This glossary provides definitions of .NET Framework terms. Its major purpose is to provide a single source of definitions for terms in the .NET Framework used in this book.
A test to verify that at a given point in a program, a CLI tool can access a program element represented by a name. The first part of this test determines whether the name is visible. If it is visible, then the second part of the test determines whether it can be accessed—for example, read or written to.
An executing process that consists of one or more application domains, which themselves consist of one or more assemblies. At least one assembly must have an external entry point; use of this entry point triggers (or causes a hosting environment to trigger) the creation of an initial application domain. Applications may also contain unmanaged code and resources, such as bitmap images.
An application consists of one or more application domains. Application domains act like subprocesses within a process, by providing boundaries. An application domain isolates objects created by one application domain from those created by another application domain. An assembly is loaded into an application domain; the application domain is the smallest part of a process that can be unloaded.
Values whose members, called elements, are accessed by an index rather than by name. An array has a rank that specifies the number of indices needed to locate an element (sometimes called the number of dimensions) within the array. It may have either zero or nonzero lower bounds in each dimension.
The unit of deployment and versioning in the .NET Framework. It establishes the namespace for resolving requests for types and determines which types and resources are exposed externally and which are accessible only from within the assembly. An assembly includes an assembly manifest that describes the assembly's contents.
Metadata describing which modules and resource files are part of a particular assembly, which types are exported, and which other assemblies are referenced. The metadata may also specify which security permissions are required to run, which additional permissions are optionally requested, and which permissions the assembly refuses.
A way of ensuring that a method has access to a particular resource, even if the method's callers do not have the required permission. During a stack walk, if a stack frame asserting the required permission is encountered, a security check for that permission will succeed without proceeding further. To perform an assertion of a permission, code must not only have that permission, but also be granted the SecurityPermission.Assertion permission. Unwise use of assertions can create security holes, so they should be used only with the utmost caution.
A core part of the Framework Class Library. It provides fundamental classes, such as Object and String. The Base Framework and the CLR form part of the CLI.
Converting a value of a value type to a value of an object type, which means that the object type will carry full type information at runtime and will be allocated in the garbage collected heap. The IL instruction set's box instruction converts a value type to an Object by making a copy of the value type and embedding it in a newly allocated object.
Types provided by the CLR's type system. They include value types, such as Int16 and Int32, and reference types, such as Object and String. The IL supports these types with specific instructions.
CLR elements that publicly expose only language features that are present in the Common Language Specification are said to be CLS compliant. “Publicly exposed” means elements are visible outside their assembly. For example, a method may be CLS compliant if it uses only CLS-compliant types in its parameter list; the same method may use non–CLS-compliant types within its body, as they remain hidden within the assembly. CLS compliance can apply to classes, interfaces, components, tools, and more.
CLS compliance comes in three forms: CLS Consumer, CLS Extender, and CLS Frameworker. To provide a simple example of how CLS compliance affects these different categories, following is Rule 1 from the CLS:
Boxed value types are not CLS compliant.
This means that:
CLS Consumers do not need to be able to consume boxed value types.
CLS Extenders do not need to provide a mechanism that produces boxed reference types.
CLS Frameworkers do not use boxed value types in their publicly exposed forms.
(See the ECMA specification for all the CLS rules, including this example.)
Languages and tools that allow developers to use (consume) types defined in CLS-compliant frameworks. CLS Consumers may not be able to create new CLS types, however.
Languages and tools that allow developers to use types defined in CLS-compliant frameworks and to extend these frameworks—for example, by inheriting from types defined in the framework and/or defining new interfaces. CLS Extenders always satisfy at least the same requirements as CLS Consumers for any CLS rule; that is, they satisfy a superset of the rules for Consumers.
Languages and tools that allow developers to create entire CLS-compliant frameworks for use in the CLI. CLS Frameworkers satisfy all the requirements of CLS Consumers and Extenders for any CLS rule.
An evidence-based security system that allows evidence to be evaluated by a policy to decide which permissions should be granted. Evidence can consist of any information about an assembly, including the location of origin of the assembly, signatures on the assembly, and so forth. Permissions are granted to assemblies as the finest-grained unit of trust for code.
An attempt to transform a value of one type into a value of another type. Widening coercions preserve information. An example of a widening coercion is a conversion from Int32 to Int64. Narrowing coercions sometimes lose information. An example of a narrowing coercion is a conversion from Int64 to Int32.
The mechanism within the runtime environment that allows COM and the CLR to interact.
A language used as the output of several compilers and as the input to a JIT compiler. It defines an abstract stack-based execution architecture. The CLR may include several JIT compilers for converting CIL to native code.
The combination of the Common Language Runtime, Base Framework, and other libraries. The CLI is the major component of the ECMA standard.
The type, metadata, and execution systems provided by the .NET Framework, which supplies managed code and data with services such as cross-language integration, code access security, object lifetime management, and debugging and profiling support. By targeting the CLR, compilers and other tools can offer these services to developers.
A subset of the .NET Framework's features that are supported by a broad set of compliant languages and tools. CLS compliance is only applicable to the publicly exposed aspects of types. CLS-compliant languages and tools are guaranteed to interoperate with other CLS-compliant languages and tools. For example, the type Int32 is CLS compliant, so languages and tools expect that other CLS-compliant languages and tools will know how to correctly use this type.
A guarantee between a definer and a user. An example of a contract is the methods in an interface type. In adding the interface type to its definition, a type agrees to the contract specified by the interface type. Contracts vary from strictly enforceable, such as verifying that a function's signature conforms to a contract (syntax correctness), to assuming consistent behavior among classes implementing a common contract (semantic correctness). Semantic contracts are more difficult to specify and verify.
A means by which developers can provide user-defined metadata to any program element.
To observe the execution of a program and modify its values and execution. .NET provides debugging services for this purpose.
A security check that is invoked by storing required permissions in the metadata of the component. Developers write declarative security in the form of custom attributes. There are many different forms of declarative security: link demand, inheritance demand, demand, assert, deny, permit only.
A security operation performed by trusted code protecting a resource: The demand causes the system to check whether all callers have the specified permission or permissions via a stack walk. A demand succeeds if all callers have the permission(s), subject to possible overrides; otherwise, a security exception is raised.
The permissions that an object requires its callers to have.
A way in which a method can prevent its callers and itself from exercising the privilege represented by a permission (unless it is explicitly asserted). If a method on the call stack denies Permission A, a stack walk checking for Permission A will fail unless a valid assertion is found on the stack between the method that does the denial and the method that initiated the check for Permission A.
Events encapsulate the idea of “notification” by providing three operations: register to be notified when the event occurs; remove registration for notification; and announce that the event has occurred. Events can be considered a form of “syntactic sugar”; at a fundamental level, they are function calls.
A type that defines all the methods and fields of a particular value. For example, a value may be an instance of an object type that implements many interface types, such as String. The object type (in this case, String) is the exact type for any values of that type.
A runtime error-reporting mechanism that requires programs to handle raised exceptions or have their stack unwound until each exception is handled (caught) or the thread terminates.
A file in Portable Executable (PE) format that can be loaded into memory and executed by the operating system loader. It can be either an .EXE or a .DLL file.
The runtime system that the CLR supplies and uses to control execution of managed and unmanaged code. The execution system takes as input either Intermediate Language (IL) code or precompiled native code, as well as the metadata associated with the code. The execution system is responsible for loading and unloading code, IL verification, memory management, security, exception handling, and laying out objects.
An entry in a PE file that will be modified later by the linker or when the entry is loaded into the execution engine. When a CLR PE file is generated, some of the information needed during execution might not be available (for example, the address of a static field that is defined in another module). The PE file is emitted with a “fixup” for that information, and the correct information is supplied at a later time.
The process of transitively tracing through all pointers to actively used objects to locate all objects that can be referenced and then arranging to reuse any heap memory that was not found during this trace. The CLR's garbage collector also arranges to compact the memory that is in use to reduce the working space needed for the heap.
A set of permissions that indicates which operations or resources an assembly is authorized to access. An assembly requests authorization for certain privileges and is granted authorization based on the security policy.
A security check that occurs when a security method is called within the code that is being protected. This type of check can be data-driven and can be isolated to a single location within an object or method. For example, if the name of a file to be protected is known only at runtime, then an imperative security check can be invoked by passing the file name as a parameter to a security method.
A permission that is required to subtype a particular class, as specified in the metadata for the class. When applied to a method, it demands the permission to override the method.
Fields for which each value of a type contains its own copy; also known as data members in other languages/environments.
Methods invoked on a value rather than a type. These methods receive a this pointer to access instance fields of the value, but the this pointer may sometimes be null.
A partial specification of a type; that is, a specification that may cover some, but not all, aspects of a type. Interface types may be supported by many different exact types, and exact types may implement many different interface types. Interfaces thus specify a contract that must be satisfied by any class that promises to implement the interface.
The mechanisms within the runtime environment that allow the CLR to interact with other application models. These other applications may be unmanaged code that can be accessed via PInvoke or COM components accessed via COM Interop.
Just in time. A phrase that describes an action that is taken only when it becomes necessary, such as JIT compilation or JIT object activation. By convention, the term “JIT” alone is used to refer to a JIT compiler.
A compiler that converts IL into machine code when the code is required at runtime; also known as a “JITter.” The CLR may supply more than one JIT compiler.
A set of types that provide the abstraction and implementation of a service. Such libraries are often called class libraries, but they are not limited to containing only classes. In fact, they can be assembled using any CLR types, including classes, interfaces, and value types. A set of libraries can be combined into a profile.
The time beginning when an object is allocated in memory and ending when the last reachable reference to the object is removed, at which point the garbage collector can delete the object from memory.
A demand that results in a security check at JIT time to permit access to a method. Unlike a runtime demand, only the immediate caller of the method needs the permission.
IL instructions that load values, such as local variables, onto the execution stack.
Locations allocated on the stack by a method for its own storage purposes. They include local variables declared by the user as well as temporary locations for storing intermediate values (i.e., when the compiler runs out of registers).
An area in memory where a value can be stored and a location contract that specifies a type that can be stored. The location contract designates how the value stored in that location can be used. For example, a location may specify that it holds a reference to an interface type. A value stored in that location can be accessed only as if it is of that interface type, even though its exact type may provide more functionality. Only one value can be stored in a location at any point in time.
Code that supplies the metadata necessary for the CLR to provide services such as memory management, cross-language integration, code access security, and automatic lifetime control of objects. All code based on IL executes as managed code.
A pointer to a field inside a garbage-collectible object, typically created by a compiler for temporary use (for example, a pointer to a particular character within a garbage-collectible string). The garbage collector must be able to update all internal pointers when it compacts the heap. For garbage collection to operate correctly, an object reference to the whole object must exist (somewhere visible to the garbage collector) whenever there is an internal pointer to it.
A constructor, field, method, property, or event. The member may be either static or an instance. A nested class is a not a member of the enclosing class.
Data (or information) about data. In the CLR, metadata is used to describe assemblies and types. It is stored with them in the executable files, and is used by compilers, tools, and the runtime system to provide a wide range of services. Metadata is essential for runtime type information and dynamic method invocation. Many architectures/systems use metadata—for example, type libraries in COM provide metadata.
A callable set of execution instructions. Methods specify a contract; that is, they have a name, a number of parameters, and a return type. Clients that need to call a method must satisfy the contract when calling the method. Several kinds of methods are possible, such as instance and static.
A single PE file. When the file contains a manifest, it becomes an assembly and can be loaded by the CLR type loader. When the file has no manifest, it must be part of an assembly to be loaded. Modules written in different source languages can be collected into a single assembly.
Code that has been compiled to processor-specific machine code.
A programming style based on the concepts of identity, classification, inheritance, polymorphism, and information hiding. The earliest example of this style was Simula 67.
A reference to an object allocated on the garbage-collected heap. Object references are reported to the garbage collector so that they can be modified if the objects to which they refer are moved onto the heap.
A subset of the reference types. Object types are referred to as classes in some programming languages. Values (instances) of an object type are called objects. Object types are exact types; that is, they completely specify all the functionality (contracts) that a type implements.
A security override that dynamically changes the evaluation of a subsequent security demand. An assertion may cause a demand of the specified permission to succeed prematurely, whereas a deny or permit-only operation can cause a demand to fail where it otherwise would not. for more details.
The part of the method's stack frame (activation record) used to store parameters being passed to methods that it calls.
Portable Executable file. The file format used for executable programs as well as files to be linked together to form executable programs.
A class that controls access to a resource by supporting authorization checks.
An instance of a permission class that represents access rights to resources. It encapsulates the permission state into one manageable unit that can be persisted, passed through policy mechanisms, or stored in memory. A permission object can be used to perform a request or a demand for authorization.
By placing a permit-only restriction on a permission or permissions, a method can prevent its callers and itself from exercising the privileges represented by other permissions it might have (unless explicitly asserted). If a method on the call stack does permit-only Permission A, a stack walk that checks for Permission A will succeed but a demand for Permission B (which the code otherwise had) will fail unless a valid assertion is found on the stack between the method that does the denial and the method that initiated the check for Permission B.
A permit-only operation is similar to a deny operation. Where the denial specifies the permission(s) to be denied, however, the permit-only operation specifies the only permission(s) that pass—a demand for any other permission fails.
Functionality to enable managed code to call unmanaged native entry points.
A subset of the reference types. Pointer types can point at data or code. They are represented as addresses. Three kinds of pointers exist: managed pointers, unmanaged pointers, and unmanaged function pointers.
The right of a user to access a protected resource or function.
A specification of a set of libraries, each of which represents one or more services, and a set of requirements on IL, that provides a useful programming base. An example is the Kernel profile.
To measure the execution of a program, usually for the purpose of improving performance by identifying the source of performance loss.
At a fundamental level, set and get methods, often accessing just the contents of a field of an object. Properties allow some languages to expose syntax that looks like field reference/assignment but that actually turns into method calls. Indexed properties allow syntax that looks like array subscripting and turns into calls with arguments; unlike in true arrays, the subscripts may be of any type (not just integers).
One of the two basic types in the type system. Reference types are the combination of an address in memory (its identity) and the sequence of bits located at that address.
The ability to provide type information at runtime, typically so that a client can discover the members (methods, fields, properties, events, and nested types) of a type. Reflection also allows these members to be referenced at runtime, and it permits new types to be defined. Newly defined types can then be saved to disk, as well as allowing instances to be allocated and more.
An unprotected entry point into an otherwise secure computer, component, application, or other online resource.
A class used to initiate security checks and interrogate security information in the execution environment.
An object that .NET allocates on the stack frame of methods that uses overrides, such as Assert and Deny, that require frame-specific security information. The security object is defined and used by the security system; it is never directly used by the compiled code.
The active policy on the client's computer that programmatically generates a granted set of permissions from a set of requested permissions. A security policy consists of several levels that interact; by default only permissions granted by all layers are allowed to be granted.
Enterprise level: security policy distributed across many machines of an enterprise
Machine level: security policy applied to all managed code on the machine
User level: security policy applied to all managed code run by the corresponding user
Application domain level: security policy applied to all managed code in an application domain
The system that implements most aspects of both role-based and code access security, including functionality such as stack walking. It provides the basic API for performing the imperative CAS functions such as Check, Assert, and Deny.
The portion of the stack associated with an individual method call invocation.
The process of proceeding through the call stack, examining each stack frame. In .NET, stack walks are performed for several reasons, including garbage collection and security checks.
Fields for which there is only one field per type rather than one field per value (as with instance fields). Some programming languages refer to them as class fields (or class variables).
Methods invoked on a type rather then a value. Some programming languages refer to them as class methods. Static methods do not receive a this pointer.
IL instructions that store values from the execution stack into locations, such as local variables.
A pointer to the object instance on whose behalf the current instance method is executing. It allows access to the fields of a value on which a method is invoked. Not all methods have a this pointer(). The this pointer may be null.
The hardware, firmware, and software that protect a computer system by enforcing a security policy. For systems using .NET, the TCB includes all of the security code (such as the Permission classes and the Security Manager) as well as some parts of the execution system (such as the verifier).
A definition from which values can be instantiated. The CLR type system understands two fundamental different types: value types and reference types. Types may have static, instance, and virtual methods; static and instance fields; events; and properties.
A built-in data type that represents a type/value pair. Typed references describe local variables and parameters only.
The facility that loads the implementation of a class into memory, checks it for consistency, and prepares the class for execution.
A technique for ensuring that all access to memory is done in such a way that the type system cannot be circumvented. Type safety is facilitated by making sure that every reference is typed and that every type reference only ever references a type that is assignment compatible with its type. Using only strictly typed references allows the execution engine to validate all assignments to a reference and guarantees that both the reference and the object it references are strictly compatible. An example of type-safe access is the use of only publicly exposed methods to access values; an example of unsafe type access is the use of pointers to directly modify the fields of values. Although the CLR provides facilities to ensure type safety, they may or may not be used.
A system that provides developers with a number of types and with the facility to define their own types. It consists of two fundamentally different types: value types and reference types. Examples of built-in types include Int32, a value type, and Object, a reference type. Developers may define their own value and reference types. The type system is shared by all compliant languages, tools, and the CLI.
Converting a value of an object type into a value of a value type. While every value type can be boxed (that is, converted into an object type), not all object types can be converted into value types.
Code that was created without knowledge of the conventions and requirements of the CLR. Unmanaged code executes in the .NET environment with minimal services (for example, no garbage collection, limited debugging, no declarative security). Unmanaged code does not have metadata describing it.
An instance of any CLR type.
A data type that fully describes a value by specifying the sequence of bits that makes up the value's representation. Type information for a value type instance is not stored with the instance at runtime, but rather is available in metadata. Value types are similar to the type int in C++ and Java. Instances of value types can be treated as objects by using boxing.
The process of examining IL to ensure that it conforms to a specific set of rules defined to prove that the code is type safe. The CLR can verify IL.
A method whose resolution is not determined until runtime; even then, the resolution depends on the type of the value receiving the method invocation.
A Boolean test to verify that if a name is used at a point in a program, the compiler can resolve the name—that is, find the element being referred to. Visibility is the first question that needs to be answered to determine whether the programming element is accessible.