PEVerify可以告诉我每个错误的严重性吗？ [英] Can PEVerify tell me the severity of each error?

问题描述

我正在使用 Mono.Cecil 修改程序集，我想检查其有效性（结果是否将完全运行）。我正在尝试使用 PEVerify ，但是遇到了问题。

I'm modifying an assembly using Mono.Cecil, and I want to check it for validity (whether the result will run at all). I'm trying to use PEVerify, but I'm having a problem.

它是为确保代码而设计的是可验证的，因此它只说 ERROR 是错误是否表示IL完全无效且将不执行，或者是否是可验证性问题而将其完全信任。以下是一些示例：

It was designed for ensuring code is verifiable, so it just says ERROR whether the error means the IL is completely invalid and will not execute, or whether it's a verifiability issue that would be ignored in full trust. Here are some examples:

1. 使用指针等。


2. 未设置 .locals初始化（当方法具有本地语言时。）


3. 从非构造函数调用 .ctor

1. Using pointers and the like.
2. Not setting .locals init when the method has locals.
3. Calling .ctor from a non-constructor method.

导致IL无法运行的问题包括：

Issues that make the IL fail to run include:

1. 成员无法从使用位置访问。


2. 成员不存在。

有没有办法让我知道问题的严重性？如果没有，还有其他工具可以做到这一点吗？

Is there a way to make it give me some indication of the severity of the issue? If not, is there another tool that can do this?

推荐答案

@HansPassant已经尝试对其进行解释，只是为了我们所有人都互相理解，这是怎么回事。

@HansPassant already tried to explain it, but just so that we all understand each other, here's what's going on.

PEVerify检查您的程序集中是否存在不正常的构造。也就是说，PEVerify不是JIT编译器。 JIT编译器本身不检查IL程序集-它只是获取要调用的方法，将其更改为SSA形式，对其进行优化，然后对其进行编译，然后调用生成的二进制程序集。

PEVerify checks your assembly for constructs that are not okay. That said, PEVerify is not the JIT compiler. The JIT compiler itself doesn't check the IL assembly - it just grabs the method it's going to call, changes it into an SSA form, optimizes it, compiles it and then calls the resulting binary assembly.

现在，编译器将随着时间的推移而发展。更改和添加了优化，并且编译器的作用不一定是检查错误（如果发现它是副产品，则可能会报告错误，但不能保证）。请记住，JIT编译器仅针对一件事进行了不懈的优化，那就是生成相当好的汇编字节码（因为它是JIT的语言，所以编译某些东西所花的时间确实很重要）。因此，有两种不同的工具。

Now, the compiler will evolve over time. Optimizations are changed and added, and the role of the compiler is not necessarily to check for error (if it finds one as a by-product, it'll probably report it, but no guarantees). Remember, the JIT compiler is relentlessly optimized for just one thing, and that is to produce pretty good assembler byte code (because it's a JIT'ted language, the time it takes to compile something is really important). So, two different tools.

这基本上导致以下结果：

This basically results in the following:

• PEVerify会告诉您是否定义了方法/程序集的结果。

如果您忽略PEVerify的错误，则基本上意味着结果将是未定义的行为-可以是从可执行的可执行文件到严重崩溃的任何内容。没有警告之类的东西。

If you ignore an error of PEVerify, this basically means that the result will be undefined behavior - which can be anything from a working executable to a hard crash. There is no such thing as a 'warning'.

这篇关于PEVerify可以告诉我每个错误的严重性吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！