安卓smali语法.docx
《安卓smali语法.docx》由会员分享,可在线阅读,更多相关《安卓smali语法.docx(58页珍藏版)》请在冰豆网上搜索。
安卓smali语法
Opcode(hex)
Opcodename
Explanation
Example
00
nop
Nooperation
0000-nop
01
movevx,vy
Movesthecontentofvyintovx.Bothregistersmustbeinthefirst256registerrange.
0110-movev0,v1
Movesv1intov0.
02
move/from16vx,vy
Movesthecontentofvyintovx.vymaybeinthe64kregisterrangewhilevxisoneofthefirst256registers.
02001900-move/from16v0,v25
Movesv25intov0.
03
move/16
04
move-wide
05
move-wide/from16vx,vy
Movesalong/doublevaluefromvytovx.vymaybeinthe64kregisterrangewhilewxisoneofthefirst256registers.
05160000-move-wide/from16v22,v0
Movesv0intov22.
06
move-wide/16
07
move-objectvx,vy
Movestheobjectreferencefromvytovx.
0781-move-objectv1,v8
Movestheobjectreferenceinv8tov1.
08
move-object/from16vx,vy
Movestheobjectreferencefromvytovx,vycanaddress64kregistersandvxcanaddress256registers.
08011500-move-object/from16v1,v21
Movetheobjectreferenceinv21tov1.
09
move-object/16
0A
move-resultvx
Movetheresultvalueofthepreviousmethodinvocationintovx.
0A00-move-resultv0
Movethereturnvalueofapreviousmethodinvocationintov0.
0B
move-result-widevx
Movethelong/doubleresultvalueofthepreviousmethodinvocationintovx,vx+1.
0B02-move-result-widev2
Movethelong/doubleresultvalueofthepreviousmethodinvocationintov2,v3.
0C
move-result-objectvx
Movetheresultobjectreferenceofthepreviousmethodinvocationintovx.
0C00-move-result-objectv0
0D
move-exceptionvx
Movetheexceptionobjectreferencethrownduringamethodinvocationintovx.
0D19-move-exceptionv25
0E
return-void
Returnwithoutareturnvalue
0E00-return-void
0F
returnvx
Returnwithvxreturnvalue
0F00-returnv0
Returnswithreturnvalueinv0.
10
return-widevx
Returnwithdouble/longresultinvx,vx+1.
1000-return-widev0
Returnswithadouble/longvalueinv0,v1.
11
return-objectvx
Returnwithvxobjectreferencevalue.
1100-return-objectv0
Returnswithobjectreferencevalueinv0
12
const/4vx,lit4
Putsthe4bitconstantintovx
1221-const/4v1,#int2
Movesliteral2intov1.Thedestinationregisterisinthelower4bitinthesecondbyte,theliteral2isinthehigher4bit.
13
const/16vx,lit16
Putsthe16bitconstantintovx
13000A00-const/16v0,#int10
Putstheliteralconstantof10intov0.
14
constvx,lit32
Putstheintegerconstantintovx
14004E61BC00-constv0,#12345678//#00BC614E
Movesliteral12345678intov0.
15
const/high16v0,lit16
Putsthe16bitconstantintothetopmostbitsoftheregister.Usedtoinitializefloatvalues.
15002041-const/high16v0,#float10.0//#41200000
Movesthefloatingliteralof10.0intov0.The16bitliteralintheinstructioncarriesthetop16bitsofthefloatingpointnumber.
16
const-wide/16vx,lit16
Putstheintegerconstantintovxandvx+1registers,expandingtheintegerconstantintoalongconstant..
16000A00-const-wide/16v0,#long10
Movesliteral10intov0andv1registers.
17
const-wide/32vx,lit32
Putsthe32bitconstantintovxandvx+1registers,expandingtheintegerconstantintoalongconstant.
17024e61bc00-const-wide/32v2,#long12345678//#00bc614e
Puts#12345678intov2andv3registers.
18
const-widevx,lit64
Putsthe64bitconstantintovxandvx+1registers.
1802874b6b5d54dc2b00-const-widev2,#long12345678901234567//#002bdc545d6b4b87
Puts#12345678901234567intov2andv3registers.
19
const-wide/high16vx,lit16
Putsthe16bitconstantintothehighest16bitofvxandvx+1registers.Usedtoinitializedoublevalues.
19002440-const-wide/high16v0,#double10.0//#402400000
Putsthedoubleconstantof10.0intov0register.
1A
const-stringvx,string_id
Putsreferencetoastringconstantidentifiedbystring_idintovx.
1A080000-const-stringv8,""//string@0000
Putsreferencetostring@0000(entry#0inthestringtable)intov8.
1B
const-string-jumbo
1C
const-classvx,type_id
Movestheclassobjectofaclassidentifiedbytype_id(e.g.Object.class)intovx.
1C000100-const-classv0,Test3//type@0001
MovesreferencetoTest3.class(entry#1inthetypeidtable)into
1D
monitor-entervx
Obtainsthemonitoroftheobjectreferencedbyvx.
1D03-monitor-enterv3
Obtainsthemonitoroftheobjectreferencedbyv3.
1E
monitor-exit
Releasesthemonitoroftheobjectreferencedbyvx.
1E03-monitor-exitv3
Releasesthemonitoroftheobjectreferencedbyv3.
1F
check-castvx,type_id
Checkswhethertheobjectreferenceinvxcanbecasttoaninstanceofaclassreferencedbytype_id.ThrowsClassCastExceptionifthecastisnotpossible,continuesexecutionotherwise.
1F040100-check-castv4,Test3//type@0001
Checkswhethertheobjectreferenceinv4canbecasttotype@0001(entry#1inthetypeidtable)
20
instance-ofvx,vy,type_id
Checkswhethervyisinstanceofaclassidentifiedbytype_id.Setsvxnon-zeroifitis,0otherwise.
20400100-instance-ofv0,v4,Test3//type@0001
Checkswhethertheobjectreferenceinv4isaninstanceoftype@0001(entry#1inthetypeidtable).Setsv0tonon-zeroifv4isinstanceofTest3,0otherwise.
21
array-lengthvx,vy
Calculatesthenumberofelementsofthearrayreferencedbyvyandputsthelengthvalueintovx.
2111-array-lengthv1,v1
Calculatesthenumberofelementsofthearrayreferencedbyv1andputstheresultintov1.
22
new-instancevx,type
Instantiatesanobjecttypeandputsthereferenceofthenewlycreatedinstanceintovx.
22001500-new-instancev0,java.io.FileInputStream//type@0015
Instantiatestype@0015(entry#15Hinthetypetable)andputsitsreferenceintov0.
23
new-arrayvx,vy,type_id
Generatesanewarrayoftype_idtypeandvyelementsizeandputsthereferencetothearrayintovx.
23122500-new-arrayv2,v1,char[]//type@0025
Generatesanewarrayoftype@0025typeandv1sizeandputsthereferencetothenewarrayintov2.
24
filled-new-array{parameters},type_id
Generatesanewarrayoftype_idandfillsitwiththeparameters5.Referencetothenewlygeneratedarraycanbeobtainedbyamove-result-objectinstruction,immediatelyfollowingthefilled-new-arrayinstruction.
2420530D0000-filled-new-array{v0,v0},[I//type@0D53
Generatesanewarrayoftype@0D53.Thearray'ssizewillbe2andbothelementswillbefilledwiththecontentsofv0register.
25
filled-new-array-range{vx..vy},type_id
Generatesanewarrayoftype_idandfillsitwitharangeofparameters.Referencetothenewlygeneratedarraycanbeobtainedbyamove-result-objectinstruction,immediatelyfollowingthefilled-new-arrayinstruction.
250306001300-filled-new-array/range{v19..v21},[B//type@0006
Generatesanewarrayoftype@0D53.Thearray'ssizewillbe3andtheelementswillbefilledusingthev19,v20andv21registers4.
26
fill-array-datavx,array_data_offset
Fillsthearrayreferencedbyvxwiththestaticdata.Thelocationofthestaticdataisthesumof thepositionofthecurrentinstructionandtheoffset
260625000000-fill-array-datav6,00e6//+0025
Fillsthearrayreferencedbyv0withthestaticdataatcurrentinstruction+25Hwordslocation.Theoffsetisexpressedasa32-bitnumber.Thestaticdataisstoredinthefollowingformat:
0003//Tabletype:
staticarraydata
0400//Byteperarrayelement(inthiscase,4byteintegers)
03000000//Numberofelementsinthetable
01000000 //Element#0:
integer1
02000000//Element#1:
integer2
03000000//Element#2:
integer3
27
throwvx
Throwsanexceptionobject.Thereferenceoftheexceptionobjectisinvx.
2700-throwv0
Throwsanexception.Theexceptionobjectreferenceisinv0.
28
gototarget
Unconditionaljumpbyshortoffset2.
28F0-goto0005//-0010
Jumpstocurrentposition-16words(hex10).0005isthelabelofthetargetinstruction.
29
goto/16target
Unconditionaljumpby16bitoffset2.
29000FFE-goto/16002f//-01f1
Jumpstothecurrentposition-1F1Hwords.002Fisthelabelofthetargetinstruction.
2A
goto/32target
2B
packed-switchvx,table
Implementsaswitchstatementwherethecaseconstantsareclosetoeachother.Theinstructionusesanindextable.vxindexesintothistabletofindtheoffsetoftheinstructionforaparticularcase.Ifvxfallsoutoftheindextable,theexecutioncontinuesonthenextinstruction(defaultcase).
2B020C000000-packed-switchv2,000c//+000c
Executeapackedswitchaccordingtotheswitchargumentinv2.Thepositionoftheindextableisatcurrentinstruction+0CHwords.Thetablelookslikethefollowing:
0001//Tabletype:
packedswitchtable
0300//numberofelements
00000000//elementbase
05000000 0:
00000005//case0:
+00000005
07000000 1:
00000007//case1:
+00000007
09000000 2:
00000009//case2:
+00000009
2C
sparse-switchvx,table
Implementsaswitchstatementwithsparsecasetable.Theinstructionusesalookuptablewithcaseconstantsandoffsetsforeachcaseconstant.Ifthereisnomatchinthetable,executioncontinuesonthenextinstruction(defaultcase).
2C020c000000-sparse-switchv2,000c//+000c
Executeasparseswitchaccordingtotheswitchargumentinv2.Thepositionofthelookuptableisatcurrentinstruction+0CHwords.Thetablelookslikethefollowing.
0002//Tabletype:
sparseswitchtable
0300//numberofelements
9cffffff//firstcase:
-100
fa000000//secondcaseconstant:
250
e8030000//thirdcaseconstant:
1000
05000000//offsetforthefirstcaseconstant:
+5
07000000//offsetforthesecondcaseconstant:
+7
09000000//offsetforthethirdcaseconstant:
+9
2D
cmpl-floa
升级会员 