Assertion failed 'kind == Overwrite'

marklio commented 5 years ago

See IL repro at the bottom. Please let me know if you need more info, or a repro of a different form. This IL is wonky, but this assert is seen on 620 real assemblies from NuGet.org. Commonly, these have been obfuscated by dotfuscator.

Save the IL below as test.il ilasm test.il /dll run amd64 CHK crossgen on the output: -- crossgen.exe /in test.dll /out test.dll.ni /nologo /verbose /platform_assemblies_paths "paths_to_il" Expected: successful compilation Actual:

Opening input file
Preloading input file D:\scratch\crossgenrepros\kind == overwrite\test.dll
Compiling input file D:\scratch\crossgenrepros\kind == overwrite\test.dll
Compiling method TestClass.IsValidName

Assert failure(PID 36548 [0x00008ec4], Thread: 33756 [0x83dc]): Assertion failed 'kind == Overwrite' in 'TestClass:IsValidName(ref):bool:this' (IL size 431)

    File: c:\users\markmil\source\repos\coreclr\src\jit\jithashtable.h Line: 270
    Image: C:\Users\markmil\Source\Repos\PMIExperiment\CrossGenner\bin\Debug\coreclr\crossgen.exe

IL repro:

.assembly extern mscorlib
{
  .publickeytoken = (B7 7A 5C 56 19 34 E0 89 )                         // .z\V.4..
  .ver 4:0:0:0
}
.assembly extern System.Core
{
  .publickeytoken = (B7 7A 5C 56 19 34 E0 89 )                         // .z\V.4..
  .ver 4:0:0:0
}
.assembly Test
{
  .custom instance void [mscorlib]System.Runtime.CompilerServices.CompilationRelaxationsAttribute::.ctor(int32) = ( 01 00 08 00 00 00 00 00 ) 
  .custom instance void [mscorlib]System.Runtime.CompilerServices.RuntimeCompatibilityAttribute::.ctor() = ( 01 00 01 00 54 02 16 57 72 61 70 4E 6F 6E 45 78   // ....T..WrapNonEx
                                                                                                             63 65 70 74 69 6F 6E 54 68 72 6F 77 73 01 )       // ceptionThrows.
  .hash algorithm 0x00008004
  .ver 1:0:0:0
}
.module Test.dll
.imagebase 0x00400000
.file alignment 0x00000200
.stackreserve 0x00100000
.subsystem 0x0003       // WINDOWS_CUI
.corflags 0x00020003    //  ILONLY 32BITPREFERRED

.class public auto ansi beforefieldinit TestClass
    extends [mscorlib]System.Object
{
.method public final hidebysig newslot virtual 
    instance bool IsValidName (
        string name
    ) cil managed 
{
    // Method begins at RVA 0x35c8
    // Code size 431 (0x1af)
    .maxstack 2
    .locals init (
        [0] int32,
        [1] char,
        [2] valuetype [mscorlib]System.Globalization.UnicodeCategory,
        [3] valuetype [mscorlib]System.Globalization.UnicodeCategory,
        [4] int32,
        [5] int32
    )

    IL_0000: ldc.i4.0
    IL_0001: stloc 5
    IL_0005: ldloca 5
    IL_0009: ldind.i4
    IL_000a: stloc.s 4
    IL_000c: ldloc.s 4
    IL_000e: switch (IL_0017)

    IL_0017: ldc.i4.0
    IL_0018: switch (IL_0048)

    IL_0021: ldloc.s 4
    IL_0023: switch (IL_0170, IL_00a1, IL_005c, IL_013c, IL_0125, IL_01a8, IL_0077, IL_015d)

    IL_0048: ldc.i4.0
    IL_0049: stloc.0
    IL_004a: ldc.i4 2
    IL_004f: stloc 5
    IL_0053: ldloca 5
    IL_0057: ldind.i4
    IL_0058: stloc.s 4
    IL_005a: br.s IL_0021

    IL_005c: br IL_0127

    IL_0061: ldloc.0
    IL_0062: ldc.i4.1
    IL_0063: add
    IL_0064: stloc.0
    IL_0065: ldc.i4 6
    IL_006a: stloc 5
    IL_006e: ldloca 5
    IL_0072: ldind.i4
    IL_0073: stloc.s 4
    IL_0075: br.s IL_0021

    IL_0077: br IL_0127

    IL_007c: ldc.i4.0
    IL_007d: ret

    IL_007e: ldarg.1
    IL_007f: ldloc.0
    IL_0080: callvirt instance char [mscorlib]System.String::get_Chars(int32)
    IL_0085: stloc.1
    IL_0086: ldloc.1
    IL_0087: call valuetype [mscorlib]System.Globalization.UnicodeCategory [mscorlib]System.Char::GetUnicodeCategory(char)
    IL_008c: stloc.2
    IL_008d: ldloc.2
    IL_008e: stloc.3
    IL_008f: ldc.i4 1
    IL_0094: stloc 5
    IL_0098: ldloca 5
    IL_009c: ldind.i4
    IL_009d: stloc.s 4
    IL_009f: br.s IL_0021

    IL_00a1: ldc.i4 -2385
    IL_00a6: stloc 5
    IL_00aa: ldloca 5
    IL_00ae: ldind.i4
    IL_00af: ldc.i4 -2385
    IL_00b4: stloc 5
    IL_00b8: ldloca 5
    IL_00bc: ldind.i4
    IL_00bd: ceq
    IL_00bf: switch (IL_015d, IL_00d1, IL_015d)

    IL_00d0: nop

    IL_00d1: ldc.i4 1
    IL_00d6: stloc 5
    IL_00da: ldloca 5
    IL_00de: ldind.i4
    IL_00df: br.s IL_00ed

    IL_00e1: ldc.i4.0
    IL_00e2: stloc 5
    IL_00e6: ldloca 5
    IL_00ea: ldind.i4
    IL_00eb: br.s IL_00ed

    IL_00ed: brfalse.s IL_00ef

    IL_00ef: ldc.i4.0
    IL_00f0: stloc 5
    IL_00f4: ldloca 5
    IL_00f8: ldind.i4
    IL_00f9: brfalse IL_00fe

    IL_00fe: ldloc.3
    IL_00ff: switch (IL_0061, IL_0061, IL_0061)

    IL_0110: ldc.i4 4
    IL_0115: stloc 5
    IL_0119: ldloca 5
    IL_011d: ldind.i4
    IL_011e: stloc.s 4
    IL_0120: br IL_0021

    IL_0125: br.s IL_015f

    IL_0127: ldc.i4 3
    IL_012c: stloc 5
    IL_0130: ldloca 5
    IL_0134: ldind.i4
    IL_0135: stloc.s 4
    IL_0137: br IL_0021

    IL_013c: ldloc.0
    IL_013d: ldarg.1
    IL_013e: callvirt instance int32 [mscorlib]System.String::get_Length()
    IL_0143: blt IL_007e

    IL_0148: ldc.i4 7
    IL_014d: stloc 5
    IL_0151: ldloca 5
    IL_0155: ldind.i4
    IL_0156: stloc.s 4
    IL_0158: br IL_0021

    IL_015d: br.s IL_01ad

    IL_015f: ldc.i4.0
    IL_0160: stloc 5
    IL_0164: ldloca 5
    IL_0168: ldind.i4
    IL_0169: stloc.s 4
    IL_016b: br IL_0021

    IL_0170: ldloc.3
    IL_0171: ldc.i4.8
    IL_0172: beq IL_0061

    IL_0177: br.s IL_0186

    IL_0179: ldc.i4.0
    IL_017a: stloc 5
    IL_017e: ldloca 5
    IL_0182: ldind.i4

    IL_0183: pop
    IL_0184: br.s IL_0192

    IL_0186: ldc.i4.0
    IL_0187: stloc 5
    IL_018b: ldloca 5
    IL_018f: ldind.i4
    IL_0190: br.s IL_0183

    IL_0192: nop
    IL_0193: ldc.i4 5
    IL_0198: stloc 5
    IL_019c: ldloca 5
    IL_01a0: ldind.i4
    IL_01a1: stloc.s 4
    IL_01a3: br IL_0021

    IL_01a8: br IL_007c

    IL_01ad: ldc.i4.1
    IL_01ae: ret
} 
} // end of class TestClass