Checking unsafe CIL for potential issues?

[FractalFir]

Hello! I am the creator of a project aiming to compile Rust code to .NET assemblies.

I have recently made some significant progress (I am able to compile most of the Rust standard library), and I would like to test the output of my Rust compiler backend better. My current tests involve running the resulting assemblies, and checking for crashes/exceptions. This is not ideal, since the .NET runtime quite often executes invalid CIL without raising exceptions.

This is an example of such invalid CIL:

.assembly Wrong{}
.class SomeValueType extends [System.Runtime]System.ValueType{
    .field float32 a
    .field float32 b
}
.class Issue{
    .method static native uint InvalidMethod(){
        .locals init(
            [0] valuetype SomeValueType
        )
        // Loads zero-initialzed SomeValueType 
        ldloc.0
        // Returns SomeValueType as nint. This is invalid, and would cause an exception in mono.
        ret
    }
    .method static void Main(){
        .entrypoint
        call native uint Issue::InvalidMethod()
        conv.u8
        // Prints 0
        call void [System.Console]System.Console::WriteLine(uint64)
        ret
    }
}

This invalid IL will get executed by the .NET runtime, but is rejected by mono(it throws a System.InvalidProgramException).
I can't use mono for testing, since some Rust functionality requires usage of APIs not supported by mono.

I would like to detect such invalid IL, because it signifies a bug within my compiler backend. Automatically catching such issues would make fixing bugs easier, since I would not have to debug the problematic assembly to try to find the problem.

I tried using ilverify for this purpose, but it has too many false positives. Assemblies I generate are unsafe, which causes ilverify to report a lot of errors related to unsafety. I tried ignoring specific error groups, but they are quite broad, which makes me unable to silence only false positives.

The assemblies produced by my project tend to be sizable(13k methods, ~3mln lines of IL), so it is not feasible to check their correctness by hand.

This leads me to ask the following questions:

1. Is there a way to increase how strict the runtime is when it comes to invalid IL? Some kind of command line option, environment variable?
2. Are there any other tools which could help me check the correctness of my assemblies?
3. Is there another way I can ensure the IL I create is valid?

Thank you in advance for your help!

I would also like to clarify that I am aware that this is not a bug in the .NET runtime.

[vitek-karas]

Related #37391.