See code:
case 'x': $chr = substr( $code, $offset + 2, 2 ); if ( preg_match( '/^[0-9A-Fa-f]{2}$/', $chr ) ) { $token .= chr( hexdec( $chr ) ); // \xXX -- 2 done later $offset += 2; } else { $token .= 'x'; } break;
It tries to parse hex codepoints in literals, and that's OK. However, when it cannot parse a hex, it will add 'x' to the string, and not '\x' as it found. This is usually equivalent, but sometimes it's not. For instance, inside regexps: see https://en.wiktionary.org/wiki/Special:AbuseFilter/106.