Friday, May 1, 2009

Intermediate Language Disassembler(ILDASM)

You can get IL disassemble tool as ILDasm.exe in directory C:\Program Files\Microsoft.NET\FrameworkSDK\bin

So what does this tool do?

The answer to this question is found in the tutorial supplied with .NET SDK as "The ILDSAM tool parses any .NET Framework EXE/DLL module and shows the information in a human-readable format. It allows user to see the pseudo assembly language for .NET". IL disassmeber tool shows not only namespace but also types including their interfaces. As its name suggests, it is an intermediate language, so it has its own specification. Users can also write programs using this intermediate language, its very similar to assembly language of the old days.

I will use a simple example and use ILDASM.exe

//Hello World Program HelloWorld.cs using System;   class HelloWorld  {       static void Main()       {          Console.WriteLine("Hello, world!");           } } 
Complier it on command line by using csc HelloWorld.cs

Helloworld.exe file will be generated

Now use the command ildasm HelloWorld.exe

You will see a screen like this.

Here you can see all of the Symbols. The table below explains what each graphic symbol means. Some of them you can find in HelloWorld's members.

The tree in this window shows that manifest information contained inside HelloWorld.exe. By double-clicking on any of the types in the tree, you can see more information about the type.

Double-clicking the ".class public auto ansi" entry shows the following information:

Users can see that the HelloWorld type is derived from the System.Object type.

The first method, .ctor, is a constructor. This particular type has just one constructor but other types may have several constructors each with a different signature. If you double-click on the constructor method, a new window appears showing the IL (intermediate language) contained within the method:

The Common Language Runtime is stack based. So, in order to perform any operations, the operands are first pushed onto a virtual stack and then the operator executes. The operator grabs the operands off the stack, performs the desired operation and places the result back on the stack. At any one time, this method will have no more than 8 operands pushed onto the virtual stack. We can see thby looking at the ".maxstack" attribute ( Maximum Stack size ) that appears just before the IL code. In the above code maxstack is shown as 8.

Lets examine the IL code :

IL_0000:  ldarg.0 : Load Object this pointer in stack IL_0001:  call       instance void [mscorlib]System.Object::.ctor() IL_0006:  return the value loaded in stack 
If user make a double click on main: void()
It will look like this:

If we will examine IL Code:

IL_0000:  ldstr      "Hello, world!" IL_0005:  call       void [mscorlib]System.Console::WriteLine(class System.String) IL_000a:  ret 
LDSTR: Load String.
First line indicates load String in stack.
Second Line indicates call method System.Console:: WriteLine as the fetch the value from stack put in this method and again put the result in stack.
Third line shows fetch the final value from stack and return it.

There are some advance option also available. The extra options are enabled by running ILDASM with the /ADV ("ADVanced") command-line switch. When /ADV is specified, ILDASM enables additional command-line switches. For the user convenience I will summarize some basic instructions here below.

LDCThis instruction pushes a hard coded number on the stack.
LDARG and LDARGALoad argument and load argument address, respectively
LDLOC and LDLOCALoad local variable and load local variable address, respectively
LDFLD and LDSFLDLoad Object Field and Load Static Field of a Class, respectively
LDELEMLoad an element of an array
LDLENLoad the length of an array
STARGStore a value in an argument slot
STELEMStore an element of an array
STFLDStore into a field of an object
CEQCompare equal
CGTCompare greater than
CLTCompare less than
BRUnconditional branch
BRFALSE and BRTRUEBranch on false and branch on true, respectively
CONVData conversion
NEWARRCreate a zero-based, one-dimensional array
NEWOBJCreate a new object
BOXConvert value type to object reference
UNBOXConvert boxed value type to its raw form
CALL and CALLVIRTCall a method and call a method associated at runtime with an object, respectively

No comments:

Post a Comment