[Python-Dev] Is core dump always a bug? Advice requested
Tim Peters
tim.one at comcast.net
Tue May 11 23:39:57 EDT 2004
[Greg Ewing]
> Just a thought, but is statically verifying the bytecode even
> possible in principle? Seems to me it could be equivalent to
> the halting problem.
Verifying what, precisely? Some things can clearly be checked. For
examples, that all opcodes are defined, that no LOAD_CONST tries to index
beyond the actual length of co_consts, and that no jump tries to branch into
the middle of some multi-byte opcode sequence Violations of such
simple-to-check kinds of things are what cause segfaults most often when
handing the PVM nonsense bytes. Harder to do is flow-sensitive eval stack
simulation, to ensure that no path through the code can push more on the
eval stack than was allocated for it, and that there's enough stuff on the
stack at each point to satisfy each opcode that requires accessing the eval
stack.
A subset of what the Java bytecode verifier does is quite doable:
http://java.sun.com/sfaq/verifier.html#1
Java has more things that need to be checked, because many of the JVM
instructions have typed arguments (and it has registers as well as a stack).
Most PVM arguments are PyObject*, and when specific types are required
there's already code in ceval.c to check that at runtime.
More information about the Python-Dev
mailing list