc. What

happens if I then make a
native Win32 API call (note: *not* P/Invoke)? Does that

automatically force
me back into being a mixed dll, i.e., can a dll that

calls a routine in
kernel32.dll legitimately set the "pure IL" flag in the

CLR header?

Thanks for any information that anyone can provide. Note

that I am not
interested in debating the likelihood of encountering

the loader lock/mixed
dll problem. I am interested in hard facts about how I

can use MC++ to
create assemblies that are guaranteed to be 100% free of

it, given that I am
willing to forego use of the CRTs and adhere to other

restrictive
guidelines.

Thanks!
.

Nov 16 '05 #3

P: n/a
http://msdn.microsoft.com/library/en...tilonlybit.asp

http://msdn.microsoft.com/library/en...thmanagedc.asp

check all the points on last list.

Yes, it is possible to produce verifiable image.

"Ted Miller" <te*@nwlink.com> wrote in message
news:vp************@corp.supernews.com...
Hi folks,

I'm looking at moving a large base of C++ code to .Net under tight time
constraints. The code runs in mission-critical environments, and I am
extremely concerned about the loader lock problem and the potential for
deadlocks.

After pouring over the available information, and trying a few experiments, I am still left with a few questions and issues I hope someone out there can shed some light on.

1) Is it even possible to create a DLL using MC++ that is not subject to the mixed dll/loader lock issue -- or at least. is it actually doable in a
real-world development environment?

To wit: I created a project using the .Net Class Library template and added a trivial class with a single trivial method.

namespace Test {
class TestClass {
public: int foo() { return(0); }
};
}

I then made sure /noentry was there; removed nochkclr.obj from the link
targets; added the explicit __check_commonlanguageruntime_version and
_flt_used definitions; and added the SkipVerification attribute -- all per
the instructions on MSDN for creating pure IL Managed C++ assemblies. The
result was still not pure IL; peverify complains about an "unverifiable PE
header/stub." I searched for the mythical SetILOnly.exe that is also
referenced in MSDN to no avail (even the link to it on MSDN online is
broken). OK, a little research turned up that there's an "IL Only" flag in
the clr header, so I used ildasm and ilasm to reconstitute the assembly with that flag set. Peverify still complained about "unverifiable PS
header/stub."

Then I noticed that there was a VTableFixup:

.vtfixup [1] int32 retainappdomain at D_00003004 // 06000001

Why is this? In such a trivial project that is purely managed code? In any
case, manually removing from the il and assembling with ilasm then made the assembly verify.

So I'm left wondering what all of this means. How can I remove whatever is
causing that fixup to get generated in the first place? And is there
anything I can do as general programming practice to ensure that these don't creep into my code? And are there other constructs besides vtable fixups
(and unmanaged exports) that could creep into my code that would prevent the assembly from being pure IL?

2) What actually triggers the loader lock problem -- it can't possibly be
that the DLL is unverifyable. Because C# unsafe code also produces an
unverifiable dll, but which is not subject to the loader lock problem. Is is the simple absence of the "pure IL" flag in the clr header? Is that enough
to trigger the "mixed" loading behavior where the loader lock problem can
occur?

3) Where is setilonly.exe?

4) Let's say I solve all of the above and produce a dll that really is all
managed code. No CRTs, no unmanaged code, etc. What happens if I then make a native Win32 API call (note: *not* P/Invoke)? Does that automatically force me back into being a mixed dll, i.e., can a dll that calls a routine in
kernel32.dll legitimately set the "pure IL" flag in the CLR header?

Thanks for any information that anyone can provide. Note that I am not
interested in debating the likelihood of encountering the loader lock/mixed dll problem. I am interested in hard facts about how I can use MC++ to
create assemblies that are guaranteed to be 100% free of it, given that I am willing to forego use of the CRTs and adhere to other restrictive
guidelines.

Thanks!


Nov 16 '05 #4

P: n/a
Thanks for the info.

Click the "Download Sample" link on the SetILOnly sample page -- broken
link. I cannot find this sample or the exe anywhere.

I followed all the points on the last list (except setilonly, which does not
seem to actually exist) -- see my original post. I got an image that still
had vtablefixups.

Also I want to understand the relationship between "verifiable" and
"triggers the mixed dll loading problem".

So does anyone have any info?

Thanks!
"Pent" <pent> wrote in message news:Oz**************@tk2msftngp13.phx.gbl...
http://msdn.microsoft.com/library/en...tilonlybit.asp
http://msdn.microsoft.com/library/en...thmanagedc.asp
check all the points on last list.

Yes, it is possible to produce verifiable image.

"Ted Miller" <te*@nwlink.com> wrote in message
news:vp************@corp.supernews.com...
Hi folks,

I'm looking at moving a large base of C++ code to .Net under tight time
constraints. The code runs in mission-critical environments, and I am
extremely concerned about the loader lock problem and the potential for
deadlocks.

After pouring over the available information, and trying a few experiments,
I am still left with a few questions and issues I hope someone out there

can
shed some light on.

1) Is it even possible to create a DLL using MC++ that is not subject to

the
mixed dll/loader lock issue -- or at least. is it actually doable in a
real-world development environment?

To wit: I created a project using the .Net Class Library template and

added
a trivial class with a single trivial method.

namespace Test {
class TestClass {
public: int foo() { return(0); }
};
}

I then made sure /noentry was there; removed nochkclr.obj from the link
targets; added the explicit __check_commonlanguageruntime_version and
_flt_used definitions; and added the SkipVerification attribute -- all per the instructions on MSDN for creating pure IL Managed C++ assemblies. The result was still not pure IL; peverify complains about an "unverifiable PE header/stub." I searched for the mythical SetILOnly.exe that is also
referenced in MSDN to no avail (even the link to it on MSDN online is
broken). OK, a little research turned up that there's an "IL Only" flag in the clr header, so I used ildasm and ilasm to reconstitute the assembly

with
that flag set. Peverify still complained about "unverifiable PS
header/stub."

Then I noticed that there was a VTableFixup:

.vtfixup [1] int32 retainappdomain at D_00003004 // 06000001

Why is this? In such a trivial project that is purely managed code? In any case, manually removing from the il and assembling with ilasm then made

the
assembly verify.

So I'm left wondering what all of this means. How can I remove whatever is causing that fixup to get generated in the first place? And is there
anything I can do as general programming practice to ensure that these

don't
creep into my code? And are there other constructs besides vtable fixups
(and unmanaged exports) that could creep into my code that would prevent

the
assembly from being pure IL?

2) What actually triggers the loader lock problem -- it can't possibly be that the DLL is unverifyable. Because C# unsafe code also produces an
unverifiable dll, but which is not subject to the loader lock problem. Is is
the simple absence of the "pure IL" flag in the clr header? Is that
enough to trigger the "mixed" loading behavior where the loader lock problem can occur?

3) Where is setilonly.exe?

4) Let's say I solve all of the above and produce a dll that really is all managed code. No CRTs, no unmanaged code, etc. What happens if I then

make a
native Win32 API call (note: *not* P/Invoke)? Does that automatically force
me back into being a mixed dll, i.e., can a dll that calls a routine in
kernel32.dll legitimately set the "pure IL" flag in the CLR header?

Thanks for any information that anyone can provide. Note that I am not
interested in debating the likelihood of encountering the loader

lock/mixed
dll problem. I am interested in hard facts about how I can use MC++ to
create assemblies that are guaranteed to be 100% free of it, given that

I am
willing to forego use of the CRTs and adhere to other restrictive
guidelines.

Thanks!


Nov 16 '05 #5

P: n/a
I have SetILOnly source in local msdn install.

You didn't follow ALL the steps outlined in original article.

Because if you did, then you wouldn't have gotten vtfixups.

/clr:initialAppDomain doesn't add vtfixups

"Furthermore, even DLLs linked with the /noentry option may deadlock on
versions 1.0 and 1.1 of the common language runtime. DLLs linked with the
/noentry option should not deadlock on the next version of the runtime"
http://msdn.microsoft.com/library/en...ingproblem.asp

http://msdn.microsoft.com/msdnmag/is...03/VisualCNET/
"With version 1.1 of the .NET Framework, the vtable includes a flag that
indicates to the runtime that if the call comes into the assembly from
native code, the application domain that's used will be that of the last
application domain used to call into native code. If you look at an assembly
with ILDasm, you'll see that there is a directive to perform the fixups on
the vtable called .vtfixup. For the new behavior, the .vtfixup directive
will have the flag retainappdomain, which is the default when using the /clr
switch."

I've created a simple MC++ .NET library project.

Left all options at its defaults.

Copied your code and added compiler options:

/clr:initialAppDomain /Od

Linker options:

/noentry /fixed:no /opt:ref

Removed nochclr.obj

Added in .cpp file:
#ifdef __cplusplus
extern "C" {
#endif
int _fltused=1;
void _cdecl _check_commonlanguageruntime_version(){}
#ifdef __cplusplus
}
#endif

using namespace System::Security::Permissions;
[assembly:SecurityPermissionAttribute(
SecurityAction::RequestMinimum, SkipVerification=false)];

Then:
Silo.exe -s Test.lib.dll

Then:
peverify TestLib.dll

The result is:
Microsoft (R) .NET Framework PE Verifier Version 1.1.4322.573
Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.

[MD]: .NET Framework Internal error: 0x8013129d [token:0x04000001]
[MD]: .NET Framework Internal error: 0x8013129d [token:0x06000001]
All Classes and Methods in testlib.dll Verified
(2 Warnings)

Adding call to win32 api MessageBox doesn't break the verifiability.

All on Visual Studio 2003.

http://support.microsoft.com/?id=814472
"Ted Miller" <te*@nwlink.com> wrote in message
news:vp************@corp.supernews.com...
Thanks for the info.

Click the "Download Sample" link on the SetILOnly sample page -- broken
link. I cannot find this sample or the exe anywhere.

I followed all the points on the last list (except setilonly, which does not seem to actually exist) -- see my original post. I got an image that still
had vtablefixups.

Also I want to understand the relationship between "verifiable" and
"triggers the mixed dll loading problem".

So does anyone have any info?

Thanks!
"Pent" <pent> wrote in message news:Oz**************@tk2msftngp13.phx.gbl...

http://msdn.microsoft.com/library/en...tilonlybit.asp

http://msdn.microsoft.com/library/en...thmanagedc.asp

check all the points on last list.

Yes, it is possible to produce verifiable image.

"Ted Miller" <te*@nwlink.com> wrote in message
news:vp************@corp.supernews.com...
Hi folks,

I'm looking at moving a large base of C++ code to .Net under tight time constraints. The code runs in mission-critical environments, and I am
extremely concerned about the loader lock problem and the potential for deadlocks.

After pouring over the available information, and trying a few

experiments,
I am still left with a few questions and issues I hope someone out there
can
shed some light on.

1) Is it even possible to create a DLL using MC++ that is not subject
to
the
mixed dll/loader lock issue -- or at least. is it actually doable in a
real-world development environment?

To wit: I created a project using the .Net Class Library template and

added
a trivial class with a single trivial method.

namespace Test {
class TestClass {
public: int foo() { return(0); }
};
}

I then made sure /noentry was there; removed nochkclr.obj from the
link targets; added the explicit __check_commonlanguageruntime_version and
_flt_used definitions; and added the SkipVerification attribute -- all

per the instructions on MSDN for creating pure IL Managed C++ assemblies. The result was still not pure IL; peverify complains about an "unverifiable PE
header/stub." I searched for the mythical SetILOnly.exe that is also
referenced in MSDN to no avail (even the link to it on MSDN online is
broken). OK, a little research turned up that there's an "IL Only"
flag
in the clr header, so I used ildasm and ilasm to reconstitute the
assembly with
that flag set. Peverify still complained about "unverifiable PS
header/stub."

Then I noticed that there was a VTableFixup:

.vtfixup [1] int32 retainappdomain at D_00003004 // 06000001

Why is this? In such a trivial project that is purely managed code? In any case, manually removing from the il and assembling with ilasm then
made the
assembly verify.

So I'm left wondering what all of this means. How can I remove
whatever
is causing that fixup to get generated in the first place? And is there
anything I can do as general programming practice to ensure that these don't
creep into my code? And are there other constructs besides vtable
fixups (and unmanaged exports) that could creep into my code that would prevent the
assembly from being pure IL?

2) What actually triggers the loader lock problem -- it can't possibly

be that the DLL is unverifyable. Because C# unsafe code also produces an
unverifiable dll, but which is not subject to the loader lock problem. Is
is
the simple absence of the "pure IL" flag in the clr header? Is that

enough to trigger the "mixed" loading behavior where the loader lock problem can occur?

3) Where is setilonly.exe?

4) Let's say I solve all of the above and produce a dll that really is all managed code. No CRTs, no unmanaged code, etc. What happens if I then

make
a
native Win32 API call (note: *not* P/Invoke)? Does that automatically

force
me back into being a mixed dll, i.e., can a dll that calls a routine

in kernel32.dll legitimately set the "pure IL" flag in the CLR header?

Thanks for any information that anyone can provide. Note that I am not
interested in debating the likelihood of encountering the loader

lock/mixed
dll problem. I am interested in hard facts about how I can use MC++ to
create assemblies that are guaranteed to be 100% free of it, given

that I
am
willing to forego use of the CRTs and adhere to other restrictive
guidelines.

Thanks!



Nov 16 '05 #6

P: n/a
Dude, you rule. I will try this out. That second link was most helpful!
Thanks!

--

"Pent" <pent> wrote in message news:uT*************@TK2MSFTNGP10.phx.gbl...
I have SetILOnly source in local msdn install.

You didn't follow ALL the steps outlined in original article.

Because if you did, then you wouldn't have gotten vtfixups.

/clr:initialAppDomain doesn't add vtfixups

"Furthermore, even DLLs linked with the /noentry option may deadlock on
versions 1.0 and 1.1 of the common language runtime. DLLs linked with the
/noentry option should not deadlock on the next version of the runtime"
http://msdn.microsoft.com/library/en...ingproblem.asp
http://msdn.microsoft.com/msdnmag/is...03/VisualCNET/
"With version 1.1 of the .NET Framework, the vtable includes a flag that
indicates to the runtime that if the call comes into the assembly from
native code, the application domain that's used will be that of the last
application domain used to call into native code. If you look at an assembly with ILDasm, you'll see that there is a directive to perform the fixups on
the vtable called .vtfixup. For the new behavior, the .vtfixup directive
will have the flag retainappdomain, which is the default when using the /clr switch."

I've created a simple MC++ .NET library project.

Left all options at its defaults.

Copied your code and added compiler options:

/clr:initialAppDomain /Od

Linker options:

/noentry /fixed:no /opt:ref

Removed nochclr.obj

Added in .cpp file:
#ifdef __cplusplus
extern "C" {
#endif
int _fltused=1;
void _cdecl _check_commonlanguageruntime_version(){}
#ifdef __cplusplus
}
#endif

using namespace System::Security::Permissions;
[assembly:SecurityPermissionAttribute(
SecurityAction::RequestMinimum, SkipVerification=false)];

Then:
Silo.exe -s Test.lib.dll

Then:
peverify TestLib.dll

The result is:
Microsoft (R) .NET Framework PE Verifier Version 1.1.4322.573
Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.

[MD]: .NET Framework Internal error: 0x8013129d [token:0x04000001]
[MD]: .NET Framework Internal error: 0x8013129d [token:0x06000001]
All Classes and Methods in testlib.dll Verified
(2 Warnings)

Adding call to win32 api MessageBox doesn't break the verifiability.

All on Visual Studio 2003.

http://support.microsoft.com/?id=814472
"Ted Miller" <te*@nwlink.com> wrote in message
news:vp************@corp.supernews.com...
Thanks for the info.

Click the "Download Sample" link on the SetILOnly sample page -- broken
link. I cannot find this sample or the exe anywhere.

I followed all the points on the last list (except setilonly, which does not
seem to actually exist) -- see my original post. I got an image that still
had vtablefixups.

Also I want to understand the relationship between "verifiable" and
"triggers the mixed dll loading problem".

So does anyone have any info?

Thanks!
"Pent" <pent> wrote in message

news:Oz**************@tk2msftngp13.phx.gbl...

http://msdn.microsoft.com/library/en...tilonlybit.asp

http://msdn.microsoft.com/library/en...thmanagedc.asp

check all the points on last list.

Yes, it is possible to produce verifiable image.

"Ted Miller" <te*@nwlink.com> wrote in message
news:vp************@corp.supernews.com...
> Hi folks,
>
> I'm looking at moving a large base of C++ code to .Net under tight time > constraints. The code runs in mission-critical environments, and I am > extremely concerned about the loader lock problem and the potential for > deadlocks.
>
> After pouring over the available information, and trying a few
experiments,
> I am still left with a few questions and issues I hope someone out there can
> shed some light on.
>
> 1) Is it even possible to create a DLL using MC++ that is not subject to
the
> mixed dll/loader lock issue -- or at least. is it actually doable in
a > real-world development environment?
>
> To wit: I created a project using the .Net Class Library template and added
> a trivial class with a single trivial method.
>
> namespace Test {
> class TestClass {
> public: int foo() { return(0); }
> };
> }
>
> I then made sure /noentry was there; removed nochkclr.obj from the link > targets; added the explicit __check_commonlanguageruntime_version and > _flt_used definitions; and added the SkipVerification attribute -- all per
> the instructions on MSDN for creating pure IL Managed C++
assemblies.
The
> result was still not pure IL; peverify complains about an "unverifiable
PE
> header/stub." I searched for the mythical SetILOnly.exe that is also
> referenced in MSDN to no avail (even the link to it on MSDN online

is > broken). OK, a little research turned up that there's an "IL Only"

flag
in
> the clr header, so I used ildasm and ilasm to reconstitute the

assembly with
> that flag set. Peverify still complained about "unverifiable PS
> header/stub."
>
> Then I noticed that there was a VTableFixup:
>
> .vtfixup [1] int32 retainappdomain at D_00003004 // 06000001
>
> Why is this? In such a trivial project that is purely managed code? In any
> case, manually removing from the il and assembling with ilasm then made the
> assembly verify.
>
> So I'm left wondering what all of this means. How can I remove whatever
is
> causing that fixup to get generated in the first place? And is there
> anything I can do as general programming practice to ensure that
these don't
> creep into my code? And are there other constructs besides vtable

fixups > (and unmanaged exports) that could creep into my code that would prevent the
> assembly from being pure IL?
>
> 2) What actually triggers the loader lock problem -- it can't possibly be
> that the DLL is unverifyable. Because C# unsafe code also produces
an > unverifiable dll, but which is not subject to the loader lock problem.
Is
is
> the simple absence of the "pure IL" flag in the clr header? Is that

enough
> to trigger the "mixed" loading behavior where the loader lock
problem can
> occur?
>
> 3) Where is setilonly.exe?
>
> 4) Let's say I solve all of the above and produce a dll that really
is all
> managed code. No CRTs, no unmanaged code, etc. What happens if I
then make
a
> native Win32 API call (note: *not* P/Invoke)? Does that

automatically force
> me back into being a mixed dll, i.e., can a dll that calls a routine

in > kernel32.dll legitimately set the "pure IL" flag in the CLR header?
>
> Thanks for any information that anyone can provide. Note that I am not > interested in debating the likelihood of encountering the loader
lock/mixed
> dll problem. I am interested in hard facts about how I can use MC++ to > create assemblies that are guaranteed to be 100% free of it, given

that
I
am
> willing to forego use of the CRTs and adhere to other restrictive
> guidelines.
>
> Thanks!
>
>



Nov 16 '05 #7

P: n/a
Thanks again for taking the time to reply. I was finally able to locate the
source for silo.exe. However I'm afraid calling Win32 APIs does in fact
break verifiability and I guess forces a mixed dll.

x.h:

#include <windows.h>
using namespace System;
namespace Test {
public __gc class Class1 {
int TestMethod(int i) { return(i); }
};
}

x.cpp

#include "t.h"
extern "C" {
int _fltused=1;
void __cdecl _check_commonlanguageruntime_version(){}
}

using namespace System::Security::Permissions;
[assembly:SecurityPermissionAttribute(
SecurityAction::RequestMinimum, SkipVerification=false)];

Make /noentry, add /clr:initialAppDomain, /opt:ref, /fixed:no etc as per the
instructions.

Then silo -s x.dll, the image verifies (thanks for the help!!!).

But: now change TestMethod to

int TestMethod(int i) { MessageBoxW(NULL,L"",L"",0); return(i); }

Then silo -s x.dll. PEVerify says

[IL]: Error: Unverifiable PE Header/native stub
[IL]: Error: Unverifiable image '' can not be run
2 Errors Verifying debug\x.dll

Sigh. Sadly I think I am forced to C# (with unsafe code and p/invoke as
necessary) -- just cannot risk triggering the deadlock due to the mixed dll
problem.

"Pent" <pent> wrote in message news:uT*************@TK2MSFTNGP10.phx.gbl...
I have SetILOnly source in local msdn install.

You didn't follow ALL the steps outlined in original article.

Because if you did, then you wouldn't have gotten vtfixups.

/clr:initialAppDomain doesn't add vtfixups

"Furthermore, even DLLs linked with the /noentry option may deadlock on
versions 1.0 and 1.1 of the common language runtime. DLLs linked with the
/noentry option should not deadlock on the next version of the runtime"
http://msdn.microsoft.com/library/en...ingproblem.asp
http://msdn.microsoft.com/msdnmag/is...03/VisualCNET/
"With version 1.1 of the .NET Framework, the vtable includes a flag that
indicates to the runtime that if the call comes into the assembly from
native code, the application domain that's used will be that of the last
application domain used to call into native code. If you look at an assembly with ILDasm, you'll see that there is a directive to perform the fixups on
the vtable called .vtfixup. For the new behavior, the .vtfixup directive
will have the flag retainappdomain, which is the default when using the /clr switch."

I've created a simple MC++ .NET library project.

Left all options at its defaults.

Copied your code and added compiler options:

/clr:initialAppDomain /Od

Linker options:

/noentry /fixed:no /opt:ref

Removed nochclr.obj

Added in .cpp file:
#ifdef __cplusplus
extern "C" {
#endif
int _fltused=1;
void _cdecl _check_commonlanguageruntime_version(){}
#ifdef __cplusplus
}
#endif

using namespace System::Security::Permissions;
[assembly:SecurityPermissionAttribute(
SecurityAction::RequestMinimum, SkipVerification=false)];

Then:
Silo.exe -s Test.lib.dll

Then:
peverify TestLib.dll

The result is:
Microsoft (R) .NET Framework PE Verifier Version 1.1.4322.573
Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.

[MD]: .NET Framework Internal error: 0x8013129d [token:0x04000001]
[MD]: .NET Framework Internal error: 0x8013129d [token:0x06000001]
All Classes and Methods in testlib.dll Verified
(2 Warnings)

Adding call to win32 api MessageBox doesn't break the verifiability.

All on Visual Studio 2003.

http://support.microsoft.com/?id=814472
"Ted Miller" <te*@nwlink.com> wrote in message
news:vp************@corp.supernews.com...
Thanks for the info.

Click the "Download Sample" link on the SetILOnly sample page -- broken
link. I cannot find this sample or the exe anywhere.

I followed all the points on the last list (except setilonly, which does not
seem to actually exist) -- see my original post. I got an image that still
had vtablefixups.

Also I want to understand the relationship between "verifiable" and
"triggers the mixed dll loading problem".

So does anyone have any info?

Thanks!
"Pent" <pent> wrote in message

news:Oz**************@tk2msftngp13.phx.gbl...

http://msdn.microsoft.com/library/en...tilonlybit.asp

http://msdn.microsoft.com/library/en...thmanagedc.asp

check all the points on last list.

Yes, it is possible to produce verifiable image.

"Ted Miller" <te*@nwlink.com> wrote in message
news:vp************@corp.supernews.com...
> Hi folks,
>
> I'm looking at moving a large base of C++ code to .Net under tight time > constraints. The code runs in mission-critical environments, and I am > extremely concerned about the loader lock problem and the potential for > deadlocks.
>
> After pouring over the available information, and trying a few
experiments,
> I am still left with a few questions and issues I hope someone out there can
> shed some light on.
>
> 1) Is it even possible to create a DLL using MC++ that is not subject to
the
> mixed dll/loader lock issue -- or at least. is it actually doable in
a > real-world development environment?
>
> To wit: I created a project using the .Net Class Library template and added
> a trivial class with a single trivial method.
>
> namespace Test {
> class TestClass {
> public: int foo() { return(0); }
> };
> }
>
> I then made sure /noentry was there; removed nochkclr.obj from the link > targets; added the explicit __check_commonlanguageruntime_version and > _flt_used definitions; and added the SkipVerification attribute -- all per
> the instructions on MSDN for creating pure IL Managed C++
assemblies.
The
> result was still not pure IL; peverify complains about an "unverifiable
PE
> header/stub." I searched for the mythical SetILOnly.exe that is also
> referenced in MSDN to no avail (even the link to it on MSDN online

is > broken). OK, a little research turned up that there's an "IL Only"

flag
in
> the clr header, so I used ildasm and ilasm to reconstitute the

assembly with
> that flag set. Peverify still complained about "unverifiable PS
> header/stub."
>
> Then I noticed that there was a VTableFixup:
>
> .vtfixup [1] int32 retainappdomain at D_00003004 // 06000001
>
> Why is this? In such a trivial project that is purely managed code? In any
> case, manually removing from the il and assembling with ilasm then made the
> assembly verify.
>
> So I'm left wondering what all of this means. How can I remove whatever
is
> causing that fixup to get generated in the first place? And is there
> anything I can do as general programming practice to ensure that
these don't
> creep into my code? And are there other constructs besides vtable

fixups > (and unmanaged exports) that could creep into my code that would prevent the
> assembly from being pure IL?
>
> 2) What actually triggers the loader lock problem -- it can't possibly be
> that the DLL is unverifyable. Because C# unsafe code also produces
an > unverifiable dll, but which is not subject to the loader lock problem.
Is
is
> the simple absence of the "pure IL" flag in the clr header? Is that

enough
> to trigger the "mixed" loading behavior where the loader lock
problem can
> occur?
>
> 3) Where is setilonly.exe?
>
> 4) Let's say I solve all of the above and produce a dll that really
is all
> managed code. No CRTs, no unmanaged code, etc. What happens if I
then make
a
> native Win32 API call (note: *not* P/Invoke)? Does that

automatically force
> me back into being a mixed dll, i.e., can a dll that calls a routine

in > kernel32.dll legitimately set the "pure IL" flag in the CLR header?
>
> Thanks for any information that anyone can provide. Note that I am not > interested in debating the likelihood of encountering the loader
lock/mixed
> dll problem. I am interested in hard facts about how I can use MC++ to > create assemblies that are guaranteed to be 100% free of it, given

that
I
am
> willing to forego use of the CRTs and adhere to other restrictive
> guidelines.
>
> Thanks!
>
>



Nov 16 '05 #8

P: n/a
"Ted Miller" wrote in message news:vp************@corp.supernews.com...
However I'm afraid calling Win32 APIs does in fact
break verifiability and I guess forces a mixed dll.
I don't know for sure, maybe someone from MS will comment later.

[...] Sigh. Sadly I think I am forced to C# (with unsafe code and p/invoke as
necessary) -- just cannot risk triggering the deadlock due to the mixed dll problem.


That's what i would do given that you don't need to link in any
crt/clibs/etc
to your assembly. I think Win32 API is pretty doable with dllimport.
Assuming
you don't need tons of it.

Hmm i tried:
int TestMethod(int i) { MessageBoxW(NULL,L"",L"",0); return(i); }
But it still verifies.

Nov 16 '05 #9

This discussion thread is closed

Replies have been disabled for this discussion.