The careful checking and rechecking of format, metadata invariants, and typesafety is not worth much without the presence of an execution engine that can enforce policies and keep control over the managed code that is run within it. To maintain control, the SSCLI carefully orchestrates the behavior of threads and exceptions, inserting control structures and bookkeeping information directly into their in-memory data for this purpose.

Threads are appropriated as soon as they are detected by the execution engine, by associating managed-thread instances with them. These managed threads actually share their runtime stacks with any unmanaged code running within them. To keep transitions between managed and unmanaged regions straight, the execution engine uses a control structure called an execution engine frame. Execution engine frames are small chunks of bookkeeping info that are tucked into the stack amidst the activation records that populate it. They are used to both mark transitions and annotate stack usage.

Of course, one of the primary roles of a thread is to provide a home for the runtime stack that contains its nested execution state. We saw in Chapter 5 that the stack in the execution engine is used for traditional language purposes such as parameter passing, but the execution engine also uses it to control security and to track exception-handler boundaries. Code access security walks the stack to find permissions, grants, and demands. Exceptions are used to handle nonlocal ...