13

I'm writing custom security attribute and got strange compiler behaviour... When I'm using the attribute at the same file, default parameter values works fine:

using System.Security.Permissions;

[System.Serializable]
sealed class FooAttribute : CodeAccessSecurityAttribute {
    public FooAttribute(SecurityAction action = SecurityAction.Demand) : base(action) { }
    public override System.Security.IPermission CreatePermission() { return null; }
}

[Foo] class Program {
    static void Main(string[] args) { }
}

But when I'm separating the code above into two files like that - file 1:

using System.Security.Permissions;

[System.Serializable]
sealed class FooAttribute : CodeAccessSecurityAttribute {
    public FooAttribute(SecurityAction action = SecurityAction.Demand) : base(action) { }
    public override System.Security.IPermission CreatePermission() { return null; }
}

And file 2:

[Foo] class Program {
    static void Main(string[] args) { }
}

I've got an compiler error:

Error: 'FooAttribute' does not contain a constructor that takes 0 arguments

This occurs only with the CodeAccessSecurityAttribute inheritors, looks very strange...

BoltClock
  • 700,868
  • 160
  • 1,392
  • 1,356
controlflow
  • 6,667
  • 1
  • 31
  • 55
  • 2
    What is the relationship between FooAttribute, in the source, and DebugCallTraceAttribute, in the error message? – Eric Lippert Jun 17 '11 at 22:32
  • 2
    Is there a reason for `SecurityAttribute` in the first snippet and `CodeAccessSecurityAttribute` in the second? Seems like these should be the same for a valid minimal test case. (E.g. is it either related to this change or being in two files or both?) –  Jun 17 '11 at 22:33
  • sorry, it's 3am at Moscow, all snippet mistakes are fixed – controlflow Jun 17 '11 at 23:26
  • Very cool bug. If Eric doesn't show up then post this at connect.microsoft.com. Post the link please, love to know how this got borked. You need to fix the compiler error snippet btw, it doesn't match your code. – Hans Passant Jun 17 '11 at 23:29
  • 2
    This appears related to: http://stackoverflow.com/questions/4995687/creating-custom-codeaccesssecurityattribute-leads-to-exception-on-compile – joncham Jun 17 '11 at 23:50

1 Answers1

14

So I don't have an exact answer but I took it as far as I could looking into it. I think I understand why it happens when you inherit from CodeAccessSecurityAttribute and not SecurityAttribute. If you look at the IL generated when applying the Foo attribute when it inherits from CodeAccessSecurityAttribute it looks like this:

.permissionset demand = {class 'ConsoleApplication1.FooAttribute, ConsoleApplication1, Version=1.0.0.0, Culture=neutral' = {}}

When Foo inherits from SecurityAttribute it looks like this:

.custom instance void ConsoleApplication1.FooAttribute::.ctor(valuetype [mscorlib]System.Security.Permissions.SecurityAction) = ( 01 00 02 00 00 00 00 00 )

Clearly the CodeAccessSecurityAttribute drastically changes the IL generated by applying the attribute.

Looking at the IL more if we change the Foo declaration to be like as follows

[Foo(SecurityAction.Demand)]

We get the following IL:

.permissionset demand = {class 'ConsoleApplication1.FooAttribute, ConsoleApplication1, Version=1.0.0.0, Culture=neutral' = {}}

Its the same as it was when we did not specify the optional parameter. Further we can cause the error not just by splitting the attribute and the Program class into separate files we can cause it by rearranging the files in the class like this:

[Foo]
class Program
{

    static void Main(string[] args) {}


}

[System.Serializable]
sealed class FooAttribute : CodeAccessSecurityAttribute
{
    public FooAttribute(SecurityAction action = SecurityAction.Demand) : base(action) { }
    public override System.Security.IPermission CreatePermission() { return null; }
}

Even more interesting if we do the following with class Other and Other2 give the error but Program does not. Only the classes that come before Foo in the file will have the error

 [Foo]
 class Other
 {

 }

 [Foo]
 class Other2
 {
 }

 [System.Serializable]
 sealed class FooAttribute : CodeAccessSecurityAttribute
 {
      public FooAttribute(SecurityAction action = SecurityAction.Demand) : base(action) { }
      public override System.Security.IPermission CreatePermission() { return null; }        }

 [Foo]
 class Program
 {

  static void Main(string[] args) {}
 }

What this says to me is that there is a problem somewhere in the build process. I don't know enough about how Code Access Security works to put my finger on what the exact problem is. There has to be part of the process that looks at the CodeAccessSecurityAttributes and does something with attempting to apply the SecurityAction to the code. I assume it builds some sort of metadata for the assembly. It must do this in some sort of ordered way so that it doesn't see the optional parameter until after it has already passed the Program class. It then must use that metadata in some way during the build process and that is where you are seeing the failure. For any more detail we'll have to hope someone who knows the compiler i.e. Eric can shed some light on it. I'd submit it on connect.microsoft.com as one of the comments suggested as it seems like a bug caused by the order things are traversed.

Craig Suchanec
  • 10,474
  • 3
  • 31
  • 39