Android-smali Grammar Learning

Reprint please indicate source: http://blog.csdn.net/goldenfish1919/article/details/40821415

The following are from: http://bbs.pediy.com/showthread.php?t=151769

There are two types of Dalvik bytecode, primitive types and reference types. Objects and arrays are reference types, others are primitive types.
V void, can only be used for return value types
Z Boolean
B byte
S Short
C Char
I int
J Long (64-bit)
F float
D double (64-bit)
The object is represented in the form of lpackage/name/objectname;
The preceding l indicates that this is an object type, package/name/is the package in which the object resides, and ObjectName is the name of the object, ";" Represents the end of an object name.
Equivalent to Package.name.ObjectName in Java. For example: ljava/lang/string; equivalent to java.lang.String

Representation of an array
[i--represents an integer one-dimensional array, equivalent to int[in Java].
 for multidimensional arrays, just increase [on the line. [I is equivalent to int[][],[[[i equivalent to int[][][]. Note a maximum of 255 per dimension.
 representation of an array of objects: [Ljava/lang/string; represents an array of String objects.
Method
Representation: Lpackage/name/objectname;->methodname (III) Z
lpackage/name/objectname; Represents the type, MethodName is the method name. III is the parameter (this is 3 integer parameters) and Z is the return type (bool type).
 The parameters of the method are one after the other, and the middle is not separated.
A more complex example:
Method (i[[iiljava/lang/string;[ Ljava/lang/object;) ljava/lang/string;
In Java, it is:
string method (int, int[][], int, String, object[])
Field
Representation:
lpackage/name/objectname;->fieldname:ljava/lang/string;
That is, the package name, the field name, and the field type.
Register
In Dalvik bytecode, the registers are 32-bit and can support any type. A 64-bit type (long and double) is represented by 2 registers.
There are two ways to specify how many registers are available in a method: The registers directive specifies the total number of registers in the method: The locals instruction indicates the number of non-parameter registers in the method.
Parameter of the method
 When a method is called, the parameters of the method are placed in the last n registers. If a method has 2 parameters and 5 registers (V0-V4), then the parameter will be placed in the last 2 registers--v3 and V4.
 The first parameter in a non-static method always calls the object of the method.
For example, a non-static method Lmyobject;->callme (II) v has 2 integer parameters, plus an implied lmyobject; parameter, so there are 3 parameters.
If 5 registers (V0-V4) are specified in the method, 5 are specified in the. Registers mode or 2 are specified in. Locals mode (that is, 2 local registers + 3 parameter registers).
When the method is called, the object that invokes the method (that is, the this reference) is stored in the V2, the first integral parameter is stored in the V3, and the second integer parameter is stored in the V4.
The static method is the same except that there is no implied this parameter.
How registers are named
There are two ways to--v naming and P naming methods. The first register in the P-naming mode is the first parameter register in the method.
In the following table we use these two naming methods to represent the 5 registers and 3 parameters in the previous example.
V0 First Local Register
V1 Second Local Register
V2 p0 First parameter register
V3 P1 a second parameter register
V4 P2 a third parameter register
You can refer to the parameter registers in any way-they don't make any difference.
Note: Baksmali defaults to the parameter register using the P-naming method. If you want to use the V-naming method, you can use the-pl-no-parameter-registers option.
The P-naming method is used to prevent the disadvantage of re-numbering the parameter registers if the registers are to be added to the method later.
Long/double value
The long and double types are 64-bit and require 2 registers (remember to remember).
For example, for non-static methods Lmyobject;->mymethod (IJZ) V, the parameters are lmyobject;,int,long,bool. Therefore, the method requires 5 registers to store the parameters.

P0 this
P1 I
P2,P3 J
P4 Z

Add:
# static fields define tags for static variables
# instance fields defines the markup for instance variables
# Direct methods defines tags for static methods
# virtual methods tags that define non-static methods
The return type of the constructor is V, and the name is <init>.

If-eq P1, V0,: Cond_8 indicates that if P1 and V0 are equal, the process of Cond_8 is performed:
: Cond_8
Invoke-direct {p0}, lcom/paul/test/a;->d () V
Call the D () method of COM.PAUL.TEST.A
If-ne P1, V0,: Cond_b indicates that the process of cond_b is not equal:
: cond_b
CONST/4 V0, 0x0
invoke-virtual {p0, v0}, lcom/paul/test/a;->setpressed (Z) V
Invoke-super {p0, p1, p2}, Landroid/view/view;->onkeyup (ilandroid/view/keyevent;) Z
Move-result V0

The idea is to call Com.paul.test.a's Setpressed method, and then call the parent view's OnKeyUp method, and return V0

Give two examples:

Sget-object V5, lcom/google/youngandroid/runtime;->lit227:lgnu/mapping/simplesymbol;
Gets the Lit227 field in the com.google.youngandroid.runtime stored in the V5 register, equivalent to
Gnu.mapping.SimpleSymbol localvariable = com.google.youngandroid.runtime.Lit227;

Sput-object V0, lcom/google/youngandroid/runtime;->lit78:lkawa/lang/syntaxtemplate;
Likewise, this is setting the value of a static field. i.e.
Set the value of com.google.youngandroid.runtime.Lit78 to the value of the Kawa.lang.SyntaxTemplate type variable in the V0 register. Equivalent to com.google.youngandroid.runtime.Lit78 = Kawa.lang.SyntaxTemplate localvariable;
The rest is relatively simple and you should be able to understand it.

Let's look at a simple example:

public class Mainactivity extends Activity {@Overrideprotected void onCreate (Bundle savedinstancestate) {super.oncreate (savedinstancestate); Setcontentview (R.layout.activity_main); TextView textview1 = (TextView) This.findviewbyid (R.id.text); Textview1.settext (R.string.hello_world);}}

Generated Smali:

. class public lcom/example/hello/mainactivity;. Super landroid/app/activity;.     SOURCE "Mainactivity.java" # Direct Methods.method Public Constructor <init> () v. Locals 0. Prologue. Line 14 Invoke-direct {p0}, landroid/app/activity;-><init> () V return-void.end method# virtual Methods.method prote CTED onCreate (Landroid/os/bundle;) v. Locals 2. Parameter "Savedinstancestate". Prologue. Line Invoke-sup Er {p0, p1}, Landroid/app/activity;->oncreate (Landroid/os/bundle;) v. Line CONST/HIGH16 v1, 0x7f03 invoke-vi rtual {p0, v1}, Lcom/example/hello/mainactivity;->setcontentview (I) V. Line CONST/HIGH16 v1, 0x7f0a invoke-v    irtual {p0, v1}, Lcom/example/hello/mainactivity;->findviewbyid (I) Landroid/view/view;    Move-result-object v0 check-cast V0, Landroid/widget/textview;    . Line. local V0, Textview1:landroid/widget/textview; Const V1, 0x7f070002 invoke-virtual {v0, v1}, Landroid/widget/textview;->settext (I) V   . Line Return-void.end Method 

Let's focus on the method of OnCreate ().

. Method protected OnCreate (Landroid/os/bundle;) V
. Locals 2
. Parameter "Savedinstancestate"

. Prologue
. Line 18
Invoke-super {p0, p1}, Landroid/app/activity;->oncreate (landroid/os/bundle;) V//This is called Super and Activity.oncreate ( Bundle) P0:this,p1:bundle

. Line 19
CONST/HIGH16 v1, 0x7f03//0x7f03 This constant is assigned to V1, 0x7f03 is R.layout.activity_main

invoke-virtual {p0, v1}, Lcom/example/hello/mainactivity;->setcontentview (I) V//Call Mainactivity.setcontentview ( V1), P0:THIS,V1 is R.layout.activity_main

. Line 20
CONST/HIGH16 v1, 0x7f0a//0x7f0a This constant is assigned to V1, 0x7f0a is R.id.text

invoke-virtual {p0, v1}, Lcom/example/hello/mainactivity;->findviewbyid (I) Landroid/view/view; Call view = Mainactivity.findviewbyid (v1), P0:this,v1:r.id.text

Move-result-object V0//Move the output of the previous command to V0, which is to assign a value to Textview1

Check-cast V0, landroid/widget/textview;//turn v0 strong into TextView

. Line 21
. local V0, Textview1:landroid/widget/textview;
Const V1, 0x7f070002//put int constant 0x7f070002 into v1, just read it out R.string.hello_world

invoke-virtual {v0, v1}, Landroid/widget/textview;->settext (I) V//Call Textview.settext (v1) TextView is v0, parameter is v1

. Line 22
Return-void
. End method

It's a very simple example. is very much the same as the class byte code. Let's see if the same code is different in class and Smali.

public void Multiply (int a, int b) {int result = a * b; SYSTEM.OUT.PRINTLN (result);}

Smali says:

# virtual methods
. method public Multiply (II) V
. Locals 2
. Parameter "a"
. Parameter "B"

. Prologue
. Line 26
Mul-int V0, p1, p2//P1 and P2 multiplied, results placed in V0

. Line 27
. Local V0, result:i
Sget-object v1, ljava/lang/system;->out:ljava/io/printstream; Get a reference to the System.out and put it in V1

invoke-virtual {v1, v0}, Ljava/io/printstream;->println (I) V//Call PRINTSTREAM.PRINTLN (V0)

. Line 28
Return-void
. End method

Class indicates:

public void multiply (int, int);
Code:
stack=2, locals=4, args_size=3
0: Iload_1//local variable 1 pressure stack
1: Iload_2//local variable 2 pressure stack
2: Imul//stack take the top 2 to do multiplication
3: Istore_3//result out of stack, put in local variable 3
4: Getstatic#5; Field Java/lang/system.out:ljava/io/printstream; System.out Pressure Stack
7: Iload_3//local variable 3 pressure stack
8: Invokevirtual#6; Method java/io/printstream.println: (I) V//Call PRINTSTREAM.PRINTLN
11: Return
Linenumbertable:
Line 6:0
Line 7:4
Line 8:11

The above can be clearly seen, to achieve the same function, based on the register is less than the number of stack-based instructions. int result = A * b; an instruction in Smali, and 4 instructions in class.

The format and meaning of all smali directives can be consulted: http://pallergabor.uw.hu/androidblog/dalvik_opcodes.html

Android-smali Grammar Learning