I am recently working on some IL verification related scenario. IL verification is critical for CLR security. As CLR support for Silverlight approaching, it is a critical to make sure that our JIT can verify IL code correctly. I figured it would be interesting to share some verification rules we have and how we verify them.
Here is the IL code
.method public hidebysig static vararg void VarArg(value class [mscorlib]System.RuntimeArgumentHandle&) il managed
stobj value class [mscorlib]System.RuntimeArgumentHandle
The problem here is RuntimeArgumengHandle is a value type. The arglist will put an argument list handle (an unmanaged pointer) on the stack. The stobj will store a value type from the stack into memory. When it sees the unmanaged pointer, it raises the red flag.
[IL]: Error: xxx.dll : <Module>::VarArg][mdToken=0x6000001][offset 0x00000000][found value
‘System.RuntimeArgumentHandle’] ByRef of TypedReference, ArgHandle, or ArgIterat
Here is what the code looks like in C#.
public static void VarArg(ref RuntimeArgumentHandle A_0, __arglist)