Is stack in CPU or RAM?
Stack is always in RAM. There is a stack pointer that is kept in a register in CPU that points to the top of stack, i.e., the address of the location at the top of stack.
opcode
Translation of machinecode into LLVM IR (disassembly / reassembly of X86_64. X86. ARM into LLVM bitcode)
mcsema is a production-quality binary lifter. It takes x86 and x86-64 and statically “lifts” it to LLVM IR. It’s actively maintained, BSD licensed, and has extensive tests and documentation. https://github.com/trailofbits/mcsema
Processing ELF relocations – understanding the relocs, symbols, section data, and how they work together
I stumbled across this question and thought it deserved an answer. Have elf.h handy. You can find it on the internet. Each RELA section contains an array of Elf32_Rela entries as you know, but is also tied to a certain other section. r_offset is an offset into that other section (in this case – it … Read more
What is the purpose of the ACC_SUPER access flag on Java Class files?
ACC_SUPER was introduced to correct a problem with the invocation of super methods. The ACC_SUPER flag marks a class as compiled for the changed semantics of the opcode 183 instruction. It’s purpose is similar to that of the class file version number as it allows the JVM to detect whether a class was compiled for … Read more
Intel x86 Opcode Reference?
Check this very complete table of x86 opcodes on x86asm.net. Just CTRL+F and you’re done! Be sure to read the correct line tho, as C8 for example may appear in several locations.
Unintuitive expression evaluation with incrementation
$a=1; $b=$a+$a++; var_dump($b); // int(3) You assumed that the expression above is evaluated from left to right as follows (temporary variables $u and $v are introduced in the explanation for clarity): $a = 1; $u = $a; // ($a) the LHS operand of `+` $v = $a; // \ ($a++) the RHS operand of `+` … Read more
How to get opcodes of PHP?
Check out the Vulcan Logic Disassembler PECL extension – see author’s home page for more info. The Vulcan Logic Disassembler hooks into the Zend Engine and dumps all the opcodes (execution units) of a script. It was written as as a beginning of an encoder, but I never got the time for that. It can … Read more
What does a \ (backslash) do in PHP (5.3+)?
\ (backslash) is the namespace separator in PHP 5.3. A \ before the beginning of a function represents the Global Namespace. Putting it there will ensure that the function called is from the global namespace, even if there is a function by the same name in the current namespace.