Android-smali Grammar Learning

Reprint please indicate source: http://blog.csdn.net/goldenfish1919/article/details/40821415

The following content is from: http://bbs.pediy.com/showthread.php?t=151769

There are two types of Dalvik bytecode, primitive types and reference types.

Objects and arrays are reference types. The others are primitive types.
V void, can only be used to return a value type
Z Boolean
B byte
S Short
C Char
I int
J Long (64-bit)
F float
D double (64-bit)
The object is represented in the form of lpackage/name/objectname;
The preceding l indicates that this is an object type. Package/name/is the package in which the object resides, ObjectName is the name of the object, ";" Represents the end of an object name.
Equivalent to Package.name.ObjectName in Java. For example: ljava/lang/string; equivalent to java.lang.String

Representation of an array
? [i--represents an integer one-dimensional array. Equivalent to int[in Java].

? for multidimensional arrays. Just add it. [I is equivalent to int[][],[[[i equivalent to int[][][]. Note a maximum of 255 per dimension.

? Representation of an array of objects: [Ljava/lang/string; represents an array of String objects.
Method
Representation: Lpackage/name/objectname;->methodname (III) Z
? Lpackage/name/objectname; Represents the type, MethodName is the method name. III is the number of parameters (this is 3 integer parameters), and z is the return type (bool type).
? The parameters of the method are one after the other, and the middle is not separated.
A more complex example:
Method (i[[iiljava/lang/string;[ Ljava/lang/object;) ljava/lang/string;
In Java, it is:
string method (int, int[][], int, String, object[])
Field
Representation:
lpackage/name/objectname;->fieldname:ljava/lang/string;
That is, the package name, the field name, and the field type.

Register
In the Dalvik byte code. The registers are all 32-bit and can support whatever type. A 64-bit type (long and double) is represented by 2 registers.

There are two ways to specify how many registers are available in a method: The registers directive specifies the total number of registers in the method: The locals directive indicates the number of non-register registers in the method.
Method of the transfer of
? When a method is called, the parameters of the method are placed in the last n registers. Assuming that a method has 2 parameters and 5 registers (V0-V4), the parameters are placed in the last 2 registers--v3 and V4.
? The first parameter in a non-static method always calls the object of the method.
Like what. The non-static method Lmyobject;->callme (II) v has 2 integer parameters. Another implied lmyobject, the number of references, so the total number of common 3.
If 5 registers (V0-V4) are specified in this method. Specify 5 in. Registers mode or 2 (that is, 2 local Register + 3 parameter register) in. Locals mode.
When the method is called, the object that invokes the method (that is, the this reference) is stored in the V2, the first integer parameter is stored in the V3, and the second integer parameter is stored in the V4.
The static method is the same except that there is no implied this parameter.

How registers are named
There are two ways to--v naming and P naming methods. The first register in the P-naming scheme is the first parameter register in the method.
In the following table we use these two naming methods to represent 5 registers and 3 parameters in the previous example.
V0 First Local Register
V1 Second Local Register
V2 p0 First parameter register
V3 P1 a second parameter register
V4 P2 a third parameter register
You can refer to the parameter registers in whatever way they are-they don't make any difference.

Note: The Baksmali default to the parameter register using the P-naming method. Assuming you want to use the V-naming method, you can use the-pl-no-parameter-registers option.
The use of P-naming is to prevent later assumptions about adding registers to the method, with the disadvantage of numbering the parameter registers again.

Long/double value
The long and double types are 64-bit and require 2 registers (remember to remember).
For example, for non-static methods Lmyobject;->mymethod (IJZ) V, the parameters are Lmyobject;,int respectively. Long,bool. Therefore, this method requires 5 registers to store the parameters.

P0 this
P1 I
P2,P3 J
P4 Z

Add:
# static fields define tags for static variables
# instance fields defines the markup for instance variables
# Direct methods defines tags for static methods
# virtual methods tags that define non-static methods
The return type of the constructor is V, and the name is <init>.

If-eq P1, V0,: Cond_8 represents the process of running P1 if V0 and cond_8 are equal:
: Cond_8
Invoke-direct {p0}, lcom/paul/test/a;->d () V
Call the D () method of COM.PAUL.TEST.A
If-ne P1, V0,: Cond_b means that the process of running cond_b is not equal:
: cond_b
CONST/4 V0, 0x0
invoke-virtual {p0, v0}, lcom/paul/test/a;->setpressed (Z) V
Invoke-super {p0, p1, p2}, Landroid/view/view;->onkeyup (ilandroid/view/keyevent;) Z
Move-result V0

Probably means to call Com.paul.test.a's Setpressed method. Then call the OnKeyUp method of the parent Class View. Last return V0

Give two examples:

Sget-object V5, lcom/google/youngandroid/runtime;->lit227:lgnu/mapping/simplesymbol;
Gets the Lit227 field in the com.google.youngandroid.runtime stored in the V5 register. Equivalent
Gnu.mapping.SimpleSymbol localvariable = com.google.youngandroid.runtime.Lit227;

Sput-object V0, lcom/google/youngandroid/runtime;->lit78:lkawa/lang/syntaxtemplate;
Likewise, this is setting the value of a static field. i.e.
Set the value of com.google.youngandroid.runtime.Lit78 to the value of the Kawa.lang.SyntaxTemplate type variable in the V0 register. Equivalent to com.google.youngandroid.runtime.Lit78 = Kawa.lang.SyntaxTemplate localvariable;
The rest is relatively simple and you should be able to make it clear.

Let's consider a simple example:

public class Mainactivity extends Activity {@Overrideprotected void onCreate (Bundle savedinstancestate) {super.oncreate (savedinstancestate); Setcontentview (R.layout.activity_main); TextView textview1 = (TextView) This.findviewbyid (R.id.text); Textview1.settext (R.string.hello_world);}}

Generated Smali:

. class public lcom/example/hello/mainactivity;. Super landroid/app/activity;.     SOURCE "Mainactivity.java" # Direct Methods.method Public Constructor <init> () v. Locals 0. Prologue. Line 14 Invoke-direct {p0}, landroid/app/activity;-><init> () V return-void.end method# virtual Methods.method prote CTED onCreate (Landroid/os/bundle;) v. Locals 2. Parameter "Savedinstancestate". Prologue. Line Invoke-sup Er {p0, p1}, Landroid/app/activity;->oncreate (Landroid/os/bundle;) v. Line CONST/HIGH16 v1, 0x7f03 invoke-vi rtual {p0, v1}, Lcom/example/hello/mainactivity;->setcontentview (I) V. Line CONST/HIGH16 v1, 0x7f0a invoke-v    irtual {p0, v1}, Lcom/example/hello/mainactivity;->findviewbyid (I) Landroid/view/view;    Move-result-object v0 check-cast V0, Landroid/widget/textview;    . Line. local V0, Textview1:landroid/widget/textview; Const V1, 0x7f070002 invoke-virtual {v0, v1}, Landroid/widget/textview;->settext (I) V   . Line Return-void.end Method 

Let's focus on the method of OnCreate ().

. Method protected OnCreate (Landroid/os/bundle;) V
. Locals 2
. Parameter "Savedinstancestate"

. Prologue
. Line 18
Invoke-super {p0, p1}, Landroid/app/activity;->oncreate (landroid/os/bundle;) V//This is called Super and Activity.oncreate ( Bundle) P0:this,p1:bundle

. Line 19
CONST/HIGH16 v1, 0x7f03//0x7f03 This constant is assigned to V1, 0x7f03 is R.layout.activity_main

invoke-virtual {p0, v1}, Lcom/example/hello/mainactivity;->setcontentview (I) V//Call Mainactivity.setcontentview ( v1), P0:this. V1 is r.layout.activity_main.

. Line 20
CONST/HIGH16 v1, 0x7f0a//0x7f0a This constant is assigned to V1. 0X7F0A is R.id.text.

invoke-virtual {p0, v1}, Lcom/example/hello/mainactivity;->findviewbyid (I) Landroid/view/view; Call view = Mainactivity.findviewbyid (v1). P0:this. V1:r.id.text

Move-result-object V0//Move the output of the previous command to V0, which is to assign a value to Textview1

Check-cast V0, landroid/widget/textview;//turn v0 strong into TextView

. Line 21
. local V0, Textview1:landroid/widget/textview;
Const V1, 0x7f070002//put int constant 0x7f070002 into v1, just read it out R.string.hello_world

invoke-virtual {v0, v1}, Landroid/widget/textview;->settext (I) V//Call Textview.settext (v1) TextView is v0. The number of V1

. Line 22
Return-void
. End method

It's a pretty simple example. It's very much the same as the class byte code. Let's see what the same code does differently in class and Smali.

public void Multiply (int a, int b) {int result = a * b; SYSTEM.OUT.PRINTLN (result);}

Smali says:

# virtual methods
. method public Multiply (II) V
. Locals 2
. Parameter "a"
. Parameter "B"

. Prologue
. Line 26
Mul-int V0, p1, p2//P1 and P2 multiplied, results placed in V0

. Line 27
. Local V0, result:i
Sget-object v1, ljava/lang/system;->out:ljava/io/printstream; Gets a reference to the System.out. Put it in the V1.

invoke-virtual {v1, v0}, Ljava/io/printstream;->println (I) V//Call PRINTSTREAM.PRINTLN (V0)

. Line 28
Return-void
. End method

Class indicates:

public void multiply (int, int);
Code:
stack=2, locals=4, args_size=3
0: Iload_1//local variable 1 pressure stack
1: Iload_2//local variable 2 pressure stack
2: Imul//stack take the top 2 to do multiplication
3: Istore_3//result out of stack, put in local variable 3
4: Getstatic#5; Field Java/lang/system.out:ljava/io/printstream; System.out Pressure Stack
7: Iload_3//local variable 3 pressure stack
8: Invokevirtual#6; Method java/io/printstream.println: (I) V//Call PRINTSTREAM.PRINTLN
11: Return
Linenumbertable:
Line 6:0
Line 7:4
Line 8:11

The above can be seen very clearly, to achieve the same function, based on the register is less than the number of stack-based instructions.

int result = A * b; an instruction in Smali, and 4 instructions in class.

About the format and meaning of Smali all directives can be tested: http://pallergabor.uw.hu/androidblog/dalvik_opcodes.html

Android-smali Grammar Learning