Monday, April 28, 2008

Don't use self-referential Code Access Security attributes.

I encountered an interesting little problem today after completing a small refactoring of Gallio.  ILMerge broke!

An exception occurred during merging:
ILMerge.Merge: The assembly 'Gallio' was not merged in correctly. It is still listed as an external reference in the target assembly.
   at ILMerging.ILMerge.Merge()
   at ILMerging.ILMerge.Main(String[] args)

True enough, the merged assembly contained a self-reference.

The proximate cause seems to be the fact that the Gallio assembly defined a code access security attribute that it itself used.  Ordinarily these attributes should be defined in other assemblies.  Indeed, the compiler will enforce the constraint for any assembly-level permission requests.  I assume ILMerge is doing a little magic here to try to enforce similar properties.

Ahh well.  I eliminated the custom attribute and all is well.

Leap of Faith

Julian suggested I blog about this issue because of the manner in which I resolved it.

Internal dialogue:
  1. ILMerge is breaking because I am using it on a different assembly than I was before.  So there's something essentially wrong about this assembly or with ILMerge.
  2. Google turns up this error message but only in circumstances involving the ASP.Net merge tool and user error.  I don't think that's the case here.
  3. The documentation doesn't say anything about this.
  4. Renaming files around and messing with the command-line arguments doesn't change anything.
  5. Panic!
Time passes...
  1. Hmm.  When skimming the ILMerge change history to find the entry about to the addition of this error message didn't I see something about fixing security attributes?  I wonder what that was about.
  2. Gallio uses a custom security attribute.
  3. Security attributes are subject to these interesting cross-assembly reference constraints when used to declare minimum permission requests...
  4. Oh!

Now I have no idea why the mention of security attributes in the change history caught my attention, but it did.

You might call it lateral thinking, but I'll call it sheer luck!

Technorati Tags:


Julián Hidalgo said...

I can only say "Wow!"
That could have taken ages to figure out....

Jeroen Ritmeijer said...

I had exactly the same problem (custom code access attributes). You saved me a lot of time.