Patrick Smacchia

Durant l'analyse de certains assemblies obfusqués, NDepend emet des beep stridents. Or le code de NDepend ne contient pas le moindre appel à la méthode Beep().

Comme mentionné sur le fameux blog 'The Old New Thing', un problème de conversion de char UNICODE vers ASCII fait que certains char sont convertis ver le char ASCII bell.

Le bug venait donc du fait que l'obfuscateur assignait ces char aux noms de certaines méthodes qui provoquaient l'émission de warnings contenant leurs noms, et les affichages de ces noms sur la console entrainaient les beep!

Un pti coup de pub pour la nouvelle grosse feature de NDepend: la possibilité de comparer en détail le code de 2 versions différentes d'une même application. Ca inclu:

• Savoir ce qui a été ajouté/supprimé/modifié au moyen de requêtes CQL du genre : SELECT METHODS FROM "MyAssembly" WHERE CodeWasChanged
• Savoir quelles dépendances ont ajoutées/supprimées/modifiées.
• Voir l'évolution des métriques.
• Savoir ce qui n'est plus utilisé ou ce qui est nouvellement utilisé dans les assemblages tiers.
• Faire des contraintes CQL pour être avertis des évolutions aberrantes. Par example la contrainte suivante avertie si une méthode était publique n'existe plus, ce qui peut être particulièrement génant dans le cas d'un framework : WARN IF Count > 0 IN SELECT METHODS WHERE IsPublic AND (VisibilityWasChanged OR WasRemoved)
• Possibilité de comparer les 2 versions du code d'une méthode ou d'une classe avec WinDiff.

Une démo en ligne de 4mn résume tout ceci.

http://www.hanselminutes.com/default.aspx?showID=66

Scott Hanselman qui montre à Carl Franklin les possibilités de NDepend pendant 30mn
avec un 'Oh my God! quand Carl découvre les possibilités du language CQL

avec l'article qui va bien:
http://www.hanselman.com/blog/ExitingTheZoneOfPainStaticAnalysisWithNDepend.aspx

Ca fait plaisir!

Enfin! Après plusieurs mois de peaufinage NDepend 2.0 n’est plus en beta et il est maintenant dispo en 2 Editions : Pro et Trial. La version Trial garde toutes les grosses fonctionnalités (CQL, Metric View, Matrix View) et elle est utilisable gratuitement sur les projets open-source et universitaires, sans limite de temps. La version Pro contient en plus les multiples fonctionnalités mineures qui facilitent la collecte d’information.

Peut être ne savez vous pas ce qu’est NDepend ? C’est un logiciel pour les développeurs et architectes qui permet de comprendre et de contrôler le design d’une base de code .NET.

• Comment s’assurer que le nouveau dans l’équipe respecte l’organisation en couche que nous nous sommes imposés ?
• Combien de temps ca va nous prendre pour remplacer cette DLL tier par une autre (analyse d’impact) ?
• J’ai 3 jours pour auditer ce projet de 5 années-hommes, comment vais-je m’y prendre ?
• Comment va-t-on récupérer ce legacy alors que les développeurs historiques du projet ne sont plus là ?
• On utilise déjà FxCop mais comment vérifier au jour le jour que nos propres règles de qualité sont respectées par tous les développeurs ?
• J’édite un framework, comment contraindre mes utilisateurs à m’utiliser correctement ?

Autant de questions auxquelles NDepend permet d’apporter très rapidement des réponses objectives. Pour vous faire une idée le mieux est de regarder les démos online disponibles à http://www.NDepend.com et de l'essayer sur vos propres projets.

J’ai récemment entendu que Microsoft avait développé un logiciel de ce genre pour rationaliser les dépendances du code de Vista. Plus d’info à ce sujet ici.

NDepend est un outil très visuel. Voici un snapshot des dépendances internes du framework .NET 2.0 avec un zoom sur les namespaces de mscorlib. Une case bleue représente une dépendance, le numéro sur une dépendance représente le nombre de types utilisés et une case noire représente une dépendance bidirectionnelle. Y a t-il une autre facon d'avoir autant d'information sur 500.000 lignes de code en quelques clicks?

J’aurais l’occasion de revenir sur DNG pour parler de tout ceci, stay tuned !

C'est le mot qui me vient après avoir feuilleter pour la première fois Pratique de .NET2 et C#2.

C'est l'aboutissement de 2600 heures de travail réparties sur les trois dernières années, un peu plus de 1000 pages, plus de 2 millions de caractères, 647 listings prêts à l'emploi, un logiciel dédié au maniement des documents sources Word (concaténation des docs, extraction et vérification par la compilation des listings, gestion des références croisées, maintenance des deux versions FR/EN, génération automatique du site associé http://www.practicaldot.net/fr/, extraction partielle vers du docbook...). C'est aussi le résultat d'une collaboration avec tout le staff DNG. Chacun a ses préférences qui lui sont propres. J'ai pu bénéficier de conseils trés pointus dans chaque spécialité: langage, persistance, CLI, performance du code géré, XML, transactionnel, ASP.NET... Merci à tous!

Au delà du contenu technique, Xavier Cazin des éditions O'Reilly France et Yannis Haralambous des ateliers Fluxus-Virus se sont appliqués à faire un très beau livre avec beaucoup de temps passé sur la mise en page, la conversion des figures, la trame des listings, le choix du papier, des fontes (celles du journal Le Monde http://www.typofonderie.com/)...

Et maintenant? Je compte développer plus avant mon activité de formation autour des technologies .NET, faire une version 2 de mon outil NDepend avec un module graphique d'exploitation des données, publier une version US du livre (prévue pour début 2006 au édition ParadoxalPress) et surveiller de prés Windows Vista et Orcas. Mais avant tous, je compte allez m'acheter une seconde bibliothèque!

I hope to clarify hereby some CAS issues often misunderstood:

Fully trusted assemblies vs. partially trusted assemblies

From CAS point of view, there are two kinds of assemblies: full trusted ones and partially trusted ones. Full trusted assemblies are those which are granted with the standard permission set FullTrust.

By default, a signed assembly can be called only from a fully trusted assembly. This restriction prevents partially trusted assemblies to invoke any assemblies stored on your machine before its installation. Indeed, the only way a partially trusted assemblies could use an assembly stored on your machine before its installation is to use an assembly stored in GAC. Now, consider that an assembly must be a signed one to be in the GAC.

To allow a partially trusted assembly to use some core assemblies such as mscorlib.dll or System.dll, MS has provided the System.Security.AllowPartiallyTrustedCallersAttribute attribute . If a signed assembly is marked with this attribute, then the CLR allows some partially trusted caller assemblies.
Nevertheless, be aware that using this attribute on a widely spread class library may be dangerous. It is so dangerous that some standard assemblies such as System.Web.dll or System.ServiceProcess.dll are not marked with this attribute.

Another potential security hole might stem from the fact that a signed assembly which doesn’t allow partially trusted callers (let’s call it C) can still be invoked indirectly by a partially trusted assembly (let’s call it A). Indeed, A can still use a fully trusted assembly B that allows partially trusted callers and B can then use C.

The Everything permission set

Assemblies granted with the Everything permission set are not fully trusted. Another difference between Everything and FullTrust permission sets lies in the fact that the Everything permission is configurable and by default, it doesn’t take account of custom permissions.

The meta-permission UnmanagedCode

The meta-permission UnmanagedCode must be considered as a ‘super permission’. Indeed, by using win32 API or COM objects, you clearly can have access to every critical resources of your machine.

There exist some other reasons than performance issues which can motivate to suppress the stack walk check for the meta-permission UnmanagedCode. Let’s imagine how methods of the standard class FileStream are coded. They might use P/Invoke mechanism to have access to win32 API to modify files. Thus, they must trigger a stack walk to check if every callers have both FileIOPermission and UnmanagedCode meta-permission. Clearly, it can’t work like that. Being able to have access to files must not require a powerful permission such as UnmanagedCode. Thus, FileStream’s methods must somehow assert that callers don’t need to have this meta-permission. There is three ways to achieve this:

• You can use the method Assert() on a System.Security.Permissions.SecurityPermission object.
• You can use the value Assert of the enumeration System.Security.Permissions.SecurityAction on a System.Security.Permissions.SecurityPermissionAttribute.
• You can tag a method, a class or an interface with the System.Security.SuppressUnmanagedCodeSecurityAttribute attribute which indicates to the JIT compiler that while executing the method (or a method of the tagged class), it should make no security checks when making the call into the unmanaged code.

The meta-permission SkipVerification

The meta-permission SkipVerification must be considered as well as a ‘super permission’ since ‘unsafe code’ can perform some very weird stuff that won’t be checked by the CLR.

Exclusive code groups

If an assembly belongs to two or more code groups exclusive of the same policy level, it won't have any permission. By exclusive code group I mean that the if the membership condition is met this policy level will only have the permissions from the permission set associated with this code group option is on.

For those who'd like to go further than my article concerning generics, here is two interesting posts:

CLR Generics and code sharing by Joel Pobar, CLR Program Manager
http://blogs.msdn.com/joelpob/archive/2004/11/17/259224.aspx

Generics design guidelines by Krzysztof Cwalina
http://blogs.msdn.com/kcwalina/archive/2004/03/15.aspx

While reading the excellent book 'The C# Programming Language', I just found a somewhat unexpected point in the C#2 grammar. As illustrated by the following example, characters '<' and '>' can sometime be interpreted both as comparison operators and as beginning and ending of a types parameter list.

class C<U,V>
{
    public static void Fct1()
    {
        int U = 6;
        int V = 7;
        int Fct2 = 9;
        Fct3(Fct2<U, V>(20)); // call Fct3(int)
        Fct3(Fct2<U, V>20); // call Fct3(bool,bool)
    }
    public static int Fct2<A, B>(int i) { return 0;}
    public static void Fct3(int i) { return; }
    public static void Fct3(bool b1, bool b2) { return; }
}

	
class Program
{
   static void Main(string[] args)
   {
	
   }
}

This dilemma is solved by the following rule: if the character that follows the '>' character is in the following list, then the compiler choose the type parameter list case.

(  )  ]  >  :  ;  ,  .  ?

Here we are ! My first post!

It is dedicated to software book writing. I got a chance to write a book concerning .NET and C# (‘Pratique de .NET et .C#’ O’Reilly 2003 only in French for now http://www.amazon.fr/exec/obidos/ASIN/2841772454/171-1380742-3141034 ) and that was a marvellous experience. For Sure, it won’t be the last.

Here are some advices I can give to someone that would like to write a software book:

Write at least 150 pages before providing anything to a publisher. You have to prove that you know your subject, that you can write and that you are patient enough. If your book is around this size, ask yourself if you are writing a software book (Tom it’s a joke!!).

Each time you stumble on a subtle problematic on your subject that you were not aware of, don’t consider it as a hurdle that will slow down your process. Consider it as a blessing that will make your book more useful for readers than the others. Drill into the concerned subject until you got the full picture in mind. Then write about it. It took me 4 full days to get the big picture of .NET remoting in mind (thanks M.Box and M.Rammer)! Anyway, don’t begin to write anything on a subject that you don’t deeply understand.

Don’t begin a new chapter before having done properly the current one. Of course you can take some notes for future chapters and of course you will likely add info to chapters that you consider as done. From my experience, there is no better incentive than this feeling of ‘job done, job well done’ to boost you for the rest. And motivation is the only thing you need, right?!.

Start to write chapters that you consider as most complicated. Don’t cheat with yourself on this one. More generally, always give priority to things that daunt you.

Code example must be fully compilable code and as small as possible. Give as less excerpt as possible, only full code. With a language such as C#, most relevant example take around 10/15 lines (incuding the using statement). Provide a dowloadable zip file containing all examples. Readers must be able to compile and run them seamlessly. Build this example collection while writing. In code example, don't put more than 70 characters' a line and use spaces and not tabs to indent.

Save your screenshot in PNG format.

Take care of orthography since the beginning of the process.

Be aware that you’ll spend some 12-14h/days (most week end included) during several months. It’s a good idea to plan to write during the season you dislike the most. It’s also a good idea to have some discussion about it with your relatives before and during the writing process.

To gauge your motivation, you should be able to sleep a bit less than usual without any problem.

If you like to write until late in the night, try to wake you up at 5 A.M during a week. As me, you might find out that you are far more efficient like that (else, sorry for the wasted week ).

Writing a book is more an intellectual process than a business. After typing millions’ characters (more than two millions for Pratique!), after having thoroughly cover thousands of interesting details, you’ll find out that you can think more quickly and more accurately than before (not only on the subject you choose). I didn’t get this feeling of ‘several brains’ since the end of my ‘prépa’ (for 'non french guys' 'prépa' is a a two years intensive class dedicated to do selection amongst pupils of a generation).

Writing a book is also a real boost for your career. You are not anymore the lambda candidate for a job or a mission. I don’t see anything better for a software guy’s resume.

This is my experience but I think that if you are a ‘naturally born writer’, you know it somehow. I wasn’t good in school at literature but I recall having written a 40 pages book about prehistoric animals when I was 10 (not published ).

To conclude this post, here are some thoughts written by some paramount authors. I’ve been particularly interested by the idea of self-publishing from Brian Bischof.
http://perseus.franklins.net//DotNetRocks_0077_Charles_Petzold.asx
http://www.sellsbrothers.com/news/showTopic.aspx?ixTopic=1464
http://www.sellsbrothers.com/spout/#What_Makes_A_Book_Successful
http://www.aristeia.com/publications_frames.html (Advice to Prospective Book Authors)