Track span.Length's negativity + remove unsound assumption from MergeEdgeAssertions

[EgorBo]

This PR does:

• Remove an unsound assumption from MergeEdgeAssertions (IsVnCheckedBound = non-negative).
  • IsVnCheckedBound just consults with a global VN hash of VNs ever participating in BoundsCheck's length arg. While in reality we can only rely on such VNs in certain contexts, e.g. after BoundsCheck nodes. Fixes AVE instead of IndexOutOfRangeException #124404
• Track span.Length's non-negativity via assertions (won't work for non-promoted spans).
  • This is needed to mitigate some of the regressions from (1)
• Support VNF_Not unary op in GetRangeFromAssertions
• Add more debug checks to AssertionDsc

Diffs - some regressions from the removed IsVnCheckedBound hack and now non-promoted Spans are less likely to be recognized. Likely to be fixed when the legacy promotion is gone?

[dotnet-policy-service]

Tagging subscribers to this area: @JulieLeeMSFT, @jakobbotsch
See info in area-owners.md if you want to be subscribed.

[Copilot]

Pull request overview

This pull request enhances range check analysis in the JIT compiler by:

• Adding support for tracking span.Length's non-negativity through assertions
• Adding support for VNF_NOT (logical not) operations in range analysis
• Removing unsound assumptions from MergeEdgeAssertions that incorrectly used checked bounds
• Adding debug-only assertions to AssertionDsc to catch mode confusion between local and global assertion propagation

Changes:

• Added RangeOps::Not() for logical negation on constant boolean ranges
• Added VNF_NOT case to GetRangeFromAssertions with proper range computation
• Removed unsafe code in MergeEdgeAssertions that made unsound assumptions about checked bounds
• Added debug-only m_compiler fields to AssertionDscOp1/Op2 with mode-checking assertions in getters
• Removed unused O2K_INVALID enum value
• Added CreateEmptyAssertion factory to ensure proper initialization of debug fields
• Added GT_LCL_VAR case in optAssertionGen to generate assertions for never-negative locals

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File	Description
src/coreclr/jit/rangecheck.h	Added RangeOps::Not() method for logical negation on boolean ranges
src/coreclr/jit/rangecheck.cpp	Added VNF_NOT support in GetRangeFromAssertions; removed unsound assumptions in MergeEdgeAssertions
src/coreclr/jit/compiler.h	Added debug assertions to AssertionDsc with CreateEmptyAssertion factory; removed O2K_INVALID
src/coreclr/jit/assertionprop.cpp	Added GT_LCL_VAR case for never-negative locals; updated factory method calls to pass compiler

[EgorBo]

PTAL @jakobbotsch I remember you pointed me to that assumption. cc @dotnet/jit-contrib

[EgorBo]

Managed to come up with a bug-repro that this PR fixes: #124404

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated no new comments.

Comments suppressed due to low confidence (1)

src/coreclr/jit/rangecheck.cpp:712

• RangeOps::Not() method does not exist. This code calls RangeOps::Not(r1) but the RangeOps struct in rangecheck.h only defines methods like Negate, Add, Subtract, Multiply, etc. There is no Not method implemented. This will cause a compilation error. You need to either implement RangeOps::Not() or remove the VNF_NOT case from this switch statement.

[EgorBo]

/ba-g filed #124487 for the failure