I finally implemented the local variable usage tracking for subroutines in the verifier. In this instance Microsoft certainly did learn from Sun's mistakes. The JVM verifier is ridiculously complex because of two features:
- jsr & ret instructions (subroutines within a method)
- untyped local variables
The CLR lacks both of those features. The reason Sun introduced subroutines is because code in a finally block needs to run both in the normal case and in the exception case, there are two ways you can compile this (Java's bytecode has no concept of finally blocks): code duplication or the subroutine construct. Microsoft solved this by explicitly supporting finally blocks in MSIL, a far more elegant solution. Having typed local variables really doesn't have any downside (except that you have slightly more metadata to carry around).
Updated the snapshot.