20 Nov 08 Opcodes list
- 本文地址: http://www.laruence.com/2008/11/20/640.html
- 转载文章
- 1 ZEND_NOP (Opcode 00)
- 2 ZEND_ADD (Opcode 01)
- 3 ZEND_SUB (Opcode 02)
- 4 ZEND_MUL (Opcode 03)
- 5 ZEND_DIV (Opcode 04)
- 6 ZEND_MOD (Opcode 05)
- 7 ZEND_SL (Opcode 06)
- 8 ZEND_SR (Opcode 07)
- 9 ZEND_CONCAT (Opcode 08)
- 10 ZEND_BW_OR (Opcode 09)
- 11 ZEND_BW_AND (Opcode 10)
- 12 ZEND_BW_XOR (Opcode 11)
- 13 ZEND_BW_NOT (Opcode 12)
- 14 ZEND_BOOL_NOT (Opcode 13)
- 15 ZEND_BOOL_XOR (Opcode 14)
- 16 ZEND_IS_IDENTICAL (Opcode 15)
- 17 ZEND_IS_NOT_IDENTICAL (Opcode 16)
- 18 ZEND_IS_EQUAL (Opcode 17)
- 19 ZEND_IS_NOT_EQUAL (Opcode 18)
- 20 ZEND_IS_SMALLER (Opcode 19)
- 21 ZEND_IS_SMALLER_OR_EQUAL (Opcode 20)
- 22 ZEND_CAST (Opcode 21)
- 23 ZEND_QM_ASSIGN (Opcode 22)
- 24 ZEND_ASSIGN_ADD (Opcode 23)
- 25 ZEND_ASSIGN_SUB (Opcode 24)
- 26 ZEND_ASSIGN_MUL (Opcode 25)
- 27 ZEND_ASSIGN_DIV (Opcode 26)
- 28 ZEND_ASSIGN_MOD (Opcode 27)
- 29 ZEND_ASSIGN_SL (Opcode 28)
- 30 ZEND_ASSIGN_SR (Opcode 29)
- 31 ZEND_ASSIGN_CONCAT (Opcode 30)
- 32 ZEND_ASSIGN_BW_OR (Opcode 31)
- 33 ZEND_ASSIGN_BW_AND (Opcode 32)
- 34 ZEND_ASSIGN_BW_XOR (Opcode 33)
- 35 ZEND_PRE_INC (Opcode 34)
- 36 ZEND_PRE_DEC (Opcode 35)
- 37 ZEND_POST_INC (Opcode 36)
- 38 ZEND_POST_DEC (Opcode 37)
- 39 ZEND_ASSIGN (Opcode 38)
- 40 ZEND_ASSIGN_REF (Opcode 39)
- 41 ZEND_ECHO (Opcode 40)
- 42 ZEND_PRINT (Opcode 41)
- 43 ZEND_JMP (Opcode 42)
- 44 ZEND_JMPZ (Opcode 43)
- 45 ZEND_JMPNZ (Opcode 44)
- 46 ZEND_JMPZNZ (Opcode 45)
- 47 ZEND_JMPZ_EX (Opcode 46)
- 48 ZEND_JMPNZ_EX (Opcode 47)
- 49 ZEND_CASE (Opcode 48)
- 50 ZEND_SWITCH_FREE (Opcode 49)
- 51 ZEND_BRK (Opcode 50)
- 52 ZEND_CONT (Opcode 51)
- 53 ZEND_BOOL (Opcode 52)
- 54 ZEND_INIT_STRING (Opcode 53)
- 55 ZEND_ADD_CHAR (Opcode 54)
- 56 ZEND_ADD_STRING (Opcode 55)
- 57 ZEND_ADD_VAR (Opcode 56)
- 58 ZEND_BEGIN_SILENCE (Opcode 57)
- 59 ZEND_END_SILENCE (Opcode 58)
- 60 ZEND_INIT_FCALL_BY_NAME (Opcode 59)
- 61 ZEND_DO_FCALL (Opcode 60)
- 62 ZEND_DO_FCALL_BY_NAME (Opcode 61)
- 63 ZEND_RETURN (Opcode 62)
- 64 ZEND_RECV (Opcode 63)
- 65 ZEND_RECV_INIT (Opcode 64)
- 66 ZEND_SEND_VAL (Opcode 65)
- 67 ZEND_SEND_VAR (Opcode 66)
- 68 ZEND_SEND_REF (Opcode 67)
- 69 ZEND_NEW (Opcode 68)
- 70 ZEND_FREE (Opcode 70)
- 71 ZEND_INIT_ARRAY (Opcode 71)
- 72 ZEND_ADD_ARRAY_ELEMENT (Opcode 72)
- 73 ZEND_INCLUDE_OR_EVAL (Opcode 73)
- 74 ZEND_UNSET_VAR (Opcode 74)
- 75 ZEND_UNSET_DIM (Opcode 75)
- 76 ZEND_UNSET_OBJ (Opcode 76)
- 77 ZEND_FE_RESET (Opcode 77)
- 78 ZEND_FE_FETCH (Opcode 78)
- 79 ZEND_EXIT (Opcode 79)
- 80 ZEND_FETCH_R (Opcode 80)
- 81 ZEND_FETCH_DIM_R (Opcode 81)
- 82 ZEND_FETCH_OBJ_R (Opcode 82)
- 83 ZEND_FETCH_W (Opcode 83)
- 84 ZEND_FETCH_DIM_W (Opcode 84)
- 85 ZEND_FETCH_OBJ_W (Opcode 85)
- 86 ZEND_FETCH_RW (Opcode 86)
- 87 ZEND_FETCH_DIM_RW (Opcode 87)
- 88 ZEND_FETCH_OBJ_RW (Opcode 88)
- 89 ZEND_FETCH_IS (Opcode 89)
- 90 ZEND_FETCH_DIM_IS (Opcode 90)
- 91 ZEND_FETCH_OBJ_IS (Opcode 91)
- 92 ZEND_FETCH_FUNC_ARG (Opcode 92)
- 93 ZEND_FETCH_DIM_FUNC_ARG (Opcode 93)
- 94 ZEND_FETCH_OBJ_FUNC_ARG (Opcode 94)
- 95 ZEND_FETCH_UNSET (Opcode 95)
- 96 ZEND_FETCH_DIM_UNSET (Opcode 96)
- 97 ZEND_FETCH_OBJ_UNSET (Opcode 97)
- 98 ZEND_FETCH_DIM_TMP_VAR (Opcode 98)
- 99 ZEND_FETCH_CONSTANT (Opcode 99)
- 100 ZEND_EXT_STMT (Opcode 101)
- 101 ZEND_EXT_FCALL_BEGIN (Opcode 102)
- 102 ZEND_EXT_FCALL_END (Opcode 103)
- 103 ZEND_EXT_NOP (Opcode 104)
- 104 ZEND_TICKS (Opcode 105)
- 105 ZEND_SEND_VAR_NO_REF (Opcode 106)
- 106 ZEND_CATCH (Opcode 107)
- 107 ZEND_THROW (Opcode 108)
- 108 ZEND_FETCH_CLASS (Opcode 109)
- 109 ZEND_CLONE (Opcode 110)
- 110 ZEND_INIT_METHOD_CALL (Opcode 112)
- 111 ZEND_INIT_STATIC_METHOD_CALL (Opcode 113)
- 112 ZEND_ISSET_ISEMPTY_VAR (Opcode 114)
- 113 ZEND_ISSET_ISEMPTY_DIM_OBJ (Opcode 115)
- 114 ZEND_PRE_INC_OBJ (Opcode 132)
- 115 ZEND_PRE_DEC_OBJ (Opcode 133)
- 116 ZEND_POST_INC_OBJ (Opcode 134)
- 117 ZEND_POST_DEC_OBJ (Opcode 135)
- 118 ZEND_ASSIGN_OBJ (Opcode 136)
- 119 ZEND_OP_DATA (Opcode 137)
- 120 ZEND_INSTANCEOF (Opcode 138)
- 121 ZEND_DECLARE_CLASS (Opcode 139)
- 122 ZEND_DECLARE_INHERITED_CLASS (Opcode 140)
- 123 ZEND_DECLARE_FUNCTION (Opcode 141)
- 124 ZEND_RAISE_ABSTRACT_ERROR (Opcode 142)
- 125 ZEND_ADD_INTERFACE (Opcode 144)
- 126 ZEND_VERIFY_ABSTRACT_CLASS (Opcode 146)
- 127 ZEND_ASSIGN_DIM (Opcode 147)
- 128 ZEND_ISSET_ISEMPTY_PROP_OBJ (Opcode 148)
- 129 ZEND_HANDLE_EXCEPTION (Opcode 149)
- 130 ZEND_USER_OPCODE (Opcode 150)
ZEND_NOP (Opcode 00)
No op
Op1: -
Op2: -
Return: -
ZEND_ADD (Opcode 01)
Adds two values
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 + 2
Gives:
ZEND_ADD 1 2 ~0
ZEND_SUB (Opcode 02)
Subtracts two values
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 - 2
Gives:
ZEND_SUB 1 2 ~0
ZEND_MUL (Opcode 03)
Multiplies two values
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 * 2
Gives:
ZEND_MUL 1 2 ~0
ZEND_DIV (Opcode 04)
Divides two values
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 / 2
Gives:
ZEND_DIV 1 2 ~0
ZEND_MOD (Opcode 05)
Calculates LHS % RHS
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 % 2
Gives:
ZEND_MOD 1 2 ~0
ZEND_SL (Opcode 06)
Shifts-left a value
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 << 2
Gives:
ZEND_SL 1 2 ~0
ZEND_SR (Opcode 07)
Shifts-right two values
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 >> 2
Gives:
ZEND_SR 1 2 ~0
ZEND_CONCAT (Opcode 08)
Concatenates two values
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 . 2
Gives:
ZEND_CONCAT 1 2 ~0
ZEND_BW_OR (Opcode 09)
Bitwise-Ors two values
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 | 2
Gives:
ZEND_BW_OR 1 2 ~0
ZEND_BW_AND (Opcode 10)
Bitwise-Ands two values
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 & 2
Gives:
ZEND_BW_AND 1 2 ~0
ZEND_BW_XOR (Opcode 11)
Bitwise-Xors two values
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 ^ 2
Gives:
ZEND_XOR 1 2 ~0
ZEND_BW_NOT (Opcode 12)
Bitwise-negates a value
Op1: Value
Op2: -
Result: Variable where the result is stored
Example:
~ 1
Gives:
ZEND_BW_NOT 1 - ~0
ZEND_BOOL_NOT (Opcode 13)
Boolean-negates a value
Op1: Value
Op2: -
Result: Variable where the result is stored
Example:
! 1
Gives:
ZEND_BOOL_NOT 1 - ~0
ZEND_BOOL_XOR (Opcode 14)
Boolean-Xors two values
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 xor 2
Gives:
ZEND_BOOL_XOR 1 2 ~0
ZEND_IS_IDENTICAL (Opcode 15)
Compares two values using ===
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 === 2
Gives:
ZEND_IS_IDENTICAL 1 2 ~0
ZEND_IS_NOT_IDENTICAL (Opcode 16)
Compares two values using !==
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 !== 2
Gives:
ZEND_IS_NOT_IDENTICAL 1 2 ~0
ZEND_IS_EQUAL (Opcode 17)
Compares two values using ==
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 == 2
Gives:
ZEND_IS_EQUAL 1 2 ~0
ZEND_IS_NOT_EQUAL (Opcode 18)
Compares two values using !=
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 != 2
Gives:
ZEND_IS_NOT_EQUAL 1 2 ~0
ZEND_IS_SMALLER (Opcode 19)
Compares two values using <
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 < 2
Gives:
ZEND_IS_SMALLER 1 2 ~0
ZEND_IS_SMALLER_OR_EQUAL (Opcode 20)
Compares two values using <=
Op1: LHS
Op2: RHS
Result: Variable where the result is stored
Example:
1 <= 2
Gives:
ZEND_IS_SMALLER_OR_EQUAL 1 2 ~0
ZEND_CAST (Opcode 21)
Casts a value to another type
Op1: LHS
Op2: -
Result: Variable where the result is stored
Extended value: Type to cast to.
Example:
$x = (double)$y;
Gives:
01 0x9BF728 ZEND_CAST $y, - => ~1 (Extended value: 2)
ZEND_QM_ASSIGN (Opcode 22)
Assigns a value to the result of a ternary operator expression.
Op1: Value to assign
Op2: -
Result: Variable where the result is stored
Example:
$x = (3 > 4) ? 1 : 2;
Gives:
00 0x9BF7F8 ZEND_IS_SMALLER 4, 3 => ~0 (Extended value: 0) 01 0x9BF858 ZEND_JMPZ ~0, 0x9BF978 => - (Extended value: 0) 02 0x9BF8B8 ZEND_QM_ASSIGN 1, - => ~1 (Extended value: 0) 03 0x9BF918 ZEND_JMP 0x9BF9D8, - => - (Extended value: 0) 04 0x9BF978 ZEND_QM_ASSIGN 2, - => ~1 (Extended value: 0) 05 0x9BF9D8 ZEND_ASSIGN $x, ~1 => +2 (Extended value: 0)
ZEND_ASSIGN_ADD (Opcode 23)
Adds a value to a variable
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table.
Op2: Value to add
Result: Variable where the result is stored
Example:
$x += 3;
Gives:
ZEND_ASSIGN_ADD ~0 3 $0
ZEND_ASSIGN_SUB (Opcode 24)
Subtracts a value from a variable
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: Value to add
Result: Variable where the result is stored
Example:
$x -= 3;
Gives:
ZEND_ASSIGN_SUB ~0 3 $0
ZEND_ASSIGN_MUL (Opcode 25)
Multiplies a variable with a value.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: Value to mulitply with
Result: Variable where the result is stored
Example:
$x *= 3;
Gives:
ZEND_ASSIGN_MUL ~0 3 $0
ZEND_ASSIGN_DIV (Opcode 26)
Divides a variable by a value.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: Value to divide by
Result: Variable where the result is stored
Example:
$x /= 3;
Gives:
ZEND_ASSIGN_DIV ~0 3 $0
ZEND_ASSIGN_MOD (Opcode 27)
Mods a variable with a value.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: Value
Result: Variable where the result is stored
Example:
$x %= 3;
Gives:
ZEND_ASSIGN_MOD ~0 3 $0
ZEND_ASSIGN_SL (Opcode 28)
Shift-lefts a variable by a value.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: Value
Result: Variable where the result is stored
Example:
$x <<= 3;
Gives:
ZEND_ASSIGN_SL ~0 3 $0
ZEND_ASSIGN_SR (Opcode 29)
Shift-rights a variable by a value.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: Value
Result: Variable where the result is stored
Example:
$x <<= 3;
Gives:
ZEND_ASSIGN_SR ~0 3 $0
ZEND_ASSIGN_CONCAT (Opcode 30)
Concatenates a value to a variable
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: Value
Result: Variable where the result is stored
Example:
$x .= 3;
Gives:
ZEND_ASSIGN_CONCAT ~0 3 $0
ZEND_ASSIGN_BW_OR (Opcode 31)
Bitwise-Ors a variable with a value.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: Value
Result: Variable where the result is stored
Example:
$x |= 3;
Gives:
ZEND_ASSIGN_BW_OR ~0 3 $0
ZEND_ASSIGN_BW_AND (Opcode 32)
Bitwise-Ands a variable with a value.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: Value
Result: Variable where the result is stored
Example:
$x &= 3;
Gives:
ZEND_ASSIGN_BW_AND ~0 3 $0
ZEND_ASSIGN_BW_XOR (Opcode 33)
Bitwise-Xors a variable with a value.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: Value
Result: Variable where the result is stored
Example:
$x ^= 3;
Gives:
ZEND_ASSIGN_BW_XOR ~0 3 $0
ZEND_PRE_INC (Opcode 34)
Pre-increments a variable.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: -
Result: Variable where the result is stored
Example:
++$x;
Gives:
ZEND_PRE_INC ~0 3 $0
ZEND_PRE_DEC (Opcode 35)
Pre-decrements a variable.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: -
Result: Variable where the result is stored
Example:
--$x;
Gives:
ZEND_PRE_DEC ~0 3 $0
ZEND_POST_INC (Opcode 36)
Post-increments a variable.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: -
Result: The temporary variable where the side-effect is stored
Example:
$x++;
Gives:
ZEND_POST_INC ~0 - ~0
ZEND_POST_DEC (Opcode 37)
Post-decrements a variable.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: -
Result: The temporary variable where the side-effect is stored
Example:
$x--;
Gives:
ZEND_POST_DEC ~0 - ~0
ZEND_ASSIGN (Opcode 38)
Assigns a value to a variable.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2: The value
Result: The variable where the result is stored.
Example:
$x = 3;
Gives:
ZEND_ASSIGN ~0 3 $0
ZEND_ASSIGN_REF (Opcode 39)
Assigns a reference to a variable.
Op1: Index you can use to look up the the variable name of the LHS side variable in the variable names table
Op2:Index you can use to look up the the variable name of the RHS side variable in the variable names table
Result: Result of the assignment.
Example:
$y = &$x;
Gives:
0x9BF7F8 ZEND_ASSIGN_REF $y, $x => +0
ZEND_ECHO (Opcode 40)
Opcode of the echo function
Op1: Value to echo
Op2: -
Result: -
Example:
echo 4;
Gives:
ZEND_ECHO 4 - -
ZEND_PRINT (Opcode 41)
Opcode of the print function
Op1: Value to echo
Op2: -
Result: Return value of the print function
Example:
print 4;
Gives:
ZEND_ECHO 4 - ~0
ZEND_JMP (Opcode 42)
Unconditional Jump
Op1: Pointer to zend_op instruction to jump to.
Op2: -
Result: -
Example:
if (3 > 4) { }
Gives:
ZEND_JMP 0x9BFA38, - => -
ZEND_JMPZ (Opcode 43)
Conditional Jump if zero
Op1: Value to check for zero
Op2: Pointer to zend_op instruction to jump to
Result: -
Example:
if (3 > 4) { }
Gives:
ZEND_JMPZ ~0, 0x9BF918 => -
ZEND_JMPNZ (Opcode 44)
Conditional Jump if not zero
Op1: Value to check for non-zero value
Op2: Pointer to zend_op instruction to jump to
Result: -
Example:
do
{
echo "hi";
} while ($x < 3);
Gives:
01 0x9BF858 ZEND_ECHO "hi", - => - (Extended value: 0) 02 0x9BF8B8 ZEND_IS_SMALLER $x, 3 => ~1 (Extended value: 0) 03 0x9BF918 ZEND_JMPNZ ~1, 0x9BF858 => - (Extended value: 0)
ZEND_JMPZNZ (Opcode 45)
This is an interesting opcode which works differently than all other opcodes so far. I think it’s Jump to X if value is not zero, to Y otherwise. It’s the first instruction I found that makes use of the zend_op::extended_value field.
Op1: Value to check for non-zero
Op2: Index of zend_op instruction to jump to if value is not zero.
Result: -
extended_value: Index of zend_op instruction to jump to if value is zero.
Example:
for ($i=0;$i<10;$i++)
{
echo "hi";
echo "hi";
}
Gives:
00 0x9BF7F8 ZEND_ASSIGN $i, 0 => +0 (Extended value: 0) 01 0x9BF858 ZEND_IS_SMALLER $i, 10 => ~1 (Extended value: 0) 02 0x9BF8B8 ZEND_JMPZNZ ~1, 0x9 => - (Extended value: 6) 03 0x9BF918 ZEND_POST_INC $i, - => ~2 (Extended value: 0) 04 0x9BF978 ZEND_FREE ~2, - => - (Extended value: 0) 05 0x9BF9D8 ZEND_JMP 0x9BF858, - => - (Extended value: 0) 06 0x9BFA38 ZEND_ECHO "hi", - => - (Extended value: 0) 07 0x9BFA98 ZEND_ECHO "hi", - => - (Extended value: 0) 08 0x9BFAF8 ZEND_JMP 0x9BF918, - => - (Extended value: 0) 09 0x9BFB58 ZEND_RETURN 1, - => - (Extended value: 0) 10 0x9BFBB8 ZEND_HANDLE_EXCEPTION -, - => - (Extended value: 0)
We can see the ZEND_JMPZNZ is used for $i<10. As long as that’s true, execution will continue at instruction 6. If the condition turns false, execution will hop to instruction 9.
ZEND_JMPZ_EX (Opcode 46)
Some kind of extended conditional Jump if zero.
Op1: Value to check for zero value
Op2: Pointer to zend_op instruction to jump to
Result: ???
Example:
if ($x < 3 && $x < 10)
{
echo "hi";
}
Gives:
00 0x9BF7F8 ZEND_IS_SMALLER $x, 3 => ~0 (Extended value: 0) 01 0x9BF858 ZEND_JMPZ_EX ~0, 0x9BF978 => ~0 (Extended value: 0) 02 0x9BF8B8 ZEND_IS_SMALLER $x, 10 => ~1 (Extended value: 0) 03 0x9BF918 ZEND_BOOL ~1, - => ~0 (Extended value: 0) 04 0x9BF978 ZEND_JMPZ ~0, 0x9BFA98 => - (Extended value: 0) 05 0x9BF9D8 ZEND_ECHO "hi", - => - (Extended value: 0) 06 0x9BFA38 ZEND_JMP 0x9BFA98, - => - (Extended value: 0) 07 0x9BFA98 ZEND_RETURN 1, - => - (Extended value: 0)
ZEND_JMPNZ_EX (Opcode 47)
Some kind of extended conditional Jump if non-zero.
Op1: Value to check for non-zero value
Op2: Pointer to zend_op instruction to jump to
Result: ???
Example:
if ($x < 3 || $x < 10)
{
echo "hi";
}
Gives:
00 0x9BF7F8 ZEND_IS_SMALLER $x, 3 => ~0 (Extended value: 0) 01 0x9BF858 ZEND_JMPNZ_EX ~0, 0x9BF978 => ~0 (Extended value: 0) 02 0x9BF8B8 ZEND_IS_SMALLER $x, 10 => ~1 (Extended value: 0) 03 0x9BF918 ZEND_BOOL ~1, - => ~0 (Extended value: 0) 04 0x9BF978 ZEND_JMPZ ~0, 0x9BFA98 => - (Extended value: 0) 05 0x9BF9D8 ZEND_ECHO "hi", - => - (Extended value: 0) 06 0x9BFA38 ZEND_JMP 0x9BFA98, - => - (Extended value: 0) 07 0x9BFA98 ZEND_RETURN 1, - => - (Extended value: 0)
ZEND_CASE (Opcode 48)
Case expression inside a switch statement.
Op1: Switch value
Op2: Case value
Result: Result of comparison
Example:
switch ($x)
{
case 3: print "yay";
}
Gives:
ZEND_CASE $x, 3 => ~0
ZEND_SWITCH_FREE (Opcode 49)
Frees the variable used in switch expression.
Op1: Variable to free.
Op2: -
Result: -
Example:
switch (3 > 4)
{
}
Gives:
01 0x9BF858 ZEND_SWITCH_FREE ~0, - => - (Extended value: 0)
ZEND_BRK (Opcode 50)
Break expression inside a loop.
Op1: -
Op2: Number of enclosing structures to break out of.
Result: -
Example:
while (true)
{
break 33;
}
Gives:
0x9BF8B8 ZEND_BRK -, 33 => -
ZEND_CONT (Opcode 51)
Continue expression inside a loop.
Op1: -
Op2: continue accepts an optional numeric argument which tells it how many levels of enclosing loops it should skip to the end of.
Result: -
Example:
while (true)
{
continue 33;
}
Gives:
0x9BF8B8 ZEND_CONT -, 33 => -
ZEND_BOOL (Opcode 52)
I don’t have a clue. Issued by && and || expressions.
Op1: ???
Op2: -
Result: ???
Example:
if ($x < 3 && $x < 10) { echo "hi"; }
Gives:
00 0x9BF7F8 ZEND_IS_SMALLER $x, 3 => ~0 (Extended value: 0) 01 0x9BF858 ZEND_JMPZ_EX ~0, 0x9BF978 => ~0 (Extended value: 0) 02 0x9BF8B8 ZEND_IS_SMALLER $x, 10 => ~1 (Extended value: 0) 03 0x9BF918 ZEND_BOOL ~1, - => ~0 (Extended value: 0) 04 0x9BF978 ZEND_JMPZ ~0, 0x9BFA98 => - (Extended value: 0) 05 0x9BF9D8 ZEND_ECHO "hi", - => - (Extended value: 0) 06 0x9BFA38 ZEND_JMP 0x9BFA98, - => - (Extended value: 0) 07 0x9BFA98 ZEND_RETURN 1, - => - (Extended value: 0)
ZEND_INIT_STRING (Opcode 53)
Creates a new empty string. This is used by more complex string operations.
Op1: -
Op2: -
Result: The new string variable
Example:
$x = "Hi $y";
Gives:
00 0x9BF7F8 ZEND_INIT_STRING -, - => ~0 (Extended value: 0)
ZEND_ADD_CHAR (Opcode 54)
Adds a character to a string. This is used by more complex string operations.
Op1: String variable
Op2: Character code
Result: String variable
Example:
$x = "Hi [ $y";
Gives:
00 0x9BF7F8 ZEND_INIT_STRING -, - => ~0 (Extended value: 0) 01 0x9BF858 ZEND_ADD_STRING ~0, "Hi" => ~0 (Extended value: 0) 02 0x9BF8B8 ZEND_ADD_STRING ~0, " " => ~0 (Extended value: 0) 03 0x9BF918 ZEND_ADD_CHAR ~0, 91 => ~0 (Extended value: 0) 04 0x9BF978 ZEND_ADD_STRING ~0, " " => ~0 (Extended value: 0) 05 0x9BF9D8 ZEND_ADD_VAR ~0, $y => ~0 (Extended value: 0) 06 0x9BFA38 ZEND_ASSIGN $x, ~0 => +1 (Extended value: 0))
ZEND_ADD_STRING (Opcode 55)
Adds a string literal to a string. This is used by more complex string operations.
Op1: String variable
Op2: String literal to add
Result: String variable
Example:
$x = "Hi $y";
Gives:
00 0x9BF7F8 ZEND_INIT_STRING -, - => ~0 (Extended value: 0) 01 0x9BF858 ZEND_ADD_STRING ~0, "Hi" => ~0 (Extended value: 0) 02 0x9BF8B8 ZEND_ADD_STRING ~0, " " => ~0 (Extended value: 0)
ZEND_ADD_VAR (Opcode 56)
Inserts a variable into a string.
Op1: String variable
Op2: Variable ID
Result: String variable
Example:
echo "$dir";
Gives:
01 0x9BF858 ZEND_ADD_VAR ~0, $dir => ~0 (Extended value: 0)
ZEND_BEGIN_SILENCE (Opcode 57)
Starts a silent block. That’s a block where error reporting is disabled.
Op1: -
Op2: -
Result: Probably a handle to the block
Example:
@foo();
Gives:
01 0x9BF858 ZEND_BEGIN_SILENCE -, - => ~0 (Extended value: 0) 02 0x9BF8B8 ZEND_DO_FCALL "foo", - => +1 (Extended value: 0) 03 0x9BF918 ZEND_END_SILENCE ~0, - => - (Extended value: 0)
ZEND_END_SILENCE (Opcode 58)
Ends a silent block. That’s a block where error reporting is disabled.
Op1: Probably a handle to the block
Op2: -
Result: -
Example:
@foo();
Gives:
01 0x9BF858 ZEND_BEGIN_SILENCE -, - => ~0 (Extended value: 0) 02 0x9BF8B8 ZEND_DO_FCALL "foo", - => +1 (Extended value: 0) 03 0x9BF918 ZEND_END_SILENCE ~0, - => - (Extended value: 0)
ZEND_INIT_FCALL_BY_NAME (Opcode 59)
Used to prepare a function call through a string variable that contains the function name.
Op1: -
Op2: String variable
Result: -
Example:
$x = "foo"; $x(3);
Gives:
04 0x9BF978 ZEND_INIT_FCALL_BY_NAME -, $x => - (Extended value: 0)
ZEND_DO_FCALL (Opcode 60)
Used to call functions
Op1: Name of the function
Op2: -
Return: -
Extended value: Number of arguments
Example:
fib(12);
Gives:
02 0x9BF8B8 ZEND_DO_FCALL "fib", - => +0 (Extended value: 1)
ZEND_DO_FCALL_BY_NAME (Opcode 61)
Used to make a function call through a string variable that contains the function name.
Op1: -
Op2: -
Result: Return value of the function
Extended value: Number of arguments
Example:
$x = "foo"; echo $x();
Gives:
05 0x9BF9D8 ZEND_DO_FCALL_BY_NAME -, - => +3 (Extended value: 0)
It’s curious that there’s nothing in the parameters that identifies the function to call. Either it’s always the last function prepared with ZEND_INIT_FCALL_BY_NAME or there’s an additional parameter hidden somewhere I haven’t considered yet.
ZEND_RETURN (Opcode 62)
Returns a value from a function
Op1: Value to return
Op2: -
Return: -
Example:
return 1;
Gives:
ZEND_RETURN 1 - -
ZEND_RECV (Opcode 63)
Assigns a value that was passed to a function to a variable.
Op1: Number of parameter
Op2: -
Return: Variable name
Example:
function foo($abc, $y = 3)
Gives:
00 0x9C1078 ZEND_RECV 1, - => $abc (Extended value: 0)
ZEND_RECV_INIT (Opcode 64)
Assigns an optional value that was passed to a function to a variable. If no value was passed, the default value is assigned.
Op1: Number of parameter
Op2: Default value
Return: Variable name
Example:
function foo($abc, $y = 3)
Gives:
01 0x9C10D8 ZEND_RECV_INIT 2, 3 => $y (Extended value: 0)
ZEND_SEND_VAL (Opcode 65)
Used to send values to functions.
Op1: Value to send
Op2: -
Return: -
Example:
function(3)
Gives
ZEND_SEND_VAL 3 - -
ZEND_SEND_VAR (Opcode 66)
Used to send variables to functions.
Op1: Variable to send
Op2: -
Return: -
Example:
function($x)
Gives
ZEND_SEND_VAR ~0 - -
ZEND_SEND_REF (Opcode 67)
Used to send references to functions.
Op1: Reference to send
Op2: -
Return: -
Example:
function(&$x)
Gives
ZEND_SEND_REF ~0 - -
ZEND_NEW (Opcode 68)
Instantiates a class.
Op1: ???
Op2: ???
Result: Instantiated class.
Example:
new Foo;
Gives:
03 0x9BF918 ZEND_NEW null, 0x5 => +3 (Extended value: 0)
ZEND_FREE (Opcode 70)
This instruction is added automatically by the PHP compiler. It seems to free variables not used anymore. But the instruction isn’t added for every variable not used anymore. I can’t yet predict a pattern.
Op1: Variable to free
Op2: -
Result: -
Example:
for ($i=0;$i<=10;$i++)
{
}
Gives:
05 0x9BF9D8 ZEND_POST_INC $i, - => ~4 (Extended value: 0) 06 0x9BFA38 ZEND_FREE ~4, - => - (Extended value: 0)
The side effect of the post increment operation is freed.
ZEND_INIT_ARRAY (Opcode 71)
Initializes an array with none or one element.
Op1: Key of the first element or -
Op2: Value of the first element or -
Result: Array variable (!!!)
Example:
$arr = array(); $arr = array(1 => 2, 3 => 4);
Gives:
0x9BF7F8 ZEND_INIT_ARRAY -, - => ~0 0x9BF8B8 ZEND_INIT_ARRAY 2, 1 => ~2
ZEND_ADD_ARRAY_ELEMENT (Opcode 72)
Adds an element to an array.
Op1: Key of the element
Op2: Value of the element or -
Result: Array variable (!!!)
Example:
$arr = array(1 => 2, 3 => 4); $arr = array(1 => 2, 3);
Gives:
0x9BF858 ZEND_ADD_ARRAY_ELEMENT 4, 3 => ~0 0x9BF978 ZEND_ADD_ARRAY_ELEMENT 3, - => ~2
ZEND_INCLUDE_OR_EVAL (Opcode 73)
Includes and evaluates a file or evaluates an expression.
Op1: Filename or string
Op2: 1 or 2 for eval or include
Result: Result of evaluation
Example:
eval ("foo();");
include ("bar.php");
Gives:
03 0x9BF918 ZEND_INCLUDE_OR_EVAL "foo();", 0x1 => +2 (Extended value: 0) 04 0x9BF978 ZEND_INCLUDE_OR_EVAL "bar.php", 0x2 => +3 (Extended value: 0)
ZEND_UNSET_VAR (Opcode 74)
Unsets a variable.
Op1: Name of the variable
Op2: -
Result: -
Example:
unset($x);
Gives:
0x9BF7F8 ZEND_UNSET_VAR "x", - => -
ZEND_UNSET_DIM (Opcode 75)
ZEND_UNSET_OBJ (Opcode 76)
ZEND_FE_RESET (Opcode 77)
ZEND_FE_FETCH (Opcode 78)
ZEND_EXIT (Opcode 79)
Exits the script.
Op1: Exit code
Op2: -
Result: -
Example:
exit(3);
Gives:
0x9BF7F8 ZEND_EXIT 3, - => -
Example:
die(“Bah”);
ZEND_FETCH_R (Opcode 80)
ZEND_FETCH_DIM_R (Opcode 81)
ZEND_FETCH_OBJ_R (Opcode 82)
ZEND_FETCH_W (Opcode 83)
ZEND_FETCH_DIM_W (Opcode 84)
ZEND_FETCH_OBJ_W (Opcode 85)
ZEND_FETCH_RW (Opcode 86)
ZEND_FETCH_DIM_RW (Opcode 87)
ZEND_FETCH_OBJ_RW (Opcode 88)
ZEND_FETCH_IS (Opcode 89)
ZEND_FETCH_DIM_IS (Opcode 90)
ZEND_FETCH_OBJ_IS (Opcode 91)
ZEND_FETCH_FUNC_ARG (Opcode 92)
ZEND_FETCH_DIM_FUNC_ARG (Opcode 93)
ZEND_FETCH_OBJ_FUNC_ARG (Opcode 94)
ZEND_FETCH_UNSET (Opcode 95)
ZEND_FETCH_DIM_UNSET (Opcode 96)
ZEND_FETCH_OBJ_UNSET (Opcode 97)
ZEND_FETCH_DIM_TMP_VAR (Opcode 98)
ZEND_FETCH_CONSTANT (Opcode 99)
ZEND_EXT_STMT (Opcode 101)
ZEND_EXT_FCALL_BEGIN (Opcode 102)
ZEND_EXT_FCALL_END (Opcode 103)
ZEND_EXT_NOP (Opcode 104)
ZEND_TICKS (Opcode 105)
ZEND_SEND_VAR_NO_REF (Opcode 106)
ZEND_CATCH (Opcode 107)
Catches an exception
Op1: null
Op2: Name of the variable where the exception object is stored.
Result: null
Extended value: ???
Example:
throw $x;
Gives:
07 0x9BFA98 ZEND_CATCH null, "x" => - (Extended value:
ZEND_THROW (Opcode 108)
Throws an exception
Op1: Exception object
Op2: -
Result: -
Example:
throw $x;
Gives:
02 0x9BF8B8 ZEND_THROW $x, - => - (Extended value: 0)
ZEND_FETCH_CLASS (Opcode 109)
Looks up a class.
Op1: -
Op2: Name of the class
Result: null
Extended value: ZEND_FETCH_CLASS_GLOBAL
Example:
new Foo;
Gives:
02 0x9BF8B8 ZEND_FETCH_CLASS -, "Foo" => null (Extended value: 4)
This opcode is more complex, see zend_compile.c / zend_do_fetch_class but I haven’t yet figured out the rest.
ZEND_CLONE (Opcode 110)
ZEND_INIT_METHOD_CALL (Opcode 112)
Prepares a function call to a method.
Op1: Object
Op2: Name of the method
Result: ???
Example:
$x = new Foo(); $x->p(1,2,3);
Gives:
06 0x9BFA38 ZEND_INIT_METHOD_CALL $x, "p" => +6 (Extended value: 0)
ZEND_INIT_STATIC_METHOD_CALL (Opcode 113)
Prepares a function call to a static class function.
Op1: null
Op2: Name of the method
Result: -
Example:
Bar::p(1,2,3);
Gives:
07 0x9BFA98 ZEND_INIT_STATIC_METHOD_CALL null, "p" => - (Extended value: 0)
ZEND_ISSET_ISEMPTY_VAR (Opcode 114)
ZEND_ISSET_ISEMPTY_DIM_OBJ (Opcode 115)
ZEND_PRE_INC_OBJ (Opcode 132)
ZEND_PRE_DEC_OBJ (Opcode 133)
ZEND_POST_INC_OBJ (Opcode 134)
ZEND_POST_DEC_OBJ (Opcode 135)
ZEND_ASSIGN_OBJ (Opcode 136)
ZEND_OP_DATA (Opcode 137)
No clue.
Op1: -
Op2: -
Result: -
Example:
foreach($x as $y)
{
}
Gives:
05 0x9BF9D8 ZEND_OP_DATA -, - => - (Extended value: 0)
ZEND_INSTANCEOF (Opcode 138)
Instanceof operator
Op1: Object
Op2: null
Result: Variable that stores the result
Example:
$x = ($x instanceof Bar)
Gives:
08 0x9BFAF8 ZEND_INSTANCEOF $x, null => ~8 (Extended value: 0)
ZEND_DECLARE_CLASS (Opcode 139)
Used to declare classes which implement interfaces. Possibly used for other complicated class structures too.
Op1: Empty string ???
Op2: Name of the class in lower case
Result: null
Example:
class Bar implements XXX { }
Gives:
02 0x9BF8B8 ZEND_DECLARE_CLASS "", "bar" => null (Extended value: 0)
ZEND_DECLARE_INHERITED_CLASS (Opcode 140)
Used to declare inherited classes which implement interfaces.
Op1: Empty string ???
Op2: Name of the class in lower case
Result: null
Extended value: ???
Example:
class Bar extends Foo implements XXX { }
Gives:
03 0x9BF918 ZEND_DECLARE_INHERITED_CLASS "", "bar" => null (Extended value: 30)
ZEND_DECLARE_FUNCTION (Opcode 141)
ZEND_RAISE_ABSTRACT_ERROR (Opcode 142)
ZEND_ADD_INTERFACE (Opcode 144)
Adds an interface to a declared class.
Op1: null
Op2: null
Result: -
Example:
class Bar implements XXX { }
Gives:
05 0x9BF9D8 ZEND_ADD_INTERFACE null, null => - (Extended value: 0)
ZEND_VERIFY_ABSTRACT_CLASS (Opcode 146)
Unknown. Used after a class which implements an interface was declared.
Op1: null
Op2: -
Result: -
Example:
class Bar implements XXX { }
Gives:
06 0x9BFA38 ZEND_VERIFY_ABSTRACT_CLASS null, - => - (Extended value: 0)
ZEND_ASSIGN_DIM (Opcode 147)
ZEND_ISSET_ISEMPTY_PROP_OBJ (Opcode 148)
ZEND_HANDLE_EXCEPTION (Opcode 149)
Unknown. Seems to be added to the end of a file.
Op1: -
Op2: -
Result: -
Example:
Just compile a file.
Gives:
14 0x9BFD38 ZEND_HANDLE_EXCEPTION -, - => - (Extended value: 0)
Where Can I Buy Music Online? MP3 Download , New Music Releases, Fast MP3 Donwload
Человек умный удаляется за минуту перед тем, когда он был бы лишним. /Ж.Ж. Руссо/
Мужчине нужна жена, потому что не все в жизни можно свалить на правительство.
Не спеши, а то успеешь.
vrotmnenogi
Отличный пост. Дамаю для ваших читателей была бы еще позновательна статья на тему “предоставляем услуги номинального директора“
oriclub
А я еще живой, я розовый и теплый….