The term COM object is frequently thrown around, but people really access interfaces off of objects. The objects themselves are hidden. Managed is quite a bit different since interfaces are part of the system, but people can also access objects directly. When COM objects are accessed from managed, they are wrapped by a managed object called a runtime callable wrapper (RCW). The type of this runtime callable wrapper is either System.__ComObject or a strongly typed derived type as discussed here.

 

Instead of dealing with objects at an interface level, the CLR attempts to map back to the actual COM object being wrapped. We rely on a fundamental principle of COM that if you are given two interface pointers and QueryInterface() each of them explicitly for IID_IUnknown, they are required to give back an identical value if they in fact refer to the same object. This is basically the canonical IUnknown for a COM object and creates the basis of identity in COM.

 

In managed, we have a per app domain (please see any CLR reference for a definition of app domain) cache mapping canonical IUnknowns back to RCWs. When an IUnknown enters the system (through a marshal call, through activation, as a return parameter from a method call, etc.), we check the cache to see if an RCW already exists for the COM object. If a mapping exists, a reference to the existing RCW is returned. Otherwise a new RCW is created and a cache mapping is added.

 

Many people don’t understand that RCWs are shared and that anything that is done to the interface pointers wrapped by the RCW or RCW wide operations like System.Runtime.InteropServices.Marshal.ReleaseComObject() affect all users of the RCW. If people explicitly want a new RCW to be created even if a mapping already exists in the cache, they should call System.Runtime.InteropServices.Marshal.GetUniqueObjectForIUnknown(). However, they need to understand that RCWs are expensive so there is a good reason why we do this sharing.

 

Once an RCW is created, it can be cast to any interface that can be reached through QueryInterface() on the underlying COM object. Under the covers, we keep a small stash of interface pointers for each interface that has been accessed up to the size of the cache. Once the cache is full, any additional calls on new interfaces will result in a QueryInterface() on each method call. This is pretty important because some operations (like CoSetProxyBlanket) have affects on a given interface pointer and will not work with RCWs since we might generate a new interface pointer on the fly per call.

 

It is also important to remember that interface pointers have COM apartment / COM+ activity affinity and need the help of the Global Interface Table or CoMarshalInterThreadInterfaceInStream() to cross boundaries. RCWs shield users from this by doing all of the gymnastics to make this work behind the scenes for the user. This is both a good and bad thing. RCWs are most efficient when accessed from the apartment from which they were created; however, it is important to remember that the RCW might be getting pulled from the app domain wide cache (and the use case that caused the RCW to be created could be in a different apartment and cause unexpected performance sapping apartment transitions).

 

Unfortunately, even though RCWs are managed objects, most of the functionality for them is buried in the native implementation of the CLR virtual machine so there isn’t a lot of end user transparency into how they operate. If you have any questions about additional RCW or other Interop issues that you would like to see addressed, please don’t hesitate to email me.

One of the exciting things about managed code is that it is quite a bit easier to write code that is portable across architectures. There is no question about the size of a short, int, or long integer. In fact, it is possible to write assemblies that run unaltered on 32 and 64 bit platforms. I say possible unless they interoperate with native code.

 

As an example, consider the following idl file:

 

import "oaidl.idl";

import "ocidl.idl";

 

[

    uuid(4FBDEE5B-607B-45b1-8B8F-A5779ECB5766),

    version(1.0),

    helpstring("align")

]

library align

{

importlib("stdole2.tlb");

 

typedef struct Simple

{

    int fourbytes;

    double dForce64bit;

} Simple;

 

typedef struct Complex

{

    int fourbytes;

    void * pv1;

} Complex;

 

};

 

I built this IDL file with:

 

rmdir /q /s simple

mkdir simple

midl align.idl /zp8 /tlb .\simple\align.tlb

tlbimp .\simple\align.tlb /out:.\simple\interop.align.dll

ildasm /text .\simple\interop.align.dll > .\simple\align.txt

 

Note that I am explicitly stating /zp8 (8 byte packing), but it is the default for MIDL and the C compiler so it does not need to be specified. The result is a type library (built for x86 – the default) and an Interop assembly. Looking at the disassembly we see:

 

.class public sequential ansi sealed beforefieldinit interop.align.Simple

       extends [mscorlib]System.ValueType

{

  .pack 8

  .size 0

  .field public int32 fourbytes

  .field public float64 dForce64bit

} // end of class interop.align.Simple

 

.class public sequential ansi sealed beforefieldinit interop.align.Complex

       extends [mscorlib]System.ValueType

{

  .pack 4 ß This will yield wrong results on 64 bit platforms

  .size 0

  .field public int32 fourbytes

  .field public native int pv1

} // end of class interop.align.Complex

 

Note that the Complex struct gets converted to “.pack 4” even though the void* has been converted to “native int” because we have built on a 32bit platform. The /zp8 is somewhat hard to understand. It doesn’t mean “align everything on 8 byte boundaries.” It means “add what padding is needed to make eight byte or smaller types have natural alignment.”

 

The simplest way to think of packing is to think of a simple struct:

 

struct Basic

{

    char c;

    INT32 myint;

};

 

/zp1 would pack things on 1 byte boundaries so myint would directly follow c in memory. /zp2 would align on 2 byte boundaries so there would be one byte of padding after c before myint. /zp4 would aling on 4 byte boundaries so there would be three bytes of padding after c before myint. /zp8 would actually behave like /zp4 in this case since only three bytes of padding are needed to achieve natural alignment for a 32 bit integer. Note that /zp1 and /zp2 have the potential to produce unaligned results. /zp8 produces results that roughly make sense.

 

The Simple struct contains a four byte integer followed by an eight byte floating point type. With eight byte packing, four bytes of padding is needed to get the floating point value to start on an eight byte boundary. This causes the .pack 8 to appear in the managed assembly.

 

The Complex struct contains a four byte integer followed by a “native int.” The size of the native int is platform dependent and was determined at build time. In this case, we built for 32bit (the default) which meant the size was taken to be four bytes. Since things naturally align on four byte boundaries, .pack 4 is put into the managed assembly.

 

The problem is that C++ code (ignoring managed C++) is platform dependent and the code compiled on the C compiler for Complex will have four bytes of padding between the four byte integer and the “native int” / void* value. This will be one of the worst types of failures. X64 tolerates misaligned data access so there will not be some immediate fault when the data is accessed, but reads and writes will happen at the wrong address—silently! This is awful and one of the hardest types of issues to track down.

 

This is bad enough that I am going to look into to having tlbimp generated assemblies built on 32 bit platforms fail to load on 64 bit platforms as a potential future change (or at least an option).

 

The correct solution is to build separately with MIDL and tlbimp on all platforms. An x64 build would look like:

 

rmdir /q /s x64

mkdir x64

midl align.idl /zp8 /win64 /tlb .\x64\align.tlb

tlbimp .\x64\align.tlb /out:.\x64\interop.align.dll /machine:X64

ildasm /text .\x64\interop.align.dll > .\x64\align.txt

 

The disassembly of the resulting Interop assembly will look like:

 

.class public sequential ansi sealed beforefieldinit interop.align.Simple

       extends [mscorlib]System.ValueType

{

  .pack 8

  .size 0

  .field public int32 fourbytes

  .field public float64 dForce64bit

} // end of class interop.align.Simple

 

.class public sequential ansi sealed beforefieldinit interop.align.Complex

       extends [mscorlib]System.ValueType

{

  .pack 8 ß This is what we expect on 64 bit platforms

  .size 0

  .field public int32 fourbytes

  .field public native int pv1

} // end of class interop.align.Complex

 

Both structs are .pack 8 as expected and will match the output of the C++ compiler. Note that both Interop assemblies can coexist with the same name in the GAC and the loader will correctly bind to the right version for the executing platform.

 

I would like to thank Bill Evans for writing a detailed email to a customer that I scavenged for information. I’d like to thank my friend Kevin Frei for answering some C++ compiler questions about packing.

From time to time, I see object hierarchies like:

interface IParent : IUnknown

{

    [propget] HRESULT Child([out, retval] IChild ** ppChild);

}

dispinterface IChildEvents

{

    // ...

}

interface IChild : IUnknown

{

}

coclass Parent

{

    [default] interface IParent;

}

[noncreatable]

coclass Child

{

    [default] interface IChild;

    [default, source] dispinterface IChildEvents;

}

This describes a simple parent object with a child that has connection point based events. The user imports the type library for this pseudo-IDL code using tlbimp.exe to generate an Interop assembly. In some C# code, they write:

IParent parent = // ...

parent.Child.myevent = MyHandler;

 The intent seems clear to someone coming from a Jscript programming background, but they will get very undefined results.

 

Breaking this down, COM objects are bridged to managed code by runtime callable wrappers. For a given COM object in a given app domain, there should be a single runtime callable wrapper (with some caveats to be addressed in a future post). A runtime callable wrapper is a full blown managed object that “manages” a given COM object. When I say that it “manages” the underlying COM object, I mean that it maps to interfaces supported by the object, lifetime, eventing, and automatically performing cross apartment / context calls automatically so that the managed object appears to be apartment agnostic.

 

In the C# code snippet above, there are two runtime callables wrappers (RCWs from now on). The first one is referenced as long as the variable “parent” is in scope. The second one is created on the fly in response to “parent.Child.” This case is interesting in that this RCW is created on the fly, but it is never assigned to anything. From a garbage collector point of view, it is available to be collected as soon as the statement completes.

 

The problem is that the bridge between COM connection point based eventing and managed delegates resides on the RCW. In this case, the user has set up a delegate to subscribe for events. An implementation of the event sink mapping back to the delegate is created and registered using IConnectionPoint::Advise; however, the event sink is part of the RCW and will be destroyed as soon as the RCW is collected.

 

The problem here is that this will most likely work as expected in simple cases, but events will stop as soon as the RCW for the child object is collected. From my experience, this is the worst type of failure.

 

The correct solution is to do:

IParent parent = // ...

IChild child = parent.Child;

Child.myevent = MyHandler;

 And to save “child” somewhere as long as the event subscription needs to remain valid.

 

This is somewhat annoying since you would look at the original code and expect it to work. Digging into how COM Interop works, I have realized that this is just an artifact of the design and not something that can be easily solved. It is also just one specific instance of the general mismatch between COM lifetime and managed lifetime.

 

COM lifetime is very explicit and deterministic: reference count drops to zero, object is released. Some people get caught up in this determinism and actually break the rules of COM. A good example is another parent child sample:

class Child

{

    // ...

    STDMETHODIMP_(ULONG, AddRef)() {return 2;}

    STDMETHODIMP_(ULONG, Release)() {return 1;}

    // ...

};

class Parent

{

    // ...

    Child m_child;

    STDMETHODIMP GetChild(IChild ** ppChild)

    {

        *ppChild = &m_child;

        return S_OK;

    }

    // ...

};

 In this case, the child is allocated directly with the parent and doesn’t maintain its own lifetime. This is generally bad idea but usually works when called from a language like C++ from code that looks like:

IParent * pParent = //...

IChild * pChild = NULL;

hr = pParent->GetChild(&pChild);

if(SUCCEEDED(hr))

{

    // ...

    pChild->Release();

}

pParent->Release();

Note that it would be perfectly valid to fetch the child and then immediately release the pointer to the parent (which would cause this code to crash since the parent would release and take the child with it), but this is not common programming practice. When creating a technology that leverages something like COM, programming against the elegance of the COM spec isn’t too hard to get right (mostly...). Trying to support behavior that is relying on assumptions and convention instead of following the rules is hard to do. Note that we definitely try to recognize and support really common conventions, but there are definitely limits to what can be done.

 

In managed, the RCWs are released by garbage collection and there is no ordering. Each is just another managed object that is available for collection so the parent can easily be collected (causing a release under the covers) which will destroy the child and cause an AV when the child RCW is collected later.

 

Unlike the first eventing example, code like this is clearly playing fast and loose with COM, but people still get annoyed when code that works in their existing VB6 or MFC code base fails when called through managed code.

 

In general, bridging between two large, full-featured object models is a challenging problem. Given the size of the problem space I alternate between being impressed by how well COM Interop works and being surprised anything works at all. I’m going to follow up with a couple more object mismatches before branching off into other topics. I have my own hit list of things to cover, but if people have things they would like to see discussed please let me know. I’m the main development owner of the Interop space so I’d also love to hear your feedback on the product and suggestions for things to add or improve.