opcodes for switch statements

Jeff Dyer jodyer at adobe.com
Fri Mar 11 08:15:28 PST 2011

If what you say is true, I doubt the code gets past the verifier. How was it compiled? Surely not by ASC.


On 3/11/11 6:24 AM, "Roland Zwaga" <roland at stackandheap.com> wrote:

Good day gentlemen,

I'm new on the list, so let me introduce myself quickly. My name is Roland Zwaga and I'm working on a project called as3commons-bytecode (http://www.as3commons.org/as3-commons-bytecode/index.html).
This is an actionscript library that aims to offer runtime class generation and AOP style SWF manipulation. So far it's been tough wading through the AVM2 docs but I've managed to get almost everything
working until this week when I hit a bit of a brick wall.
I'll try to explain what I've encountered and what baffles me. It concerns the opcodes for a switch statement, something like this:

public function testSwitch(idx:int):String {
switch (idx) {
case 1:
return "1";
case 2:
return "2";
return "0";
return "0";

Now, when I run a compiled swf with the above code through the swfdump utility and check out the generated opcodes, it looks like this:

function org.as3commons.bytecode.testclasses:TestIntroduction:::testSwitch(:int)::String
maxStack:2 localCount:3 initScopeDepth:4 maxScopeDepth:5
jump           L0
L1: label
pushstring     "1"
L2: label
pushstring     "2"
L3: label
pushstring     "0"
jump           L4
L0: getlocal1
pushbyte       1
ifstrictne     L5
pushbyte       0
jump           L6
L5: pushbyte       2
ifstrictne     L7
pushbyte       1
jump           L6
L7: jump           L8
pushbyte       2
jump           L6
L8: pushbyte       2
L6: kill           2
lookupswitch   default:L3 maxcase:2 L1 L2 L3

Now, I understand completely what's going on in the above code except for one instruction, this one:

jump           L4

I know this is the default case, I just don't understand the label its pointing to, there is no L4 label to be seen in this dump.
If I run the swf through my actionscript deserializer I have verified that the offset that this particular jump is pointing to doesn't
exist. It actually points *outside* the method body.

If someone on the list here could enlighten me on how switch statements (and particularly the default case) work I would appreciate

Thank you all very much in advance,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/tamarin-devel/attachments/20110311/80cf0c8c/attachment.html>

More information about the Tamarin-devel mailing list