File: system\appdomain.cs
Project: ndp\clr\src\bcl\mscorlib.csproj (mscorlib)
// ==++==
// 
//   Copyright (c) Microsoft Corporation.  All rights reserved.
// 
// ==--==
/*=============================================================================
**
** Class: AppDomain
**
** <OWNER>Microsoft</OWNER>
**
**
** Purpose: Domains represent an application within the runtime. Objects can 
**          not be shared between domains and each domain can be configured
**          independently. 
**
**
=============================================================================*/
 
namespace System {
    using System;
#if FEATURE_CLICKONCE    
    using System.Deployment.Internal.Isolation;
    using System.Deployment.Internal.Isolation.Manifest;
    using System.Runtime.Hosting;    
#endif    
    using System.Reflection;
    using System.Runtime;
    using System.Runtime.CompilerServices;
#if FEATURE_REMOTING    
    using System.Runtime.Remoting.Channels;
    using System.Runtime.Remoting.Contexts;
#endif    
    using System.Security;
    using System.Security.Permissions;
    using System.Security.Principal;
    using System.Security.Policy;
    using System.Security.Util;
    using System.Collections;
    using System.Collections.Generic;
    using System.Threading;
    using System.Runtime.InteropServices;
    using System.Runtime.Remoting;   
#if FEATURE_REMOTING        
    using Context = System.Runtime.Remoting.Contexts.Context;
#endif
    using System.Reflection.Emit;
    using CultureInfo = System.Globalization.CultureInfo;
#if !FEATURE_CORECLR
    using System.Globalization;
#endif
    using System.IO;
    using AssemblyHashAlgorithm = System.Configuration.Assemblies.AssemblyHashAlgorithm;
    using System.Text;
    using Microsoft.Win32;
    using System.Runtime.ConstrainedExecution;
    using System.Runtime.Versioning;
    using System.Diagnostics.Contracts;
#if FEATURE_EXCEPTION_NOTIFICATIONS
    using System.Runtime.ExceptionServices;
#endif // FEATURE_EXCEPTION_NOTIFICATIONS
 
    [ComVisible(true)]
    public class ResolveEventArgs : EventArgs
    {
        private String _Name;
        private Assembly _RequestingAssembly;
 
        public String Name {
            get {
                return _Name;
            }
        }
 
        public Assembly RequestingAssembly 
        {
            get
            {
                return _RequestingAssembly;
            }
        }
 
        public ResolveEventArgs(String name)
        {
            _Name = name;
        }
 
        public ResolveEventArgs(String name, Assembly requestingAssembly)
        {
            _Name = name;
            _RequestingAssembly = requestingAssembly;
        }
    }
 
    [ComVisible(true)]
    public class AssemblyLoadEventArgs : EventArgs
    {
        private Assembly _LoadedAssembly;
 
        public Assembly LoadedAssembly {
            get {
                return _LoadedAssembly;
            }
        }
 
        public AssemblyLoadEventArgs(Assembly loadedAssembly)
        {
            _LoadedAssembly = loadedAssembly;
        }
    }
 
 
    #if FEATURE_CORECLR
    [System.Security.SecurityCritical] // auto-generated
    #endif
    [Serializable]
    [ComVisible(true)]
    public delegate Assembly ResolveEventHandler(Object sender, ResolveEventArgs args);
 
    [Serializable]
    [ComVisible(true)]
    public delegate void AssemblyLoadEventHandler(Object sender, AssemblyLoadEventArgs args);
 
    [Serializable]
    [ComVisible(true)]
    public delegate void AppDomainInitializer(string[] args);
 
    internal class AppDomainInitializerInfo
    {
        internal class ItemInfo
        {
            public string TargetTypeAssembly;
            public string TargetTypeName;
            public string MethodName;
        }
 
        internal ItemInfo[] Info;
 
        internal AppDomainInitializerInfo(AppDomainInitializer init)
        {
            Info=null;
            if (init==null)
                return;
            List<ItemInfo> itemInfo = new List<ItemInfo>();
            List<AppDomainInitializer> nestedDelegates = new List<AppDomainInitializer>();
            nestedDelegates.Add(init);
            int idx=0;
 
            while (nestedDelegates.Count>idx)
            {
                AppDomainInitializer curr = nestedDelegates[idx++];
                Delegate[] list= curr.GetInvocationList();
                for (int i=0;i<list.Length;i++)
                {
                    if (!list[i].Method.IsStatic) 
                    {
                        if(list[i].Target==null)
                            continue;
                    
                        AppDomainInitializer nested = list[i].Target as AppDomainInitializer;
                        if (nested!=null)
                            nestedDelegates.Add(nested);
                        else
                            throw new ArgumentException(Environment.GetResourceString("Arg_MustBeStatic"),
                               list[i].Method.ReflectedType.FullName+"::"+list[i].Method.Name);
                    }
                    else
                    {
                        ItemInfo info=new ItemInfo();
                        info.TargetTypeAssembly=list[i].Method.ReflectedType.Module.Assembly.FullName;
                        info.TargetTypeName=list[i].Method.ReflectedType.FullName;
                        info.MethodName=list[i].Method.Name;
                        itemInfo.Add(info);
                    }
                    
                }
            }
 
            Info = itemInfo.ToArray();            
        }
        
        [System.Security.SecuritySafeCritical]  // auto-generated
        internal AppDomainInitializer Unwrap()
        {
            if (Info==null)
                return null;
            AppDomainInitializer retVal=null;
            new ReflectionPermission(ReflectionPermissionFlag.MemberAccess).Assert();
            for (int i=0;i<Info.Length;i++)
            {
                Assembly assembly=Assembly.Load(Info[i].TargetTypeAssembly);
                AppDomainInitializer newVal=(AppDomainInitializer)Delegate.CreateDelegate(typeof(AppDomainInitializer),
                        assembly.GetType(Info[i].TargetTypeName),
                        Info[i].MethodName);
                if(retVal==null)
                    retVal=newVal;
                else
                    retVal+=newVal;
            }
            return retVal;
        }
    }
 
 
    [ClassInterface(ClassInterfaceType.None)]
    [ComDefaultInterface(typeof(System._AppDomain))]
    [ComVisible(true)]
    public sealed class AppDomain :
#if FEATURE_REMOTING
        MarshalByRefObject,
#endif
        _AppDomain, IEvidenceFactory
    {
        // Domain security information
        // These fields initialized from the other side only. (NOTE: order 
        // of these fields cannot be changed without changing the layout in 
        // the EE)
 
        [System.Security.SecurityCritical] // auto-generated
        private AppDomainManager _domainManager;
        private Dictionary<String, Object[]> _LocalStore;
        private AppDomainSetup   _FusionStore;
        private Evidence         _SecurityIdentity;
#pragma warning disable 169
        private Object[]         _Policies; // Called from the VM.
#pragma warning restore 169
        [method: System.Security.SecurityCritical]
        public event AssemblyLoadEventHandler AssemblyLoad;
 
        [System.Security.SecurityCritical]
        private ResolveEventHandler _TypeResolve;
 
        public event ResolveEventHandler TypeResolve
        {
            [System.Security.SecurityCritical]
            add
            {
                lock (this)
                {
                    _TypeResolve += value;
                }
            }
 
            [System.Security.SecurityCritical]
            remove
            {
                lock (this)
                {
                    _TypeResolve -= value;
                }
            }
        }
 
        [System.Security.SecurityCritical]
        private ResolveEventHandler _ResourceResolve;
 
        public event ResolveEventHandler ResourceResolve
        {
            [System.Security.SecurityCritical]
            add
            {
                lock (this)
                {
                    _ResourceResolve += value;
                }
            }
 
            [System.Security.SecurityCritical]
            remove
            {
                lock (this)
                {
                    _ResourceResolve -= value;
                }
            }
        }
 
        [System.Security.SecurityCritical]
        private ResolveEventHandler _AssemblyResolve;
 
        public event ResolveEventHandler AssemblyResolve
        {
            [System.Security.SecurityCritical]
            add
            {
                lock (this)
                {
                    _AssemblyResolve += value;
                }
            }
 
            [System.Security.SecurityCritical]
            remove
            {
                lock (this)
                {
                    _AssemblyResolve -= value;
                }
            }
        }
 
#if FEATURE_REFLECTION_ONLY_LOAD
        [method: System.Security.SecurityCritical]
        public event ResolveEventHandler ReflectionOnlyAssemblyResolve;
#endif // FEATURE_REFLECTION_ONLY
 
#if FEATURE_REMOTING        
        private Context          _DefaultContext;
#endif
 
#if !FEATURE_PAL
#if FEATURE_CLICKONCE
        private ActivationContext _activationContext;        
        private ApplicationIdentity _applicationIdentity;        
#endif
#endif // !FEATURE_PAL
        private ApplicationTrust _applicationTrust;
 
#if FEATURE_IMPERSONATION
        private IPrincipal       _DefaultPrincipal;
#endif // FEATURE_IMPERSONATION
#if FEATURE_REMOTING
        private DomainSpecificRemotingData _RemotingData;
#endif
        private EventHandler     _processExit;
 
        #if FEATURE_CORECLR
        [System.Security.SecurityCritical] 
        #endif
        private EventHandler     _domainUnload;
 
        #if FEATURE_CORECLR
        [System.Security.SecurityCritical] // auto-generated
        #endif
        private UnhandledExceptionEventHandler _unhandledException;
 
#if FEATURE_APTCA
        private String[]         _aptcaVisibleAssemblies;
#endif
 
        // The compat flags are set at domain creation time to indicate that the given breaking
        // changes (named in the strings) should not be used in this domain. We only use the 
        // keys, the vhe values are ignored.
        private Dictionary<String, object>  _compatFlags;
 
#if FEATURE_EXCEPTION_NOTIFICATIONS
        // Delegate that will hold references to FirstChance exception notifications
        private EventHandler<FirstChanceExceptionEventArgs> _firstChanceException;
#endif // FEATURE_EXCEPTION_NOTIFICATIONS
 
        private IntPtr           _pDomain;                      // this is an unmanaged pointer (AppDomain * m_pDomain)` used from the VM.
 
#if FEATURE_CAS_POLICY
        private PrincipalPolicy  _PrincipalPolicy;              // this is an enum
#endif        
        private bool             _HasSetPolicy;
        private bool             _IsFastFullTrustDomain;        // quick check to see if the AppDomain is fully trusted and homogenous
        private bool             _compatFlagsInitialized;
 
        internal const String TargetFrameworkNameAppCompatSetting = "TargetFrameworkName";
 
#if FEATURE_APPX
        private static APPX_FLAGS s_flags;
 
        //
        // Keep in async with vm\appdomainnative.cpp
        //
        [Flags]
        private enum APPX_FLAGS
        {
            APPX_FLAGS_INITIALIZED =        0x01,
 
            APPX_FLAGS_APPX_MODEL =         0x02,
            APPX_FLAGS_APPX_DESIGN_MODE =   0x04,
            APPX_FLAGS_APPX_NGEN =          0x08,
            APPX_FLAGS_APPX_MASK =          APPX_FLAGS_APPX_MODEL |
                                            APPX_FLAGS_APPX_DESIGN_MODE |
                                            APPX_FLAGS_APPX_NGEN,
 
            APPX_FLAGS_API_CHECK =          0x10,
        }
 
        private static APPX_FLAGS Flags
        {
            [SecuritySafeCritical]
            get
            {
                if (s_flags == 0)
                    s_flags = nGetAppXFlags();
 
                Contract.Assert(s_flags != 0);
                return s_flags;
            }
        }
 
        internal static bool ProfileAPICheck
        {
            [SecuritySafeCritical]
            get
            {
                return (Flags & APPX_FLAGS.APPX_FLAGS_API_CHECK) != 0;
            }
        }
 
        internal static bool IsAppXNGen
        {
            [SecuritySafeCritical]
            get
            {
                return (Flags & APPX_FLAGS.APPX_FLAGS_APPX_NGEN) != 0;
            }
        }
#endif // FEATURE_APPX
 
        [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
        [SecurityCritical]
        [ResourceExposure(ResourceScope.None)]
        [SuppressUnmanagedCodeSecurity]
        [return: MarshalAs(UnmanagedType.Bool)]
        private static extern bool DisableFusionUpdatesFromADManager(AppDomainHandle domain);
 
#if FEATURE_APPX
        [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
        [SecurityCritical]
        [ResourceExposure(ResourceScope.None)]
        [SuppressUnmanagedCodeSecurity]
        [return: MarshalAs(UnmanagedType.I4)]
        private static extern APPX_FLAGS nGetAppXFlags();
#endif
 
        [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
        [SecurityCritical]
        [ResourceExposure(ResourceScope.None)]
        [SuppressUnmanagedCodeSecurity]
        private static extern void GetAppDomainManagerType(AppDomainHandle domain,
                                                           StringHandleOnStack retAssembly,
                                                           StringHandleOnStack retType);
 
        [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
        [SecurityCritical]
        [ResourceExposure(ResourceScope.None)]
        [SuppressUnmanagedCodeSecurity]
        private static extern void SetAppDomainManagerType(AppDomainHandle domain,
                                                           string assembly,
                                                           string type);
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private static extern void nSetHostSecurityManagerFlags (HostSecurityManagerOptions flags);
 
        [SecurityCritical]
        [SuppressUnmanagedCodeSecurity]
        [ResourceExposure(ResourceScope.None)]
        [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
        private static extern void SetSecurityHomogeneousFlag(AppDomainHandle domain,
                                                              [MarshalAs(UnmanagedType.Bool)] bool runtimeSuppliedHomogenousGrantSet);
 
#if FEATURE_CAS_POLICY
        [SecurityCritical]
        [SuppressUnmanagedCodeSecurity]
        [ResourceExposure(ResourceScope.None)]
        [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
        private static extern void SetLegacyCasPolicyEnabled(AppDomainHandle domain);
 
        [SecurityCritical]
        private void SetLegacyCasPolicyEnabled()
        {
            SetLegacyCasPolicyEnabled(GetNativeHandle());
        }
#endif // FEATURE_CAS_POLICY
 
        /// <summary>
        ///     Get a handle used to make a call into the VM pointing to this domain
        /// </summary>
        internal AppDomainHandle GetNativeHandle()
        {
            // This should never happen under normal circumstances. However, there ar ways to create an
            // uninitialized object through remoting, etc.
            if (_pDomain.IsNull())
            {
                throw new InvalidOperationException(Environment.GetResourceString("Argument_InvalidHandle"));
            }
 
#if FEATURE_REMOTING
            BCLDebug.Assert(!RemotingServices.IsTransparentProxy(this), "QCalls should be made with the real AppDomain object rather than a transparent proxy");
#endif // FEATURE_REMOTING
            return new AppDomainHandle(_pDomain);
        }
 
        /// <summary>
        ///     If this AppDomain is configured to have an AppDomain manager then create the instance of it.
        ///     This method is also called from the VM to create the domain manager in the default domain.
        /// </summary>
        [SecuritySafeCritical]
        private void CreateAppDomainManager()
        {
            Contract.Assert(_domainManager == null, "_domainManager == null");
 
            AppDomainSetup adSetup = FusionStore;
#if FEATURE_VERSIONING
            String trustedPlatformAssemblies = (String)(GetData("TRUSTED_PLATFORM_ASSEMBLIES"));
            if (trustedPlatformAssemblies != null)
            {
                String platformResourceRoots = (String)(GetData("PLATFORM_RESOURCE_ROOTS"));
                if (platformResourceRoots == null)
                {
                    platformResourceRoots = String.Empty;
                }
 
                String appPaths = (String)(GetData("APP_PATHS"));
                if (appPaths == null)
                {
                    appPaths = String.Empty;
                }
 
                String appNiPaths = (String)(GetData("APP_NI_PATHS"));
                if (appNiPaths == null)
                {
                    appNiPaths = String.Empty;
                }
 
                String appLocalWinMD = (String)(GetData("APP_LOCAL_WINMETADATA"));
                if (appLocalWinMD == null)
                {
                    appLocalWinMD = String.Empty;
                }
                SetupBindingPaths(trustedPlatformAssemblies, platformResourceRoots, appPaths, appNiPaths, appLocalWinMD);
            }
#endif // FEATURE_VERSIONING
 
            string domainManagerAssembly;
            string domainManagerType;
            GetAppDomainManagerType(out domainManagerAssembly, out domainManagerType);
 
            if (domainManagerAssembly != null && domainManagerType != null)
            {
                try
                {
                    new PermissionSet(PermissionState.Unrestricted).Assert();
                    _domainManager = CreateInstanceAndUnwrap(domainManagerAssembly, domainManagerType) as AppDomainManager;
                    CodeAccessPermission.RevertAssert();
                }
                catch (FileNotFoundException e)
                {
                    throw new TypeLoadException(Environment.GetResourceString("Argument_NoDomainManager"), e);
                }
                catch (SecurityException e)
                {
                    throw new TypeLoadException(Environment.GetResourceString("Argument_NoDomainManager"), e);
                }
                catch (TypeLoadException e)
                {
                    throw new TypeLoadException(Environment.GetResourceString("Argument_NoDomainManager"), e);
                }
 
                if (_domainManager == null)
                {
                    throw new TypeLoadException(Environment.GetResourceString("Argument_NoDomainManager"));
                }
 
                // If this domain was not created by a managed call to CreateDomain, then the AppDomainSetup
                // will not have the correct values for the AppDomainManager set.
                FusionStore.AppDomainManagerAssembly = domainManagerAssembly;
                FusionStore.AppDomainManagerType = domainManagerType;
 
                bool notifyFusion = _domainManager.GetType() != typeof(System.AppDomainManager) && !DisableFusionUpdatesFromADManager();
 
 
 
                AppDomainSetup FusionStoreOld = null;
                if (notifyFusion)
                    FusionStoreOld = new AppDomainSetup(FusionStore, true);
 
                // Initialize the AppDomainMAnager and register the instance with the native host if requested
                _domainManager.InitializeNewDomain(FusionStore);
 
                if (notifyFusion)
                    SetupFusionStore(_FusionStore, FusionStoreOld); // Notify Fusion about the changes the user implementation of InitializeNewDomain may have made to the FusionStore object.
                                
#if FEATURE_APPDOMAINMANAGER_INITOPTIONS                
                AppDomainManagerInitializationOptions flags = _domainManager.InitializationFlags;
                if ((flags & AppDomainManagerInitializationOptions.RegisterWithHost) == AppDomainManagerInitializationOptions.RegisterWithHost)
                {
                    _domainManager.RegisterWithHost();
                }
#endif // FEATURE_APPDOMAINMANAGER_INITOPTIONS
            }
 
            InitializeCompatibilityFlags();       
        }
 
        /// <summary>
        ///     Initialize the compatibility flags to non-NULL values.
        ///     This method is also called from the VM when the default domain dosen't have a domain manager.
        /// </summary>
        private void InitializeCompatibilityFlags()
        {
            AppDomainSetup adSetup = FusionStore;
            
            // set up shim flags regardless of whether we create a DomainManager in this method.
            if (adSetup.GetCompatibilityFlags() != null)
            {
                _compatFlags = new Dictionary<String, object>(adSetup.GetCompatibilityFlags(), StringComparer.OrdinalIgnoreCase);
            }
 
            // for perf, we don't intialize the _compatFlags dictionary when we don't need to.  However, we do need to make a 
            // note that we've run this method, because IsCompatibilityFlagsSet needs to return different values for the
            // case where the compat flags have been setup.
            Contract.Assert(!_compatFlagsInitialized);
            _compatFlagsInitialized = true;
 
            CompatibilitySwitches.InitializeSwitches();
        }
 
        // Retrieves a possibly-cached target framework name for this appdomain.  This could be set
        // either by a host in native, a host in managed using an AppDomainSetup, or by the 
        // TargetFrameworkAttribute on the executable (VS emits its target framework moniker using this
        // attribute starting in version 4).
        [SecuritySafeCritical]
        internal String GetTargetFrameworkName()
        {
            String targetFrameworkName = _FusionStore.TargetFrameworkName;
 
            if (targetFrameworkName == null && IsDefaultAppDomain() && !_FusionStore.CheckedForTargetFrameworkName)
            {
                // This should only be run in the default appdomain.  All other appdomains should have
                // values copied from the default appdomain and/or specified by the host.
                Assembly assembly = Assembly.GetEntryAssembly();
                if (assembly != null)
                {
                    TargetFrameworkAttribute[] attrs = (TargetFrameworkAttribute[])assembly.GetCustomAttributes(typeof(TargetFrameworkAttribute));
                    if (attrs != null && attrs.Length > 0)
                    {
                        Contract.Assert(attrs.Length == 1);
                        targetFrameworkName = attrs[0].FrameworkName;
                        _FusionStore.TargetFrameworkName = targetFrameworkName;
                    }
                }
                _FusionStore.CheckedForTargetFrameworkName = true;
            }
 
            return targetFrameworkName;
        }
 
        /// <summary>
        ///     Returns the setting of the corresponding compatibility config switch (see CreateAppDomainManager for the impact).
        /// </summary>
        [SecuritySafeCritical]
        internal bool DisableFusionUpdatesFromADManager()
        {
            return DisableFusionUpdatesFromADManager(GetNativeHandle());
        }
 
        /// <summary>
        ///     Returns whether the current AppDomain follows the AppX rules.
        /// </summary>
        [SecuritySafeCritical]
        [Pure]
        internal static bool IsAppXModel()
        {
#if FEATURE_APPX
            return (Flags & APPX_FLAGS.APPX_FLAGS_APPX_MODEL) != 0;
#else
            return false;
#endif
        }
 
        /// <summary>
        ///     Returns the setting of the AppXDevMode config switch.
        /// </summary>
        [SecuritySafeCritical]
        [Pure]
        internal static bool IsAppXDesignMode()
        {
#if FEATURE_APPX
            return (Flags & APPX_FLAGS.APPX_FLAGS_APPX_MASK) == (APPX_FLAGS.APPX_FLAGS_APPX_MODEL | APPX_FLAGS.APPX_FLAGS_APPX_DESIGN_MODE);
#else
            return false;
#endif
        }
 
        /// <summary>
        ///     Checks (and throws on failure) if the domain supports Assembly.LoadFrom.
        /// </summary>
        [SecuritySafeCritical]
        [Pure]
        internal static void CheckLoadFromSupported()
        {
#if FEATURE_APPX
            if (IsAppXModel())
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_AppX", "Assembly.LoadFrom"));
#endif
        }
 
        /// <summary>
        ///     Checks (and throws on failure) if the domain supports Assembly.LoadFile.
        /// </summary>
        [SecuritySafeCritical]
        [Pure]
        internal static void CheckLoadFileSupported()
        {
#if FEATURE_APPX
            if (IsAppXModel())
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_AppX", "Assembly.LoadFile"));
#endif
        }
 
        /// <summary>
        ///     Checks (and throws on failure) if the domain supports Assembly.ReflectionOnlyLoad.
        /// </summary>
        [SecuritySafeCritical]
        [Pure]
        internal static void CheckReflectionOnlyLoadSupported()
        {
#if FEATURE_APPX
            if (IsAppXModel())
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_AppX", "Assembly.ReflectionOnlyLoad"));
#endif
        }
 
        /// <summary>
        ///     Checks (and throws on failure) if the domain supports Assembly.LoadWithPartialName.
        /// </summary>
        [SecuritySafeCritical]
        [Pure]
        internal static void CheckLoadWithPartialNameSupported(StackCrawlMark stackMark)
        {
#if FEATURE_APPX
            if (IsAppXModel())
            {
                RuntimeAssembly callingAssembly = RuntimeAssembly.GetExecutingAssembly(ref stackMark);
                bool callerIsFxAssembly = callingAssembly != null && callingAssembly.IsFrameworkAssembly();
                if (!callerIsFxAssembly)
                {
                    throw new NotSupportedException(Environment.GetResourceString("NotSupported_AppX", "Assembly.LoadWithPartialName"));
                }
            }
#endif
        }
 
        /// <summary>
        ///     Checks (and throws on failure) if the domain supports DefinePInvokeMethod.
        /// </summary>
        [SecuritySafeCritical]
        [Pure]
        internal static void CheckDefinePInvokeSupported()
        {
            // We don't want users to use DefinePInvokeMethod in RefEmit to bypass app store validation on allowed native libraries.
#if FEATURE_APPX
            if (IsAppXModel())
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_AppX", "DefinePInvokeMethod"));
#endif
        }
 
        /// <summary>
        ///     Checks (and throws on failure) if the domain supports Assembly.Load(byte[] ...).
        /// </summary>
        [SecuritySafeCritical]
        [Pure]
        internal static void CheckLoadByteArraySupported()
        {
#if FEATURE_APPX
            if (IsAppXModel())
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_AppX", "Assembly.Load(byte[], ...)"));
#endif
        }
 
        /// <summary>
        ///     Checks (and throws on failure) if the domain supports AppDomain.CreateDomain.
        /// </summary>
        [SecuritySafeCritical]
        [Pure]
        internal static void CheckCreateDomainSupported()
        {
#if FEATURE_APPX
            // Can create a new domain in an AppX process only when DevMode is enabled and
            // AssemblyLoadingCompat is not enabled (since there is no multi-domain support
            // for LoadFrom and LoadFile in AppX.
            if(IsAppXModel())
            {
                if (!IsAppXDesignMode())
                {
                    throw new NotSupportedException(Environment.GetResourceString("NotSupported_AppX", "AppDomain.CreateDomain"));
                }
            }
#endif
        }
 
        /// <summary>
        ///     Get the name of the assembly and type that act as the AppDomainManager for this domain
        /// </summary>
        [SecuritySafeCritical]
        internal void GetAppDomainManagerType(out string assembly, out string type)
        {
            // We can't just use our parameters because we need to ensure that the strings used for hte QCall
            // are on the stack.
            string localAssembly = null;
            string localType = null;
 
            GetAppDomainManagerType(GetNativeHandle(),
                                    JitHelpers.GetStringHandleOnStack(ref localAssembly),
                                    JitHelpers.GetStringHandleOnStack(ref localType));
 
            assembly = localAssembly;
            type = localType;
        }
 
        /// <summary>
        ///     Set the assembly and type which act as the AppDomainManager for this domain
        /// </summary>
        [SecuritySafeCritical]
        private void SetAppDomainManagerType(string assembly, string type)
        {
            Contract.Assert(assembly != null, "assembly != null");
            Contract.Assert(type != null, "type != null");
            SetAppDomainManagerType(GetNativeHandle(), assembly, type);
        }
 
#if FEATURE_APTCA
        internal String[] PartialTrustVisibleAssemblies
        {
            get { return _aptcaVisibleAssemblies; }
 
            [SecuritySafeCritical]
            set
            {
                _aptcaVisibleAssemblies = value;
 
                // Build up the canonical representaiton of this list to allow the VM to do optimizations in
                // common cases
                string canonicalConditionalAptcaList = null;
                if (value != null)
                {
                    StringBuilder conditionalAptcaListBuilder = StringBuilderCache.Acquire();
                    for (int i = 0; i < value.Length; ++i)
                    {
                        if (value[i] != null)
                        {
                            conditionalAptcaListBuilder.Append(value[i].ToUpperInvariant());
                            if (i != value.Length - 1)
                            {
                                conditionalAptcaListBuilder.Append(';');
                            }
                        }
                    }
 
                    canonicalConditionalAptcaList = StringBuilderCache.GetStringAndRelease(conditionalAptcaListBuilder);
                }
 
                SetCanonicalConditionalAptcaList(canonicalConditionalAptcaList);
            }
        }
 
        [SecurityCritical]
        [ResourceExposure(ResourceScope.None)]
        [SuppressUnmanagedCodeSecurity]
        [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
        private static extern void SetCanonicalConditionalAptcaList(AppDomainHandle appDomain, string canonicalList);
 
        [SecurityCritical]
        private void SetCanonicalConditionalAptcaList(string canonicalList)
        {
            SetCanonicalConditionalAptcaList(GetNativeHandle(), canonicalList);
        }
#endif // FEATURE_APTCA
 
#if FEATURE_CLICKONCE
        /// <summary>
        ///    If the CLR is being started up to run a ClickOnce applicaiton, setup the default AppDomain
        ///    with information about that application.
        /// </summary>
        private void SetupDefaultClickOnceDomain(string fullName, string[] manifestPaths, string[] activationData)
        {
            Contract.Requires(fullName != null, "fullName != null");
            FusionStore.ActivationArguments = new ActivationArguments(fullName, manifestPaths, activationData);
        }
#endif // FEATURE_CLICKONCE
 
        /// <summary>
        ///     Called for every AppDomain (including the default domain) to initialize the security of the AppDomain)
        /// </summary>
        [SecurityCritical]
        private void InitializeDomainSecurity(Evidence providedSecurityInfo,
                                              Evidence creatorsSecurityInfo,
                                              bool generateDefaultEvidence,
                                              IntPtr parentSecurityDescriptor,
                                              bool publishAppDomain)
        {
            AppDomainSetup adSetup = FusionStore;
 
#if FEATURE_CAS_POLICY
            // If the AppDomain is setup to use legacy CAS policy, then set that bit in the application
            // security descriptor.
            if (CompatibilitySwitches.IsNetFx40LegacySecurityPolicy)
            {
                SetLegacyCasPolicyEnabled();
            }
#endif // FEATURE_CAS_POLICY
 
#if FEATURE_CLICKONCE
 
            // Check if the domain manager set an ActivationContext (Debug-In-Zone for example)
            // or if this is an AppDomain with an ApplicationTrust.
            if (adSetup.ActivationArguments != null) {
                // Merge the new evidence with the manifest's evidence if applicable
                ActivationContext activationContext = null;
                ApplicationIdentity appIdentity = null;
                string[] activationData = null;
                CmsUtils.CreateActivationContext(adSetup.ActivationArguments.ApplicationFullName,
                                                 adSetup.ActivationArguments.ApplicationManifestPaths,
                                                 adSetup.ActivationArguments.UseFusionActivationContext,
                                                 out appIdentity, out activationContext);
                activationData = adSetup.ActivationArguments.ActivationData;
                providedSecurityInfo = CmsUtils.MergeApplicationEvidence(providedSecurityInfo,
                                                                         appIdentity,
                                                                         activationContext,
                                                                         activationData,
                                                                         adSetup.ApplicationTrust);
                SetupApplicationHelper(providedSecurityInfo, creatorsSecurityInfo, appIdentity, activationContext, activationData);
            }
            else 
#endif // FEATURE_CLICKONCE
            {
                bool runtimeSuppliedHomogenousGrant = false;
                ApplicationTrust appTrust = adSetup.ApplicationTrust;
                
#if FEATURE_CAS_POLICY
                // In non-legacy CAS mode, domains should be homogenous.  If the host has not specified a sandbox
                // of their own, we'll set it up to be fully trusted.  We must read the IsLegacyCasPolicy
                // enabled property here rathern than just reading the switch from above because the entire
                // process may also be opted into legacy CAS policy mode.
                if (appTrust == null && !IsLegacyCasPolicyEnabled) {
                    _IsFastFullTrustDomain = true;
                    runtimeSuppliedHomogenousGrant = true;
                }
#endif // FEATURE_CAS_POLICY
 
                if (appTrust != null) {
                    SetupDomainSecurityForHomogeneousDomain(appTrust, runtimeSuppliedHomogenousGrant);
                }
                else if (_IsFastFullTrustDomain) {
                    SetSecurityHomogeneousFlag(GetNativeHandle(), runtimeSuppliedHomogenousGrant);
                }
            }
 
            // Get the evidence supplied for the domain.  If no evidence was supplied, it means that we want
            // to use the default evidence creation strategy for this domain
            Evidence newAppDomainEvidence = (providedSecurityInfo != null ? providedSecurityInfo : creatorsSecurityInfo);
            if (newAppDomainEvidence == null && generateDefaultEvidence) {
#if FEATURE_CAS_POLICY
                newAppDomainEvidence = new Evidence(new AppDomainEvidenceFactory(this));
#else // !FEATURE_CAS_POLICY
                newAppDomainEvidence = new Evidence();
#endif // FEATURE_CAS_POLICY
            }
 
#if FEATURE_CAS_POLICY
            if (_domainManager != null) {
                // Give the host a chance to alter the AppDomain evidence
                HostSecurityManager securityManager = _domainManager.HostSecurityManager;
                if (securityManager != null) {
                    nSetHostSecurityManagerFlags (securityManager.Flags);
                    if ((securityManager.Flags & HostSecurityManagerOptions.HostAppDomainEvidence) == HostSecurityManagerOptions.HostAppDomainEvidence) {
                        newAppDomainEvidence = securityManager.ProvideAppDomainEvidence(newAppDomainEvidence);
                        // If this is a disconnected evidence collection, then attach it to the AppDomain,
                        // allowing the host security manager to get callbacks for delay generated evidence
                        if (newAppDomainEvidence != null && newAppDomainEvidence.Target == null) {
                            newAppDomainEvidence.Target = new AppDomainEvidenceFactory(this);
                        }
                    }
                }
            }
 
#endif // FEATURE_CAS_POLICY
 
            // Set the evidence on the managed side
            _SecurityIdentity = newAppDomainEvidence;
 
            // Set the evidence of the AppDomain in the VM.
            // Also, now that the initialization is complete, signal that to the security system.
            // Finish the AppDomain initialization and resolve the policy for the AppDomain evidence.
            SetupDomainSecurity(newAppDomainEvidence,
                                parentSecurityDescriptor,
                                publishAppDomain);
 
#if FEATURE_CAS_POLICY
            // The AppDomain is now resolved. Go ahead and set the PolicyLevel
            // from the HostSecurityManager if specified.
            if (_domainManager != null)
                RunDomainManagerPostInitialization(_domainManager);
#endif // FEATURE_CAS_POLICY
        }
 
#if FEATURE_CAS_POLICY
        [System.Security.SecurityCritical]  // auto-generated
        private void RunDomainManagerPostInitialization (AppDomainManager domainManager)
        {
            // force creation of the HostExecutionContextManager for the current AppDomain
            HostExecutionContextManager contextManager = domainManager.HostExecutionContextManager;
 
            if (IsLegacyCasPolicyEnabled)
            {
#pragma warning disable 618
                HostSecurityManager securityManager = domainManager.HostSecurityManager;
                if (securityManager != null)
                {
                    if ((securityManager.Flags & HostSecurityManagerOptions.HostPolicyLevel) == HostSecurityManagerOptions.HostPolicyLevel)
                    {
                        // set AppDomain policy if specified
                        PolicyLevel level = securityManager.DomainPolicy;
                        if (level != null)
                            SetAppDomainPolicy(level);
                    }
                }
#pragma warning restore 618
            }
        }
#endif 
 
 
#if FEATURE_CLICKONCE
 
        [System.Security.SecurityCritical]  // auto-generated
        private void SetupApplicationHelper (Evidence providedSecurityInfo, Evidence creatorsSecurityInfo, ApplicationIdentity appIdentity, ActivationContext activationContext, string[] activationData) {
            Contract.Requires(providedSecurityInfo != null);
            HostSecurityManager securityManager = AppDomain.CurrentDomain.HostSecurityManager;
            ApplicationTrust appTrust = securityManager.DetermineApplicationTrust(providedSecurityInfo, creatorsSecurityInfo, new TrustManagerContext());
            if (appTrust == null || !appTrust.IsApplicationTrustedToRun)
                throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"),
                                          System.__HResults.CORSEC_E_NO_EXEC_PERM,
                                          null);
 
            // The application is trusted to run. Set up the AppDomain according to the manifests.
            if (activationContext != null)
                SetupDomainForApplication(activationContext, activationData);
            SetupDomainSecurityForApplication(appIdentity, appTrust);
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
        private void SetupDomainForApplication(ActivationContext activationContext, string[] activationData) {
            Contract.Requires(activationContext != null);
            if (IsDefaultAppDomain()) {
                // make the ActivationArguments available off the AppDomain object.
                AppDomainSetup adSetup = this.FusionStore;
                adSetup.ActivationArguments = new ActivationArguments(activationContext, activationData);
 
                // set the application base to point at where the application resides
                string entryPointPath = CmsUtils.GetEntryPointFullPath(activationContext);
                if (!String.IsNullOrEmpty(entryPointPath))
                    adSetup.SetupDefaults(entryPointPath);
                else
                    adSetup.ApplicationBase = activationContext.ApplicationDirectory;
 
                // update fusion context
                SetupFusionStore(adSetup, null);
            }
 
            // perform app data directory migration.
            activationContext.PrepareForExecution();
            activationContext.SetApplicationState(ActivationContext.ApplicationState.Starting);
            // set current app data directory.
            activationContext.SetApplicationState(ActivationContext.ApplicationState.Running);
 
            // make data directory path available.
            IPermission permission = null;
            string dataDirectory = activationContext.DataDirectory;
            if (dataDirectory != null && dataDirectory.Length > 0)
                permission = new FileIOPermission(FileIOPermissionAccess.PathDiscovery, dataDirectory);
            this.SetData("DataDirectory", dataDirectory, permission);
 
            _activationContext = activationContext;
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        private void SetupDomainSecurityForApplication(ApplicationIdentity appIdentity,
                                                       ApplicationTrust appTrust)
        {
            // Set the Application trust on the managed side.
            _applicationIdentity = appIdentity;
            SetupDomainSecurityForHomogeneousDomain(appTrust, false);
        }
#endif // FEATURE_CLICKONCE
 
        [System.Security.SecurityCritical]  // auto-generated
        private void SetupDomainSecurityForHomogeneousDomain(ApplicationTrust appTrust,
                                                             bool runtimeSuppliedHomogenousGrantSet)
        {
            // If the CLR has supplied the homogenous grant set (that is, this domain would have been
            // heterogenous in v2.0), then we need to strip the ApplicationTrust from the AppDomainSetup of
            // the current domain.  This prevents code which does:
            //   AppDomain.CreateDomain(..., AppDomain.CurrentDomain.SetupInformation);
            // 
            // From looking like it is trying to create a homogenous domain intentionally, and therefore
            // having its evidence check bypassed.
            if (runtimeSuppliedHomogenousGrantSet)
            {
                BCLDebug.Assert(_FusionStore.ApplicationTrust != null, "Expected to find runtime supplied ApplicationTrust");
#if FEATURE_CAS_POLICY
                _FusionStore.ApplicationTrust = null;
#endif // FEATURE_CAS_POLICY
            }
 
            _applicationTrust = appTrust;
 
            // Set the homogeneous bit in the VM's ApplicationSecurityDescriptor.
            SetSecurityHomogeneousFlag(GetNativeHandle(),
                                       runtimeSuppliedHomogenousGrantSet);
        }
 
        // This method is called from CorHost2::ExecuteApplication to activate a ClickOnce application in the default AppDomain.
#if FEATURE_CLICKONCE
        [System.Security.SecuritySafeCritical]  // auto-generated
        private int ActivateApplication () {
            ObjectHandle oh = Activator.CreateInstance(AppDomain.CurrentDomain.ActivationContext);
            return (int) oh.Unwrap();
        }
#endif //FEATURE_CLICKONCE
 
        public AppDomainManager DomainManager {
            [System.Security.SecurityCritical]  // auto-generated_required
            get {
                return _domainManager;
            }
        }
 
#if FEATURE_CAS_POLICY
        internal HostSecurityManager HostSecurityManager {
            [System.Security.SecurityCritical]  // auto-generated
            get {
                HostSecurityManager securityManager = null;
                AppDomainManager domainManager = AppDomain.CurrentDomain.DomainManager;
                if (domainManager != null)
                    securityManager = domainManager.HostSecurityManager;
 
                if (securityManager == null)
                    securityManager = new HostSecurityManager();
                return securityManager;
            }
        }
#endif // FEATURE_CAS_POLICY
#if FEATURE_REFLECTION_ONLY_LOAD        
        private Assembly ResolveAssemblyForIntrospection(Object sender, ResolveEventArgs args)
        {
            Contract.Requires(args != null);
            return Assembly.ReflectionOnlyLoad(ApplyPolicy(args.Name));
        }
        
        // Helper class for method code:EnableResolveAssembliesForIntrospection
        private class NamespaceResolverForIntrospection
        {
            private IEnumerable<string> _packageGraphFilePaths;
            public NamespaceResolverForIntrospection(IEnumerable<string> packageGraphFilePaths)
            {
                _packageGraphFilePaths = packageGraphFilePaths;
            }
            
            [System.Security.SecurityCritical]
            public void ResolveNamespace(
                object sender, 
                System.Runtime.InteropServices.WindowsRuntime.NamespaceResolveEventArgs args)
            {
                Contract.Requires(args != null);
                
                IEnumerable<string> fileNames = System.Runtime.InteropServices.WindowsRuntime.WindowsRuntimeMetadata.ResolveNamespace(
                    args.NamespaceName,
                    null,   // windowsSdkFilePath ... Use OS installed .winmd files
                    _packageGraphFilePaths);
                foreach (string fileName in fileNames)
                {
                    args.ResolvedAssemblies.Add(Assembly.ReflectionOnlyLoadFrom(fileName));
                }
            }
        }
        
        // Called only by native function code:ValidateWorker
        [System.Security.SecuritySafeCritical]
        private void EnableResolveAssembliesForIntrospection(string verifiedFileDirectory)
        {
            CurrentDomain.ReflectionOnlyAssemblyResolve += new ResolveEventHandler(ResolveAssemblyForIntrospection);
            
            string[] packageGraphFilePaths = null;
            if (verifiedFileDirectory != null)
                packageGraphFilePaths = new string[] { verifiedFileDirectory };
            NamespaceResolverForIntrospection namespaceResolver = new NamespaceResolverForIntrospection(packageGraphFilePaths);
            
            System.Runtime.InteropServices.WindowsRuntime.WindowsRuntimeMetadata.ReflectionOnlyNamespaceResolve += 
                new EventHandler<System.Runtime.InteropServices.WindowsRuntime.NamespaceResolveEventArgs>(namespaceResolver.ResolveNamespace);
        }
#endif // FEATURE_REFLECTION_ONLY_LOAD
 
 
        /**********************************************
        * If an AssemblyName has a public key specified, the assembly is assumed
        * to have a strong name and a hash will be computed when the assembly
        * is saved.
        **********************************************/
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        public AssemblyBuilder DefineDynamicAssembly(
            AssemblyName            name,
            AssemblyBuilderAccess   access)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name, access, null,
                                                 null, null, null, null, ref stackMark, null, SecurityContextSource.CurrentAssembly);
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        public AssemblyBuilder DefineDynamicAssembly(
            AssemblyName            name,
            AssemblyBuilderAccess   access,
            IEnumerable<CustomAttributeBuilder> assemblyAttributes)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name,
                                                 access,
                                                 null, null, null, null, null,
                                                 ref stackMark,
                                                 assemblyAttributes, SecurityContextSource.CurrentAssembly);
        }
 
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Due to the stack crawl mark
        [SecuritySafeCritical]
        public AssemblyBuilder DefineDynamicAssembly(AssemblyName name,
                                                     AssemblyBuilderAccess access,
                                                     IEnumerable<CustomAttributeBuilder> assemblyAttributes,
                                                     SecurityContextSource securityContextSource)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name,
                                                 access,
                                                 null, null, null, null, null,
                                                 ref stackMark,
                                                 assemblyAttributes,
                                                 securityContextSource);
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        public AssemblyBuilder DefineDynamicAssembly(
            AssemblyName            name,
            AssemblyBuilderAccess   access,
            String                  dir)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name, access, dir,
                                                 null, null, null, null,
                                                 ref stackMark,
                                                 null,
                                                 SecurityContextSource.CurrentAssembly);
        }
    
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        [Obsolete("Assembly level declarative security is obsolete and is no longer enforced by the CLR by default.  See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public AssemblyBuilder DefineDynamicAssembly(
            AssemblyName            name,
            AssemblyBuilderAccess   access,
            Evidence                evidence)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name, access, null,
                                                 evidence, null, null, null,
                                                 ref stackMark,
                                                 null,
                                                 SecurityContextSource.CurrentAssembly);
        }
    
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        [Obsolete("Assembly level declarative security is obsolete and is no longer enforced by the CLR by default.  See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public AssemblyBuilder DefineDynamicAssembly(
            AssemblyName            name,
            AssemblyBuilderAccess   access,
            PermissionSet           requiredPermissions,
            PermissionSet           optionalPermissions,
            PermissionSet           refusedPermissions)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name, access, null, null,
                                                 requiredPermissions,
                                                 optionalPermissions,
                                                 refusedPermissions,
                                                 ref stackMark,
                                                 null,
                                                 SecurityContextSource.CurrentAssembly);
        }
    
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of DefineDynamicAssembly which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkId=155570 for more information.")]
        public AssemblyBuilder DefineDynamicAssembly(
            AssemblyName            name,
            AssemblyBuilderAccess   access,
            String                  dir,
            Evidence                evidence)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name, access, dir, evidence,
                                                 null, null, null, ref stackMark, null, SecurityContextSource.CurrentAssembly);
        }
    
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        [Obsolete("Assembly level declarative security is obsolete and is no longer enforced by the CLR by default. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public AssemblyBuilder DefineDynamicAssembly(
            AssemblyName            name,
            AssemblyBuilderAccess   access,
            String                  dir,
            PermissionSet           requiredPermissions,
            PermissionSet           optionalPermissions,
            PermissionSet           refusedPermissions)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name, access, dir, null,
                                                 requiredPermissions,
                                                 optionalPermissions,
                                                 refusedPermissions,
                                                 ref stackMark,
                                                 null,
                                                 SecurityContextSource.CurrentAssembly);
        }
    
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        [Obsolete("Assembly level declarative security is obsolete and is no longer enforced by the CLR by default. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public AssemblyBuilder DefineDynamicAssembly(
            AssemblyName            name,
            AssemblyBuilderAccess   access,
            Evidence                evidence,
            PermissionSet           requiredPermissions,
            PermissionSet           optionalPermissions,
            PermissionSet           refusedPermissions)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name, access, null,
                                                 evidence,
                                                 requiredPermissions,
                                                 optionalPermissions,
                                                 refusedPermissions,
                                                 ref stackMark,
                                                 null,
                                                 SecurityContextSource.CurrentAssembly);
        }
    
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        [Obsolete("Assembly level declarative security is obsolete and is no longer enforced by the CLR by default.  Please see http://go.microsoft.com/fwlink/?LinkId=155570 for more information.")]
        public AssemblyBuilder DefineDynamicAssembly(
            AssemblyName            name,
            AssemblyBuilderAccess   access,
            String                  dir,
            Evidence                evidence,
            PermissionSet           requiredPermissions,
            PermissionSet           optionalPermissions,
            PermissionSet           refusedPermissions)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name, access, dir,
                                                 evidence,
                                                 requiredPermissions,
                                                 optionalPermissions,
                                                 refusedPermissions,
                                                 ref stackMark,
                                                 null,
                                                 SecurityContextSource.CurrentAssembly);
        }
 
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        [Obsolete("Assembly level declarative security is obsolete and is no longer enforced by the CLR by default. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public AssemblyBuilder DefineDynamicAssembly(
            AssemblyName            name,
            AssemblyBuilderAccess   access,
            String                  dir,
            Evidence                evidence,
            PermissionSet           requiredPermissions,
            PermissionSet           optionalPermissions,
            PermissionSet           refusedPermissions,
            bool                    isSynchronized)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name,
                                                 access,
                                                 dir,
                                                 evidence,
                                                 requiredPermissions,
                                                 optionalPermissions,
                                                 refusedPermissions,
                                                 ref stackMark,
                                                 null,
                                                 SecurityContextSource.CurrentAssembly);
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        [Obsolete("Assembly level declarative security is obsolete and is no longer enforced by the CLR by default. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public AssemblyBuilder DefineDynamicAssembly(
                    AssemblyName name,
                    AssemblyBuilderAccess access,
                    String dir,
                    Evidence evidence,
                    PermissionSet requiredPermissions,
                    PermissionSet optionalPermissions,
                    PermissionSet refusedPermissions,
                    bool isSynchronized,
                    IEnumerable<CustomAttributeBuilder> assemblyAttributes)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name,
                                                 access,
                                                 dir,
                                                 evidence,
                                                 requiredPermissions,
                                                 optionalPermissions,
                                                 refusedPermissions,
                                                 ref stackMark,
                                                 assemblyAttributes,
                                                 SecurityContextSource.CurrentAssembly);
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        public AssemblyBuilder DefineDynamicAssembly(
                    AssemblyName name,
                    AssemblyBuilderAccess access,
                    String dir,
                    bool isSynchronized,
                    IEnumerable<CustomAttributeBuilder> assemblyAttributes)
        {
            Contract.Ensures(Contract.Result<AssemblyBuilder>() != null);
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return InternalDefineDynamicAssembly(name,
                                                 access,
                                                 dir,
                                                 null,
                                                 null,
                                                 null,
                                                 null,
                                                 ref stackMark,
                                                 assemblyAttributes,
                                                 SecurityContextSource.CurrentAssembly);
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        private AssemblyBuilder InternalDefineDynamicAssembly(
            AssemblyName name,
            AssemblyBuilderAccess access,
            String dir,
            Evidence evidence,
            PermissionSet requiredPermissions,
            PermissionSet optionalPermissions,
            PermissionSet refusedPermissions,
            ref StackCrawlMark stackMark,
            IEnumerable<CustomAttributeBuilder> assemblyAttributes,
            SecurityContextSource securityContextSource)
        {
            return AssemblyBuilder.InternalDefineDynamicAssembly(name,
                                                                 access,
                                                                 dir,
                                                                 evidence,
                                                                 requiredPermissions,
                                                                 optionalPermissions,
                                                                 refusedPermissions,
                                                                 ref stackMark,
                                                                 assemblyAttributes,
                                                                 securityContextSource);
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private extern String nApplyPolicy(AssemblyName an);
       
        // Return the assembly name that results from applying policy.
        [ComVisible(false)]
        public String ApplyPolicy(String assemblyName)
        {
            AssemblyName asmName = new AssemblyName(assemblyName);  
 
            byte[] pk = asmName.GetPublicKeyToken();
            if (pk == null)
                pk = asmName.GetPublicKey();
 
            // Simply-named assemblies cannot have policy, so for those,
            // we simply return the passed-in assembly name.
            if ((pk == null) || (pk.Length == 0))
                return assemblyName;
            else
                return nApplyPolicy(asmName);
        }
 
 
        public ObjectHandle CreateInstance(String assemblyName,
                                           String typeName)
                                         
        {
            // jit does not check for that, so we should do it ...
            if (this == null)
                throw new NullReferenceException();
 
            if (assemblyName == null)
                throw new ArgumentNullException("assemblyName");
            Contract.EndContractBlock();
 
            return Activator.CreateInstance(assemblyName,
                                            typeName);
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        internal ObjectHandle InternalCreateInstanceWithNoSecurity (string assemblyName, string typeName) {
            PermissionSet.s_fullTrust.Assert();
            return CreateInstance(assemblyName, typeName);
        }
 
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public ObjectHandle CreateInstanceFrom(String assemblyFile,
                                               String typeName)
                                         
        {
            // jit does not check for that, so we should do it ...
            if (this == null)
                throw new NullReferenceException();
            Contract.EndContractBlock();
 
            return Activator.CreateInstanceFrom(assemblyFile,
                                                typeName);
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        internal ObjectHandle InternalCreateInstanceFromWithNoSecurity (string assemblyName, string typeName) {
            PermissionSet.s_fullTrust.Assert();
            return CreateInstanceFrom(assemblyName, typeName);
        }
 
#if FEATURE_COMINTEROP
        // The first parameter should be named assemblyFile, but it was incorrectly named in a previous 
        //  release, and the compatibility police won't let us change the name now.
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public ObjectHandle CreateComInstanceFrom(String assemblyName,
                                                  String typeName)
                                         
        {
            if (this == null)
                throw new NullReferenceException();
            Contract.EndContractBlock();
 
            return Activator.CreateComInstanceFrom(assemblyName,
                                                   typeName);
        }
 
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public ObjectHandle CreateComInstanceFrom(String assemblyFile,
                                                  String typeName,
                                                  byte[] hashValue, 
                                                  AssemblyHashAlgorithm hashAlgorithm)
                                         
        {
            if (this == null)
                throw new NullReferenceException();
            Contract.EndContractBlock();
 
            return Activator.CreateComInstanceFrom(assemblyFile,
                                                   typeName,
                                                   hashValue, 
                                                   hashAlgorithm);
        }
 
#endif // FEATURE_COMINTEROP
 
        public ObjectHandle CreateInstance(String assemblyName,
                                           String typeName,
                                           Object[] activationAttributes)
                                         
        {
            // jit does not check for that, so we should do it ...
            if (this == null)
                throw new NullReferenceException();
 
            if (assemblyName == null)
                throw new ArgumentNullException("assemblyName");
            Contract.EndContractBlock();
 
            return Activator.CreateInstance(assemblyName,
                                            typeName,
                                            activationAttributes);
        }
                                  
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public ObjectHandle CreateInstanceFrom(String assemblyFile,
                                               String typeName,
                                               Object[] activationAttributes)
                                               
        {
            // jit does not check for that, so we should do it ...
            if (this == null)
                throw new NullReferenceException();
            Contract.EndContractBlock();
 
            return Activator.CreateInstanceFrom(assemblyFile,
                                                typeName,
                                                activationAttributes);
        }
                                         
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of CreateInstance which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public ObjectHandle CreateInstance(String assemblyName, 
                                           String typeName, 
                                           bool ignoreCase,
                                           BindingFlags bindingAttr, 
                                           Binder binder,
                                           Object[] args,
                                           CultureInfo culture,
                                           Object[] activationAttributes,
                                           Evidence securityAttributes)
        {
            // jit does not check for that, so we should do it ...
            if (this == null)
                throw new NullReferenceException();
            
            if (assemblyName == null)
                throw new ArgumentNullException("assemblyName");
            Contract.EndContractBlock();
 
#if FEATURE_CAS_POLICY
            if (securityAttributes != null && !IsLegacyCasPolicyEnabled)
            {
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit"));   
            }
#endif // FEATURE_CAS_POLICY
 
#pragma warning disable 618
            return Activator.CreateInstance(assemblyName,
                                            typeName,
                                            ignoreCase,
                                            bindingAttr,
                                            binder,
                                            args,
                                            culture,
                                            activationAttributes,
                                            securityAttributes);
#pragma warning restore 618
        }
 
        public ObjectHandle CreateInstance(string assemblyName,
                                           string typeName,
                                           bool ignoreCase,
                                           BindingFlags bindingAttr,
                                           Binder binder,
                                           object[] args,
                                           CultureInfo culture,
                                           object[] activationAttributes)
        {
            // jit does not check for that, so we should do it ...
            if (this == null)
                throw new NullReferenceException();
 
            if (assemblyName == null)
                throw new ArgumentNullException("assemblyName");
            Contract.EndContractBlock();
 
            return Activator.CreateInstance(assemblyName,
                                            typeName,
                                            ignoreCase,
                                            bindingAttr,
                                            binder,
                                            args,
                                            culture,
                                            activationAttributes);
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        internal ObjectHandle InternalCreateInstanceWithNoSecurity (string assemblyName, 
                                                                    string typeName,
                                                                    bool ignoreCase,
                                                                    BindingFlags bindingAttr,
                                                                    Binder binder,
                                                                    Object[] args,
                                                                    CultureInfo culture,
                                                                    Object[] activationAttributes,
                                                                    Evidence securityAttributes)
        {
#if FEATURE_CAS_POLICY
            Contract.Assert(IsLegacyCasPolicyEnabled || securityAttributes == null);
#endif // FEATURE_CAS_POLICY
 
            PermissionSet.s_fullTrust.Assert();
#pragma warning disable 618
            return CreateInstance(assemblyName, typeName, ignoreCase, bindingAttr, binder, args, culture, activationAttributes, securityAttributes);
#pragma warning restore 618
        }
 
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of CreateInstanceFrom which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public ObjectHandle CreateInstanceFrom(String assemblyFile,
                                               String typeName, 
                                               bool ignoreCase,
                                               BindingFlags bindingAttr, 
                                               Binder binder,
                                               Object[] args,
                                               CultureInfo culture,
                                               Object[] activationAttributes,
                                               Evidence securityAttributes)
 
        {
            // jit does not check for that, so we should do it ...
            if (this == null)
                throw new NullReferenceException();
            Contract.EndContractBlock();
 
#if FEATURE_CAS_POLICY
            if (securityAttributes != null && !IsLegacyCasPolicyEnabled)
            {
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit"));
            }
#endif // FEATURE_CAS_POLICY
 
            return Activator.CreateInstanceFrom(assemblyFile,
                                                typeName,
                                                ignoreCase,
                                                bindingAttr,
                                                binder,
                                                args,
                                                culture,
                                                activationAttributes,
                                                securityAttributes);
        }
 
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public ObjectHandle CreateInstanceFrom(string assemblyFile,
                                               string typeName,
                                               bool ignoreCase,
                                               BindingFlags bindingAttr,
                                               Binder binder,
                                               object[] args,
                                               CultureInfo culture,
                                               object[] activationAttributes)
        {
            // jit does not check for that, so we should do it ...
            if (this == null)
                throw new NullReferenceException();
            Contract.EndContractBlock();
 
            return Activator.CreateInstanceFrom(assemblyFile,
                                                typeName,
                                                ignoreCase,
                                                bindingAttr,
                                                binder,
                                                args,
                                                culture,
                                                activationAttributes);
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        internal ObjectHandle InternalCreateInstanceFromWithNoSecurity (string assemblyName, 
                                                                        string typeName,
                                                                        bool ignoreCase,
                                                                        BindingFlags bindingAttr,
                                                                        Binder binder,
                                                                        Object[] args,
                                                                        CultureInfo culture,
                                                                        Object[] activationAttributes,
                                                                        Evidence securityAttributes)
        {
#if FEATURE_CAS_POLICY
            Contract.Assert(IsLegacyCasPolicyEnabled || securityAttributes == null);
#endif // FEATURE_CAS_POLICY
 
            PermissionSet.s_fullTrust.Assert();
#pragma warning disable 618
            return CreateInstanceFrom(assemblyName, typeName, ignoreCase, bindingAttr, binder, args, culture, activationAttributes, securityAttributes);
#pragma warning restore 618
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        public Assembly Load(AssemblyName assemblyRef)
        {
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return RuntimeAssembly.InternalLoadAssemblyName(assemblyRef, null, null, ref stackMark, true /*thrownOnFileNotFound*/, false, false);
        }
        
        [System.Security.SecuritySafeCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        public Assembly Load(String assemblyString)
        {
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return RuntimeAssembly.InternalLoad(assemblyString, null, ref stackMark, false);
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        public Assembly Load(byte[] rawAssembly)
        {
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return RuntimeAssembly.nLoadImage(rawAssembly,
                                       null, // symbol store
                                       null, // evidence
                                       ref stackMark,
                                       false,
                                       SecurityContextSource.CurrentAssembly);
 
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        public Assembly Load(byte[] rawAssembly,
                             byte[] rawSymbolStore)
        {
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return RuntimeAssembly.nLoadImage(rawAssembly,
                                       rawSymbolStore,
                                       null, // evidence
                                       ref stackMark,
                                       false, // fIntrospection
                                       SecurityContextSource.CurrentAssembly);
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
#pragma warning disable 618
        [SecurityPermissionAttribute(SecurityAction.Demand, ControlEvidence = true)]
#pragma warning restore 618
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of Load which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkId=155570 for more information.")]
        public Assembly Load(byte[] rawAssembly,
                             byte[] rawSymbolStore,
                             Evidence securityEvidence)
        {
#if FEATURE_CAS_POLICY
            if (securityEvidence != null && !IsLegacyCasPolicyEnabled)
            {
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit"));
            }
#endif // FEATURE_CAS_POLICY
 
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return RuntimeAssembly.nLoadImage(rawAssembly,
                                       rawSymbolStore,
                                       securityEvidence,
                                       ref stackMark,
                                       false, // fIntrospection
                                       SecurityContextSource.CurrentAssembly);
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of Load which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public Assembly Load(AssemblyName assemblyRef,
                             Evidence assemblySecurity)
        {
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return RuntimeAssembly.InternalLoadAssemblyName(assemblyRef, assemblySecurity, null, ref stackMark, true /*thrownOnFileNotFound*/, false, false);
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.NoInlining)] // Methods containing StackCrawlMark local var has to be marked non-inlineable
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of Load which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public Assembly Load(String assemblyString,
                             Evidence assemblySecurity)
        {
            StackCrawlMark stackMark = StackCrawlMark.LookForMyCaller;
            return RuntimeAssembly.InternalLoad(assemblyString, assemblySecurity, ref stackMark, false);
        }
 
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public int ExecuteAssembly(String assemblyFile)
        {
            return ExecuteAssembly(assemblyFile, (string[])null);
        }
 
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of ExecuteAssembly which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public int ExecuteAssembly(String assemblyFile,
                                   Evidence assemblySecurity)
        {
            return ExecuteAssembly(assemblyFile, assemblySecurity, null);
        }
    
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of ExecuteAssembly which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public int ExecuteAssembly(String assemblyFile,
                                   Evidence assemblySecurity,
                                   String[] args)
        {
#if FEATURE_CAS_POLICY
            if (assemblySecurity != null && !IsLegacyCasPolicyEnabled)
            {
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit"));
            }
#endif // FEATURE_CAS_POLICY
 
            RuntimeAssembly assembly = (RuntimeAssembly)Assembly.LoadFrom(assemblyFile, assemblySecurity);
    
            if (args == null)
                args = new String[0];
 
            return nExecuteAssembly(assembly, args);
        }
 
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public int ExecuteAssembly(string assemblyFile, string[] args)
        {
            RuntimeAssembly assembly = (RuntimeAssembly)Assembly.LoadFrom(assemblyFile);
 
            if (args == null)
                args = new String[0];
 
            return nExecuteAssembly(assembly, args);
        }
 
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of ExecuteAssembly which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public int ExecuteAssembly(String assemblyFile,
                                   Evidence assemblySecurity,
                                   String[] args,
                                   byte[] hashValue, 
                                   AssemblyHashAlgorithm hashAlgorithm)
        {
#if FEATURE_CAS_POLICY
            if (assemblySecurity != null && !IsLegacyCasPolicyEnabled)
            {
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit"));
            }
#endif // FEATURE_CAS_POLICY
 
            RuntimeAssembly assembly = (RuntimeAssembly)Assembly.LoadFrom(assemblyFile, 
                                                                          assemblySecurity,
                                                                          hashValue,
                                                                          hashAlgorithm);
            if (args == null)
                args = new String[0];
 
            return nExecuteAssembly(assembly, args);
        }
 
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public int ExecuteAssembly(string assemblyFile,
                                   string[] args,
                                   byte[] hashValue,
                                   AssemblyHashAlgorithm hashAlgorithm)
        {
            RuntimeAssembly assembly = (RuntimeAssembly)Assembly.LoadFrom(assemblyFile,
                                                                          hashValue,
                                                                          hashAlgorithm);
            if (args == null)
                args = new String[0];
 
            return nExecuteAssembly(assembly, args);
        }
 
        #if FEATURE_CORECLR
        [System.Security.SecurityCritical] // auto-generated
        #endif
        public int ExecuteAssemblyByName(String assemblyName)
        {
            return ExecuteAssemblyByName(assemblyName, (string[])null);
        }
 
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of ExecuteAssemblyByName which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public int ExecuteAssemblyByName(String assemblyName,
                                         Evidence assemblySecurity)
        {
#pragma warning disable 618
            return ExecuteAssemblyByName(assemblyName, assemblySecurity, null);
#pragma warning restore 618
        }
 
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of ExecuteAssemblyByName which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public int ExecuteAssemblyByName(String assemblyName,
                                         Evidence assemblySecurity,
                                         params String[] args)
        {
#if FEATURE_CAS_POLICY
            if (assemblySecurity != null && !IsLegacyCasPolicyEnabled)
            {
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit"));
            }
#endif // FEATURE_CAS_POLICY
 
            RuntimeAssembly assembly = (RuntimeAssembly)Assembly.Load(assemblyName, assemblySecurity);
    
            if (args == null)
                args = new String[0];
 
            return nExecuteAssembly(assembly, args);
        }
 
        public int ExecuteAssemblyByName(string assemblyName, params string[] args)
        {
            RuntimeAssembly assembly = (RuntimeAssembly)Assembly.Load(assemblyName);
 
            if (args == null)
                args = new String[0];
 
            return nExecuteAssembly(assembly, args);
        }
 
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of ExecuteAssemblyByName which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public int ExecuteAssemblyByName(AssemblyName assemblyName,
                                         Evidence assemblySecurity,
                                         params String[] args)
        {
#if FEATURE_CAS_POLICY
            if (assemblySecurity != null && !IsLegacyCasPolicyEnabled)
            {
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit"));
            }
#endif // FEATURE_CAS_POLICY
 
            RuntimeAssembly assembly = (RuntimeAssembly)Assembly.Load(assemblyName, assemblySecurity);
    
            if (args == null)
                args = new String[0];
 
            return nExecuteAssembly(assembly, args);
        }
 
        public int ExecuteAssemblyByName(AssemblyName assemblyName, params string[] args)
        {
            RuntimeAssembly assembly = (RuntimeAssembly)Assembly.Load(assemblyName);
 
            if (args == null)
                args = new String[0];
 
            return nExecuteAssembly(assembly, args);
        }
 
        public static AppDomain CurrentDomain
        {
            get {
                Contract.Ensures(Contract.Result<AppDomain>() != null);
                return Thread.GetDomain();
            }
        }
 
#if FEATURE_CAS_POLICY
        public Evidence Evidence
        {
            [System.Security.SecuritySafeCritical]  // auto-generated
            [SecurityPermissionAttribute(SecurityAction.Demand, ControlEvidence = true)]
            get {
                return EvidenceNoDemand;
            }
        }
 
        internal Evidence EvidenceNoDemand {
            [SecurityCritical]
            get {
                if (_SecurityIdentity == null) {
                    if (!IsDefaultAppDomain() && nIsDefaultAppDomainForEvidence()) {
#if !FEATURE_CORECLR                         
                        //
                        // V1.x compatibility: If this is an AppDomain created 
                        // by the default appdomain without an explicit evidence
                        // then reuse the evidence of the default AppDomain.
                        //
                        return GetDefaultDomain().Evidence;
#else
                       Contract.Assert(false,"This code should not be called for core CLR");
                        
                        // This operation is not allowed
                        throw new InvalidOperationException();
#endif
                    }
                    else {
                        // We can't cache this value, since the VM needs to differentiate between AppDomains
                        // which have no user supplied evidence and those which do and it uses the presence
                        // of Evidence on the domain to make that switch.
                        return new Evidence(new AppDomainEvidenceFactory(this));
                    }
                }
                else {
                    return _SecurityIdentity.Clone();
                }
            }
        }
 
        internal Evidence InternalEvidence
        {
            get {
                    return _SecurityIdentity;
            }
        }
 
        internal EvidenceBase GetHostEvidence(Type type)
        {
            if (_SecurityIdentity != null)
            {
                return _SecurityIdentity.GetHostEvidence(type);
            }
            else
            {
                return new Evidence(new AppDomainEvidenceFactory(this)).GetHostEvidence(type);
            }
        }
#endif // FEATURE_CAS_POLICY
 
        public String FriendlyName
        {
            [System.Security.SecuritySafeCritical]  // auto-generated
            get { return nGetFriendlyName(); }
        } 
 
        public String BaseDirectory
        {
#if FEATURE_CORECLR
            [System.Security.SecurityCritical]
#endif        
            [ResourceExposure(ResourceScope.Machine)]
            [ResourceConsumption(ResourceScope.Machine)]
            get {
                return FusionStore.ApplicationBase;
            }
        }
 
#if FEATURE_FUSION
        public String RelativeSearchPath
        {
            [ResourceExposure(ResourceScope.Machine)]
            [ResourceConsumption(ResourceScope.Machine)]
            get { return FusionStore.PrivateBinPath; }
        }
 
        public bool ShadowCopyFiles
        {
            get {
                String s = FusionStore.ShadowCopyFiles;
                if((s != null) && 
                   (String.Compare(s, "true", StringComparison.OrdinalIgnoreCase) == 0))
                    return true;
                else
                    return false;
            }
        }
#endif
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        public override String ToString()
        {
            StringBuilder sb = StringBuilderCache.Acquire();
            
            String fn = nGetFriendlyName();
            if (fn != null) {
                sb.Append(Environment.GetResourceString("Loader_Name") + fn);
                sb.Append(Environment.NewLine);
            }
    
            if(_Policies == null || _Policies.Length == 0) 
                sb.Append(Environment.GetResourceString("Loader_NoContextPolicies")
                          + Environment.NewLine);
            else {
                sb.Append(Environment.GetResourceString("Loader_ContextPolicies")
                          + Environment.NewLine);
                for(int i = 0;i < _Policies.Length; i++) {
                    sb.Append(_Policies[i]);
                    sb.Append(Environment.NewLine);
                }
            }
    
            return StringBuilderCache.GetStringAndRelease(sb);
        }
        
        public Assembly[] GetAssemblies()
        {
            return nGetAssemblies(false /* forIntrospection */);
        }
 
 
        public Assembly[] ReflectionOnlyGetAssemblies()
        {
            return nGetAssemblies(true /* forIntrospection */);
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private extern Assembly[] nGetAssemblies(bool forIntrospection);
 
        // this is true when we've removed the handles etc so really can't do anything
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        internal extern bool IsUnloadingForcedFinalize();
 
    // this is true when we've just started going through the finalizers and are forcing objects to finalize
    // so must be aware that certain infrastructure may have gone away
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        public extern bool IsFinalizingForUnload();
 
        [System.Security.SecurityCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        internal static extern void PublishAnonymouslyHostedDynamicMethodsAssembly(RuntimeAssembly assemblyHandle);
 
#if  FEATURE_FUSION
        // Appends the following string to the private path. Valid paths
        // are of the form "bin;util/i386" etc.
        [System.Security.SecurityCritical]  // auto-generated_required
        [Obsolete("AppDomain.AppendPrivatePath has been deprecated. Please investigate the use of AppDomainSetup.PrivateBinPath instead. http://go.microsoft.com/fwlink/?linkid=14202")]
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public void AppendPrivatePath(String path)
        {
            if(path == null || path.Length == 0)
                return;
 
            String current = FusionStore.Value[(int) AppDomainSetup.LoaderInformation.PrivateBinPathValue];
            StringBuilder appendPath = StringBuilderCache.Acquire();
 
            if(current != null && current.Length > 0) {
                // See if the last character is a separator
                appendPath.Append(current);
                if((current[current.Length-1] != Path.PathSeparator) &&
                   (path[0] != Path.PathSeparator))
                    appendPath.Append(Path.PathSeparator);
            }
            appendPath.Append(path);
 
            String result = StringBuilderCache.GetStringAndRelease(appendPath);
            InternalSetPrivateBinPath(result);
        }
 
        
        [System.Security.SecurityCritical]  // auto-generated_required
        [Obsolete("AppDomain.ClearPrivatePath has been deprecated. Please investigate the use of AppDomainSetup.PrivateBinPath instead. http://go.microsoft.com/fwlink/?linkid=14202")]
        [ResourceExposure(ResourceScope.None)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
        public void ClearPrivatePath()
        {
            InternalSetPrivateBinPath(String.Empty);
        }
 
        [System.Security.SecurityCritical]  // auto-generated_required
        [Obsolete("AppDomain.ClearShadowCopyPath has been deprecated. Please investigate the use of AppDomainSetup.ShadowCopyDirectories instead. http://go.microsoft.com/fwlink/?linkid=14202")]
        [ResourceExposure(ResourceScope.None)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
        public void ClearShadowCopyPath()
        {
            InternalSetShadowCopyPath(String.Empty);
        }
 
        [System.Security.SecurityCritical]  // auto-generated_required
        [Obsolete("AppDomain.SetCachePath has been deprecated. Please investigate the use of AppDomainSetup.CachePath instead. http://go.microsoft.com/fwlink/?linkid=14202")]
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public void SetCachePath(String path)
        {
            InternalSetCachePath(path);
        }
#endif // FEATURE_FUSION
 
        [System.Security.SecurityCritical]  // auto-generated_required
        [ResourceExposure(ResourceScope.AppDomain)]
        [ResourceConsumption(ResourceScope.AppDomain)]
        public void SetData (string name, object data) {
#if FEATURE_CORECLR        
            if (!name.Equals("LOCATION_URI"))
            {
                // Only LOCATION_URI can be set using AppDomain.SetData
                throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_SetData_OnlyLocationURI", name));
            }
#endif // FEATURE_CORECLR            
            SetDataHelper(name, data, null);
        }
 
        [System.Security.SecurityCritical]  // auto-generated_required
        [ResourceExposure(ResourceScope.AppDomain)]
        [ResourceConsumption(ResourceScope.AppDomain)]
        public void SetData (string name, object data, IPermission permission) {
#if FEATURE_CORECLR        
            if (!name.Equals("LOCATION_URI"))
            {
                // Only LOCATION_URI can be set using AppDomain.SetData
                throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_SetData_OnlyLocationURI", name));
            }
#endif // FEATURE_CORECLR                    
            SetDataHelper(name, data, permission);
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.AppDomain)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.AppDomain)]
        private void SetDataHelper (string name, object data, IPermission permission) {
            if (name == null)
                throw new ArgumentNullException("name");
            Contract.EndContractBlock();
 
            //
            // Synopsis:
            //   IgnoreSystemPolicy is provided as a legacy flag to allow callers to
            //   skip enterprise, machine and user policy levels. When this flag is set,
            //   any demands triggered in this AppDomain will be evaluated against the
            //   AppDomain CAS policy level that is set on the AppDomain.
            // Security Requirements:
            //   The caller needs to be fully trusted in order to be able to set
            //   this legacy mode.
            // Remarks:
            //   There needs to be an AppDomain policy level set before this compat
            //   switch can be set on the AppDomain.
            //
#if FEATURE_FUSION
            if (name.Equals(TargetFrameworkNameAppCompatSetting)) {
                _FusionStore.TargetFrameworkName = (String) data;
                return;
            }
#if FEATURE_CAS_POLICY
            if (name.Equals("IgnoreSystemPolicy")) {
                lock (this) {
                    if (!_HasSetPolicy)
                        throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_SetData"));
                }
                new PermissionSet(PermissionState.Unrestricted).Demand();
            }
#endif
            int key = AppDomainSetup.Locate(name);
 
            if(key == -1) {
                lock (((ICollection)LocalStore).SyncRoot) {
                    LocalStore[name] = new object[] {data, permission};
                }
            }
            else {
                if (permission != null)
                    throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_SetData"));
                // Be sure to call these properties, not Value, since
                // these do more than call Value.
                switch(key) {
                case (int) AppDomainSetup.LoaderInformation.DynamicBaseValue:
                    FusionStore.DynamicBase = (string) data;
                    break;
                case (int) AppDomainSetup.LoaderInformation.DevPathValue:
                    FusionStore.DeveloperPath = (string) data;
                    break;
                case (int) AppDomainSetup.LoaderInformation.ShadowCopyDirectoriesValue:
                    FusionStore.ShadowCopyDirectories = (string) data;
                    break;
                case (int) AppDomainSetup.LoaderInformation.DisallowPublisherPolicyValue:
                    if(data != null)
                        FusionStore.DisallowPublisherPolicy = true;
                    else
                        FusionStore.DisallowPublisherPolicy = false;
                    break;
                case (int) AppDomainSetup.LoaderInformation.DisallowCodeDownloadValue:
                    if (data != null)
                         FusionStore.DisallowCodeDownload = true;
                    else
                        FusionStore.DisallowCodeDownload = false;
                    break;
                case (int) AppDomainSetup.LoaderInformation.DisallowBindingRedirectsValue:
                    if(data != null)
                        FusionStore.DisallowBindingRedirects = true;
                    else
                        FusionStore.DisallowBindingRedirects = false;
                    break;
                case (int) AppDomainSetup.LoaderInformation.DisallowAppBaseProbingValue:
                    if(data != null)
                        FusionStore.DisallowApplicationBaseProbing = true;
                    else
                        FusionStore.DisallowApplicationBaseProbing = false;
                    break;
                case (int) AppDomainSetup.LoaderInformation.ConfigurationBytesValue:
                    FusionStore.SetConfigurationBytes((byte[]) data);
                    break;
                default:
                    FusionStore.Value[key] = (string) data;
                    break;
                }
            }
#else // FEATURE_FUSION
#if FEATURE_CORECLR
            // SetData should only be used to set values that don't already exist.
            {
                object[] currentVal;
                lock (((ICollection)LocalStore).SyncRoot) {
                    LocalStore.TryGetValue(name, out currentVal);
                }
                if (currentVal != null && currentVal[0] != null)
                {
                    throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_SetData_OnlyOnce"));
                }
            }
 
#endif // FEATURE_CORECLR
            lock (((ICollection)LocalStore).SyncRoot) {
                LocalStore[name] = new object[] {data, permission};
            }
#endif // FEATURE_FUSION
        }
 
        [Pure]
        #if FEATURE_CORECLR
        [System.Security.SecurityCritical] // auto-generated
        #else
        [System.Security.SecuritySafeCritical]
        #endif
        [ResourceExposure(ResourceScope.AppDomain)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
        public Object GetData(string name)
        {
            if(name == null)
                throw new ArgumentNullException("name");
            Contract.EndContractBlock();
 
            int key = AppDomainSetup.Locate(name);
            if(key == -1) 
            {
#if FEATURE_LOADER_OPTIMIZATION
                if(name.Equals(AppDomainSetup.LoaderOptimizationKey))
                    return FusionStore.LoaderOptimization;
                else 
#endif // FEATURE_LOADER_OPTIMIZATION                    
                {
                    object[] data;
                    lock (((ICollection)LocalStore).SyncRoot) {
                        LocalStore.TryGetValue(name, out data);
                    }
                    if (data == null)
                        return null;
                    if (data[1] != null) {
                        IPermission permission = (IPermission) data[1];
                        permission.Demand();
                    }
                    return data[0];
                }
            }
           else {
                // Be sure to call these properties, not Value, so
                // that the appropriate permission demand will be done
                switch(key) {
                case (int) AppDomainSetup.LoaderInformation.ApplicationBaseValue:
                    return FusionStore.ApplicationBase;
                case (int) AppDomainSetup.LoaderInformation.ApplicationNameValue:
                    return FusionStore.ApplicationName;
#if FEATURE_FUSION
                case (int) AppDomainSetup.LoaderInformation.ConfigurationFileValue:
                    return FusionStore.ConfigurationFile;
                case (int) AppDomainSetup.LoaderInformation.DynamicBaseValue:
                    return FusionStore.DynamicBase;
                case (int) AppDomainSetup.LoaderInformation.DevPathValue:
                    return FusionStore.DeveloperPath;
                case (int) AppDomainSetup.LoaderInformation.PrivateBinPathValue:
                    return FusionStore.PrivateBinPath;
                case (int) AppDomainSetup.LoaderInformation.PrivateBinPathProbeValue:
                    return FusionStore.PrivateBinPathProbe;
                case (int) AppDomainSetup.LoaderInformation.ShadowCopyDirectoriesValue:
                    return FusionStore.ShadowCopyDirectories;
                case (int) AppDomainSetup.LoaderInformation.ShadowCopyFilesValue:
                    return FusionStore.ShadowCopyFiles;
                case (int) AppDomainSetup.LoaderInformation.CachePathValue:
                    return FusionStore.CachePath;
                case (int) AppDomainSetup.LoaderInformation.LicenseFileValue:
                    return FusionStore.LicenseFile;
                case (int) AppDomainSetup.LoaderInformation.DisallowPublisherPolicyValue:
                    return FusionStore.DisallowPublisherPolicy;
                case (int) AppDomainSetup.LoaderInformation.DisallowCodeDownloadValue:
                    return FusionStore.DisallowCodeDownload;
                case (int) AppDomainSetup.LoaderInformation.DisallowBindingRedirectsValue:
                    return FusionStore.DisallowBindingRedirects;
                case (int) AppDomainSetup.LoaderInformation.DisallowAppBaseProbingValue:
                    return FusionStore.DisallowApplicationBaseProbing;
                case (int) AppDomainSetup.LoaderInformation.ConfigurationBytesValue:
                    return FusionStore.GetConfigurationBytes();
#endif //FEATURE_FUSION
                    
                default:
                    Contract.Assert(false, "Need to handle new LoaderInformation value in AppDomain.GetData()");
                    return null;
                }
            }
                   
        }
 
        // The compat flags are set at domain creation time to indicate that the given breaking
        // change should not be used in this domain.
        //
        // After the domain has been created, this Nullable boolean returned by this method should
        // always have a value.  Code in the runtime uses this to know if it is safe to cache values
        // that might change if the compatibility switches have not been set yet.    
        public Nullable<bool> IsCompatibilitySwitchSet(String value)
        {
            Nullable<bool> fReturn;
 
            if (_compatFlagsInitialized == false) 
            {
                fReturn = new Nullable<bool>();
            } 
            else
            {
                fReturn  = new Nullable<bool>(_compatFlags != null && _compatFlags.ContainsKey(value));
            }
 
            return fReturn;
        }
        
        [Obsolete("AppDomain.GetCurrentThreadId has been deprecated because it does not provide a stable Id when managed threads are running on fibers (aka lightweight threads). To get a stable identifier for a managed thread, use the ManagedThreadId property on Thread.  http://go.microsoft.com/fwlink/?linkid=14202", false)]
        [DllImport(Microsoft.Win32.Win32Native.KERNEL32)]
        [ResourceExposure(ResourceScope.Process)]
        public static extern int GetCurrentThreadId();
 
#if FEATURE_REMOTING
        [System.Security.SecuritySafeCritical]  // auto-generated
        [SecurityPermissionAttribute( SecurityAction.Demand, ControlAppDomain = true ),
         ReliabilityContract(Consistency.MayCorruptAppDomain, Cer.MayFail)]            
        public static void Unload(AppDomain domain)
        {
            if (domain == null)
                throw new ArgumentNullException("domain");
            Contract.EndContractBlock();
 
            try {
                Int32 domainID = AppDomain.GetIdForUnload(domain);
                if (domainID==0)
                    throw new CannotUnloadAppDomainException();
                AppDomain.nUnload(domainID);
            }
            catch(Exception e) {
                throw e;    // throw it again to reset stack trace
            }
        }
#endif
 
        // Explicitly set policy for a domain (providing policy hasn't been set
        // previously). Making this call will guarantee that previously loaded
        // assemblies will be granted permissions based on the default machine
        // policy that was in place prior to this call.
#if FEATURE_CAS_POLICY        
        [System.Security.SecurityCritical]  // auto-generated_required
        [Obsolete("AppDomain policy levels are obsolete and will be removed in a future release of the .NET Framework. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public void SetAppDomainPolicy(PolicyLevel domainPolicy)
        {
            if (domainPolicy == null)
                throw new ArgumentNullException("domainPolicy");
            Contract.EndContractBlock();
 
            if (!IsLegacyCasPolicyEnabled)
            {
                throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyExplicit"));
            }
 
            // Check that policy has not been set previously.
            lock (this) {
                if (_HasSetPolicy)
                    throw new PolicyException(Environment.GetResourceString("Policy_PolicyAlreadySet"));
                _HasSetPolicy = true;
 
                // Make sure that the loader allows us to change security policy
                // at this time (this will throw if not.)
                nChangeSecurityPolicy();
            }
 
            // Add the new policy level.
            SecurityManager.PolicyManager.AddLevel(domainPolicy);
        }
#endif //#if !FEATURE_CAS_POLICY
#if FEATURE_CLICKONCE
        public ActivationContext ActivationContext {
            [System.Security.SecurityCritical]  // auto-generated_required
            get {
                return _activationContext;
            }
        }
 
        public ApplicationIdentity ApplicationIdentity {
            [System.Security.SecurityCritical]  // auto-generated_required
            get {
                return _applicationIdentity;
            }
        }
#endif // FEATURE_CLICKONCE
 
 
#if FEATURE_CLICKONCE
        public ApplicationTrust ApplicationTrust {
            [System.Security.SecurityCritical]  // auto-generated_required
#else // FEATURE_CLICKONCE
        internal ApplicationTrust ApplicationTrust {
#endif // FEATURE_CLICKONCE
            get {
                if (_applicationTrust == null && _IsFastFullTrustDomain) {
                    _applicationTrust = new ApplicationTrust(new PermissionSet(PermissionState.Unrestricted));
                }
 
                return _applicationTrust;
            }
        }
 
#if FEATURE_IMPERSONATION
        // Set the default principal object to be attached to threads if they
        // attempt to bind to a principal while executing in this appdomain. The
        // default can only be set once.
        [System.Security.SecuritySafeCritical]  // auto-generated
        [SecurityPermissionAttribute(SecurityAction.Demand, Flags=SecurityPermissionFlag.ControlPrincipal)]
        public void SetThreadPrincipal(IPrincipal principal)
        {
            if (principal == null)
                throw new ArgumentNullException("principal");
            Contract.EndContractBlock();
 
            lock (this) {
                // Check that principal has not been set previously.
                if (_DefaultPrincipal != null)
                    throw new PolicyException(Environment.GetResourceString("Policy_PrincipalTwice"));
 
                _DefaultPrincipal = principal;
            }
        }
#endif // FEATURE_IMPERSONATION
 
#if FEATURE_CAS_POLICY
        // Similar to the above, but sets the class of principal to be created
        // instead.
        [System.Security.SecuritySafeCritical]  // auto-generated
        [SecurityPermissionAttribute(SecurityAction.Demand, Flags=SecurityPermissionFlag.ControlPrincipal)]
        public void SetPrincipalPolicy(PrincipalPolicy policy)
        {
            _PrincipalPolicy = policy;
        }
#endif
 
 
#if FEATURE_REMOTING        
        // This method gives AppDomain an infinite life time by preventing a lease from being
        // created
        [System.Security.SecurityCritical]  // auto-generated_required
        public override Object InitializeLifetimeService()
        {
            return null;
        }
        // This is useful for requesting execution of some code
        // in another appDomain ... the delegate may be defined 
        // on a marshal-by-value object or a marshal-by-ref or 
        // contextBound object.
        public void DoCallBack(CrossAppDomainDelegate callBackDelegate)
        {
            if (callBackDelegate == null)
                throw new ArgumentNullException("callBackDelegate");
            Contract.EndContractBlock();
 
            callBackDelegate();        
        }
#endif
 
 
        public String DynamicDirectory
        {
            [System.Security.SecuritySafeCritical]  // auto-generated
            [ResourceExposure(ResourceScope.Machine)]
            [ResourceConsumption(ResourceScope.Machine)]
            get {
                String dyndir = GetDynamicDir();
                if (dyndir != null)
                    FileIOPermission.QuickDemand(FileIOPermissionAccess.PathDiscovery, dyndir);
 
                return dyndir;
            }
        }
 
#if FEATURE_CAS_POLICY
        [ResourceExposure(ResourceScope.None)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
        public static AppDomain CreateDomain(String friendlyName,
                                             Evidence securityInfo) // Optional
        {
            return CreateDomain(friendlyName,
                                securityInfo,
                                null);
        }
    
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public static AppDomain CreateDomain(String friendlyName,
                                             Evidence securityInfo, // Optional
                                             String appBasePath,
                                             String appRelativeSearchPath,
                                             bool shadowCopyFiles)
        {            
            AppDomainSetup info = new AppDomainSetup();
            info.ApplicationBase = appBasePath;
            info.PrivateBinPath = appRelativeSearchPath;
            if(shadowCopyFiles)
                info.ShadowCopyFiles = "true";
 
            return CreateDomain(friendlyName,
                                securityInfo,
                                info);
        }
#endif // #if FEATURE_CAS_POLICY    (not exposed in core)
 
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.Machine)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        extern private String GetDynamicDir();
 
        // Private helpers called from unmanaged code.
 
#if FEATURE_REMOTING        
 
        [ResourceExposure(ResourceScope.None)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
        public static AppDomain CreateDomain(String friendlyName)
        {
            return CreateDomain(friendlyName, null, null);
        }
 
 
        // Marshal a single object into a serialized blob.
        [System.Security.SecurityCritical]  // auto-generated
        private static byte[] MarshalObject(Object o)
        {
            CodeAccessPermission.Assert(true);
 
            return Serialize(o);
        }
 
        // Marshal two objects into serialized blobs.
        [System.Security.SecurityCritical]  // auto-generated
        private static byte[] MarshalObjects(Object o1, Object o2, out byte[] blob2)
        {
            CodeAccessPermission.Assert(true);
 
            byte[] blob1 = Serialize(o1);
            blob2 = Serialize(o2);
            return blob1;
        }
 
        // Unmarshal a single object from a serialized blob.
        [System.Security.SecurityCritical]  // auto-generated
        private static Object UnmarshalObject(byte[] blob)
        {
            CodeAccessPermission.Assert(true);
 
            return Deserialize(blob);
        }
 
        // Unmarshal two objects from serialized blobs.
        [System.Security.SecurityCritical]  // auto-generated
        private static Object UnmarshalObjects(byte[] blob1, byte[] blob2, out Object o2)
        {
            CodeAccessPermission.Assert(true);
 
            Object o1 = Deserialize(blob1);
            o2 = Deserialize(blob2);
            return o1;
        }
 
        // Helper routines.
        [System.Security.SecurityCritical]  // auto-generated
        private static byte[] Serialize(Object o)
        {
            if (o == null)
            {
                return null;
            }
            else if (o is ISecurityEncodable)
            {
                SecurityElement element = ((ISecurityEncodable)o).ToXml();
                MemoryStream ms = new MemoryStream( 4096 );
                ms.WriteByte( 0 );
                StreamWriter writer = new StreamWriter( ms, Encoding.UTF8 );
                element.ToWriter( writer );
                writer.Flush();
                return ms.ToArray();
            }
            else
            {
                MemoryStream ms = new MemoryStream();
                ms.WriteByte( 1 );
                CrossAppDomainSerializer.SerializeObject(o, ms);
                return ms.ToArray();
            }
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        private static Object Deserialize(byte[] blob)
        {
            if (blob == null)
                return null;
 
            if (blob[0] == 0)
            {
                Parser parser = new Parser( blob, Tokenizer.ByteTokenEncoding.UTF8Tokens, 1 );
                SecurityElement root = parser.GetTopElement();
                if (root.Tag.Equals( "IPermission" ) || root.Tag.Equals( "Permission" ))
                {
                    IPermission ip = System.Security.Util.XMLUtil.CreatePermission( root, PermissionState.None, false );
 
                    if (ip == null)
                    {
                        return null;
                    }
 
                    ip.FromXml( root );
 
                    return ip;
                }
                else if (root.Tag.Equals( "PermissionSet" ))
                {
                    PermissionSet permissionSet = new PermissionSet();
 
                    permissionSet.FromXml( root, false, false );
 
                    return permissionSet;
                }
                else if (root.Tag.Equals( "PermissionToken" ))
                {
                    PermissionToken pToken = new PermissionToken();
 
                    pToken.FromXml( root );
 
                    return pToken;
                }
                else
                {
                    return null;
                }
 
            }
            else
            {
                Object obj = null;
                using(MemoryStream stream = new MemoryStream( blob, 1, blob.Length - 1 )) {
                    obj = CrossAppDomainSerializer.DeserializeObject(stream);
                }
 
                Contract.Assert( !(obj is IPermission), "IPermission should be xml deserialized" );
                Contract.Assert( !(obj is PermissionSet), "PermissionSet should be xml deserialized" );
 
                return obj;
            }
        }
 
#endif // FEATURE_REMOTING        
 
#if FEATURE_LEGACYNETCFFAS
        public static IAppDomainPauseManager PauseManager
        {
            [System.Security.SecurityCritical]
            get
            {
                return AppDomainPauseManager.Instance;
            }
        }
#endif // FEATURE_LEGACYNETCFFAS
 
#if !FEATURE_CORECLR
        //
        // Called by the VM if ICLRExecutionManager::Pause is called with the PAUSE_APP_DOMAINS flag.
        // This mimics the behavior of the CoreCLR FAS (fast application switching) model, to ensure
        // that code that depends on things happening in a particular order will work.
        //
        [System.Security.SecurityCritical]
        internal static void Pause()
        {
            AppDomainPauseManager.Instance.Pausing();
            AppDomainPauseManager.Instance.Paused();
        }
 
        //
        // Called by the VM if ICLRExecutionManager::Resume is called after ICLRExecutionManager::Pause 
        // was called with the PAUSE_APP_DOMAINS flag.
        // This mimics the behavior of the CoreCLR FAS (fast application switching) model, to ensure
        // that code that depends on things happening in a particular order will work.
        //
        [System.Security.SecurityCritical]
        internal static void Resume()
        {
            if (AppDomainPauseManager.IsPaused)
            {
                AppDomainPauseManager.Instance.Resuming();
                AppDomainPauseManager.Instance.Resumed();
            }
        }
#endif
 
        private AppDomain() {
            throw new NotSupportedException(Environment.GetResourceString(ResId.NotSupported_Constructor));
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private extern int _nExecuteAssembly(RuntimeAssembly assembly, String[] args);
        internal int nExecuteAssembly(RuntimeAssembly assembly, String[] args)
        {
            return _nExecuteAssembly(assembly, args);
        }
 
#if FEATURE_VERSIONING
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        internal extern void nCreateContext();
 
        [System.Security.SecurityCritical]
        [ResourceExposure(ResourceScope.None)]
        [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
        [SuppressUnmanagedCodeSecurity]
        private static extern void nSetupBindingPaths(String trustedPlatformAssemblies, String platformResourceRoots, String appPath, String appNiPaths, String appLocalWinMD);
 
        #if FEATURE_CORECLR
        [System.Security.SecurityCritical] // auto-generated
        #endif
        internal void SetupBindingPaths(String trustedPlatformAssemblies, String platformResourceRoots, String appPath, String appNiPaths, String appLocalWinMD)
        {
            nSetupBindingPaths(trustedPlatformAssemblies, platformResourceRoots, appPath, appNiPaths, appLocalWinMD);
        }
#endif // FEATURE_VERSIONING
 
#if FEATURE_REMOTING
        internal void CreateRemotingData()
        {
                    lock(this) {
                        if (_RemotingData == null)
                            _RemotingData = new DomainSpecificRemotingData();
                    }
        }
        
        internal DomainSpecificRemotingData RemotingData
        {
            get 
            { 
                if (_RemotingData == null) 
                    CreateRemotingData();
 
                return _RemotingData;
            }
        }
#endif // FEATURE_REMOTING
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private extern String nGetFriendlyName();
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private extern bool nIsDefaultAppDomainForEvidence();
 
        // support reliability for certain event handlers, if the target
        // methods also participate in this discipline.  If caller passes
        // an existing MulticastDelegate, then we could use a MDA to indicate
        // that reliability is not guaranteed.  But if it is a single cast
        // scenario, we can make it work.
 
        public event EventHandler ProcessExit
        {
            [System.Security.SecuritySafeCritical]  // auto-generated_required
            add
            {
                if (value != null)
                {
                    RuntimeHelpers.PrepareContractedDelegate(value);
                    lock(this)
                        _processExit += value;
                }
            }
            remove
            {
                lock(this)
                    _processExit -= value;
            }
        }
 
 
        public event EventHandler DomainUnload
        {
            [System.Security.SecuritySafeCritical]  // auto-generated_required
            add
            {
                if (value != null)
                {
                    RuntimeHelpers.PrepareContractedDelegate(value);
                    lock(this)
                        _domainUnload += value;
                }
            }
#if FEATURE_CORECLR
            [System.Security.SecuritySafeCritical] 
#endif
            remove
            {
                lock(this)
                    _domainUnload -= value;
            }
        }
 
 
        public event UnhandledExceptionEventHandler UnhandledException
        {
            [System.Security.SecurityCritical]  // auto-generated_required
            add
            {
                if (value != null)
                {
                    RuntimeHelpers.PrepareContractedDelegate(value);
                    lock(this)
                        _unhandledException += value;
                }
            }
            [System.Security.SecurityCritical]  // auto-generated_required
            remove
            {
                lock(this)
                    _unhandledException -= value;
            }
        }
 
#if FEATURE_EXCEPTION_NOTIFICATIONS
        // This is the event managed code can wireup against to be notified
        // about first chance exceptions. 
        //
        // To register/unregister the callback, the code must be SecurityCritical.
        public event EventHandler<FirstChanceExceptionEventArgs> FirstChanceException
        {
            [System.Security.SecurityCritical]  // auto-generated_required
            add
            {
                if (value != null)
                {
                    RuntimeHelpers.PrepareContractedDelegate(value);
                    lock(this)
                        _firstChanceException += value;
                }
            }
            [System.Security.SecurityCritical]  // auto-generated_required
            remove
            {
                lock(this)
                    _firstChanceException -= value;
            }
        }
#endif // FEATURE_EXCEPTION_NOTIFICATIONS
 
        private void OnAssemblyLoadEvent(RuntimeAssembly LoadedAssembly)
        {
            AssemblyLoadEventHandler eventHandler = AssemblyLoad;
            if (eventHandler != null) {
                AssemblyLoadEventArgs ea = new AssemblyLoadEventArgs(LoadedAssembly);
                eventHandler(this, ea);
            }
        }
    
        // This method is called by the VM.
        [System.Security.SecurityCritical]
        private RuntimeAssembly OnResourceResolveEvent(RuntimeAssembly assembly, String resourceName)
        {
            ResolveEventHandler eventHandler = _ResourceResolve;
            if ( eventHandler == null)
                return null;
 
            Delegate[] ds = eventHandler.GetInvocationList();
            int len = ds.Length;
            for (int i = 0; i < len; i++) {
                Assembly asm = ((ResolveEventHandler)ds[i])(this, new ResolveEventArgs(resourceName, assembly));
                RuntimeAssembly ret = GetRuntimeAssembly(asm);
                if (ret != null)
                    return ret;
            }
 
            return null;
        }
        
        // This method is called by the VM
        [System.Security.SecurityCritical]
        private RuntimeAssembly OnTypeResolveEvent(RuntimeAssembly assembly, String typeName)
        {
            ResolveEventHandler eventHandler = _TypeResolve;
            if (eventHandler == null)
                return null;
 
            Delegate[] ds = eventHandler.GetInvocationList();
            int len = ds.Length;
            for (int i = 0; i < len; i++) {
                Assembly asm = ((ResolveEventHandler)ds[i])(this, new ResolveEventArgs(typeName, assembly));
                RuntimeAssembly ret = GetRuntimeAssembly(asm);
                if (ret != null)
                    return ret;
            }
 
            return null;
        }
 
        // This method is called by the VM.
        [System.Security.SecurityCritical]
        private RuntimeAssembly OnAssemblyResolveEvent(RuntimeAssembly assembly, String assemblyFullName)
        {
            ResolveEventHandler eventHandler = _AssemblyResolve;
 
            if (eventHandler == null)
            {
                return null;
            }
 
            Delegate[] ds = eventHandler.GetInvocationList();
            int len = ds.Length;
            for (int i = 0; i < len; i++) {
                Assembly asm = ((ResolveEventHandler)ds[i])(this, new ResolveEventArgs(assemblyFullName, assembly));
                RuntimeAssembly ret = GetRuntimeAssembly(asm);
                if (ret != null)
                    return ret;
            }
            
            return null;
        }
 
#if FEATURE_REFLECTION_ONLY_LOAD
        
        private RuntimeAssembly OnReflectionOnlyAssemblyResolveEvent(RuntimeAssembly  assembly, String assemblyFullName)
        {
            ResolveEventHandler eventHandler = ReflectionOnlyAssemblyResolve;
            if (eventHandler != null) {
 
                Delegate[] ds = eventHandler.GetInvocationList();
                int len = ds.Length;
                for (int i = 0; i < len; i++) {
                    Assembly asm = ((ResolveEventHandler)ds[i])(this, new ResolveEventArgs(assemblyFullName, assembly));
                    RuntimeAssembly ret = GetRuntimeAssembly(asm);
                    if (ret != null)
                        return ret;
                }
            }
 
            return null;
        }
        
#if FEATURE_COMINTEROP
        // Called by VM - code:CLRPrivTypeCacheReflectionOnlyWinRT::RaiseNamespaceResolveEvent
        private RuntimeAssembly[] OnReflectionOnlyNamespaceResolveEvent(RuntimeAssembly assembly, string namespaceName)
        {
            return System.Runtime.InteropServices.WindowsRuntime.WindowsRuntimeMetadata.OnReflectionOnlyNamespaceResolveEvent(this, assembly, namespaceName);
        }
#endif // FEATURE_COMINTEROP
 
#endif // FEATURE_REFLECTION_ONLY_LOAD
 
#if FEATURE_COMINTEROP
        // Called by VM - code:CLRPrivTypeCacheWinRT::RaiseDesignerNamespaceResolveEvent
        private string[] OnDesignerNamespaceResolveEvent(string namespaceName)
        {
            return System.Runtime.InteropServices.WindowsRuntime.WindowsRuntimeMetadata.OnDesignerNamespaceResolveEvent(this, namespaceName);
        }
#endif // FEATURE_COMINTEROP
 
        internal AppDomainSetup FusionStore
        {
            get {
                Contract.Assert(_FusionStore != null, 
                                "Fusion store has not been correctly setup in this domain");
                return _FusionStore;
            }
        }
 
        internal static RuntimeAssembly GetRuntimeAssembly(Assembly asm)
        {
            if (asm == null)
                return null;
 
            RuntimeAssembly rtAssembly = asm as RuntimeAssembly;
            if (rtAssembly != null)
                return rtAssembly;
 
            AssemblyBuilder ab = asm as AssemblyBuilder;
            if (ab != null)
                return ab.InternalAssembly;
 
            return null;
        }
 
        [ResourceExposure(ResourceScope.AppDomain)]
        private Dictionary<String, Object[]> LocalStore
        {
            get { 
                if (_LocalStore != null)
                    return _LocalStore;
                else {
                    _LocalStore = new Dictionary<String, Object[]>();
                    return _LocalStore;
                }
            }
        }
 
#if FEATURE_FUSION
        private void TurnOnBindingRedirects()
        {
            _FusionStore.DisallowBindingRedirects = false;
        }
#endif
 
        // This will throw a CannotUnloadAppDomainException if the appdomain is
        // in another process.
#if FEATURE_REMOTING        
        [System.Security.SecurityCritical]  // auto-generated
        [ReliabilityContract(Consistency.WillNotCorruptState, Cer.MayFail)]  
        internal static Int32 GetIdForUnload(AppDomain domain)
        {
            if (RemotingServices.IsTransparentProxy(domain))
            {
                return RemotingServices.GetServerDomainIdForProxy(domain);
            }
            else
                return domain.Id;
        }
#endif
 
        // Used to determine if server object context is valid in
        // x-domain remoting scenarios.
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
        internal static extern bool IsDomainIdValid(Int32 id);
        
#if FEATURE_REMOTING        
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        static internal extern AppDomain GetDefaultDomain();
#endif
 
#if FEATURE_IMPERSONATION
        // Internal routine to retrieve the default principal object. If this is
        // called before the principal has been explicitly set, it will
        // automatically allocate a default principal based on the policy set by
        // SetPrincipalPolicy.
        internal IPrincipal GetThreadPrincipal()
        {
            IPrincipal principal = null;
            if (_DefaultPrincipal == null) {
#if FEATURE_CAS_POLICY                    
                switch (_PrincipalPolicy) {
                case PrincipalPolicy.NoPrincipal:
                    principal = null;
                    break;
                case PrincipalPolicy.UnauthenticatedPrincipal:
                    principal = new GenericPrincipal(new GenericIdentity("", ""),
                                                     new String[] {""});
                    break;
#if !FEATURE_PAL && FEATURE_IMPERSONATION
                case PrincipalPolicy.WindowsPrincipal:
                    principal = new WindowsPrincipal(WindowsIdentity.GetCurrent());
                    break;
#endif // !FEATURE_PAL && FEATURE_IMPERSONATION
                default:
                    principal = null;
                    break;
                    }
#else
                principal = new GenericPrincipal(new GenericIdentity("", ""),
                                                 new String[] {""});
 
#endif
            }
            else
                principal = _DefaultPrincipal;
 
            return principal;
        }
#endif // FEATURE_IMPERSONATION
 
#if FEATURE_REMOTING        
 
        [System.Security.SecurityCritical]  // auto-generated
        internal void CreateDefaultContext()
        {
                lock(this) {
                    // if it has not been created we ask the Context class to 
                    // create a new default context for this appdomain.
                    if (_DefaultContext == null)
                        _DefaultContext = Context.CreateDefaultContext();
                }            
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        internal Context GetDefaultContext()
        {
            if (_DefaultContext == null)
                CreateDefaultContext();
            return _DefaultContext;
        }
 
        // Ensure that evidence provided when creating an AppDomain would not have been used to create a
        // sandbox in legacy CAS mode.  If it could have been used to create a sandbox, and we're not in CAS
        // mode, then we throw an exception to prevent acciental creation of unsandboxed domains where a
        // sandbox would have been expected.
        [SecuritySafeCritical]
        internal static void CheckDomainCreationEvidence(AppDomainSetup creationDomainSetup,
                                                         Evidence creationEvidence)
        {
            if (creationEvidence != null && !CurrentDomain.IsLegacyCasPolicyEnabled)
            {
                if (creationDomainSetup == null || creationDomainSetup.ApplicationTrust == null)
                {
                    // We allow non-null evidence in CAS mode to support the common pattern of passing in
                    // AppDomain.CurrentDomain.Evidence.  Since the zone evidence must have been changed
                    // if the user has any expectation of sandboxing the domain under legacy CAS policy,
                    // we use a zone comparison to check for this pattern.  A strict comparison will not
                    // work, since MSDN samples for creating a domain show using a modified version of the
                    // current domain's evidence and we would capturce people who copied and pasted these
                    // samples without intending to sandbox.
                    Zone creatorsZone = CurrentDomain.EvidenceNoDemand.GetHostEvidence<Zone>();
                    SecurityZone creatorsSecurityZone = creatorsZone != null ?
                        creatorsZone.SecurityZone :
                        SecurityZone.MyComputer;
 
                    Zone suppliedZone = creationEvidence.GetHostEvidence<Zone>();
                    if (suppliedZone != null)
                    {
                        if (suppliedZone.SecurityZone != creatorsSecurityZone &&
                            suppliedZone.SecurityZone != SecurityZone.MyComputer)
                        {
                            throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit"));
                        }
                    }
                }
            }
        }
 
#if FEATURE_CAS_POLICY
        [System.Security.SecuritySafeCritical]  // auto-generated
        [SecurityPermissionAttribute( SecurityAction.Demand, ControlAppDomain = true )]
        public static AppDomain CreateDomain(String friendlyName,
                                      Evidence securityInfo,
                                      AppDomainSetup info)
        {
            return InternalCreateDomain(friendlyName, securityInfo, info);
        }
#else
        internal static AppDomain CreateDomain(String friendlyName,
                                      Evidence securityInfo,
                                      AppDomainSetup info)
        {
            return InternalCreateDomain(friendlyName, securityInfo, info);
        }
#endif
 
        [System.Security.SecurityCritical]  // auto-generated
        internal static AppDomain InternalCreateDomain(String friendlyName,
                                      Evidence securityInfo,
                                      AppDomainSetup info)
        {
            if (friendlyName == null)
                throw new ArgumentNullException(Environment.GetResourceString("ArgumentNull_String"));
 
            Contract.EndContractBlock();
 
            AppDomain.CheckCreateDomainSupported();
 
            if (info == null)
                info = new AppDomainSetup();
            if (info.TargetFrameworkName == null)
                info.TargetFrameworkName = AppDomain.CurrentDomain.GetTargetFrameworkName();
 
            AppDomainManager domainManager = AppDomain.CurrentDomain.DomainManager;
            if (domainManager != null)
                return domainManager.CreateDomain(friendlyName, securityInfo, info);
 
            // No AppDomainManager is set up for this domain
 
            // If evidence is provided, we check to make sure that is allowed.    
            if (securityInfo != null)
            {
                new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
 
                // If we're potentially trying to sandbox without using a homogenous domain, we need to reject
                // the domain creation.
                CheckDomainCreationEvidence(info, securityInfo);
            }
 
            return nCreateDomain(friendlyName,
                                 info,
                                 securityInfo,
                                 securityInfo == null ? AppDomain.CurrentDomain.InternalEvidence : null,
                                 AppDomain.CurrentDomain.GetSecurityDescriptor());
        }
#endif // FEATURE_REMOTING
 
#if FEATURE_CAS_POLICY   
 
#if !FEATURE_PAL
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
        public static AppDomain CreateDomain (string friendlyName,
                                              Evidence securityInfo,
                                              AppDomainSetup info,
                                              PermissionSet grantSet,
                                              params StrongName[] fullTrustAssemblies)
        {
            if (info == null)
                throw new ArgumentNullException("info");
            if (info.ApplicationBase == null)
                throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_AppDomainSandboxAPINeedsExplicitAppBase"));
            Contract.EndContractBlock();
 
            if (fullTrustAssemblies == null)
            {
                fullTrustAssemblies = new StrongName[0];
            }
 
            info.ApplicationTrust = new ApplicationTrust(grantSet, fullTrustAssemblies);
            return CreateDomain(friendlyName, securityInfo, info);
        }
 
#endif // !FEATURE_PAL
 
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public static AppDomain CreateDomain(String friendlyName,
                                             Evidence securityInfo, // Optional
                                             String appBasePath,
                                             String appRelativeSearchPath,
                                             bool shadowCopyFiles,
                                             AppDomainInitializer adInit, 
                                             string[] adInitArgs) 
        {
            AppDomainSetup info = new AppDomainSetup();
            info.ApplicationBase = appBasePath;
            info.PrivateBinPath = appRelativeSearchPath;
            info.AppDomainInitializer=adInit;
            info.AppDomainInitializerArguments=adInitArgs;
            if(shadowCopyFiles)
                info.ShadowCopyFiles = "true";
 
            return CreateDomain(friendlyName,
                                securityInfo,
                                info);
        }
#endif // FEATURE_CAS_POLICY
 
#if FEATURE_CORECLR
        [System.Security.SecurityCritical]
        [ResourceExposure(ResourceScope.None)]
        [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
        [SuppressUnmanagedCodeSecurity]
        private static extern void nSetNativeDllSearchDirectories(string paths);
#endif
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
        private void SetupFusionStore(AppDomainSetup info, AppDomainSetup oldInfo)
        {
            Contract.Requires(info != null);
 
#if FEATURE_FUSION
            if (oldInfo == null) {
                        
       // Create the application base and configuration file from the imagelocation
            // passed in or use the Win32 Image name.
            if(info.Value[(int) AppDomainSetup.LoaderInformation.ApplicationBaseValue] == null ||
               info.Value[(int) AppDomainSetup.LoaderInformation.ConfigurationFileValue] == null ) 
#else        
            if (info.ApplicationBase == null)
#endif                
 
            {
#if FEATURE_FUSION
                AppDomain defaultDomain = GetDefaultDomain();
                if (this == defaultDomain) {
                    // The default domain gets its defaults from the main process.
                    info.SetupDefaults(RuntimeEnvironment.GetModuleFileName(), imageLocationAlreadyNormalized : true);
                }
                else {
                    // Other domains get their defaults from the default domain. This way, a host process
                    // can use AppDomainManager to set up the defaults for every domain created in the process.
                    if (info.Value[(int) AppDomainSetup.LoaderInformation.ConfigurationFileValue] == null)
                        info.ConfigurationFile = defaultDomain.FusionStore.Value[(int) AppDomainSetup.LoaderInformation.ConfigurationFileValue];
                    if (info.Value[(int) AppDomainSetup.LoaderInformation.ApplicationBaseValue] == null)
                        info.ApplicationBase = defaultDomain.FusionStore.Value[(int) AppDomainSetup.LoaderInformation.ApplicationBaseValue];
                    if (info.Value[(int) AppDomainSetup.LoaderInformation.ApplicationNameValue] == null)
                        info.ApplicationName = defaultDomain.FusionStore.Value[(int) AppDomainSetup.LoaderInformation.ApplicationNameValue];
                }
#else
                info.SetupDefaults(RuntimeEnvironment.GetModuleFileName(), imageLocationAlreadyNormalized : true);
#endif
                
            }
 
#if FEATURE_FUSION
            // If there is no relative path then check the
            // environment
            if(info.Value[(int) AppDomainSetup.LoaderInformation.PrivateBinPathValue] == null)
                info.PrivateBinPath = Environment.nativeGetEnvironmentVariable(AppDomainSetup.PrivateBinPathEnvironmentVariable);
 
            // Add the developer path if it exists on this
            // machine.
            if(info.DeveloperPath == null)
                info.DeveloperPath = RuntimeEnvironment.GetDeveloperPath();
 
            }
                        
            // Set up the fusion context
            IntPtr fusionContext = GetFusionContext();
            info.SetupFusionContext(fusionContext, oldInfo);
 
            // Set loader optimization policy
#else
#if FEATURE_VERSIONING
            nCreateContext();
#endif // FEATURE_VERSIONING
#endif // FEATURE_FUSION
 
#if FEATURE_LOADER_OPTIMIZATION
            if (info.LoaderOptimization != LoaderOptimization.NotSpecified || (oldInfo != null && info.LoaderOptimization != oldInfo.LoaderOptimization))
                UpdateLoaderOptimization(info.LoaderOptimization);
#endif                        
 
 
 
            // This must be the last action taken
            _FusionStore = info;
        }
 
        // used to package up evidence, so it can be serialized
        //   for the call to InternalRemotelySetupRemoteDomain
        [Serializable]
        private class EvidenceCollection
        {
            public Evidence ProvidedSecurityInfo;
            public Evidence CreatorsSecurityInfo;
        }
 
        private static void RunInitializer(AppDomainSetup setup)
        {
            if (setup.AppDomainInitializer!=null)
            {
                string[] args=null;
                if (setup.AppDomainInitializerArguments!=null)
                    args=(string[])setup.AppDomainInitializerArguments.Clone();
                setup.AppDomainInitializer(args);
            }
        }
 
        // Used to switch into other AppDomain and call SetupRemoteDomain.
        //   We cannot simply call through the proxy, because if there
        //   are any remoting sinks registered, they can add non-mscorlib
        //   objects to the message (causing an assembly load exception when
        //   we try to deserialize it on the other side)
        [System.Security.SecurityCritical]  // auto-generated
        private static object PrepareDataForSetup(String friendlyName,
                                                        AppDomainSetup setup,
                                                        Evidence providedSecurityInfo,
                                                        Evidence creatorsSecurityInfo,
                                                        IntPtr parentSecurityDescriptor,
                                                        string sandboxName,
                                                        string[] propertyNames,
                                                        string[] propertyValues)
        {
            byte[] serializedEvidence = null;
            bool generateDefaultEvidence = false;
 
#if FEATURE_CAS_POLICY
            // serialize evidence
            EvidenceCollection evidenceCollection = null;
 
            if (providedSecurityInfo != null || creatorsSecurityInfo != null)
            {
                // If we're just passing through AppDomain.CurrentDomain.Evidence, and that evidence is just
                // using the standard runtime AppDomainEvidenceFactory, don't waste time serializing it and
                // deserializing it back -- instead, we can recreate a new AppDomainEvidenceFactory in the new
                // domain.  We only want to do this if there is no HostSecurityManager, otherwise the
                // HostSecurityManager could have added additional evidence on top of our standard factory.
                HostSecurityManager hsm = CurrentDomain.DomainManager != null ? CurrentDomain.DomainManager.HostSecurityManager : null;
                bool hostMayContributeEvidence = hsm != null &&
                                                 hsm.GetType() != typeof(HostSecurityManager) &&
                                                 (hsm.Flags & HostSecurityManagerOptions.HostAppDomainEvidence) == HostSecurityManagerOptions.HostAppDomainEvidence;
                if (!hostMayContributeEvidence)
                {
                    if (providedSecurityInfo != null &&
                        providedSecurityInfo.IsUnmodified &&
                        providedSecurityInfo.Target != null &&
                        providedSecurityInfo.Target is AppDomainEvidenceFactory)
                    {
                        providedSecurityInfo = null;
                        generateDefaultEvidence = true;
                    }
                    if (creatorsSecurityInfo != null &&
                        creatorsSecurityInfo.IsUnmodified &&
                        creatorsSecurityInfo.Target != null &&
                        creatorsSecurityInfo.Target is AppDomainEvidenceFactory)
                    {
                        creatorsSecurityInfo = null;
                        generateDefaultEvidence = true;
                    }
                }
            }
            if ((providedSecurityInfo != null) ||
                (creatorsSecurityInfo != null)) {
                evidenceCollection = new EvidenceCollection();
                evidenceCollection.ProvidedSecurityInfo = providedSecurityInfo;
                evidenceCollection.CreatorsSecurityInfo = creatorsSecurityInfo;
            }
 
            if (evidenceCollection != null) {
                serializedEvidence =
                    CrossAppDomainSerializer.SerializeObject(evidenceCollection).GetBuffer();                
            }
#endif // FEATURE_CAS_POLICY
 
            AppDomainInitializerInfo initializerInfo = null;
            if (setup!=null && setup.AppDomainInitializer!=null)
                initializerInfo=new AppDomainInitializerInfo(setup.AppDomainInitializer);
 
            // will travel x-Ad, drop non-agile data 
            AppDomainSetup newSetup = new AppDomainSetup(setup, false);
 
#if FEATURE_CORECLR
            // Remove the special AppDomainCompatSwitch entries from the set of name value pairs
            // And add them to the AppDomainSetup
            //
            // This is only supported on CoreCLR through ICLRRuntimeHost2.CreateAppDomainWithManager
            // Desktop code should use System.AppDomain.CreateDomain() or 
            // System.AppDomainManager.CreateDomain() and add the flags to the AppDomainSetup
            List<String> compatList = new List<String>();
                        
            if(propertyNames!=null && propertyValues != null)
            {
                for (int i=0; i<propertyNames.Length; i++)
                {
                    if(String.Compare(propertyNames[i], "AppDomainCompatSwitch", StringComparison.OrdinalIgnoreCase) == 0) 
                    {
                        compatList.Add(propertyValues[i]);
                        propertyNames[i] = null;                        
                        propertyValues[i] = null;
                    }
 
                }
                
                if (compatList.Count > 0)
                {
                    newSetup.SetCompatibilitySwitches(compatList);
                }            
            }
#endif // FEATURE_CORECLR
 
 
            return new Object[] 
            {
                friendlyName, 
                newSetup, 
                parentSecurityDescriptor, 
                generateDefaultEvidence,
                serializedEvidence,
                initializerInfo,
                sandboxName,
                propertyNames,
                propertyValues
            };  
        } // PrepareDataForSetup
 
 
        [System.Security.SecurityCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.NoInlining)]
        private static Object Setup(Object arg)
        {
            Contract.Requires(arg != null && arg is Object[]);
            Contract.Requires(((Object[])arg).Length >= 8);
 
            Object[] args=(Object[])arg;
            String           friendlyName               = (String)args[0];
            AppDomainSetup   setup                      = (AppDomainSetup)args[1];
            IntPtr           parentSecurityDescriptor   = (IntPtr)args[2];
            bool             generateDefaultEvidence    = (bool)args[3];
            byte[]           serializedEvidence         = (byte[])args[4];
            AppDomainInitializerInfo initializerInfo    = (AppDomainInitializerInfo)args[5];
            string           sandboxName                = (string)args[6];
            string[]         propertyNames              = (string[])args[7]; // can contain null elements
            string[]         propertyValues             = (string[])args[8]; // can contain null elements
            // extract evidence
            Evidence providedSecurityInfo = null;
            Evidence creatorsSecurityInfo = null;
 
 
            AppDomain ad = AppDomain.CurrentDomain;
            AppDomainSetup newSetup=new AppDomainSetup(setup,false);
 
            if(propertyNames!=null && propertyValues != null)
            {
                for (int i=0; i<propertyNames.Length; i++)
                {
                    
                    if(propertyNames[i]=="APPBASE") // make sure in sync with Fusion
                    {
                        if(propertyValues[i]==null)
                            throw new ArgumentNullException("APPBASE");
                            
                        if (Path.IsRelative(propertyValues[i]))
                            throw new ArgumentException( Environment.GetResourceString( "Argument_AbsolutePathRequired" ) );
 
                        newSetup.ApplicationBase = NormalizePath(propertyValues[i], fullCheck: true);
                    }
#if FEATURE_CAS_POLICY
                    else if(propertyNames[i]=="LOCATION_URI" && providedSecurityInfo==null)
                    {
                        providedSecurityInfo=new Evidence();
                        providedSecurityInfo.AddHostEvidence(new Url(propertyValues[i]));
                        ad.SetDataHelper(propertyNames[i],propertyValues[i],null);
                    }
#endif // FEATURE_CAS_POLICY
#if FEATURE_LOADER_OPTIMIZATION
                    else
                    if(propertyNames[i]=="LOADER_OPTIMIZATION")
                    {
                        if(propertyValues[i]==null)
                            throw new ArgumentNullException("LOADER_OPTIMIZATION");
 
                        switch(propertyValues[i])
                        {
                            case "SingleDomain": newSetup.LoaderOptimization=LoaderOptimization.SingleDomain;break;
                            case "MultiDomain": newSetup.LoaderOptimization=LoaderOptimization.MultiDomain;break;
                            case "MultiDomainHost": newSetup.LoaderOptimization=LoaderOptimization.MultiDomainHost;break;
                            case "NotSpecified": newSetup.LoaderOptimization=LoaderOptimization.NotSpecified;break;
                            default: throw new ArgumentException(Environment.GetResourceString("Argument_UnrecognizedLoaderOptimization"), "LOADER_OPTIMIZATION");
                        }
                    }
#endif // FEATURE_LOADER_OPTIMIZATION
#if FEATURE_CORECLR
                    else
                    if(propertyNames[i]=="NATIVE_DLL_SEARCH_DIRECTORIES")
                    {
                        if(propertyValues[i]==null)
                            throw new ArgumentNullException("NATIVE_DLL_SEARCH_DIRECTORIES");
                        ad.SetDataHelper(propertyNames[i],propertyValues[i],null);
                        string paths = (string)propertyValues[i];
                        if( paths.Length==0 )
                            continue;
                        nSetNativeDllSearchDirectories(paths);
                    }
                    else
                    if(propertyNames[i]=="TRUSTED_PLATFORM_ASSEMBLIES")
                    {
                        if(propertyValues[i]==null)
                            throw new ArgumentNullException("TRUSTED_PLATFORM_ASSEMBLIES");
 
                        StringBuilder normalisedAppPathList = new StringBuilder();
                        foreach(string path in propertyValues[i].Split(Path.PathSeparator))
                        {
 
                            if( path.Length==0 )                  // skip empty dirs
                                continue;
                               
                            if (Path.IsRelative(path))
                                throw new ArgumentException( Environment.GetResourceString( "Argument_AbsolutePathRequired" ) );
 
                            string appPath = NormalizePath(path, fullCheck: true);
 
                            normalisedAppPathList.Append(appPath);
                            normalisedAppPathList.Append(Path.PathSeparator);
                        }
                        // Strip the last separator
                        if (normalisedAppPathList.Length > 0)
                        {
                            normalisedAppPathList.Remove(normalisedAppPathList.Length - 1, 1);
                        }
                        ad.SetDataHelper(propertyNames[i],normalisedAppPathList.ToString(),null);        // not supported by fusion, so set explicitly
                    }
                    else
                    if(propertyNames[i]=="PLATFORM_RESOURCE_ROOTS")
                    {
                        if(propertyValues[i]==null)
                            throw new ArgumentNullException("PLATFORM_RESOURCE_ROOTS");
 
                        StringBuilder normalisedAppPathList = new StringBuilder();
                        foreach(string path in propertyValues[i].Split(Path.PathSeparator))
                        {
 
                            if( path.Length==0 )                  // skip empty dirs
                                continue;
                               
                            if (Path.IsRelative(path))
                                throw new ArgumentException( Environment.GetResourceString( "Argument_AbsolutePathRequired" ) );
 
                            string appPath = NormalizePath(path, fullCheck: true);
 
                            normalisedAppPathList.Append(appPath);
                            normalisedAppPathList.Append(Path.PathSeparator);
                        }
                        // Strip the last separator
                        if (normalisedAppPathList.Length > 0)
                        {
                            normalisedAppPathList.Remove(normalisedAppPathList.Length - 1, 1);
                        }
                        ad.SetDataHelper(propertyNames[i],normalisedAppPathList.ToString(),null);        // not supported by fusion, so set explicitly
                    }
                    else
                    if(propertyNames[i]=="APP_PATHS")
                    {
                        if(propertyValues[i]==null)
                            throw new ArgumentNullException("APP_PATHS");
 
                        StringBuilder normalisedAppPathList = new StringBuilder();
                        foreach(string path in propertyValues[i].Split(Path.PathSeparator))
                        {
 
                            if( path.Length==0 )                  // skip empty dirs
                                continue;
                               
                            if (Path.IsRelative(path))
                                throw new ArgumentException( Environment.GetResourceString( "Argument_AbsolutePathRequired" ) );
 
                            string appPath = NormalizePath(path, fullCheck: true);
 
                            normalisedAppPathList.Append(appPath);
                            normalisedAppPathList.Append(Path.PathSeparator);
                        }
                        // Strip the last separator
                        if (normalisedAppPathList.Length > 0)
                        {
                            normalisedAppPathList.Remove(normalisedAppPathList.Length - 1, 1);
                        }
                        ad.SetDataHelper(propertyNames[i],normalisedAppPathList.ToString(),null);        // not supported by fusion, so set explicitly
                    }
                    else
                    if(propertyNames[i]=="APP_NI_PATHS")
                    {
                        if(propertyValues[i]==null)
                            throw new ArgumentNullException("APP_NI_PATHS");
 
                        StringBuilder normalisedAppPathList = new StringBuilder();
                        foreach(string path in propertyValues[i].Split(Path.PathSeparator))
                        {
 
                            if( path.Length==0 )                  // skip empty dirs
                                continue;
                               
                            if (Path.IsRelative(path))
                                throw new ArgumentException( Environment.GetResourceString( "Argument_AbsolutePathRequired" ) );
 
                            string appPath = NormalizePath(path, fullCheck: true);
 
                            normalisedAppPathList.Append(appPath);
                            normalisedAppPathList.Append(Path.PathSeparator);
                        }
                        // Strip the last separator
                        if (normalisedAppPathList.Length > 0)
                        {
                            normalisedAppPathList.Remove(normalisedAppPathList.Length - 1, 1);
                        }
                        ad.SetDataHelper(propertyNames[i],normalisedAppPathList.ToString(),null);        // not supported by fusion, so set explicitly
                    }
                    else
                    if(propertyNames[i]!= null)
                    {
                        ad.SetDataHelper(propertyNames[i],propertyValues[i],null);     // just propagate
                    }
#endif
 
                }
            }
 
#if !FEATURE_CORECLR
            AppDomainSortingSetupInfo sortingSetup = newSetup._AppDomainSortingSetupInfo;
 
            if(sortingSetup != null)
            {          
                if(sortingSetup._pfnIsNLSDefinedString == IntPtr.Zero || sortingSetup._pfnCompareStringEx == IntPtr.Zero || sortingSetup._pfnLCMapStringEx == IntPtr.Zero || sortingSetup._pfnFindNLSStringEx == IntPtr.Zero
                    || sortingSetup._pfnCompareStringOrdinal == IntPtr.Zero || sortingSetup._pfnGetNLSVersionEx == IntPtr.Zero) 
                {
             
                    if(!(sortingSetup._pfnIsNLSDefinedString == IntPtr.Zero && sortingSetup._pfnCompareStringEx == IntPtr.Zero && sortingSetup._pfnLCMapStringEx == IntPtr.Zero && sortingSetup._pfnFindNLSStringEx == IntPtr.Zero
                        && sortingSetup._pfnCompareStringOrdinal == IntPtr.Zero && sortingSetup._pfnGetNLSVersionEx == IntPtr.Zero)) 
                    {
                        // Some functions defined but not all of them.
                        throw new ArgumentException(Environment.GetResourceString("ArgumentException_NotAllCustomSortingFuncsDefined"));
                    }
 
                }
            }
#endif
 
            ad.SetupFusionStore(newSetup, null); // makes FusionStore a ref to newSetup
            
            // technically, we don't need this, newSetup refers to the same object as FusionStore 
            // but it's confusing since it isn't immediately obvious whether we have a ref or a copy
            AppDomainSetup adSetup = ad.FusionStore; 
 
#if FEATURE_CORECLR

#if !FEATURE_FT_CORECLR
            BCLDebug.Assert(sandboxName == "Internet", "Sandbox is not Internet");
#endif // !FEATURE_FT_CORECLR

            adSetup.InternalSetApplicationTrust(sandboxName);
#endif // FEATURE_CORECLR
 
#if !FEATURE_CORECLR  // not used by coreclr
            if (serializedEvidence != null) {
                EvidenceCollection evidenceCollection = (EvidenceCollection)
                    CrossAppDomainSerializer.DeserializeObject(new MemoryStream(serializedEvidence));
                providedSecurityInfo  = evidenceCollection.ProvidedSecurityInfo;
                creatorsSecurityInfo  = evidenceCollection.CreatorsSecurityInfo;
            }
#endif
            // set up the friendly name
            ad.nSetupFriendlyName(friendlyName);
 
#if FEATURE_COMINTEROP
            if (setup != null && setup.SandboxInterop)
            {
                ad.nSetDisableInterfaceCache();
            }
#endif // FEATURE_COMINTEROP
 
            // set up the AppDomainManager for this domain and initialize security.
            if (adSetup.AppDomainManagerAssembly != null && adSetup.AppDomainManagerType != null)
            {
                ad.SetAppDomainManagerType(adSetup.AppDomainManagerAssembly, adSetup.AppDomainManagerType);
            }
 
#if FEATURE_APTCA
            // set any conditial-aptca visible assemblies
            ad.PartialTrustVisibleAssemblies = adSetup.PartialTrustVisibleAssemblies;
#endif // FEATURE_APTCA
 
            ad.CreateAppDomainManager(); // could modify FusionStore's object
            ad.InitializeDomainSecurity(providedSecurityInfo,
                                        creatorsSecurityInfo,
                                        generateDefaultEvidence,
                                        parentSecurityDescriptor,
                                        true);
            
            // can load user code now
            if(initializerInfo!=null)
                adSetup.AppDomainInitializer=initializerInfo.Unwrap();
            RunInitializer(adSetup);
 
            // Activate the application if needed.
#if FEATURE_CLICKONCE 
            ObjectHandle oh = null;
            if (adSetup.ActivationArguments != null && adSetup.ActivationArguments.ActivateInstance)
                oh = Activator.CreateInstance(ad.ActivationContext);
            return RemotingServices.MarshalInternal(oh, null, null);
#else
            return null;
#endif // FEATURE_CLICKONCE
        }
 
        [SecuritySafeCritical]
        internal static string NormalizePath(string path, bool fullCheck)
        {
            // We have to directly hit LegacyNormalizePath to avoid loading quirks for
            // the AppDomain. (Once we have runtime support for long paths we can
            // use the new normalization in path, but we still need to go in directly
            // to avoid quirks.)
            return  Path.LegacyNormalizePath(
                path: path,
                fullCheck: fullCheck,
                maxPathLength: PathInternal.MaxShortPath,
                expandShortPaths: true);
        }
 
#if FEATURE_APTCA
        // Called from DomainAssembly in Conditional APTCA cases
        [PermissionSet(SecurityAction.Assert, Unrestricted = true)]
        [SecuritySafeCritical]
        private bool IsAssemblyOnAptcaVisibleList(RuntimeAssembly assembly)
        {
            if (_aptcaVisibleAssemblies == null)
                return false;
 
            AssemblyName assemblyName = assembly.GetName();
            String name = assemblyName.GetNameWithPublicKey();
 
            name = name.ToUpperInvariant();
 
            int index = Array.BinarySearch<string>(_aptcaVisibleAssemblies, name,
                                                   StringComparer.OrdinalIgnoreCase);
            return (index >=0);
 
        }
 
        //Used to binary search the list of C-APTCA strings for an AssemblyName.  It compares assembly name
        //and public key token.
        private class CAPTCASearcher : IComparer
        {
            int IComparer.Compare(object /*string*/lhs, object /*AssemblyName*/rhs)
            {
                AssemblyName captcaEntry = new AssemblyName((string)lhs);
                AssemblyName comparand = (AssemblyName)rhs;
                int nameComp = string.Compare(captcaEntry.Name,
                                              comparand.Name,
                                              StringComparison.OrdinalIgnoreCase);
                if (nameComp != 0)
                {
                    return nameComp;
                }
 
                //simple names match.  Compare public key tokens.
                byte[] lhsKey = captcaEntry.GetPublicKeyToken();
                byte[] rhsKey = comparand.GetPublicKeyToken();
 
                // We require both sides have a public key token
                if (lhsKey == null)
                {
                    return -1;
                }
                if (rhsKey == null)
                {
                    return 1;
                }
                if (lhsKey.Length < rhsKey.Length)
                {
                    return -1;
                }
                if (lhsKey.Length > rhsKey.Length)
                {
                    return 1;
                }
 
                // Tokens seem valid - make sure the compare correctly
                for (int i = 0; i < lhsKey.Length; ++i)
                {
                    byte lhsByte = lhsKey[i];
                    byte rhsByte = rhsKey[i];
 
                    if (lhsByte < rhsByte)
                    {
                        return -1;
                    }
                    if (lhsByte > rhsByte)
                    {
                        return 1;
                    }
                }
 
                //They match.
                return 0;
            }
        }
 
        [System.Security.SecurityCritical]
        private unsafe bool IsAssemblyOnAptcaVisibleListRaw(char * namePtr, int nameLen, byte * keyTokenPtr,
                                                            int keyTokenLen)
        {
            //This version is used for checking ngen dependencies against the C-APTCA list.  It lets us
            //reject ngen images that depend on an assembly that has been disabled in the current domain.
            //Since we only have the public key token in the ngen image, we'll check against that.  The
            //rationale is that if you have a public key token collision in your process you have many
            //problems.  Since the source of this public key token is an ngen image for a full trust
            //assembly, there is essentially no risk to the reduced check.
            if (_aptcaVisibleAssemblies == null)
                return false;
 
            string name = new string(namePtr, 0, nameLen);
            byte[] keyToken = new byte[keyTokenLen];
            for( int i = 0; i < keyToken.Length; ++i )
                keyToken[i] = keyTokenPtr[i];
 
            AssemblyName asmName = new AssemblyName();
            asmName.Name = name;
            asmName.SetPublicKeyToken(keyToken);
            try
            {
                int index = Array.BinarySearch(_aptcaVisibleAssemblies, asmName, new CAPTCASearcher());
                return (index >= 0);
            }
            catch (InvalidOperationException) { /* Can happen for poorly formed assembly names */ return false; }
        }
 
#endif
 
        // This routine is called from unmanaged code to
        // set the default fusion context.
        [System.Security.SecurityCritical]  // auto-generated
        private void SetupDomain(bool allowRedirects, String path, String configFile, String[] propertyNames, String[] propertyValues)
        {
            // It is possible that we could have multiple threads initializing
            // the default domain. We will just take the winner of these two.
            // (eg. one thread doing a com call and another doing attach for IJW)
            lock (this) {
                if(_FusionStore == null) {
                    AppDomainSetup setup = new AppDomainSetup();
#if FEATURE_CORECLR
                    // always use internet permission set
                    setup.InternalSetApplicationTrust("Internet");
#endif // FEATURE_CORECLR
#if FEATURE_FUSION
                    setup.SetupDefaults(RuntimeEnvironment.GetModuleFileName(), imageLocationAlreadyNormalized : true);
                    if(path != null)
                        setup.Value[(int) AppDomainSetup.LoaderInformation.ApplicationBaseValue] = path;
                    if(configFile != null)
                        setup.Value[(int) AppDomainSetup.LoaderInformation.ConfigurationFileValue] = configFile;
 
                    // Default fusion context starts with binding redirects turned off.
                    if (!allowRedirects)
                        setup.DisallowBindingRedirects = true;
#endif
 
#if !FEATURE_CORECLR
                    if (propertyNames != null) {
                        BCLDebug.Assert(propertyValues != null, "propertyValues != null");
                        BCLDebug.Assert(propertyNames.Length == propertyValues.Length, "propertyNames.Length == propertyValues.Length");
 
                        for (int i = 0; i < propertyNames.Length; ++i) {
                            if (String.Equals(propertyNames[i], "PARTIAL_TRUST_VISIBLE_ASSEMBLIES", StringComparison.Ordinal)) {
                                // The value of the PARTIAL_TRUST_VISIBLE_ASSEMBLIES property is a semicolon
                                // delimited list of assembly names to add to the
                                // PartialTrustVisibleAssemblies setting of the domain setup
                                if (propertyValues[i] != null) {
                                    if (propertyValues[i].Length > 0) {
                                        setup.PartialTrustVisibleAssemblies = propertyValues[i].Split(';');
                                    }
                                    else {
                                        setup.PartialTrustVisibleAssemblies = new string[0];
                                    }
                                }
                            }
                            else {
                                // In v4 we disallow anything but PARTIAL_TRUST_VISIBLE_ASSEMBLIES to come
                                // in via the default domain properties.  That restriction could be lifted
                                // in a future release, at which point this assert should be removed.
                                // 
                                // This should be kept in sync with the real externally facing filter code
                                // in CorHost2::SetPropertiesForDefaultAppDomain
                                BCLDebug.Assert(false, "Unexpected default domain property");
                            }
                        }
                    }
#endif // !FEATURE_CORECLR
 
#if FEATURE_APTCA
                    // Propigate the set of conditional APTCA assemblies that will be used in the default
                    // domain onto the domain itself and also into the VM
                    PartialTrustVisibleAssemblies = setup.PartialTrustVisibleAssemblies;
#endif // FEATURE_APTCA
 
                    SetupFusionStore(setup, null);
                }
            }
        }
 
#if FEATURE_LOADER_OPTIMIZATION
       [System.Security.SecurityCritical]  // auto-generated
       private void SetupLoaderOptimization(LoaderOptimization policy)
        {
            if(policy != LoaderOptimization.NotSpecified) {
                Contract.Assert(FusionStore.LoaderOptimization == LoaderOptimization.NotSpecified,
                                "It is illegal to change the Loader optimization on a domain");
 
                FusionStore.LoaderOptimization = policy;
                UpdateLoaderOptimization(FusionStore.LoaderOptimization);
            }
        }
#endif
           
#if FEATURE_FUSION
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        internal extern IntPtr GetFusionContext();
#endif // FEATURE_FUSION
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        internal extern IntPtr GetSecurityDescriptor();
 
#if FEATURE_REMOTING        
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        internal static extern AppDomain nCreateDomain(String friendlyName,
                                                      AppDomainSetup setup,
                                                      Evidence providedSecurityInfo,
                                                      Evidence creatorsSecurityInfo,
                                                      IntPtr parentSecurityDescriptor);
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        internal static extern ObjRef nCreateInstance(String friendlyName,
                                                      AppDomainSetup setup,
                                                      Evidence providedSecurityInfo,
                                                      Evidence creatorsSecurityInfo,
                                                      IntPtr parentSecurityDescriptor);
#endif
 
        [SecurityCritical]
        private void SetupDomainSecurity(Evidence appDomainEvidence,
                                         IntPtr creatorsSecurityDescriptor,
                                         bool publishAppDomain)
        {
            Evidence stackEvidence = appDomainEvidence;
            SetupDomainSecurity(GetNativeHandle(),
                                JitHelpers.GetObjectHandleOnStack(ref stackEvidence),
                                creatorsSecurityDescriptor,
                                publishAppDomain);
 
        }
 
        [SecurityCritical]
        [ResourceExposure(ResourceScope.None)]
        [SuppressUnmanagedCodeSecurity]
        [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
        private static extern void SetupDomainSecurity(AppDomainHandle appDomain,
                                                       ObjectHandleOnStack appDomainEvidence,
                                                       IntPtr creatorsSecurityDescriptor,
                                                       [MarshalAs(UnmanagedType.Bool)] bool publishAppDomain);
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private extern void nSetupFriendlyName(string friendlyName);
 
#if FEATURE_COMINTEROP
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private extern void nSetDisableInterfaceCache();
#endif // FEATURE_COMINTEROP
 
#if FEATURE_LOADER_OPTIMIZATION
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        internal extern void UpdateLoaderOptimization(LoaderOptimization optimization);
#endif
 
#if FEATURE_FUSION       
        //
        // This is just designed to prevent compiler warnings.
        // This field is used from native, but we need to prevent the compiler warnings.
        //
 
        [System.Security.SecurityCritical]  // auto-generated_required
        [Obsolete("AppDomain.SetShadowCopyPath has been deprecated. Please investigate the use of AppDomainSetup.ShadowCopyDirectories instead. http://go.microsoft.com/fwlink/?linkid=14202")]
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public void SetShadowCopyPath(String path)
        {
            InternalSetShadowCopyPath(path);
        }
 
        [System.Security.SecurityCritical]  // auto-generated_required
        [Obsolete("AppDomain.SetShadowCopyFiles has been deprecated. Please investigate the use of AppDomainSetup.ShadowCopyFiles instead. http://go.microsoft.com/fwlink/?linkid=14202")]
        public void SetShadowCopyFiles()
        {
            InternalSetShadowCopyFiles();
        }
 
        [System.Security.SecurityCritical]  // auto-generated_required
        [Obsolete("AppDomain.SetDynamicBase has been deprecated. Please investigate the use of AppDomainSetup.DynamicBase instead. http://go.microsoft.com/fwlink/?linkid=14202")]
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public void SetDynamicBase(String path)
        {
            InternalSetDynamicBase(path);
        }
#endif // FEATURE_FUSION
 
        public AppDomainSetup SetupInformation
        {
            get {
                return new AppDomainSetup(FusionStore,true);
            }
        }
 
#if FEATURE_FUSION
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        internal void InternalSetShadowCopyPath(String path)
        {
            if (path != null)
            {
                IntPtr fusionContext = GetFusionContext();
                AppDomainSetup.UpdateContextProperty(fusionContext, AppDomainSetup.ShadowCopyDirectoriesKey, path);
            }
            FusionStore.ShadowCopyDirectories = path;
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        internal void InternalSetShadowCopyFiles()
        {
            IntPtr fusionContext = GetFusionContext();
            AppDomainSetup.UpdateContextProperty(fusionContext, AppDomainSetup.ShadowCopyFilesKey, "true");
            FusionStore.ShadowCopyFiles = "true";
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        internal void InternalSetCachePath(String path)
        {
            FusionStore.CachePath = path;
            if (FusionStore.Value[(int) AppDomainSetup.LoaderInformation.CachePathValue] != null)
            {
                IntPtr fusionContext = GetFusionContext();
                AppDomainSetup.UpdateContextProperty(fusionContext, AppDomainSetup.CachePathKey,
                                                     FusionStore.Value[(int) AppDomainSetup.LoaderInformation.CachePathValue]);
            }
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        internal void InternalSetPrivateBinPath(String path)
        {
            IntPtr fusionContext = GetFusionContext();
            AppDomainSetup.UpdateContextProperty(fusionContext, AppDomainSetup.PrivateBinPathKey, path);
            FusionStore.PrivateBinPath = path;
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        internal void InternalSetDynamicBase(String path)
        {
            FusionStore.DynamicBase = path;
            if (FusionStore.Value[(int) AppDomainSetup.LoaderInformation.DynamicBaseValue] != null)
            {
                IntPtr fusionContext = GetFusionContext();
                AppDomainSetup.UpdateContextProperty(fusionContext, AppDomainSetup.DynamicBaseKey,
                                                     FusionStore.Value[(int) AppDomainSetup.LoaderInformation.DynamicBaseValue]);
            }
        }
#endif // FEATURE_FUSION
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        internal extern String IsStringInterned(String str);
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        internal extern String GetOrInternString(String str);
        
        [SecurityCritical]
        [ResourceExposure(ResourceScope.None)]
        [SuppressUnmanagedCodeSecurity]
        [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
        private static extern void GetGrantSet(AppDomainHandle domain, ObjectHandleOnStack retGrantSet);
 
#if FEATURE_CAS_POLICY
        [SecurityCritical]
        [ResourceExposure(ResourceScope.None)]
        [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)]
        [SuppressUnmanagedCodeSecurity]
        [return: MarshalAs(UnmanagedType.Bool)]
        private static extern bool GetIsLegacyCasPolicyEnabled(AppDomainHandle domain);
#endif // FEATURE_CAS_POLICY
 
        public PermissionSet PermissionSet
        {
            // SecurityCritical because permissions can contain sensitive information such as paths
            [SecurityCritical]
            get
            {
                PermissionSet grantSet = null;
                GetGrantSet(GetNativeHandle(), JitHelpers.GetObjectHandleOnStack(ref grantSet));
 
                if (grantSet != null)
                {
                    return grantSet.Copy();
                }
                else
                {
                    return new PermissionSet(PermissionState.Unrestricted);
                }
            }
        }
 
        public bool IsFullyTrusted
        {
            [SecuritySafeCritical]
            get
            {
                PermissionSet grantSet = null;
                GetGrantSet(GetNativeHandle(), JitHelpers.GetObjectHandleOnStack(ref grantSet));
 
                return grantSet == null || grantSet.IsUnrestricted();
            }
        }
 
        public bool IsHomogenous
        {
            get
            {
                // Homogenous AppDomains always have an ApplicationTrust associated with them
                return _IsFastFullTrustDomain || _applicationTrust != null;
            }
        }
 
#if FEATURE_CAS_POLICY
        internal bool IsLegacyCasPolicyEnabled
        {
            [SecuritySafeCritical]
            get
            {
                return GetIsLegacyCasPolicyEnabled(GetNativeHandle());
            }
        }
 
        // Determine what this homogenous domain thinks the grant set should be for a specific set of evidence
        [SecuritySafeCritical]
        internal PermissionSet GetHomogenousGrantSet(Evidence evidence)
        {
            Contract.Assert(evidence != null);
            Contract.Assert(IsHomogenous);
            Contract.Assert(evidence.GetHostEvidence<GacInstalled>() == null);
 
            if (_IsFastFullTrustDomain)
            {
                return new PermissionSet(PermissionState.Unrestricted);
            }
 
            // If the ApplicationTrust's full trust list calls out the assembly, then it is fully trusted
            if (evidence.GetDelayEvaluatedHostEvidence<StrongName>() != null)
            {
                foreach (StrongName fullTrustAssembly in ApplicationTrust.FullTrustAssemblies)
                {
                    StrongNameMembershipCondition sn = new StrongNameMembershipCondition(fullTrustAssembly.PublicKey,
                                                                                         fullTrustAssembly.Name,
                                                                                         fullTrustAssembly.Version);
 
                    object usedEvidence = null;
                    if ((sn as IReportMatchMembershipCondition).Check(evidence, out usedEvidence))
                    {
                        IDelayEvaluatedEvidence delayEvidence = usedEvidence as IDelayEvaluatedEvidence;
                        if (usedEvidence != null)
                        {
                            delayEvidence.MarkUsed();
                        }
 
                        return new PermissionSet(PermissionState.Unrestricted);
                    }
                }
            }
 
            // Otherwise, the grant set is just the default grant set
            return ApplicationTrust.DefaultGrantSet.PermissionSet.Copy();
        }
#endif // FEATURE_CAS_POLICY
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private extern void nChangeSecurityPolicy();
 
        [System.Security.SecurityCritical]  // auto-generated
        [MethodImplAttribute(MethodImplOptions.InternalCall),
         ReliabilityContract(Consistency.MayCorruptAppDomain, Cer.MayFail),
         ResourceExposure(ResourceScope.None)]
        internal static extern void nUnload(Int32 domainInternal);
           
        public Object CreateInstanceAndUnwrap(String assemblyName,
                                              String typeName)
        {
            ObjectHandle oh = CreateInstance(assemblyName, typeName);
            if (oh == null)
                return null;
 
            return oh.Unwrap();
        } // CreateInstanceAndUnwrap
 
 
        public Object CreateInstanceAndUnwrap(String assemblyName, 
                                              String typeName,
                                              Object[] activationAttributes)
        {
            ObjectHandle oh = CreateInstance(assemblyName, typeName, activationAttributes);
            if (oh == null)
                return null; 
 
            return oh.Unwrap();
        } // CreateInstanceAndUnwrap
 
 
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of CreateInstanceAndUnwrap which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public Object CreateInstanceAndUnwrap(String assemblyName, 
                                              String typeName, 
                                              bool ignoreCase,
                                              BindingFlags bindingAttr, 
                                              Binder binder,
                                              Object[] args,
                                              CultureInfo culture,
                                              Object[] activationAttributes,
                                              Evidence securityAttributes)
        {
#pragma warning disable 618
            ObjectHandle oh = CreateInstance(assemblyName, typeName, ignoreCase, bindingAttr,
                binder, args, culture, activationAttributes, securityAttributes);
#pragma warning restore 618
 
            if (oh == null)
                return null; 
            
            return oh.Unwrap();
        } // CreateInstanceAndUnwrap
 
        public object CreateInstanceAndUnwrap(string assemblyName,
                                              string typeName,
                                              bool ignoreCase,
                                              BindingFlags bindingAttr,
                                              Binder binder,
                                              object[] args,
                                              CultureInfo culture,
                                              object[] activationAttributes)
        {
            ObjectHandle oh = CreateInstance(assemblyName,
                                             typeName,
                                             ignoreCase,
                                             bindingAttr,
                                             binder,
                                             args,
                                             culture,
                                             activationAttributes);
 
            if (oh == null)
            {
                return null;
            }
 
            return oh.Unwrap();
        }
 
        // The first parameter should be named assemblyFile, but it was incorrectly named in a previous 
        //  release, and the compatibility police won't let us change the name now.
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public Object CreateInstanceFromAndUnwrap(String assemblyName,
                                                  String typeName)
        {
            ObjectHandle oh = CreateInstanceFrom(assemblyName, typeName);
            if (oh == null)
                return null;  
 
            return oh.Unwrap();                
        } // CreateInstanceAndUnwrap
 
 
        // The first parameter should be named assemblyFile, but it was incorrectly named in a previous 
        //  release, and the compatibility police won't let us change the name now.
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public Object CreateInstanceFromAndUnwrap(String assemblyName,
                                                  String typeName,
                                                  Object[] activationAttributes)
        {
            ObjectHandle oh = CreateInstanceFrom(assemblyName, typeName, activationAttributes);
            if (oh == null)
                return null; 
 
            return oh.Unwrap();
        } // CreateInstanceAndUnwrap
 
 
        // The first parameter should be named assemblyFile, but it was incorrectly named in a previous 
        //  release, and the compatibility police won't let us change the name now.
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        [Obsolete("Methods which use evidence to sandbox are obsolete and will be removed in a future release of the .NET Framework. Please use an overload of CreateInstanceFromAndUnwrap which does not take an Evidence parameter. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
        public Object CreateInstanceFromAndUnwrap(String assemblyName, 
                                                  String typeName, 
                                                  bool ignoreCase,
                                                  BindingFlags bindingAttr, 
                                                  Binder binder,
                                                  Object[] args,
                                                  CultureInfo culture,
                                                  Object[] activationAttributes,
                                                  Evidence securityAttributes)
        {
#pragma warning disable 618
            ObjectHandle oh = CreateInstanceFrom(assemblyName, typeName, ignoreCase, bindingAttr,
                binder, args, culture, activationAttributes, securityAttributes);
#pragma warning restore 618
 
            if (oh == null)
                return null; 
 
            return oh.Unwrap();
        } // CreateInstanceAndUnwrap
 
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        public object CreateInstanceFromAndUnwrap(string assemblyFile,
                                                  string typeName,
                                                  bool ignoreCase,
                                                  BindingFlags bindingAttr,
                                                  Binder binder,
                                                  object[] args,
                                                  CultureInfo culture,
                                                  object[] activationAttributes)
        {
            ObjectHandle oh = CreateInstanceFrom(assemblyFile,
                                                 typeName,
                                                 ignoreCase,
                                                 bindingAttr,
                                                 binder,
                                                 args,
                                                 culture,
                                                 activationAttributes);
            if (oh == null)
            {
                return null;
            }
            
            return oh.Unwrap();
        }
 
        public Int32 Id
        {
            [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]  
            get {
                return GetId();
            }
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
        internal extern Int32 GetId();
        
        internal const Int32 DefaultADID = 1;
        
        public bool IsDefaultAppDomain()
        {
            if (GetId()==DefaultADID)
                return true;
            return false;
        }
 
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        private static AppDomainSetup InternalCreateDomainSetup(String imageLocation)
        {
            int i = imageLocation.LastIndexOf('\\');
 
            Contract.Assert(i != -1, "invalid image location");
 
            AppDomainSetup info = new AppDomainSetup();
 
            info.ApplicationBase = imageLocation.Substring(0, i+1);
 
            StringBuilder config = new StringBuilder(imageLocation.Substring(i+1));
            config.Append(AppDomainSetup.ConfigurationExtension);
            info.ConfigurationFile = config.ToString();
 
            return info;
        }
 
        // Used by the validator for testing but not executing an assembly
#if FEATURE_REMOTING
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        private static AppDomain InternalCreateDomain(String imageLocation)
        {
            AppDomainSetup info = InternalCreateDomainSetup(imageLocation);
            return CreateDomain("Validator",
                                null,
                                info);
        }
#endif
 
#if FEATURE_APPDOMAIN_RESOURCE_MONITORING
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private static extern void nEnableMonitoring();
 
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private static extern bool nMonitoringIsEnabled();
 
        // return -1 if ARM is not supported.
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private extern Int64 nGetTotalProcessorTime();
 
        // return -1 if ARM is not supported.
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private extern Int64 nGetTotalAllocatedMemorySize();
 
        // return -1 if ARM is not supported.
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private extern Int64 nGetLastSurvivedMemorySize();
 
        // return -1 if ARM is not supported.
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.None)]
        [MethodImplAttribute(MethodImplOptions.InternalCall)]
        private static extern Int64 nGetLastSurvivedProcessMemorySize();
 
        public static bool MonitoringIsEnabled
        {
            [System.Security.SecurityCritical]
            get {
                return nMonitoringIsEnabled();
            }
            
            [System.Security.SecurityCritical]
            set {
                if (value == false)
                {
                    throw new ArgumentException(Environment.GetResourceString("Arg_MustBeTrue"));
                }
                else
                {
                    nEnableMonitoring();
                }
            }
        }
 
        // Gets the total processor time for this AppDomain.
        // Throws NotSupportedException if ARM is not enabled.
        public TimeSpan MonitoringTotalProcessorTime 
        {
            [System.Security.SecurityCritical]
            get {
                Int64 i64ProcessorTime = nGetTotalProcessorTime();
                if (i64ProcessorTime == -1)
                {
                    throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_WithoutARM"));
                }
                return new TimeSpan(i64ProcessorTime);
            }
        }
 
        // Gets the number of bytes allocated in this AppDomain since
        // the AppDomain was created.
        // Throws NotSupportedException if ARM is not enabled.
        public Int64 MonitoringTotalAllocatedMemorySize 
        {
            [System.Security.SecurityCritical]
            get {
                Int64 i64AllocatedMemory = nGetTotalAllocatedMemorySize();
                if (i64AllocatedMemory == -1)
                {
                    throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_WithoutARM"));
                }
                return i64AllocatedMemory;
            }
        }
 
        // Gets the number of bytes survived after the last collection
        // that are known to be held by this AppDomain. After a full 
        // collection this number is accurate and complete. After an 
        // ephemeral collection this number is potentially incomplete.
        // Throws NotSupportedException if ARM is not enabled.
        public Int64 MonitoringSurvivedMemorySize
        {
            [System.Security.SecurityCritical]
            get {
                Int64 i64LastSurvivedMemory = nGetLastSurvivedMemorySize();
                if (i64LastSurvivedMemory == -1)
                {
                    throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_WithoutARM"));
                }
                return i64LastSurvivedMemory;
            }
        }
 
        // Gets the total bytes survived from the last collection. After 
        // a full collection this number represents the number of the bytes 
        // being held live in managed heaps. (This number should be close 
        // to the number obtained from GC.GetTotalMemory for a full collection.)
        // After an ephemeral collection this number represents the number 
        // of bytes being held live in ephemeral generations.
        // Throws NotSupportedException if ARM is not enabled.
        public static Int64 MonitoringSurvivedProcessMemorySize
        {
            [System.Security.SecurityCritical]
            get {
                Int64 i64LastSurvivedProcessMemory = nGetLastSurvivedProcessMemorySize();
                if (i64LastSurvivedProcessMemory == -1)
                {
                    throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_WithoutARM"));
                }
                return i64LastSurvivedProcessMemory;
            }
        }
#endif
 
#if FEATURE_FUSION
        [System.Security.SecurityCritical]  // auto-generated
        [ResourceExposure(ResourceScope.Machine)]
        [ResourceConsumption(ResourceScope.Machine)]
        private void InternalSetDomainContext(String imageLocation)
        {
            SetupFusionStore(InternalCreateDomainSetup(imageLocation), null);
        }
#endif
 
#if !FEATURE_CORECLR
        // this method is required so Object.GetType is not made virtual by the compiler
        // _AppDomain.GetType()
        public new Type GetType()
        {
            return base.GetType();
        }
 
        void _AppDomain.GetTypeInfoCount(out uint pcTInfo)
        {
            throw new NotImplementedException();
        }
 
        void _AppDomain.GetTypeInfo(uint iTInfo, uint lcid, IntPtr ppTInfo)
        {
            throw new NotImplementedException();
        }
 
        void _AppDomain.GetIDsOfNames([In] ref Guid riid, IntPtr rgszNames, uint cNames, uint lcid, IntPtr rgDispId)
        {
            throw new NotImplementedException();
        }
 
        // If you implement this method, make sure to include _AppDomain.Invoke in VM\DangerousAPIs.h and 
        // include _AppDomain in SystemDomain::IsReflectionInvocationMethod in AppDomain.cpp.
        void _AppDomain.Invoke(uint dispIdMember, [In] ref Guid riid, uint lcid, short wFlags, IntPtr pDispParams, IntPtr pVarResult, IntPtr pExcepInfo, IntPtr puArgErr)
        {
            throw new NotImplementedException();
        }
#endif
    }
 
    //  CallBacks provide a facility to request execution of some code
    //  in another context/appDomain.
    //  CrossAppDomainDelegate type is defined for appdomain call backs. 
    //  The delegate used to request a callbak through the DoCallBack method
    //  must be of CrossContextDelegate type.
#if FEATURE_REMOTING    
[System.Runtime.InteropServices.ComVisible(true)]
    public delegate void CrossAppDomainDelegate();
#endif
 
    /// <summary>
    ///     Handle used to marshal an AppDomain to the VM (eg QCall). When marshaled via a QCall, the target
    ///     method in the VM will recieve a QCall::AppDomainHandle parameter.
    /// </summary>
    internal struct AppDomainHandle
    {
        private IntPtr m_appDomainHandle;
 
        // Note: generall an AppDomainHandle should not be directly constructed, instead the
        // code:System.AppDomain.GetNativeHandle method should be called to get the handle for a specific
        // AppDomain.
        internal AppDomainHandle(IntPtr domainHandle)
        {
            m_appDomainHandle = domainHandle;
        }
    }
}