review.tizen.org Git - platform/upstream/dotnet/runtime.git/commit

author	Andy Ayers <andya@microsoft.com>
	Fri, 17 Mar 2017 07:21:50 +0000 (00:21 -0700)
committer	Andy Ayers <andya@microsoft.com>
	Fri, 17 Mar 2017 17:39:04 +0000 (10:39 -0700)
commit	17c851488d986163b1071a77a32170ccb265f436
tree	49c164e9cd8d5b6349cdabf808bca17a79890876	tree \| snapshot
parent	aab2f9cfda10a0cebcab1a3c26e823a6680cb022	commit \| diff

JIT: Fix noway_assert when inlining

The jit keeps track of which inline arguments can be modified via starg
during the inlinee IL prescan to ensure that a temp is used to represent
such arguments in the inlined body. There is a noway_assert the a starg
is procecssed during importation that double-checks that a temp is really
being used, and this assert was firing.

The prescan guraded the starg tracking with a check to avoid an out-of-bounds
write into the argument table when scanning bad IL with bogus argument numbers.
The predicate was checking the argument number against lvaTableCount.
Unfortunately for inlinees this value is not related to the number of arguments.
In particular it some rare cases it may be an underestimate so the prescan might
end up failing to note a starg. If the the jit then tries to inline and the
caller passes a constant, the assert will then fire.

Fix is to update the guard to use the number of callee arguments. This is
known to be less than the table size by earlier checks.

Added a test case.

Closes dotnet/coreclr#9891.

Commit migrated from https://github.com/dotnet/coreclr/commit/0380bad51faf5ef608208f1ead8294dcf8519ce0

src/coreclr/src/jit/flowgraph.cpp		diff \| blob \| history
src/coreclr/tests/src/JIT/Regression/JitBlue/GitHub_9891/GitHub_9891.cs	[new file with mode: 0644]	blob
src/coreclr/tests/src/JIT/Regression/JitBlue/GitHub_9891/GitHub_9891.csproj	[new file with mode: 0644]	blob