smali语句类的静态成员查看，invoke-virtual、invoke-direct、invoke-super解释

smali举例：

.class public Lcom/dataviz/dxtg/common/android/DocsToGoApp;
.super Landroid/app/Application;


# static fields
.field private static a:Landroid/app/Application;    ## 静态字段 Application a;

.field private static b:Lcom/dataviz/dxtg/common/android/bv;  ## 静态字段 bv b;


# direct methods
.method static constructor <clinit>()V  ## 静态方法，静态成员的初始化。
    .locals 1  ##一个局部变量

    const/4 v0, 0x0  ##v0寄存器低4字节存放0，可表示0，null，false

    sput-object v0, Lcom/dataviz/dxtg/common/android/DocsToGoApp;->a:Landroid/app/Application;  ## a = null;

    sput-object v0, Lcom/dataviz/dxtg/common/android/DocsToGoApp;->b:Lcom/dataviz/dxtg/common/android/bv;  ## b = null;

    return-void ## 无返回值 Return without a return value ， 字节码 0E00 - return-void
.end method

.method public constructor <init>()V  ## 构造函数
    .locals 0

    invoke-direct {p0}, Landroid/app/Application;-><init>()V  ## super.Application();

    sput-object p0, Lcom/dataviz/dxtg/common/android/DocsToGoApp;->a:Landroid/app/Application; ## a = this;

    return-void
.end method

.method public static a()Landroid/content/Context;  ## 静态方法
    .locals 1

    sget-object v0, Lcom/dataviz/dxtg/common/android/DocsToGoApp;->a:Landroid/app/Application;

    invoke-virtual {v0}, Landroid/app/Application;->getApplicationContext()Landroid/content/Context;

    move-result-object v0

    return-object v0
.end method

.method public static a(Ljava/lang/String;)Ljava/lang/String;## 静态方法
    .locals 2

    const-string/jumbo v0, "x.xxx"

    invoke-virtual {v0}, Ljava/lang/String;->length()I

    move-result v0

    invoke-virtual {p0}, Ljava/lang/String;->length()I

    move-result v1

    if-le v1, v0, :cond_0

    const/4 v1, 0x0

    invoke-virtual {p0, v1, v0}, Ljava/lang/String;->substring(II)Ljava/lang/String;

    move-result-object p0

    :cond_0
    return-object p0
.end method

.method public static a(Ljava/lang/Runnable;)V  ## 静态方法
    .locals 2

    invoke-static {}, Lcom/dataviz/dxtg/common/android/DocsToGoApp;->a()Landroid/content/Context;

    move-result-object v0

    invoke-virtual {v0}, Landroid/content/Context;->getMainLooper()Landroid/os/Looper;

    move-result-object v0

    new-instance v1, Landroid/os/Handler;

    invoke-direct {v1, v0}, Landroid/os/Handler;-><init>(Landroid/os/Looper;)V

    invoke-virtual {v1, p0}, Landroid/os/Handler;->post(Ljava/lang/Runnable;)Z

    return-void
.end method

.method public static b()Landroid/content/res/Resources;  ## 静态方法
    .locals 1

    sget-object v0, Lcom/dataviz/dxtg/common/android/DocsToGoApp;->a:Landroid/app/Application;

    invoke-virtual {v0}, Landroid/app/Application;->getResources()Landroid/content/res/Resources;

    move-result-object v0

    return-object v0
.end method

.method public static c()Lcom/dataviz/dxtg/common/android/bv;  ## 静态方法
    .locals 2

    sget-object v0, Lcom/dataviz/dxtg/common/android/DocsToGoApp;->b:Lcom/dataviz/dxtg/common/android/bv;

    if-nez v0, :cond_0

    const-wide/16 v0, 0x1f4

    :try_start_0
    invoke-static {v0, v1}, Ljava/lang/Thread;->sleep(J)V
    :try_end_0
    .catch Ljava/lang/Throwable; {:try_start_0 .. :try_end_0} :catch_0

    :cond_0
    :goto_0
    sget-object v0, Lcom/dataviz/dxtg/common/android/DocsToGoApp;->b:Lcom/dataviz/dxtg/common/android/bv;

    return-object v0

    :catch_0
    move-exception v0

    goto :goto_0
.end method


# virtual methods
.method public onCreate()V  ## onCreate方法
    .locals 2

    :try_start_0
    invoke-static {}, Lcom/dataviz/dxtg/common/android/e/g;->a()Lcom/dataviz/dxtg/common/android/e/g;

    move-result-object v0

    invoke-virtual {p0}, Lcom/dataviz/dxtg/common/android/DocsToGoApp;->getPackageName()Ljava/lang/String;

    move-result-object v1

    invoke-virtual {v0, v1}, Lcom/dataviz/dxtg/common/android/e/g;->a(Ljava/lang/String;)V
    :try_end_0
    .catch Ljava/lang/Throwable; {:try_start_0 .. :try_end_0} :catch_0

    :goto_0
    new-instance v0, Landroid/os/Handler;

    invoke-direct {v0}, Landroid/os/Handler;-><init>()V

    new-instance v1, Lcom/dataviz/dxtg/common/android/bu;

    invoke-direct {v1, p0}, Lcom/dataviz/dxtg/common/android/bu;-><init>(Lcom/dataviz/dxtg/common/android/DocsToGoApp;)V

    invoke-virtual {v0, v1}, Landroid/os/Handler;->postAtFrontOfQueue(Ljava/lang/Runnable;)Z

    new-instance v0, Lcom/dataviz/dxtg/common/android/bv;

    invoke-direct {v0, p0}, Lcom/dataviz/dxtg/common/android/bv;-><init>(Landroid/content/Context;)V

    invoke-virtual {v0}, Lcom/dataviz/dxtg/common/android/bv;->a()V

    sput-object v0, Lcom/dataviz/dxtg/common/android/DocsToGoApp;->b:Lcom/dataviz/dxtg/common/android/bv;

    return-void

    :catch_0
    move-exception v0

    invoke-virtual {v0}, Ljava/lang/Throwable;->printStackTrace()V

    goto :goto_0
.end method

语法

sput-object vx,field_id

Puts object reference in vx into a static field.

6900 0c00 - sput-object v0, Test3.os1:Ljava/lang/Object; // field@000c Puts the object reference value in v0 into the field@000c static field (entry #CH in the field id table).

将vx引用对象赋值给静态变量字段field_id.

const/4 vx,lit4

Puts the 4 bit constant into vx

1221 - const/4 v1, #int2 Moves literal 2 into v1. The destination register is in the lower 4 bit in the second byte, the literal 2 is in the higher 4 bit.

lit4逐字节放到vx低4位。

Android java下smali指令

关于几个调用方法指令： invoke-virtual、invoke-direct、invoke-super介绍。

涉及到Java强大的动态扩展能力，这一特性使得可以在类运行期间才能确定某些目标方法的实际引用，称为动态连接；也有一部分方法的符号引用在类加载阶段或第一次使用时转化为直接引用，这种转化称为静态解析。

在Java语言中，符合“编译器可知，运行期不可变”这个要求的方法主要有静态方法和私有方法两大类，前者与类型直接关联，后者在外部不可被访问，这两种方法都不可能通过继承或别的方式重写出其他的版本，因此它们都适合在类加载阶段进行解析。

invoke-static 是类静态方法的调用，编译时，静态确定的；
invoke-virtual 虚方法调用，调用的方法运行时确认实际调用，和实例引用的实际对象有关，动态确认的，一般是带有修饰符protected或public的方法；
invoke-direct 没有被覆盖方法的调用，即不用动态根据实例所引用的调用，编译时，静态确认的，一般是private或<init>方法；
invoke-super 直接调用父类的虚方法，编译时，静态确认的。
invokeinterface 调用接口方法，调用的方法运行时确认实际调用，即会在运行时才确定一个实现此接口的对象。

invoke-static {v3,v0}, Landroid/util/log;->v(Ljava/lang/String;Ljava/lang/String;)

invoke-virtual {v1}, Landroid/app/Activity;->getApplicationContext()Landroid/content/Context;

invoke-direct {v0, v4}, Lcom/android/server/LightsService;-><init>(Landroid/content/Context;)V

invoke-super {p0, p1}, Landroid/preference/PreferenceActivity;->onCreate(Landroid/os/Bundle;)V

invoke-super {p0, p1, p2}, Landroid/view/View;->onKeyUp(ILandroid/view/KeyEvent;)Z

invoke-super {p0, p1}, Landroid/app/Activity;->onCreate(Landroid/os/Bundle;)V

new-instance v2, Ljava/lang/StringBuilder; # StringBuilder实例

invoke-direct {v2}, Ljava/lang/StringBuilder;-><init>()V # 调用 StringBuilder 构造函数

invoke-static {}, Landroid/os/Environment;->getExternalStorageDirectory()Ljava/io/File; #静态方法

move-result-object v3

invoke-virtual {v2, v3}, Ljava/lang/StringBuilder;->append(Ljava/lang/Object;)Ljava/lang/StringBuilder; #public方法

invoke-direct/range {v8 .. v13}, Lcom/android/server/net/NetworkPolicyManagerService;-><init>

6E	invoke-virtual { parameters }, methodtocall	Invokes a virtual method with parameters.	6E53 0600 0421 - invoke-virtual { v4, v0, v1, v2, v3}, Test2.method5:(IIII)V // method@0006 Invokes the 6th method in the method table with the following arguments: v4 is the "this" instance, v0, v1, v2, and v3 are the method parameters. The method has 5 arguments (4 MSB bits of the second byte)⁵.
6F	invoke-super {parameter},methodtocall	Invokes the virtual method of the immediate parent class.	6F10 A601 0100 invoke-super {v1},java.io.FilterOutputStream.close:()V // method@01a6 Invokes method@01a6 with one parameter, v1.
70	invoke-direct { parameters }, methodtocall	Invokes a method with parameters without the virtual method resolution.	7010 0800 0100 - invoke-direct {v1}, java.lang.Object.<init>:()V // method@0008 Invokes the 8th method in the method table with just one parameter, v1 is the "this" instance⁵.
71	invoke-static {parameters}, methodtocall	Invokes a static method with parameters.	7110 3400 0400 - invoke-static {v4}, java.lang.Integer.parseInt:( Ljava/lang/String;)I // method@0034 Invokes method@34 static method. The method is called with one parameter, v4⁵.
72	invoke-interface {parameters},methodtocall	Invokes an interface method.	7240 2102 3154 invoke-interface {v1, v3, v4, v5}, mwfw.IReceivingProtocolAdapter.receivePackage:( ILjava/lang/String;Ljava/io/InputStream;)Z // method@0221 Invokes method@221 interface method using parameters in v1,v3,v4 and v5⁵.

私有方法用invoke-special，编译时，静态确定的。

Java编译后class指令

http://homepages.inf.ed.ac.uk/kwxm/JVM/invokespecial.html

Description: calls a special class method
n is the number of arguments to the method
the long method name is really a path name, the name of the class,
the parenthesized argument list of the method called, and the return type.
Primitive types are represented by their capitalized first letter, ie I for an integer.
Constructors are path followed by <init>()V

Stack

Before	After
arg n	returned value
...
arg 1
object reference

Example

Jasm-------------------

invoke packages/myMath/multiplyMatrix([[F, [[F)V ;multiplies two two-dimensional matrices of floats

Exceptions

NullPointerException if object ref is null
StackOverflowError if you run ou t of room on stack

http://homepages.inf.ed.ac.uk/kwxm/JVM/invokeinterface.html

http://homepages.inf.ed.ac.uk/kwxm/JVM/invokevirtual.html

http://homepages.inf.ed.ac.uk/kwxm/JVM/invokestatic.html

Description: calls a static method
n is the number of arguments to the method
the long method name is really a path name, the name of the class,
the parenthesized argument list of the method called, and the return type.
Primitive types are represented by their capitalized first letter, ie I for an integer.
Constructors are path followed by <init>()V

Stack

Before	After
arg n	returned value
...
arg 1

Example

Jasm-------------------

invoke java/lang/System/gc()V ;call the garbage collector

Exceptions

NullPointerException if object ref is null
StackOverflowError if you run ou t of room on stack

以下两则引用来自java文档，和android可能有差别：http://docs.oracle.com/javase/specs/jvms/se5.0/html/Compiling.doc.html#14787

7.7 Invoking Methods

The normal method invocation for a instance method dispatches on the runtime type of the object. (They are virtual, in C++ terms.) Such an invocation is implemented using the invokevirtual instruction, which takes as its argument an index to a runtime constant pool entry giving the fully qualified name of the class type of the object, the name of the method to invoke, and that method's descriptor (§4.3.3). To invoke the addTwo method, defined earlier as an instance method, we might write

int add12and13() {
    return addTwo(12, 13);
}

This compiles to

Method int add12and13()
   0 	aload_0			 	// Push local variable 0 (this)
   1 	bipush 12			// Push int constant 12
   3 	bipush 13			// Push int constant 13
   5 	invokevirtual #4		// Method Example.addtwo(II)I
   8	ireturn			 	// Return int on top of operand stack; it is
				 	// the int result of addTwo()

The invocation is set up by first pushing a reference to the current instance, this, onto the operand stack. The method invocation's arguments, int values 12 and 13, are then pushed. When the frame for the addTwo method is created, the arguments passed to the method become the initial values of the new frame's local variables. That is, the reference for this and the two arguments, pushed onto the operand stack by the invoker, will become the initial values of local variables 0, 1, and 2 of the invoked method.

Finally, addTwo is invoked. When it returns, its int return value is pushed onto the operand stack of the frame of the invoker, the add12and13 method. The return value is thus put in place to be immediately returned to the invoker of add12and13.

The return from add12and13 is handled by the ireturn instruction of add12and13. The ireturn instruction takes the int value returned by addTwo, on the operand stack of the current frame, and pushes it onto the operand stack of the frame of the invoker. It then returns control to the invoker, making the invoker's frame current. The Java virtual machine provides distinct return instructions for many of its numeric and reference data types, as well as a return instruction for methods with no return value. The same set of return instructions is used for all varieties of method invocations.

The operand of the invokevirtual instruction (in the example, the runtime constant pool index #4) is not the offset of the method in the class instance. The compiler does not know the internal layout of a class instance. Instead, it generates symbolic references to the methods of an instance, which are stored in the runtime constant pool. Those runtime constant pool items are resolved at run time to determine the actual method location. The same is true for all other Java virtual machine instructions that access class instances.

Invoking addTwoStatic, a class (static) variant of addTwo, is similar, as shown:

int add12and13() {
    return addTwoStatic(12, 13);
}

although a different Java virtual machine method invocation instruction is used:

Method int add12and13()
   0 	bipush 12
   2 	bipush 13
   4 	invokestatic #3 		// Method Example.addTwoStatic(II)I
   7 	ireturn

Compiling an invocation of a class (static) method is very much like compiling an invocation of an instance method, except this is not passed by the invoker. The method arguments will thus be received beginning with local variable 0 (see Section 7.6, "Receiving Arguments"). The invokestatic instruction is always used to invoke class methods.

The invokespecial instruction must be used to invoke instance initialization methods (see Section 7.8, "Working with Class Instances"). It is also used when invoking methods in the superclass (super) and when invoking private methods. For instance, given classes Near and Far declared as

class Near {
    int it;
    public int getItNear() {
        return getIt();
    }
    private int getIt() {
        return it;
    }
}
class Far extends Near {
    int getItFar() {
        return super.getItNear();
    }
}

the method Near.getItNear (which invokes a private method) becomes

Method int getItNear()
   0 	aload_0
   1 	invokespecial #5 		// Method Near.getIt()I
   4 	ireturn

The method Far.getItFar (which invokes a superclass method) becomes

Method int getItFar()
   0 	aload_0
   1 	invokespecial #4		// Method Near.getItNear()I
   4	ireturn

Note that methods called using the invokespecial instruction always pass this to the invoked method as its first argument. As usual, it is received in local variable 0.

7.8 Working with Class Instances

Java virtual machine class instances are created using the Java virtual machine's new instruction. Recall that at the level of the Java virtual machine, a constructor appears as a method with the compiler-supplied name <init>. This specially named method is known as the instance initialization method (§3.9). Multiple instance initialization methods, corresponding to multiple constructors, may exist for a given class. Once the class instance has been created and its instance variables, including those of the class and all of its superclasses, have been initialized to their default values, an instance initialization method of the new class instance is invoked. For example:

Object create() {
    return new Object();
}

compiles to

Method java.lang.Object create()
   0 	new #1 				// Class java.lang.Object
   3 	dup
   4 	invokespecial #4 		// Method java.lang.Object.<init>()V
   7 	areturn

Class instances are passed and returned (as reference types) very much like numeric values, although type reference has its own complement of instructions, for example:

int i;					// An instance variable
MyObj example() {
    MyObj o = new MyObj();
    return silly(o);
}
MyObj silly(MyObj o) {
    if (o != null) {
        return o;
    } else {
        return o;
    }
}

becomes

Method MyObj example()
   0 	new #2 				// Class MyObj
   3 	dup
   4 	invokespecial #5 		// Method MyObj.<init>()V
   7 	astore_1
   8 	aload_0
   9 	aload_1
  10 	invokevirtual #4 				
		// Method Example.silly(LMyObj;)LMyObj;
  13 	areturn
Method MyObj silly(MyObj)
   0 	aload_1
   1 	ifnull 6
   4	aload_1
   5 	areturn
   6 	aload_1
   7 	areturn

The fields of a class instance (instance variables) are accessed using the getfield and putfield instructions. If i is an instance variable of type int, the methods setIt and getIt, defined as

void setIt(int value) {
    i = value;
}
int getIt() {
    return i;
}

become

Method void setIt(int)
   0 	aload_0
   1 	iload_1
   2 	putfield #4 			// Field Example.i I
   5	return
Method int getIt()
   0 	aload_0
   1 	getfield #4 			// Field Example.i I
   4	ireturn

As with the operands of method invocation instructions, the operands of the putfield and getfield instructions (the runtime constant pool index #4) are not the offsets of the fields in the class instance. The compiler generates symbolic references to the fields of an instance, which are stored in the runtime constant pool. Those runtime constant pool items are resolved at run time to determine the location of the field within the referenced object.

java

dex2jar后：

package com.dataviz.dxtg.common.android;

import android.app.Application;
import android.content.Context;
import android.content.res.Resources;
import android.os.Handler;
import com.dataviz.dxtg.common.android.e.g;

public class DocsToGoApp
  extends Application
{
  private static Application a = null;
  private static bv b = null;
  
  public DocsToGoApp()
  {
    a = this;
  }
  
  public static Context a()
  {
    return a.getApplicationContext();
  }
  
  public static String a(String paramString)
  {
    int i = "x.xxx".length();
    if (paramString.length() > i) {
      paramString = paramString.substring(0, i);
    }
    return paramString;
  }
  
  public static void a(Runnable paramRunnable)
  {
    new Handler(a().getMainLooper()).post(paramRunnable);
  }
  
  public static Resources b()
  {
    return a.getResources();
  }
  
  public static bv c()
  {
    if (b == null) {}
    try
    {
      Thread.sleep(500L);
      label12:
      return b;
    }
    catch (Throwable localThrowable)
    {
      break label12;
    }
  }
  
  public void onCreate()
  {
    try
    {
      g.a().a(getPackageName());
      new Handler().postAtFrontOfQueue(new bu(this));
      bv localbv = new bv(this);
      localbv.a();
      b = localbv;
      return;
    }
    catch (Throwable localThrowable)
    {
      for (;;)
      {
        localThrowable.printStackTrace();
      }
    }
  }
}

Bytecode for the Dalvik VM

General Design

The machine model and calling conventions are meant to approximately imitate common real architectures and C-style calling conventions:
- The VM is register-based, and frames are fixed in size upon creation. Each frame consists of a particular number of registers (specified by the method) as well as any adjunct data needed to execute the method, such as (but not limited to) the program counter and a reference to the .dex file that contains the method.
- Registers are 32 bits wide. Adjacent register pairs are used for 64-bit values.
- In terms of bitwise representation, (Object) null == (int) 0.
- The N arguments to a method land in the last N registers of the method’s invocation frame, in order. Wide arguments consume two registers. Instance methods are passed a this reference as their first argument.
The storage unit in the instruction stream is a 16-bit unsigned quantity. Some bits in some instructions are ignored / must-be-zero.
Instructions aren’t gratuitously limited to a particular type. For example, instructions that move 32-bit register values without interpretation don’t have to specify whether they are moving ints or floats.
There are separately enumerated and indexed constant pools for references to strings, types, fields, and methods.
Bitwise literal data is represented in-line in the instruction stream.
Because, in practice, it is uncommon for a method to need more than 16 registers, and because needing more than eight registers is reasonably common, many instructions are limited to only addressing the first 16 registers. When reasonably possible, instructions allow references to up to the first 256 registers. In cases where an instruction variant isn’t available to address a desired register, it is expected that the register contents get moved from the original register to a low register (before the operation) and/or moved from a low result register to a high register (after the operation).
There are several “pseudo-instructions” that are used to hold variable-length data referred to by regular instructions (for example, fill-array-data). Such instructions must never be encountered during the normal flow of execution. In addition, the instructions must be located on even-numbered bytecode offsets (that is, 4-byte aligned). In order to meet this requirement, dex generation tools should emit an extra nop instruction as a spacer if such an instruction would otherwise be unaligned. Finally, though not required, it is expected that most tools will choose to emit these instructions at the ends of methods, since otherwise it would likely be the case that additional instructions would be needed to branch around them.
When installed on a running system, some instructions may be altered, changing their format, as an install-time static linking optimization. This is to allow for faster execution once linkage is known. See the associated instruction formats document for the suggested variants. The word “suggested” is used advisedly; it is not mandatory to implement these.
Human-syntax and mnemonics:
- Dest-then-source ordering for arguments.
- Some opcodes have a disambiguating suffix with respect to the type(s) they operate on: Type-general 64-bit opcodes are suffixed with -wide. Type-specific opcodes are suffixed with their type (or a straightforward abbreviation), one of: -boolean -byte -char -short -int -long -float -double -object -string -class -void. Type-general 32-bit opcodes are unmarked.
- Some opcodes have a disambiguating suffix to distinguish otherwise-identical operations that have different instruction layouts or options. These suffixes are separated from the main names with a slash (“/”) and mainly exist at all to make there be a one-to-one mapping with static constants in the code that generates and interprets executables (that is, to reduce ambiguity for humans).
See the instruction formats document for more details about the various instruction formats (listed under “Op & Format”) as well as details about the opcode syntax.

Summary of Instruction Set

Op & Format	Mnemonic / Syntax	Arguments	Description
00 10x	nop		Waste cycles.
01 12x	move vA, vB	A: destination register (4 bits) B: source register (4 bits)	Move the contents of one non-object register to another.
02 22x	move/from16 vAA, vBBBB	A: destination register (8 bits) B: source register (16 bits)	Move the contents of one non-object register to another.
03 32x	move/16 vAAAA, vBBBB	A: destination register (16 bits) B: source register (16 bits)	Move the contents of one non-object register to another.
04 12x	move-wide vA, vB	A: destination register pair (4 bits) B: source register pair (4 bits)	Move the contents of one register-pair to another. Note: It is legal to move from vN to either vN-1 or vN+1, so implementations must arrange for both halves of a register pair to be read before anything is written.
05 22x	move-wide/from16 vAA, vBBBB	A: destination register pair (8 bits) B: source register pair (16 bits)	Move the contents of one register-pair to another. Note: Implementation considerations are the same as move-wide, above.
06 32x	move-wide/16 vAAAA, vBBBB	A: destination register pair (16 bits) B: source register pair (16 bits)	Move the contents of one register-pair to another. Note: Implementation considerations are the same as move-wide, above.
07 12x	move-object vA, vB	A: destination register (4 bits) B: source register (4 bits)	Move the contents of one object-bearing register to another.
08 22x	move-object/from16 vAA, vBBBB	A: destination register (8 bits) B: source register (16 bits)	Move the contents of one object-bearing register to another.
09 32x	move-object/16 vAAAA, vBBBB	A: destination register (16 bits) B: source register (16 bits)	Move the contents of one object-bearing register to another.
0a 11x	move-result vAA	A: destination register (8 bits)	Move the single-word non-object result of the most recent invoke-kind into the indicated register. This must be done as the instruction immediately after aninvoke-kind whose (single-word, non-object) result is not to be ignored; anywhere else is invalid.
0b 11x	move-result-wide vAA	A: destination register pair (8 bits)	Move the double-word result of the most recent invoke-kind into the indicated register pair. This must be done as the instruction immediately after aninvoke-kind whose (double-word) result is not to be ignored; anywhere else is invalid.
0c 11x	move-result-object vAA	A: destination register (8 bits)	Move the object result of the most recent invoke-kind into the indicated register. This must be done as the instruction immediately after an invoke-kindor filled-new-array whose (object) result is not to be ignored; anywhere else is invalid.
0d 11x	move-exception vAA	A: destination register (8 bits)	Save a just-caught exception into the given register. This should be the first instruction of any exception handler whose caught exception is not to be ignored, and this instruction must only ever occur as the first instruction of an exception handler; anywhere else is invalid.
0e 10x	return-void		Return from a void method.
0f 11x	return vAA	A: return value register (8 bits)	Return from a single-width (32-bit) non-object value-returning method.
10 11x	return-wide vAA	A: return value register-pair (8 bits)	Return from a double-width (64-bit) value-returning method.
11 11x	return-object vAA	A: return value register (8 bits)	Return from an object-returning method.
12 11n	const/4 vA, #+B	A: destination register (4 bits) B: signed int (4 bits)	Move the given literal value (sign-extended to 32 bits) into the specified register.
13 21s	const/16 vAA, #+BBBB	A: destination register (8 bits) B: signed int (16 bits)	Move the given literal value (sign-extended to 32 bits) into the specified register.
14 31i	const vAA, #+BBBBBBBB	A: destination register (8 bits) B: arbitrary 32-bit constant	Move the given literal value into the specified register.
15 21h	const/high16 vAA, #+BBBB0000	A: destination register (8 bits) B: signed int (16 bits)	Move the given literal value (right-zero-extended to 32 bits) into the specified register.
16 21s	const-wide/16 vAA, #+BBBB	A: destination register (8 bits) B: signed int (16 bits)	Move the given literal value (sign-extended to 64 bits) into the specified register-pair.
17 31i	const-wide/32 vAA, #+BBBBBBBB	A: destination register (8 bits) B: signed int (32 bits)	Move the given literal value (sign-extended to 64 bits) into the specified register-pair.
18 51l	const-wide vAA, #+BBBBBBBBBBBBBBBB	A: destination register (8 bits) B: arbitrary double-width (64-bit) constant	Move the given literal value into the specified register-pair.
19 21h	const-wide/high16 vAA, #+BBBB000000000000	A: destination register (8 bits) B: signed int (16 bits)	Move the given literal value (right-zero-extended to 64 bits) into the specified register-pair.
1a 21c	const-string vAA, string@BBBB	A: destination register (8 bits) B: string index	Move a reference to the string specified by the given index into the specified register.
1b 31c	const-string/jumbo vAA, string@BBBBBBBB	A: destination register (8 bits) B: string index	Move a reference to the string specified by the given index into the specified register.
1c 21c	const-class vAA, type@BBBB	A: destination register (8 bits) B: type index	Move a reference to the class specified by the given index into the specified register. In the case where the indicated type is primitive, this will store a reference to the primitive type’s degenerate class.
1d 11x	monitor-enter vAA	A: reference-bearing register (8 bits)	Acquire the monitor for the indicated object.
1e 11x	monitor-exit vAA	A: reference-bearing register (8 bits)	Release the monitor for the indicated object. Note: If this instruction needs to throw an exception, it must do so as if the pc has already advanced past the instruction. It may be useful to think of this as the instruction successfully executing (in a sense), and the exception getting thrownafter the instruction but before the next one gets a chance to run. This definition makes it possible for a method to use a monitor cleanup catch-all (e.g., finally) block as the monitor cleanup for that block itself, as a way to handle the arbitrary exceptions that might get thrown due to the historical implementation ofThread.stop(), while still managing to have proper monitor hygiene.
1f 21c	check-cast vAA, type@BBBB	A: reference-bearing register (8 bits) B: type index (16 bits)	Throw a ClassCastException if the reference in the given register cannot be cast to the indicated type. Note: Since A must always be a reference (and not a primitive value), this will necessarily fail at runtime (that is, it will throw an exception) if B refers to a primitive type.
20 22c	instance-of vA, vB, type@CCCC	A: destination register (4 bits) B: reference-bearing register (4 bits) C: type index (16 bits)	Store in the given destination register 1 if the indicated reference is an instance of the given type, or 0 if not. Note: Since B must always be a reference (and not a primitive value), this will always result in 0 being stored if C refers to a primitive type.
21 12x	array-length vA, vB	A: destination register (4 bits) B: array reference-bearing register (4 bits)	Store in the given destination register the length of the indicated array, in entries
22 21c	new-instance vAA, type@BBBB	A: destination register (8 bits) B: type index	Construct a new instance of the indicated type, storing a reference to it in the destination. The type must refer to a non-array class.
23 22c	new-array vA, vB, type@CCCC	A: destination register (8 bits) B: size register C: type index	Construct a new array of the indicated type and size. The type must be an array type.
24 35c	filled-new-array {vD, vE, vF, vG, vA}, type@CCCC	B: array size and argument word count (4 bits) C: type index (16 bits) D..G, A: argument registers (4 bits each)	Construct an array of the given type and size, filling it with the supplied contents. The type must be an array type. The array’s contents must be single-word (that is, no arrays of long or double, but reference types are acceptable). The constructed instance is stored as a “result” in the same way that the method invocation instructions store their results, so the constructed instance must be moved to a register with an immediately subsequent move-result-objectinstruction (if it is to be used).
25 3rc	filled-new-array/range {vCCCC .. vNNNN}, type@BBBB	A: array size and argument word count (8 bits) B: type index (16 bits) C: first argument register (16 bits) N = A + C – 1	Construct an array of the given type and size, filling it with the supplied contents. Clarifications and restrictions are the same as filled-new-array, described above.
26 31t	fill-array-data vAA, +BBBBBBBB (with supplemental data as specified below in “fill-array-data Format”)	A: array reference (8 bits) B: signed “branch” offset to table data pseudo-instruction (32 bits)	Fill the given array with the indicated data. The reference must be to an array of primitives, and the data table must match it in type and must contain no more elements than will fit in the array. That is, the array may be larger than the table, and if so, only the initial elements of the array are set, leaving the remainder alone.
27 11x	throw vAA	A: exception-bearing register (8 bits)	Throw the indicated exception.
28 10t	goto +AA	A: signed branch offset (8 bits)	Unconditionally jump to the indicated instruction. Note: The branch offset must not be 0. (A spin loop may be legally constructed either with goto/32 or by including a nop as a target before the branch.)
29 20t	goto/16 +AAAA	A: signed branch offset (16 bits)	Unconditionally jump to the indicated instruction. Note: The branch offset must not be 0. (A spin loop may be legally constructed either with goto/32 or by including a nop as a target before the branch.)
2a 30t	goto/32 +AAAAAAAA	A: signed branch offset (32 bits)	Unconditionally jump to the indicated instruction.
2b 31t	packed-switch vAA, +BBBBBBBB (with supplemental data as specified below in “packed-switch Format”)	A: register to test B: signed “branch” offset to table data pseudo-instruction (32 bits)	Jump to a new instruction based on the value in the given register, using a table of offsets corresponding to each value in a particular integral range, or fall through to the next instruction if there is no match.
2c 31t	sparse-switch vAA, +BBBBBBBB (with supplemental data as specified below in “sparse-switch Format”)	A: register to test B: signed “branch” offset to table data pseudo-instruction (32 bits)	Jump to a new instruction based on the value in the given register, using an ordered table of value-offset pairs, or fall through to the next instruction if there is no match.
2d..31 23x	cmpkind vAA, vBB, vCC 2d: cmpl-float (lt bias) 2e: cmpg-float (gt bias) 2f: cmpl-double (lt bias) 30: cmpg-double (gt bias) 31: cmp-long	A: destination register (8 bits) B: first source register or pair C: second source register or pair	Perform the indicated floating point or long comparison, storing 0 if the two arguments are equal, 1 if the second argument is larger, or -1 if the first argument is larger. The “bias” listed for the floating point operations indicates how NaNcomparisons are treated: “Gt bias” instructions return 1 for NaN comparisons, and “lt bias” instructions return -1. For example, to check to see if floating point a < b, then it is advisable to usecmpg-float; a result of -1 indicates that the test was true, and the other values indicate it was false either due to a valid comparison or because one or the other values was NaN.
32..37 22t	if-test vA, vB, +CCCC 32: if-eq 33: if-ne 34: if-lt 35: if-ge 36: if-gt 37: if-le	A: first register to test (4 bits) B: second register to test (4 bits) C: signed branch offset (16 bits)	Branch to the given destination if the given two registers’ values compare as specified. Note: The branch offset must not be 0. (A spin loop may be legally constructed either by branching around a backward goto or by including a nop as a target before the branch.)
38..3d 21t	if-testz vAA, +BBBB 38: if-eqz 39: if-nez 3a: if-ltz 3b: if-gez 3c: if-gtz 3d: if-lez	A: register to test (8 bits) B: signed branch offset (16 bits)	Branch to the given destination if the given register’s value compares with 0 as specified. Note: The branch offset must not be 0. (A spin loop may be legally constructed either by branching around a backward goto or by including a nop as a target before the branch.)
3e..43 10x	(unused)		(unused)
44..51 23x	arrayop vAA, vBB, vCC 44: aget 45: aget-wide 46: aget-object 47: aget-boolean 48: aget-byte 49: aget-char 4a: aget-short 4b: aput 4c: aput-wide 4d: aput-object 4e: aput-boolean 4f: aput-byte 50: aput-char 51: aput-short	A: value register or pair; may be source or dest (8 bits) B: array register (8 bits) C: index register (8 bits)	Perform the identified array operation at the identified index of the given array, loading or storing into the value register.
52..5f 22c	iinstanceop vA, vB, field@CCCC 52: iget 53: iget-wide 54: iget-object 55: iget-boolean 56: iget-byte 57: iget-char 58: iget-short 59: iput 5a: iput-wide 5b: iput-object 5c: iput-boolean 5d: iput-byte 5e: iput-char 5f: iput-short	A: value register or pair; may be source or dest (4 bits) B: object register (4 bits) C: instance field reference index (16 bits)	Perform the identified object instance field operation with the identified field, loading or storing into the value register. Note: These opcodes are reasonable candidates for static linking, altering the field argument to be a more direct offset.
60..6d 21c	sstaticop vAA, field@BBBB 60: sget 61: sget-wide 62: sget-object 63: sget-boolean 64: sget-byte 65: sget-char 66: sget-short 67: sput 68: sput-wide 69: sput-object 6a: sput-boolean 6b: sput-byte 6c: sput-char 6d: sput-short	A: value register or pair; may be source or dest (8 bits) B: static field reference index (16 bits)	Perform the identified object static field operation with the identified static field, loading or storing into the value register. Note: These opcodes are reasonable candidates for static linking, altering the field argument to be a more direct offset.
6e..72 35c	invoke-kind {vD, vE, vF, vG, vA}, meth@CCCC 6e: invoke-virtual 6f: invoke-super 70: invoke-direct 71: invoke-static 72: invoke-interface	B: argument word count (4 bits) C: method index (16 bits) D..G, A: argument registers (4 bits each)	Call the indicated method. The result (if any) may be stored with an appropriatemove-result* variant as the immediately subsequent instruction. invoke-virtual is used to invoke a normal virtual method (a method that is notstatic or final, and is not a constructor). invoke-super is used to invoke the closest superclass’s virtual method (as opposed to the one with the same method_id in the calling class). invoke-direct is used to invoke a non-static direct method (that is, an instance method that is by its nature non-overridable, namely either a privateinstance method or a constructor). invoke-static is used to invoke a static method (which is always considered a direct method). invoke-interface is used to invoke an interface method, that is, on an object whose concrete class isn’t known, using a method_id that refers to aninterface. Note: These opcodes are reasonable candidates for static linking, altering the method argument to be a more direct offset (or pair thereof).
73 10x	(unused)		(unused)
74..78 3rc	invoke-kind/range {vCCCC .. vNNNN}, meth@BBBB 74: invoke-virtual/range 75: invoke-super/range 76: invoke-direct/range 77: invoke-static/range 78: invoke-interface/range	A: argument word count (8 bits) B: method index (16 bits) C: first argument register (16 bits) N = A + C – 1	Call the indicated method. See first invoke-kind description above for details, caveats, and suggestions.
79..7a 10x	(unused)		(unused)
7b..8f 12x	unop vA, vB 7b: neg-int 7c: not-int 7d: neg-long 7e: not-long 7f: neg-float 80: neg-double 81: int-to-long 82: int-to-float 83: int-to-double 84: long-to-int 85: long-to-float 86: long-to-double 87: float-to-int 88: float-to-long 89: float-to-double 8a: double-to-int 8b: double-to-long 8c: double-to-float 8d: int-to-byte 8e: int-to-char 8f: int-to-short	A: destination register or pair (4 bits) B: source register or pair (4 bits)	Perform the identified unary operation on the source register, storing the result in the destination register.
90..af 23x	binop vAA, vBB, vCC 90: add-int 91: sub-int 92: mul-int 93: div-int 94: rem-int 95: and-int 96: or-int 97: xor-int 98: shl-int 99: shr-int 9a: ushr-int 9b: add-long 9c: sub-long 9d: mul-long 9e: div-long 9f: rem-long a0: and-long a1: or-long a2: xor-long a3: shl-long a4: shr-long a5: ushr-long a6: add-float a7: sub-float a8: mul-float a9: div-float aa: rem-float ab: add-double ac: sub-double ad: mul-double ae: div-double af: rem-double	A: destination register or pair (8 bits) B: first source register or pair (8 bits) C: second source register or pair (8 bits)	Perform the identified binary operation on the two source registers, storing the result in the first source register.
b0..cf 12x	binop/2addr vA, vB b0: add-int/2addr b1: sub-int/2addr b2: mul-int/2addr b3: div-int/2addr b4: rem-int/2addr b5: and-int/2addr b6: or-int/2addr b7: xor-int/2addr b8: shl-int/2addr b9: shr-int/2addr ba: ushr-int/2addr bb: add-long/2addr bc: sub-long/2addr bd: mul-long/2addr be: div-long/2addr bf: rem-long/2addr c0: and-long/2addr c1: or-long/2addr c2: xor-long/2addr c3: shl-long/2addr c4: shr-long/2addr c5: ushr-long/2addr c6: add-float/2addr c7: sub-float/2addr c8: mul-float/2addr c9: div-float/2addr ca: rem-float/2addr cb: add-double/2addr cc: sub-double/2addr cd: mul-double/2addr ce: div-double/2addr cf: rem-double/2addr	A: destination and first source register or pair (4 bits) B: second source register or pair (4 bits)	Perform the identified binary operation on the two source registers, storing the result in the first source register.
d0..d7 22s	binop/lit16 vA, vB, #+CCCC d0: add-int/lit16 d1: rsub-int (reverse subtract) d2: mul-int/lit16 d3: div-int/lit16 d4: rem-int/lit16 d5: and-int/lit16 d6: or-int/lit16 d7: xor-int/lit16	A: destination register (4 bits) B: source register (4 bits) C: signed int constant (16 bits)	Perform the indicated binary op on the indicated register (first argument) and literal value (second argument), storing the result in the destination register. Note: rsub-int does not have a suffix since this version is the main opcode of its family. Also, see below for details on its semantics.
d8..e2 22b	binop/lit8 vAA, vBB, #+CC d8: add-int/lit8 d9: rsub-int/lit8 da: mul-int/lit8 db: div-int/lit8 dc: rem-int/lit8 dd: and-int/lit8 de: or-int/lit8 df: xor-int/lit8 e0: shl-int/lit8 e1: shr-int/lit8 e2: ushr-int/lit8	A: destination register (8 bits) B: source register (8 bits) C: signed int constant (8 bits)	Perform the indicated binary op on the indicated register (first argument) and literal value (second argument), storing the result in the destination register. Note: See below for details on the semantics of rsub-int.
e3..ff 10x	(unused)		(unused)

packed-switch Format

Name	Format	Description
ident	ushort = 0x0100	identifying pseudo-opcode
size	ushort	number of entries in the table
first_key	int	first (and lowest) switch case value
targets	int[]	list of size relative branch targets. The targets are relative to the address of the switch opcode, not of this table.

Note: The total number of code units for an instance of this table is (size * 2) + 4.

sparse-switch Format

Name	Format	Description
ident	ushort = 0x0200	identifying pseudo-opcode
size	ushort	number of entries in the table
keys	int[]	list of size key values, sorted low-to-high
targets	int[]	list of size relative branch targets, each corresponding to the key value at the same index. The targets are relative to the address of the switch opcode, not of this table.

Note: The total number of code units for an instance of this table is (size * 4) + 2.

fill-array-data Format

Name	Format	Description
ident	ushort = 0x0300	identifying pseudo-opcode
element_width	ushort	number of bytes in each element
size	uint	number of elements in the table
data	ubyte[]	data values

Note: The total number of code units for an instance of this table is (size * element_width + 1) / 2 + 4.

Mathematical Operation Details

Note: Floating point operations must follow IEEE 754 rules, using round-to-nearest and gradual underflow, except where stated otherwise.

Opcode	C Semantics	Notes
neg-int	int32 a; int32 result = -a;	Unary twos-complement.
not-int	int32 a; int32 result = ~a;	Unary ones-complement.
neg-long	int64 a; int64 result = -a;	Unary twos-complement.
not-long	int64 a; int64 result = ~a;	Unary ones-complement.
neg-float	float a; float result = -a;	Floating point negation.
neg-double	double a; double result = -a;	Floating point negation.
int-to-long	int32 a; int64 result = (int64) a;	Sign extension of int32 into int64.
int-to-float	int32 a; float result = (float) a;	Conversion of int32 to float, using round-to-nearest. This loses precision for some values.
int-to-double	int32 a; double result = (double) a;	Conversion of int32 to double.
long-to-int	int64 a; int32 result = (int32) a;	Truncation of int64 into int32.
long-to-float	int64 a; float result = (float) a;	Conversion of int64 to float, using round-to-nearest. This loses precision for some values.
long-to-double	int64 a; double result = (double) a;	Conversion of int64 to double, using round-to-nearest. This loses precision for some values.
float-to-int	float a; int32 result = (int32) a;	Conversion of float to int32, using round-toward-zero. NaN and -0.0 (negative zero) convert to the integer 0. Infinities and values with too large a magnitude to be represented get converted to either 0x7fffffff or -0x80000000 depending on sign.
float-to-long	float a; int64 result = (int64) a;	Conversion of float to int64, using round-toward-zero. The same special case rules as for float-to-int apply here, except that out-of-range values get converted to either 0x7fffffffffffffff or -0x8000000000000000 depending on sign.
float-to-double	float a; double result = (double) a;	Conversion of float to double, preserving the value exactly.
double-to-int	double a; int32 result = (int32) a;	Conversion of double to int32, using round-toward-zero. The same special case rules as for float-to-int apply here.
double-to-long	double a; int64 result = (int64) a;	Conversion of double to int64, using round-toward-zero. The same special case rules as for float-to-long apply here.
double-to-float	double a; float result = (float) a;	Conversion of double to float, using round-to-nearest. This loses precision for some values.
int-to-byte	int32 a; int32 result = (a << 24) >> 24;	Truncation of int32 to int8, sign extending the result.
int-to-char	int32 a; int32 result = a & 0xffff;	Truncation of int32 to uint16, without sign extension.
int-to-short	int32 a; int32 result = (a << 16) >> 16;	Truncation of int32 to int16, sign extending the result.
add-int	int32 a, b; int32 result = a + b;	Twos-complement addition.
sub-int	int32 a, b; int32 result = a – b;	Twos-complement subtraction.
rsub-int	int32 a, b; int32 result = b – a;	Twos-complement reverse subtraction.
mul-int	int32 a, b; int32 result = a * b;	Twos-complement multiplication.
div-int	int32 a, b; int32 result = a / b;	Twos-complement division, rounded towards zero (that is, truncated to integer). This throws ArithmeticException if b == 0.
rem-int	int32 a, b; int32 result = a % b;	Twos-complement remainder after division. The sign of the result is the same as that of a, and it is more precisely defined as result == a – (a / b) * b. This throws ArithmeticException if b == 0.
and-int	int32 a, b; int32 result = a & b;	Bitwise AND.
or-int	int32 a, b; int32 result = a \| b;	Bitwise OR.
xor-int	int32 a, b; int32 result = a ^ b;	Bitwise XOR.
shl-int	int32 a, b; int32 result = a << (b & 0x1f);	Bitwise shift left (with masked argument).
shr-int	int32 a, b; int32 result = a >> (b & 0x1f);	Bitwise signed shift right (with masked argument).
ushr-int	uint32 a, b; int32 result = a >> (b & 0x1f);	Bitwise unsigned shift right (with masked argument).
add-long	int64 a, b; int64 result = a + b;	Twos-complement addition.
sub-long	int64 a, b; int64 result = a – b;	Twos-complement subtraction.
mul-long	int64 a, b; int64 result = a * b;	Twos-complement multiplication.
div-long	int64 a, b; int64 result = a / b;	Twos-complement division, rounded towards zero (that is, truncated to integer). This throws ArithmeticException if b == 0.
rem-long	int64 a, b; int64 result = a % b;	Twos-complement remainder after division. The sign of the result is the same as that of a, and it is more precisely defined as result == a – (a / b) * b. This throws ArithmeticException if b == 0.
and-long	int64 a, b; int64 result = a & b;	Bitwise AND.
or-long	int64 a, b; int64 result = a \| b;	Bitwise OR.
xor-long	int64 a, b; int64 result = a ^ b;	Bitwise XOR.
shl-long	int64 a, b; int64 result = a << (b & 0x3f);	Bitwise shift left (with masked argument).
shr-long	int64 a, b; int64 result = a >> (b & 0x3f);	Bitwise signed shift right (with masked argument).
ushr-long	uint64 a, b; int64 result = a >> (b & 0x3f);	Bitwise unsigned shift right (with masked argument).
add-float	float a, b; float result = a + b;	Floating point addition.
sub-float	float a, b; float result = a – b;	Floating point subtraction.
mul-float	float a, b; float result = a * b;	Floating point multiplication.
div-float	float a, b; float result = a / b;	Floating point division.
rem-float	float a, b; float result = a % b;	Floating point remainder after division. This function is different than IEEE 754 remainder and is defined as result == a – roundTowardZero(a / b) * b.
add-double	double a, b; double result = a + b;	Floating point addition.
sub-double	double a, b; double result = a – b;	Floating point subtraction.
mul-double	double a, b; double result = a * b;	Floating point multiplication.
div-double	double a, b; double result = a / b;	Floating point division.
rem-double	double a, b; double result = a % b;	Floating point remainder after division. This function is different than IEEE 754 remainder and is defined as result == a – roundTowardZero(a / b) * b.

Dalvik opcodes

http://pallergabor.uw.hu/androidblog/dalvik_opcodes.html

Dalvik opcodes

Author: Gabor Paller

Vx values in the table denote a Dalvik register. Depending on the instruction, 16, 256 or 64k registers can be accessed. Operations on long and double values use two registers, e.g. a double value addressed in the V0 register occupies the V0 and V1 registers.

Boolean values are stored as 1 for true and 0 for false. Operations on booleans are translated into integer operations.

All the examples are in hig-endian format, e.g. 0F00 0A00 is coded as 0F, 00, 0A, 00 sequence.

Note there are no explanation/example at some instructions. This means that I have not seen that instruction “in the wild” and its presence/name is only known from Android opcode constant list.

Opcode (hex)	Opcode name	Explanation	Example
00	nop	No operation	0000 – nop
01	move vx,vy	Moves the content of vy into vx. Both registers must be in the first 256 register range.	0110 – move v0, v1 Moves v1 into v0.
02	move/from16 vx,vy	Moves the content of vy into vx. vy may be in the 64k register range while vx is one of the first 256 registers.	0200 1900 – move/from16 v0, v25 Moves v25 into v0.
03	move/16
04	move-wide
05	move-wide/from16 vx,vy	Moves a long/double value from vy to vx. vy may be in the 64k register range while wx is one of the first 256 registers.	0516 0000 – move-wide/from16 v22, v0 Moves v0 into v22.
06	move-wide/16
07	move-object vx,vy	Moves the object reference from vy to vx.	0781 – move-object v1, v8 Moves the object reference in v8 to v1.
08	move-object/from16 vx,vy	Moves the object reference from vy to vx, vy can address 64k registers and vx can address 256 registers.	0801 1500 – move-object/from16 v1, v21 Move the object reference in v21 to v1.
09	move-object/16
0A	move-result vx	Move the result value of the previous method invocation into vx.	0A00 – move-result v0 Move the return value of a previous method invocation into v0.
0B	move-result-wide vx	Move the long/double result value of the previous method invocation into vx,vx+1.	0B02 – move-result-wide v2 Move the long/double result value of the previous method invocation into v2,v3.
0C	move-result-object vx	Move the result object reference of the previous method invocation into vx.	0C00 – move-result-object v0
0D	move-exception vx	Move the exception object reference thrown during a method invocation into vx.	0D19 – move-exception v25
0E	return-void	Return without a return value	0E00 – return-void
0F	return vx	Return with vx return value	0F00 – return v0 Returns with return value in v0.
10	return-wide vx	Return with double/long result in vx,vx+1.	1000 – return-wide v0 Returns with a double/long value in v0,v1.
11	return-object vx	Return with vx object reference value.	1100 – return-object v0 Returns with object reference value in v0
12	const/4 vx,lit4	Puts the 4 bit constant into vx	1221 – const/4 v1, #int2 Moves literal 2 into v1. The destination register is in the lower 4 bit in the second byte, the literal 2 is in the higher 4 bit.
13	const/16 vx,lit16	Puts the 16 bit constant into vx	1300 0A00 – const/16 v0, #int 10 Puts the literal constant of 10 into v0.
14	const vx, lit32	Puts the integer constant into vx	1400 4E61 BC00 – const v0, # 12345678 // #00BC614E Moves literal 12345678 into v0.
15	const/high16 v0, lit16	Puts the 16 bit constant into the topmost bits of the register. Used to initialize float values.	1500 2041 – const/high16 v0, #float 10.0 // #41200000 Moves the floating literal of 10.0 into v0. The 16 bit literal in the instruction carries the top 16 bits of the floating point number.
16	const-wide/16 vx, lit16	Puts the integer constant into vx and vx+1 registers, expanding the integer constant into a long constant..	1600 0A00 – const-wide/16 v0, #long 10 Moves literal 10 into v0 and v1 registers.
17	const-wide/32 vx, lit32	Puts the 32 bit constant into vx and vx+1 registers, expanding the integer constant into a long constant.	1702 4e61 bc00 – const-wide/32 v2, #long 12345678 // #00bc614e Puts # 12345678 into v2 and v3 registers.
18	const-wide vx, lit64	Puts the 64 bit constant into vx and vx+1 registers.	1802 874b 6b5d 54dc 2b00- const-wide v2, #long 12345678901234567 // #002bdc545d6b4b87 Puts #12345678901234567 into v2 and v3 registers.
19	const-wide/high16 vx,lit16	Puts the 16 bit constant into the highest 16 bit of vx and vx+1 registers. Used to initialize double values.	1900 2440 – const-wide/high16 v0, #double 10.0 // #402400000 Puts the double constant of 10.0 into v0 register.
1A	const-string vx,string_id	Puts reference to a string constant identified by string_id into vx.	1A08 0000 – const-string v8, “” // string@0000 Puts reference to string@0000 (entry #0 in the string table) into v8.
1B	const-string-jumbo
1C	const-class vx,type_id	Moves the class object of a class identified by type_id (e.g. Object.class) into vx.	1C00 0100 – const-class v0, Test3 // type@0001 Moves reference to Test3.class (entry#1 in the type id table) into
1D	monitor-enter vx	Obtains the monitor of the object referenced by vx.	1D03 – monitor-enter v3 Obtains the monitor of the object referenced by v3.
1E	monitor-exit	Releases the monitor of the object referenced by vx.	1E03 – monitor-exit v3 Releases the monitor of the object referenced by v3.
1F	check-cast vx, type_id	Checks whether the object reference in vx can be cast to an instance of a class referenced by type_id. Throws ClassCastException if the cast is not possible, continues execution otherwise.	1F04 0100 – check-cast v4, Test3 // type@0001 Checks whether the object reference in v4 can be cast to type@0001 (entry #1 in the type id table)
20	instance-of vx,vy,type_id	Checks whether vy is instance of a class identified by type_id. Sets vx non-zero if it is, 0 otherwise.	2040 0100 – instance-of v0, v4, Test3 // type@0001 Checks whether the object reference in v4 is an instance of type@0001 (entry #1 in the type id table). Sets v0 to non-zero if v4 is instance of Test3, 0 otherwise.
21	array-length vx,vy	Calculates the number of elements of the array referenced by vy and puts the length value into vx.	2111 – array-length v1, v1 Calculates the number of elements of the array referenced by v1 and puts the result into v1.
22	new-instance vx,type	Instantiates an object type and puts the reference of the newly created instance into vx.	2200 1500 – new-instance v0, java.io.FileInputStream // type@0015 Instantiates type@0015 (entry #15H in the type table) and puts its reference into v0.
23	new-array vx,vy,type_id	Generates a new array of type_id type and vy element size and puts the reference to the array into vx.	2312 2500 – new-array v2, v1, char[] // type@0025 Generates a new array of type@0025 type and v1 size and puts the reference to the new array into v2.
24	filled-new-array {parameters},type_id	Generates a new array of type_id and fills it with the parameters⁵. Reference to the newly generated array can be obtained by a move-result-object instruction, immediately following the filled-new-array instruction.	2420 530D 0000 – filled-new-array {v0,v0},[I // type@0D53 Generates a new array of type@0D53. The array’s size will be 2 and both elements will be filled with the contents of v0 register.
25	filled-new-array-range {vx..vy},type_id	Generates a new array of type_id and fills it with a range of parameters. Reference to the newly generated array can be obtained by a move-result-object instruction, immediately following the filled-new-array instruction.	2503 0600 1300 – filled-new-array/range {v19..v21}, [B // type@0006 Generates a new array of type@0D53. The array’s size will be 3 and the elements will be filled using the v19,v20 and v21 registers⁴.
26	fill-array-data vx,array_data_offset	Fills the array referenced by vx with the static data. The location of the static data is the sum of the position of the current instruction and the offset	2606 2500 0000 – fill-array-data v6, 00e6 // +0025 Fills the array referenced by v0 with the static data at current instruction+25H words location. The offset is expressed as a 32-bit number. The static data is stored in the following format: 0003 // Table type: static array data 0400 // Byte per array element (in this case, 4 byte integers) 0300 0000 // Number of elements in the table 0100 0000 // Element #0: integer 1 0200 0000 // Element #1: integer 2 0300 0000 // Element #2: integer3
27	throw vx	Throws an exception object. The reference of the exception object is in vx.	2700 – throw v0 Throws an exception. The exception object reference is in v0.
28	goto target	Unconditional jump by short offset².	28F0 – goto 0005 // -0010 Jumps to current position-16 words (hex 10). 0005 is the label of the target instruction.
29	goto/16 target	Unconditional jump by 16 bit offset².	2900 0FFE – goto/16 002f // -01f1 Jumps to the current position-1F1H words. 002F is the label of the target instruction.
2A	goto/32 target
2B	packed-switch vx,table	Implements a switch statement where the case constants are close to each other. The instruction uses an index table. vx indexes into this table to find the offset of the instruction for a particular case. If vx falls out of the index table, the execution continues on the next instruction (default case).	2B02 0C00 0000 – packed-switch v2, 000c // +000c Execute a packed switch according to the switch argument in v2. The position of the index table is at current instruction+0CH words. The table looks like the following: 0001 // Table type: packed switch table 0300 // number of elements 0000 0000 // element base 0500 0000 0: 00000005 // case 0: +00000005 0700 0000 1: 00000007 // case 1: +00000007 0900 0000 2: 00000009 // case 2: +00000009
2C	sparse-switch vx,table	Implements a switch statement with sparse case table. The instruction uses a lookup table with case constants and offsets for each case constant. If there is no match in the table, execution continues on the next instruction (default case).	2C02 0c00 0000 – sparse-switch v2, 000c // +000c Execute a sparse switch according to the switch argument in v2. The position of the lookup table is at current instruction+0CH words. The table looks like the following. 0002 // Table type: sparse switch table 0300 // number of elements 9cff ffff // first case: -100 fa00 0000 // second case constant: 250 e803 0000 // third case constant: 1000 0500 0000 // offset for the first case constant: +5 0700 0000 // offset for the second case constant: +7 0900 0000 // offset for the third case constant: +9
2D	cmpl-float	Compares the float values in vy and vz and sets the integer value in vx accordingly³	2D00 0607 – cmpl-float v0, v6, v7 Compares the float values in v6 and v7 then sets v0 accordingly. NaN bias is less-than, the instruction will return -1 if any of the parameters is NaN.
2E	cmpg-float vx, vy, vz	Compares the float values in vy and vz and sets the integer value in vx accordingly³.	2E00 0607 – cmpg-float v0, v6, v7 Compares the float values in v6 and v7 then sets v0 accordingly. NaN bias is greater-than, the instruction will return 1 if any of the parameters is NaN.
2F	cmpl-double vx,vy,vz	Compares the double values in vy and vz² and sets the integer value in vx accordingly³.	2F19 0608 – cmpl-double v25, v6, v8 Compares the double values in v6,v7 and v8,v9 and sets v25 accordingly. NaN bias is less-than, the instruction will return -1 if any of the parameters is NaN.
30	cmpg-double vx, vy, vz	Compares the double values in vy and vz² and sets the integer value in vx accordingly³.	3000 080A – cmpg-double v0, v8, v10 Compares the double values in v8,v9 and v10,v11 then sets v0 accordingly. NaN bias is greater-than, the instruction will return 1 if any of the parameters is NaN.
31	cmp-long vx, vy, vz	Compares the long values in vy and vz and sets the integer value in vx accordingly³.	3100 0204 – cmp-long v0, v2, v4 Compares the long values in v2 and v4 then sets v0 accordingly.
32	if-eq vx,vy,target	Jumps to target if vx==vy². vx and vy are integer values.	32b3 6600 – if-eq v3, v11, 0080 // +0066 Jumps to the current position+66H words if v3==v11. 0080 is the label of the target instruction.
33	if-ne vx,vy,target	Jumps to target if vx!=vy². vx and vy are integer values.	33A3 1000 – if-ne v3, v10, 002c // +0010 Jumps to the current position+10H words if v3!=v10. 002c is the label of the target instruction.
34	if-lt vx,vy,target	Jumps to target is vx<vy². vx and vy are integer values.	3432 CBFF – if-lt v2, v3, 0023 // -0035 Jumps to the current position-35H words if v2<v3. 0023 is the label of the target instruction.
35	if-ge vx, vy,target	Jumps to target if vx>=vy². vx and vy are integer values.	3510 1B00 – if-ge v0, v1, 002b // +001b Jumps to the current position+1BH words if v0>=v1. 002b is the label of the target instruction.
36	if-gt vx,vy,target	Jumps to target if vx>vy². vx and vy are integer values.	3610 1B00 – if-ge v0, v1, 002b // +001b Jumps to the current position+1BH words if v0>v1. 002b is the label of the target instruction.
37	if-le vx,vy,target	Jumps to target if vx<=vy². vx and vy are integer values.	3756 0B00 – if-le v6, v5, 0144 // +000b Jumps to the current position+0BH words if v6<=v5. 0144 is the label of the target instruction.
38	if-eqz vx,target	Jumps to target if vx==0². vx is an integer value.	3802 1900 – if-eqz v2, 0038 // +0019 Jumps to the current position+19H words if v2==0. 0038 is the label of the target instruction.
39	if-nez vx,target	Checks vx and jumps if vx is nonzero².	3902 1200 – if-nez v2, 0014 // +0012 Jumps to current position+18 words (hex 12) if v2 is nonzero. 0014 is the label of the target instruction.
3A	if-ltz vx,target	Checks vx and jumps if vx<0².	3A00 1600 – if-ltz v0, 002d // +0016 Jumps to the current position+16H words if v0<0. 002d is the label of the target instruction.
3B	if-gez vx,target	Checks vx and jumps if vx>=0².	3B00 1600 – if-gez v0, 002d // +0016 Jumps to the current position+16H words if v0 >=0. 002d is the label of the target instruction.
3C	if-gtz vx,target	Checks vx and jumps if vx>0².	3C00 1D00 – if-gtz v0, 004a // +001d Jumps to the current position+1DH words if v0>0. 004A is the label of the target instruction.
3D	if-lez vx,target	Checks vx and jumps if vx<=0².	3D00 1D00 – if-lez v0, 004a // +001d Jumps to the current position+1DH words if v0<=0. 004A is the label of the target instruction.
3E	unused_3E
3F	unused_3F
40	unused_40
41	unused_41
42	unused_42
43	unused_43
44	aget vx,vy,vz	Gets an integer value of an object reference array into vx. The array is referenced by vy and is indexed by vz.	4407 0306 – aget v7, v3, v6 Gets an integer array element. The array is referenced by v3 and the element is indexed by v6. The element will be put into v7.
45	aget-wide vx,vy,vz	Gets a long/double value of long/double array into vx,vx+1. The array is referenced by vy and is indexed by vz.	4505 0104 – aget-wide v5, v1, v4 Gets a long/double array element. The array is referenced by v1 and the element is indexed by v4. The element will be put into v5,v6.
46	aget-object vx,vy,vz	Gets an object reference value of an object reference array into vx. The array is referenced by vy and is indexed by vz.	4602 0200 – aget-object v2, v2, v0 Gets an object reference array element. The array is referenced by v2 and the element is indexed by v0. The element will be put into v2.
47	aget-boolean vx,vy,vz	Gets a boolean value of a boolean array into vx. The array is referenced by vy and is indexed by vz.	4700 0001 – aget-boolean v0, v0, v1 Gets a boolean array element. The array is referenced by v0 and the element is indexed by v1. The element will be put into v0.
48	aget-byte vx,vy,vz	Gets a byte value of a byte array into vx. The array is referenced by vy and is indexed by vz.	4800 0001 – aget-byte v0, v0, v1 Gets a byte array element. The array is referenced by v0 and the element is indexed by v1. The element will be put into v0.
49	aget-char vx, vy,vz	Gets a char value of a character array into vx. The element is indexed by vz, the array object is referenced by vy	4905 0003 – aget-char v5, v0, v3 Gets a character array element. The array is referenced by v0 and the element is indexed by v3. The element will be put into v5.
4A	aget-short vx,vy,vz	Gets a short value of a short array into vx. The element is indexed by vz, the array object is referenced by vy.	4A00 0001 – aget-short v0, v0, v1 Gets a short array element. The array is referenced by v0 and the element is indexed by v1. The element will be put into v0.
4B	aput vx,vy,vz	Puts the integer value in vx into an element of an integer array. The element is indexed by vz, the array object is referenced by vy.	4B00 0305 – aput v0, v3, v5 Puts the integer value in v2 into an integer array referenced by v0. The target array element is indexed by v1.
4C	aput-wide vx,vy,vz	Puts the double/long value in vx,vx+1 into a double/long array. The array is referenced by vy, the element is indexed by vz.	4C05 0104 – aput-wide v5, v1, v4 Puts the double/long value in v5,v6 into a double/long array referenced by v1. The target array element is indexed by v4.
4D	aput-object vx,vy,vz	Puts the object reference value in vx into an element of an object reference array. The element is indexed by vz, the array object is referenced by vy.	4D02 0100 – aput-object v2, v1, v0 Puts the object reference value in v2 into an object reference array referenced by v0. The target array element is indexed by v1.
4E	aput-boolean vx,vy,vz	Puts the boolean value in vx into an element of a boolean array. The element is indexed by vz, the array object is referenced by vy.	4E01 0002 – aput-boolean v1, v0, v2 Puts the boolean value in v1 into an object reference array referenced by v0. The target array element is indexed by v2.
4F	aput-byte vx,vy,vz	Puts the byte value in vx into an element of a byte array. The element is indexed by vz, the array object is referenced by vy.	4F02 0001 – aput-byte v2, v0, v1 Puts the boolean value in v2 into a byte array referenced by v0. The target array element is indexed by v1.
50	aput-char vx,vy,vz	Puts the char value in vx into an element of a character array. The element is indexed by vz, the array object is referenced by vy.	5003 0001 – aput-char v3, v0, v1 Puts the character value in v3 into a character array referenced by v0. The target array element is indexed by v1.
51	aput-short vx,vy,vz	Puts the short value in vx into an element of a short array. The element is indexed by vz, the array object is referenced by vy.	5102 0001 – aput-short v2, v0, v1 Puts the short value in v2 into a character array referenced by v0. The target array element is indexed by v1.
52	iget vx, vy, field_id	Reads an instance field into vx. The instance is referenced by vy.	5210 0300 – iget v0, v1, Test2.i6:I // field@0003 Reads field@0003 into v0 (entry #3 in the field id table). The instance is referenced by v1.
53	iget-wide vx,vy,field_id	Reads an instance field into vx¹. The instance is referenced by vy.	5320 0400 – iget-wide v0, v2, Test2.l0:J // field@0004 Reads field@0004 into v0 and v1 registers (entry #4 in the field id table). The instance is referenced by v2.
54	iget-object vx,vy,field_id	Reads an object reference instance field into vx. The instance is referenced by vy.	iget-object v1, v2, LineReader.fis:Ljava/io/FileInputStream; // field@0002 Reads field@0002 into v1 (entry #2 in the field id table). The instance is referenced by v2.
55	iget-boolean vx,vy,field_id	Reads a boolean instance field into vx. The instance is referenced by vy.	55FC 0000 – iget-boolean v12, v15, Test2.b0:Z // field@0000 Reads the boolean field@0000 into v12 register (entry #0 in the field id table). The instance is referenced by v15.
56	iget-byte vx,vy,field_id	Reads a byte instance field into vx. The instance is referenced by vy.	5632 0100 – iget-byte v2, v3, Test3.bi1:B // field@0001 Reads the char field@0001 into v2 register (entry #1 in the field id table). The instance is referenced by v3.
57	iget-char vx,vy,field_id	Reads a char instance field into vx. The instance is referenced by vy.	5720 0300 – iget-char v0, v2, Test3.ci1:C // field@0003 Reads the char field@0003 into v0 register (entry #3 in the field id table). The instance is referenced by v2.
58	iget-short vx,vy,field_id	Reads a short instance field into vx. The instance is referenced by vy.	5830 0800 – iget-short v0, v3, Test3.si1:S // field@0008 Reads the short field@0008 into v0 register (entry #8 in the field id table). The instance is referenced by v3.
59	iput vx,vy, field_id	Puts vx into an instance field. The instance is referenced by vy.	5920 0200 – iput v0,v2, Test2.i6:I // field@0002 Stores v0 into field@0002 (entry #2 in the field id table). The instance is referenced by v2.
5A	iput-wide vx,vy, field_id	Puts the wide value located in vx and vx+1 registers into an instance field. The instance is referenced by vy.	5A20 0000 – iput-wide v0,v2, Test2.d0:D // field@0000 Stores the wide value in v0, v1 registers into field@0000 (entry #0 in the field id table). The instance is referenced by v2.
5B	iput-object vx,vy,field_id	Puts the object reference in vx into an instance field. The instance is referenced by vy.	5B20 0000 – iput-object v0, v2, LineReader.bis:Ljava/io/BufferedInputStream; // field@0000 Stores the object reference in v0 into field@0000 (entry #0 in the field table). The instance is referenced by v2.
5C	iput-boolean vx,vy, field_id	Puts the boolean value located in vx into an instance field. The instance is referenced by vy.	5C30 0000 – iput-boolean v0, v3, Test2.b0:Z // field@0000 Puts the boolean value in v0 into field@0000 (entry #0 in the field id table). The instance is referenced by v3.
5D	iput-byte vx,vy,field_id	Puts the byte value located in vx into an instance field. The instance is referenced by vy.	5D20 0100 – iput-byte v0, v2, Test3.bi1:B // field@0001 Puts the boolean value in v0 into field@0001 (entry #1 in the field id table). The instance is referenced by v2.
5E	iput-char vx,vy,field_id	Puts the char value located in vx into an instance field. The instance is referenced by vy.	5E20 0300 – iput-char v0, v2, Test3.ci1:C // field@0003 Puts the char value in v0 into field@0003 (entry #3 in the field id table). The instance is referenced by v2.
5F	iput-short vx,vy,field_id	Puts the short value located in vx into an instance field. The instance is referenced by vy.	5F21 0800 – iput-short v1, v2, Test3.si1:S // field@0008 Puts the short value in v1 into field@0008 (entry #8 in the field id table). The instance is referenced by v2.
60	sget vx,field_id	Reads the integer field identified by the field_id into vx.	6000 0700 – sget v0, Test3.is1:I // field@0007 Reads field@0007 (entry #7 in the field id table) into v0.
61	sget-wide vx, field_id	Reads the static field identified by the field_id into vx and vx+1 registers.	6100 0500 – sget-wide v0, Test2.l1:J // field@0005 Reads field@0005 (entry #5 in the field id table) into v0 and v1 registers.
62	sget-object vx,field_id	Reads the object reference field identified by the field_id into vx.	6201 0C00 – sget-object v1, Test3.os1:Ljava/lang/Object; // field@000c Reads field@000c (entry #CH in the field id table) into v1.
63	sget-boolean vx,field_id	Reads the boolean static field identified by the field_id into vx.	6300 0C00 – sget-boolean v0, Test2.sb:Z // field@000c Reads boolean field@000c (entry #12 in the field id table) into v0.
64	sget-byte vx,field_id	Reads the byte static field identified by the field_id into vx.	6400 0200 – sget-byte v0, Test3.bs1:B // field@0002 Reads byte field@0002 (entry #2 in the field id table) into v0.
65	sget-char vx,field_id	Reads the char static field identified by the field_id into vx.	6500 0700 – sget-char v0, Test3.cs1:C // field@0007 Reads byte field@0007 (entry #7 in the field id table) into v0.
66	sget-short vx,field_id	Reads the short static field identified by the field_id into vx.	6600 0B00 – sget-short v0, Test3.ss1:S // field@000b Reads short field@000b (entry #BH in the field id table) into v0.
67	sput vx, field_id	Puts vx into a static field.	6700 0100 – sput v0, Test2.i5:I // field@0001 Stores v0 into field@0001 (entry #1 in the field id table).
68	sput-wide vx, field_id	Puts vx and vx+1 into a static field.	6800 0500 – sput-wide v0, Test2.l1:J // field@0005 Puts the long value in v0 and v1 into the field@0005 static field (entry #5 in the field id table).
69	sput-object vx,field_id	Puts object reference in vx into a static field.	6900 0c00 – sput-object v0, Test3.os1:Ljava/lang/Object; // field@000c Puts the object reference value in v0 into the field@000c static field (entry #CH in the field id table).
6A	sput-boolean vx,field_id	Puts boolean value in vx into a static field.	6A00 0300 – sput-boolean v0, Test3.bls1:Z // field@0003 Puts the byte value in v0 into the field@0003 static field (entry #3 in the field id table).
6B	sput-byte vx,field_id	Puts byte value in vx into a static field.	6B00 0200 – sput-byte v0, Test3.bs1:B // field@0002 Puts the byte value in v0 into the field@0002 static field (entry #2 in the field id table).
6C	sput-char vx,field_id	Puts char value in vx into a static field.	6C01 0700 – sput-char v1, Test3.cs1:C // field@0007 Puts the char value in v1 into the field@0007 static field (entry #7 in the field id table).
6D	sput-short vx,field_id	Puts short value in vx into a static field.	6D00 0B00 – sput-short v0, Test3.ss1:S // field@000b Puts the short value in v0 into the field@000b static field (entry #BH in the field id table).
6E	invoke-virtual { parameters }, methodtocall	Invokes a virtual method with parameters.	6E53 0600 0421 – invoke-virtual { v4, v0, v1, v2, v3}, Test2.method5:(IIII)V // method@0006 Invokes the 6th method in the method table with the following arguments: v4 is the “this” instance, v0, v1, v2, and v3 are the method parameters. The method has 5 arguments (4 MSB bits of the second byte)⁵.
6F	invoke-super {parameter},methodtocall	Invokes the virtual method of the immediate parent class.	6F10 A601 0100 invoke-super {v1},java.io.FilterOutputStream.close:()V // method@01a6 Invokes method@01a6 with one parameter, v1.
70	invoke-direct { parameters }, methodtocall	Invokes a method with parameters without the virtual method resolution.	7010 0800 0100 – invoke-direct {v1}, java.lang.Object.<init>:()V // method@0008 Invokes the 8th method in the method table with just one parameter, v1 is the “this” instance⁵.
71	invoke-static {parameters}, methodtocall	Invokes a static method with parameters.	7110 3400 0400 – invoke-static {v4}, java.lang.Integer.parseInt:( Ljava/lang/String;)I // method@0034 Invokes method@34 static method. The method is called with one parameter, v4⁵.
72	invoke-interface {parameters},methodtocall	Invokes an interface method.	7240 2102 3154 invoke-interface {v1, v3, v4, v5}, mwfw.IReceivingProtocolAdapter.receivePackage:( ILjava/lang/String;Ljava/io/InputStream;)Z // method@0221 Invokes method@221 interface method using parameters in v1,v3,v4 and v5⁵.
73	unused_73
74	invoke-virtual/range {vx..vy},methodtocall	Invokes virtual method with a range of registers. The instruction specifies the first register and the number of registers to be passed to the method.	7403 0600 1300 – invoke-virtual {v19..v21}, Test2.method5:(IIII)V // method@0006 Invokes the 6th method in the method table with the following arguments: v19 is the “this” instance, v20 and v21 are the method parameters.
75	invoke-super/range	Invokes the virtual method of the immediate parent class. The instruction specifies the first register and the number of registers to be passed to the method.	7501 A601 0100 invoke-super {v1},java.io.FilterOutputStream.close:()V // method@01a6 Invokes method@01a6 with one parameter, v1.
76	invoke-direct/range {vx..vy},methodtocall	Invokes direct method with a range of registers. The instruction specifies the first register and the number of registers to be passed to the method.	7603 3A00 1300 – invoke-direct/range {v19..21},java.lang.Object.<init>:()V // method@003a Invokes method@3A with 1 parameters (second byte of the instruction=03). The parameter is stored in v19 (5th,6th bytes of the instruction).
77	invoke-static/range {vx..vy},methodtocall	Invokes static method with a range of registers. The instruction specifies the first register and the number of registers to be passed to the method.	7703 3A00 1300 – invoke-static/range {v19..21},java.lang.Integer.parseInt:( Ljava/lang/String;)I // method@0034 Invokes method@3A with 1 parameters (second byte of the instruction=03). The parameter is stored in v19 (5th,6th bytes of the instruction).
78	invoke-interface-range	Invokes an interface method with a range of registers. The instruction specifies the first register and the number of registers to be passed to the method.	7840 2102 0100 invoke-interface {v1..v4}, mwfw.IReceivingProtocolAdapter.receivePackage:( ILjava/lang/String;Ljava/io/InputStream;)Z // method@0221 Invokes method@221 interface method using parameters in v1..v4.
79	unused_79
7A	unused_7A
7B	neg-int vx,vy	Calculates vx=-vy.	7B01 – neg-int v1,v0 Calculates -v0 and stores the result in v1.
7C	not-int vx,vy
7D	neg-long vx,vy	Calculates vx,vx+1=-(vy,vy+1)	7D02 – neg-long v2,v0 Calculates -(v0,v1) and stores the result into (v2,v3)
7E	not-long vx,vy
7F	neg-float vx,vy	Calculates vx=-vy	7F01 – neg-float v1,v0 Calculates -v0 and stores the result into v1.
80	neg-double vx,vy	Calculates vx,vx+1=-(vy,vy+1)	8002 – neg-double v2,v0 Calculates -(v0,v1) and stores the result into (v2,v3)
81	int-to-long vx, vy	Converts the integer in vy into a long in vx,vx+1.	8106 – int-to-long v6, v0 Converts an integer in v0 into a long in v6,v7.
82	int-to-float vx, vy	Converts the integer in vx into a float in vx.	8206 – int-to-float v6, v0 Converts the integer in v0 into a float in v6.
83	int-to-double vx, vy	Converts the integer in vy into the double in vx,vx+1.	8306 – int-to-double v6, v0 Converts the integer in v0 into a double in v6,v7
84	long-to-int vx,vy	Converts the long value in vy,vy+1 into an integer in vx.	8424 – long-to-int v4, v2 Converts the long value in v2,v3 into an integer value in v4.
85	long-to-float vx, vy	Converts the long value in vy,vy+1 into a float in vx.	8510 – long-to-float v0, v1 Convcerts the long value in v1,v2 into a float value in v0.
86	long-to-double vx, vy	Converts the long value in vy,vy+1 into a double value in vx,vx+1.	8610 – long-to-double v0, v1 Converts the long value in v1,v2 into a double value in v0,v1.
87	float-to-int vx, vy	Converts the float value in vy into an integer value in vx.	8730 – float-to-int v0, v3 Converts the float value in v3 into an integer value in v0.
88	float-to-long vx,vy	Converts the float value in vy into a long value in vx.	8830 – float-to-long v0, v3 Converts the float value in v3 into a long value in v0,v1.
89	float-to-double vx, vy	Converts the float value in vy into a double value in vx,vx+1.	8930 – float-to-double v0, v3 Converts the float value in v3 into a double value in v0,v1.
8A	double-to-int vx, vy	Converts the double value in vy,vy+1 into an integer value in vx.	8A40 – double-to-int v0, v4 Converts the double value in v4,v5 into an integer value in v0.
8B	double-to-long vx, vy	Converts the double value in vy,vy+1 into a long value in vx,vx+1.	8B40 – double-to-long v0, v4 Converts the double value in v4,v5 into a long value in v0,v1.
8C	double-to-float vx, vy	Converts the double value in vy,vy+1 into a float value in vx.	8C40 – double-to-float v0, v4 Converts the double value in v4,v5 into a float value in v0,v1.
8D	int-to-byte vx,vy	Converts the int value in vy to a byte value and stores it in vx.	8D00 – int-to-byte v0, v0 Converts the integer in v0 into a byte and puts the byte value into v0.
8E	int-to-char vx,vy	Converts the int value in vy to a char value and stores it in vx.	8E33 – int-to-char v3, v3 Converts the integer in v3 into a char and puts the char value into v3.
8F	int-to-short vx,vy	Converts the int value in vy to a short value and stores it in vx.	8F00 – int-to-short v0, v0 Converts the integer in v0 into a short and puts the short value into v3.
90	add-int vx,vy,vz	Calculates vy+vz and puts the result into vx.	9000 0203 – add-int v0, v2, v3 Adds v3 to v2 and puts the result into v0⁴.
91	sub-int vx,vy,vz	Calculates vy-vz and puts the result into vx.	9100 0203 – sub-int v0, v2, v3 Subtracts v3 from v2 and puts the result into v0.
92	mul-int vx, vy, vz	Multiplies vz with wy and puts the result int vx.	9200 0203 – mul-int v0,v2,v3 Multiplies v2 with w3 and puts the result into v0
93	div-int vx,vy,vz	Divides vy with vz and puts the result into vx.	9303 0001 – div-int v3, v0, v1 Divides v0 with v1 and puts the result into v3.
94	rem-int vx,vy,vz	Calculates vy % vz and puts the result into vx.	9400 0203 – rem-int v0, v2, v3 Calculates v3 % v2 and puts the result into v0.
95	and-int vx, vy, vz	Calculates vy AND vz and puts the result into vx.	9503 0001 – and-int v3, v0, v1 Calculates v0 AND v1 and puts the result into v3.
96	or-int vx, vy, vz	Calculates vy OR vz and puts the result into vx.	9603 0001 – or-int v3, v0, v1 Calculates v0 OR v1 and puts the result into v3.
97	xor-int vx, vy, vz	Calculates vy XOR vz and puts the result into vx.	9703 0001 – xor-int v3, v0, v1 Calculates v0 XOR v1 and puts the result into v3.
98	shl-int vx, vy, vz	Shift vy left by the positions specified by vz and store the result into vx.	9802 0001 – shl-int v2, v0, v1 Shift v0 left by the positions specified by v1 and store the result in v2.
99	shr-int vx, vy, vz	Shift vy right by the positions specified by vz and store the result into vx.	9902 0001 – shr-int v2, v0, v1 Shift v0 right by the positions specified by v1 and store the result in v2.
9A	ushr-int vx, vy, vz	Unsigned shift right (>>>) vy by the positions specified by vz and store the result into vx.	9A02 0001 – ushr-int v2, v0, v1 Unsigned shift v0 right by the positions specified by v1 and store the result in v2.
9B	add-long vx, vy, vz	Adds vy to vz and puts the result into vx¹.	9B00 0305 – add-long v0, v3, v5 The long value in v3,v4 is added to the value in v5,v6 and the result is stored in v0,v1.
9C	sub-long vx,vy,vz	Calculates vy-vz and puts the result into vx¹.	9C00 0305 – sub-long v0, v3, v5 Subtracts the long value in v5,v6 from the long value in v3,v4 and puts the result into v0,v1.
9D	mul-long vx,vy,vz	Calculates vy*vz and puts the result into vx¹.	9D00 0305 – mul-long v0, v3, v5 Multiplies the long value in v5,v6 with the long value in v3,v4 and puts the result into v0,v1.
9E	div-long vx, vy, vz	Calculates vy/vz and puts the result into vx¹.	9E06 0002 – div-long v6, v0, v2 Divides the long value in v0,v1 with the long value in v2,v3 and pust the result into v6,v7.
9F	rem-long vx,vy,vz	Calculates vy % vz and puts the result into vx¹.	9F06 0002 – rem-long v6, v0, v2 Calculates v0,v1 % v2,v3 and puts the result into v6,v7.
A0	and-long vx, vy, vz	Calculates the vy AND vz and puts the result into vx¹.	A006 0002 – and-long v6, v0, v2 Calculates v0,v1 AND v2,v3 and puts the result into v6,v7.
A1	or-long vx, vy, vz	Calculates the vy OR vz and puts the result into vx¹.	A106 0002 – or-long v6, v0, v2 Calculates v0,v1 OR v2,v3 and puts the result into v6,v7.
A2	xor-long vx, vy, vz	Calculates the vy XOR vz and puts the result into vx¹.	A206 0002 – xor-long v6, v0, v2 Calculates v0,v1 XOR v2,v3 and puts the result into v6,v7.
A3	shl-long vx, vy, vz	Shifts left vy by vz positions and stores the result in vx¹.	A302 0004 – shl-long v2, v0, v4 Shift v0,v1 by postions specified by v4 and puts the result into v2,v3.
A4	shr-long vx,vy,vz	Shifts right vy by vz positions and stores the result in vx¹.	A402 0004 – shr-long v2, v0, v4 Shift v0,v1 by postions specified by v4 and puts the result into v2,v3.
A5	ushr-long vx, vy, vz	Unsigned shifts right vy by vz positions and stores the result in vx¹.	A502 0004 – ushr-long v2, v0, v4 Unsigned shift v0,v1 by postions specified by v4 and puts the result into v2,v3.
A6	add-float vx,vy,vz	Adds vy to vz and puts the result into vx.	A600 0203 – add-float v0, v2, v3 Adds the floating point numbers in v2 and v3 and puts the result into v0.
A7	sub-float vx,vy,vz	Calculates vy-vz and puts the result into vx.	A700 0203 – sub-float v0, v2, v3 Calculates v2-v3 and puts the result into v0.
A8	mul-float vx, vy, vz	Multiplies vy with vz and puts the result into vx.	A803 0001 – mul-float v3, v0, v1 Multiplies v0 with v1 and puts the result into v3.
A9	div-float vx, vy, vz	Calculates vy/vz and puts the result into vx.	A903 0001 – div-float v3, v0, v1 Divides v0 with v1 and puts the result into v3.
AA	rem-float vx,vy,vz	Calculates vy % vz and puts the result into vx.	AA03 0001 – rem-float v3, v0, v1 Calculates v0 % v1 and puts the result into v3.
AB	add-double vx,vy,vz	Adds vy to vz and puts the result into vx¹.	AB00 0305 – add-double v0, v3, v5 Adds the double value in v5,v6 registers to the double value in v3,v4 registers and places the result in v0,v1 registers.
AC	sub-double vx,vy,vz	Calculates vy-vz and puts the result into vx¹.	AC00 0305 – sub-double v0, v3, v5 Subtracts the value in v5,v6 from the value in v3,v4 and puts the result into v0,v1.
AD	mul-double vx, vy, vz	Multiplies vy with vz and puts the result into vx¹.	AD06 0002 – mul-double v6, v0, v2 Multiplies the double value in v0,v1 with the double value in v2,v3 and puts the result into v6,v7.
AE	div-double vx, vy, vz	Calculates vy/vz and puts the result into vx¹.	AE06 0002 – div-double v6, v0, v2 Divides the double value in v0,v1 with the double value in v2,v3 and puts the result into v6,v7.
AF	rem-double vx,vy,vz	Calculates vy % vz and puts the result into vx¹.	AF06 0002 – rem-double v6, v0, v2 Calculates v0,v1 % v2,v3 and puts the result into v6,v7.
B0	add-int/2addr vx,vy	Adds vy to vx.	B010 – add-int/2addr v0,v1 Adds v1 to v0.
B1	sub-int/2addr vx,vy	Calculates vx-vy and puts the result into vx.	B140 – sub-int/2addr v0, v4 Subtracts v4 from v0 and puts the result into v0.
B2	mul-int/2addr vx,vy	Multiplies vx with vy.	B210 – mul-int/2addr v0, v1 Multiples v0 with v1 and puts the result into v0.
B3	div-int/2addr vx,vy	Divides vx with vy and puts the result into vx.	B310 – div-int/2addr v0, v1 Divides v0 with v1 and puts the result into v0.
B4	rem-int/2addr vx,vy	Calculates vx % vy and puts the result into vx	B410 – rem-int/2addr v0, v1 Calculates v0 % v1 and puts the result into v0.
B5	and-int/2addr vx, vy	Calculates vx AND vy and puts the result into vx.	B510 – and-int/2addr v0, v1 Calculates v0 AND v1 and puts the result into v0.
B6	or-int/2addr vx, vy	Calculates vx OR vy and puts the result into vx.	B610 – or-int/2addr v0, v1 Calculates v0 OR v1 and puts the result into v0.
B7	xor-int/2addr vx, vy	Calculates vx XOR vy and puts the result into vx.	B710 – xor-int/2addr v0, v1 Calculates v0 XOR v1 and puts the result into v0.
B8	shl-int/2addr vx, vy	Shifts vx left by vy positions.	B810 – shl-int/2addr v0, v1 Shift v0 left by v1 positions.
B9	shr-int/2addr vx, vy	Shifts vx right by vy positions.	B910 – shr-int/2addr v0, v1 Shift v0 right by v1 positions.
BA	ushr-int/2addr vx, vy	Unsigned shift right (>>>) vx by the positions specified by vy.	BA10 – ushr-int/2addr v0, v1 Unsigned shift v0 by the positions specified by v1.
BB	add-long/2addr vx,vy	Adds vy to vx¹.	BB20 – add-long/2addr v0, v2 Adds the long value in v2,v3 registers to the long value in v0,v1 registers.
BC	sub-long/2addr vx,vy	Calculates vx-vy and puts the result into vx¹.	BC70 – sub-long/2addr v0, v7 Subtracts the long value in v7,v8 from the long value in v0,v1 and puts the result into v0,v1.
BD	mul-long/2addr vx,vy	Calculates vx*vy and puts the result into vx¹.	BD70 – mul-long/2addr v0, v7 Multiplies the long value in v7,v8 with the long value in v0,v1 and puts the result into v0,v1.
BE	div-long/2addr vx, vy	Calculates vx/vy and puts the result into vx¹.	BE20 – div-long/2addr v0, v2 Divides the long value in v0,v1 with the long value in v2,v3 and puts the result into v0,v1
BF	rem-long/2addr vx,vy	Calculates vx % vy and puts the result into vx¹.	BF20 – rem-long/2addr v0, v2 Calculates v0,v1 % v2,v3 and puts the result into v0,v1
C0	and-long/2addr vx, vy	Calculates vx AND vy and puts the result into vx¹.	C020 – and-long/2addr v0, v2 Calculates v0,v1 OR v2,v3 and puts the result into v0,v1.
C1	or-long/2addr vx, vy	Calculates vx OR vy and puts the result into vx¹.	C120 – or-long/2addr v0, v2 Calculates v0,v1 OR v2,v3 and puts the result into v0,v1.
C2	xor-long/2addr vx, vy	Calculates vx XOR vy and puts the result into vx¹.	C220 – xor-long/2addr v0, v2 Calculates v0,v1 XOR v2,v3 and puts the result into v0,v1.
C3	shl-long/2addr vx, vy	Shifts left the value in vx,vx+1 by the positions specified by vy and stores the result in vx,vx+1.	C320 – shl-long/2addr v0, v2 Shifts left v0,v1 by the positions specified by v2.
C4	shr-long/2addr vx, vy	Shifts right the value in vx,vx+1 by the positions specified by vy and stores the result in vx,vx+1.	C420 – shr-long/2addr v0, v2 Shifts right v0,v1 by the positions specified by v2.
C5	ushr-long/2addr vx, vy	Unsigned shifts right the value in vx,vx+1 by the positions specified by vy and stores the result in vx,vx+1.	C520 – ushr-long/2addr v0, v2 Unsigned shifts right v0,v1 by the positions specified by v2.
C6	add-float/2addr vx,vy	Adds vy to vx.	C640 – add-float/2addr v0,v4 Adds v4 to v0.
C7	sub-float/2addr vx,vy	Calculates vx-vy and stores the result in vx.	C740 – sub-float/2addr v0,v4 Adds v4 to v0.
C8	mul-float/2addr vx, vy	Multiplies vx with vy.	C810 – mul-float/2addr v0, v1 Multiplies v0 with v1.
C9	div-float/2addr vx, vy	Calculates vx/vy and puts the result into vx.	C910 – div-float/2addr v0, v1 Divides v0 with v1 and puts the result into v0.
CA	rem-float/2addr vx,vy	Calculates vx/vy and puts the result into vx.	CA10 – rem-float/2addr v0, v1 Calculates v0 % v1 and puts the result into v0.
CB	add-double/2addr vx, vy	Adds vy to vx¹.	CB70 – add-double/2addr v0, v7 Adds v7 to v0.
CC	sub-double/2addr vx, vy	Calculates vx-vy and puts the result into vx¹.	CC70 – sub-double/2addr v0, v7 Subtracts the value in v7,v8 from the value in v0,v1 and puts the result into v0,v1.
CD	mul-double/2addr vx, vy	Multiplies vx with vy¹.	CD20 – mul-double/2addr v0, v2 Multiplies the double value in v0,v1 with the double value in v2,v3 and puts the result into v0,v1.
CE	div-double/2addr vx, vy	Calculates vx/vy and puts the result into vx¹.	CE20 – div-double/2addr v0, v2 Divides the double value in v0,v1 with the double value in v2,v3 and puts the value into v0,v1.
CF	rem-double/2addr vx,vy	Calculates vx % vy and puts the result into vx¹.	CF20 – rem-double/2addr v0, v2 Calculates v0,v1 % v2,v3 and puts the value into v0,v1.
D0	add-int/lit16 vx,vy,lit16	Adds vy to lit16 and stores the result into vx.	D001 D204 – add-int/lit16 v1, v0, #int 1234 // #04d2 Adds v0 to literal 1234 and stores the result into v1.
D1	sub-int/lit16 vx,vy,lit16	Calculates vy – lit16 and stores the result into vx.	D101 D204 – sub-int/lit16 v1, v0, #int 1234 // #04d2 Calculates v0 – literal 1234 and stores the result into v1.
D2	mul-int/lit16 vx,vy,lit16	Calculates vy * lit16 and stores the result into vx.	D201 D204 – mul-int/lit16 v1, v0, #int 1234 // #04d2 Calculates v0 * literal 1234 and stores the result into v1.
D3	div-int/lit16 vx,vy,lit16	Calculates vy / lit16 and stores the result into vx.	D301 D204 – div-int/lit16 v1, v0, #int 1234 // #04d2 Calculates v0 / literal 1234 and stores the result into v1.
D4	rem-int/lit16 vx,vy,lit16	Calculates vy % lit16 and stores the result into vx.	D401 D204 – rem-int/lit16 v1, v0, #int 1234 // #04d2 Calculates v0 % literal 1234 and stores the result into v1.
D5	and-int/lit16 vx,vy,lit16	Calculates vy AND lit16 and stores the result into vx.	D501 D204 – and-int/lit16 v1, v0, #int 1234 // #04d2 Calculates v0 AND literal 1234 and stores the result into v1.
D6	or-int/lit16 vx,vy,lit16	Calculates vy OR lit16 and stores the result into vx.	D601 D204 – or-int/lit16 v1, v0, #int 1234 // #04d2 Calculates v0 OR literal 1234 and stores the result into v1.
D7	xor-int/lit16 vx,vy,lit16	Calculates vy XOR lit16 and stores the result into vx.	D701 D204 – xor-int/lit16 v1, v0, #int 1234 // #04d2 Calculates v0 XOR literal 1234 and stores the result into v1.
D8	add-int/lit8 vx,vy,lit8	Adds vy to lit8 and stores the result into vx.	D800 0201 – add-int/lit8 v0,v2, #int1 Adds literal 1 to v2 and stores the result into v0.
D9	sub-int/lit8 vx,vy,lit8	Calculates vy-lit8 and stores the result into vx.	D900 0201 – sub-int/lit8 v0,v2, #int1 Calculates v2-1 and stores the result into v0.
DA	mul-int/lit-8 vx,vy,lit8	Multiplies vy with lit8 8-bit literal constant and puts the result into vx.	DA00 0002 – mul-int/lit8 v0,v0, #int2 Multiplies v0 with literal 2 and puts the result into v0.
DB	div-int/lit8 vx,vy,lit8	Calculates vy/lit8 and stores the result into vx.	DB00 0203 – mul-int/lit8 v0,v2, #int3 Calculates v2/3 and stores the result into v0.
DC	rem-int/lit8 vx,vy,lit8	Calculates vy % lit8 and stores the result into vx.	DC00 0203 – rem-int/lit8 v0,v2, #int3 Calculates v2 % 3 and stores the result into v0.
DD	and-int/lit8 vx,vy,lit8	Calculates vy AND lit8 and stores the result into vx.	DD00 0203 – and-int/lit8 v0,v2, #int3 Calculates v2 AND 3 and stores the result into v0.
DE	or-int/lit8 vx, vy, lit8	Calculates vy OR lit8 and puts the result into vx.	DE00 0203 – or-int/lit8 v0, v2, #int 3 Calculates v2 OR literal 3 and puts the result into v0.
DF	xor-int/lit8 vx, vy, lit8	Calculates vy XOR lit8 and puts the result into vx.	DF00 0203 \| 0008: xor-int/lit8 v0, v2, #int 3 Calculates v2 XOR literal 3 and puts the result into v0.
E0	shl-int/lit8 vx, vy, lit8	Shift v0 left by the bit positions specified by the literal constant and put the result into vx.	E001 0001 – shl-int/lit8 v1, v0, #int 1 Shift v0 left by 1 position and put the result into v1.
E1	shr-int/lit8 vx, vy, lit8	Shift v0 right by the bit positions specified by the literal constant and put the result into vx.	E101 0001 – shr-int/lit8 v1, v0, #int 1 Shift v0 right by 1 position and put the result into v1.
E2	ushr-int/lit8 vx, vy, lit8	Unsigned right shift of v0 (>>>) by the bit positions specified by the literal constant and put the result into vx.	E201 0001 – ushr-int/lit8 v1, v0, #int 1 Unsigned shift v0 right by 1 position and put the result into v1.
E3	unused_E3
E4	unused_E4
E5	unused_E5
E6	unused_E6
E7	unused_E7
E8	unused_E8
E9	unused_E9
EA	unused_EA
EB	unused_EB
EC	unused_EC
ED	unused_ED
EE	execute-inline {parameters},inline ID	Executes the inline method identified by inline ID⁶.	EE20 0300 0100 – execute-inline {v1, v0}, inline #0003 Executes inline method #3 using v1 as “this” and passing one parameter in v0.
EF	unused_EF
F0	invoke-direct-empty	Stands as a placeholder for pruned empty methods like Object.<init>. This acts as nop during normal execution⁶.	F010 F608 0000 – invoke-direct-empty {v0}, Ljava/lang/Object;.<init>:()V // method@08f6 Replacement for the empty method java/lang/Object;<init>.
F1	unused_F1
F2	iget-quick vx,vy,offset	Gets the value stored at offset in vy instance’s data area to vx⁶.	F221 1000 – iget-quick v1, v2, [obj+0010] Gets the value at offset 0CH of the instance pointed by v2 and stores the object reference in v1.
F3	iget-wide-quick vx,vy,offset	Gets the object reference value stored at offset in vy instance’s data area to vx,vx+1⁶.	F364 3001 – iget-wide-quick v4, v6, [obj+0130] Gets the value at offset 130H of the instance pointed by v6 and stores the object reference in v4,v5.
F4	iget-object-quick vx,vy,offset	Gets the object reference value stored at offset in vy instance’s data area to vx⁶.	F431 0C00 – iget-object-quick v1, v3, [obj+000c] Gets the object reference value at offset 0CH of the instance pointed by v3 and stores the object reference in v1.
F5	iput-quick vx,vy,offset	Puts the value stored in vx to offset in vy instance’s data area⁶.	F521 1000 – iput-quick v1, v2, [obj+0010] Puts the object reference value in v1 to offset 10H of the instance pointed by v2.
F6	iput-wide-quick vx,vy,offset	Puts the value stored in vx,vx+1 to offset in vy instance’s data area⁶.	F652 7001 – iput-wide-quick v2, v5, [obj+0170] Puts the value in v2,v3 to offset 170H of the instance pointed by v5.
F7	iput-object-quick vx,vy,offset	Puts the object reference value stored in vx to offset in vy instance’s data area to vx⁶.	F701 4C00 – iput-object-quick v1, v0, [obj+004c] Puts the object reference value in v1 to offset 0CH of the instance pointed by v3.
F8	invoke-virtual-quick {parameters},vtable offset	Invokes a virtual method using the vtable of the target object⁶.	F820 B800 CF00 – invoke-virtual-quick {v15, v12}, vtable #00b8 Invokes a virtual method. The target object instance is pointed by v15 and vtable entry #B8 points to the method to be called. v12 is a parameter to the method call.
F9	invoke-virtual-quick/range {parameter range},vtable offset	Invokes a virtual method using the vtable of the target object⁶	F906 1800 0000 – invoke-virtual-quick/range {v0..v5},vtable #0018 Invokes a method using the vtable of the instance pointed by v0. v1..v5 registers are parameters to the method call.
FA	invoke-super-quick {parameters},vtable offset	Invokes a virtual method in the target object’s immediate parent class using the vtable of that parent class⁶.	FA40 8100 3254 – invoke-super-quick {v2, v3, v4, v5}, vtable #0081 Invokes a method using the vtable of the immediate parent class of instance pointed by v2. v3, v4 and v5 registers are parameters to the method call.
FB	invoke-super-quick/range {register range},vtable offset	Invokes a virtual method in the target object’s immediate parent class using the vtable of that parent class⁶.	F906 1B00 0000 – invoke-super-quick/range {v0..v5}, vtable #001b Invokes a method using the vtable of the immediate parent class of instance pointed by v0. v1..v5 registers are parameters to the method call.
FC	unused_FC
FD	unused_FD
FE	unused_FE
FF	unused_FF

Note that double and long values occupy two registers (e.g. the value addressed by vy is located in vy and vy+1 registers)
The offset can be positive or negative and it is calculated from the offset of the starting byte of the instruction. The offset is always interpreted in words (2 bytes per 1 offset value increment/decrement). Negative offset is stored in two’s complement format. The current position is the offset of the starting byte of the instruction.
Compare operations returrn positive value if the first operand is greater than the second operand, 0 if they are equal and negative value if the first operand is smaller than the second operand.
Not seen in the wild, interpolated from Dalvik bytecode list.
The invocation parameter list encoding is somewhat weird. Starting if parameter number > 4 and parameter number % 4 == 1, the 5th (9th, etc.) parameter is encoded on the 4 lowest bit of the byte immediately following the instruction. Curiously, this encoding is not used in case of 1 parameter, in this case an entire 16 bit word is added after the method index of which only 4 bit is used to encode the single parameter while the lowest 4 bit of the byte following the instruction byte is left unused.
This is an unsafe instruction and occurs only in ODEX files.

JVM指令集及各指令的详细使用说明[转的]

指令码 助记符    说明  
0x00 nop      什么都不做  
0x01 aconst_null 将null推送至栈顶  
0x02 iconst_m1   将int型-1推送至栈顶  
0x03 iconst_0   将int型0推送至栈顶  
0x04 iconst_1   将int型1推送至栈顶  
0x05 iconst_2   将int型2推送至栈顶  
0x06 iconst_3   将int型3推送至栈顶  
0x07 iconst_4   将int型4推送至栈顶  
0x08 iconst_5   将int型5推送至栈顶  
0x09 lconst_0   将long型0推送至栈顶  
0x0a lconst_1   将long型1推送至栈顶  
0x0b fconst_0   将float型0推送至栈顶  
0x0c fconst_1   将float型1推送至栈顶  
0x0d fconst_2   将float型2推送至栈顶  
0x0e dconst_0   将double型0推送至栈顶  
0x0f dconst_1   将double型1推送至栈顶  
0x10 bipush    将单字节的常量值(-128~127)推送至栈顶  
0x11 sipush    将一个短整型常量值(-32768~32767)推送至栈顶  
0x12 ldc      将int, float或String型常量值从常量池中推送至栈顶  
0x13 ldc_w     将int, float或String型常量值从常量池中推送至栈顶（宽索引）  
0x14 ldc2_w    将long或double型常量值从常量池中推送至栈顶（宽索引）  
0x15 iload     将指定的int型本地变量推送至栈顶  
0x16 lload     将指定的long型本地变量推送至栈顶  
0x17 fload     将指定的float型本地变量推送至栈顶  
0x18 dload     将指定的double型本地变量推送至栈顶  
0x19 aload     将指定的引用类型本地变量推送至栈顶  
0x1a iload_0    将第一个int型本地变量推送至栈顶  
0x1b iload_1    将第二个int型本地变量推送至栈顶  
0x1c iload_2    将第三个int型本地变量推送至栈顶  
0x1d iload_3    将第四个int型本地变量推送至栈顶  
0x1e lload_0    将第一个long型本地变量推送至栈顶  
0x1f lload_1    将第二个long型本地变量推送至栈顶  
0x20 lload_2    将第三个long型本地变量推送至栈顶  
0x21 lload_3    将第四个long型本地变量推送至栈顶  
0x22 fload_0    将第一个float型本地变量推送至栈顶  
0x23 fload_1    将第二个float型本地变量推送至栈顶  
0x24 fload_2    将第三个float型本地变量推送至栈顶  
0x25 fload_3    将第四个float型本地变量推送至栈顶  
0x26 dload_0    将第一个double型本地变量推送至栈顶  
0x27 dload_1    将第二个double型本地变量推送至栈顶  
0x28 dload_2    将第三个double型本地变量推送至栈顶  
0x29 dload_3    将第四个double型本地变量推送至栈顶  
0x2a aload_0    将第一个引用类型本地变量推送至栈顶  
0x2b aload_1    将第二个引用类型本地变量推送至栈顶  
0x2c aload_2    将第三个引用类型本地变量推送至栈顶  
0x2d aload_3    将第四个引用类型本地变量推送至栈顶  
0x2e iaload    将int型数组指定索引的值推送至栈顶  
0x2f laload    将long型数组指定索引的值推送至栈顶  
0x30 faload    将float型数组指定索引的值推送至栈顶  
0x31 daload    将double型数组指定索引的值推送至栈顶  
0x32 aaload    将引用型数组指定索引的值推送至栈顶  
0x33 baload    将boolean或byte型数组指定索引的值推送至栈顶  
0x34 caload    将char型数组指定索引的值推送至栈顶  
0x35 saload    将short型数组指定索引的值推送至栈顶  
0x36 istore    将栈顶int型数值存入指定本地变量  
0x37 lstore    将栈顶long型数值存入指定本地变量  
0x38 fstore    将栈顶float型数值存入指定本地变量  
0x39 dstore    将栈顶double型数值存入指定本地变量  
0x3a astore    将栈顶引用型数值存入指定本地变量  
0x3b istore_0   将栈顶int型数值存入第一个本地变量  
0x3c istore_1   将栈顶int型数值存入第二个本地变量  
0x3d istore_2   将栈顶int型数值存入第三个本地变量  
0x3e istore_3   将栈顶int型数值存入第四个本地变量  
0x3f lstore_0   将栈顶long型数值存入第一个本地变量  
0x40 lstore_1   将栈顶long型数值存入第二个本地变量  
0x41 lstore_2   将栈顶long型数值存入第三个本地变量  
0x42 lstore_3   将栈顶long型数值存入第四个本地变量  
0x43 fstore_0   将栈顶float型数值存入第一个本地变量  
0x44 fstore_1   将栈顶float型数值存入第二个本地变量  
0x45 fstore_2   将栈顶float型数值存入第三个本地变量  
0x46 fstore_3   将栈顶float型数值存入第四个本地变量  
0x47 dstore_0   将栈顶double型数值存入第一个本地变量  
0x48 dstore_1   将栈顶double型数值存入第二个本地变量  
0x49 dstore_2   将栈顶double型数值存入第三个本地变量  
0x4a dstore_3   将栈顶double型数值存入第四个本地变量  
0x4b astore_0   将栈顶引用型数值存入第一个本地变量  
0x4c astore_1   将栈顶引用型数值存入第二个本地变量  
0x4d astore_2   将栈顶引用型数值存入第三个本地变量  
0x4e astore_3   将栈顶引用型数值存入第四个本地变量  
0x4f iastore    将栈顶int型数值存入指定数组的指定索引位置  
0x50 lastore    将栈顶long型数值存入指定数组的指定索引位置  
0x51 fastore    将栈顶float型数值存入指定数组的指定索引位置  
0x52 dastore    将栈顶double型数值存入指定数组的指定索引位置  
0x53 aastore    将栈顶引用型数值存入指定数组的指定索引位置  
0x54 bastore    将栈顶boolean或byte型数值存入指定数组的指定索引位置  
0x55 castore    将栈顶char型数值存入指定数组的指定索引位置  
0x56 sastore    将栈顶short型数值存入指定数组的指定索引位置  
0x57 pop      将栈顶数值弹出 (数值不能是long或double类型的)  
0x58 pop2     将栈顶的一个（long或double类型的)或两个数值弹出（其它）  
0x59 dup      复制栈顶数值并将复制值压入栈顶  
0x5a dup_x1    复制栈顶数值并将两个复制值压入栈顶  
0x5b dup_x2    复制栈顶数值并将三个（或两个）复制值压入栈顶  
0x5c dup2     复制栈顶一个（long或double类型的)或两个（其它）数值并将复制值压入栈顶  
0x5d dup2_x1    <待补充>  
0x5e dup2_x2    <待补充>  
0x5f swap     将栈最顶端的两个数值互换(数值不能是long或double类型的)  
0x60 iadd     将栈顶两int型数值相加并将结果压入栈顶  
0x61 ladd     将栈顶两long型数值相加并将结果压入栈顶  
0x62 fadd     将栈顶两float型数值相加并将结果压入栈顶  
0x63 dadd     将栈顶两double型数值相加并将结果压入栈顶  
0x64 isub     将栈顶两int型数值相减并将结果压入栈顶  
0x65 lsub     将栈顶两long型数值相减并将结果压入栈顶  
0x66 fsub     将栈顶两float型数值相减并将结果压入栈顶  
0x67 dsub     将栈顶两double型数值相减并将结果压入栈顶  
0x68 imul     将栈顶两int型数值相乘并将结果压入栈顶  
0x69 lmul     将栈顶两long型数值相乘并将结果压入栈顶  
0x6a fmul     将栈顶两float型数值相乘并将结果压入栈顶  
0x6b dmul     将栈顶两double型数值相乘并将结果压入栈顶  
0x6c idiv     将栈顶两int型数值相除并将结果压入栈顶  
0x6d ldiv     将栈顶两long型数值相除并将结果压入栈顶  
0x6e fdiv     将栈顶两float型数值相除并将结果压入栈顶  
0x6f ddiv     将栈顶两double型数值相除并将结果压入栈顶  
0x70 irem     将栈顶两int型数值作取模运算并将结果压入栈顶  
0x71 lrem     将栈顶两long型数值作取模运算并将结果压入栈顶  
0x72 frem     将栈顶两float型数值作取模运算并将结果压入栈顶  
0x73 drem     将栈顶两double型数值作取模运算并将结果压入栈顶  
0x74 ineg     将栈顶int型数值取负并将结果压入栈顶  
0x75 lneg     将栈顶long型数值取负并将结果压入栈顶  
0x76 fneg     将栈顶float型数值取负并将结果压入栈顶  
0x77 dneg     将栈顶double型数值取负并将结果压入栈顶  
0x78 ishl     将int型数值左移位指定位数并将结果压入栈顶  
0x79 lshl     将long型数值左移位指定位数并将结果压入栈顶  
0x7a ishr     将int型数值右（符号）移位指定位数并将结果压入栈顶  
0x7b lshr     将long型数值右（符号）移位指定位数并将结果压入栈顶  
0x7c iushr     将int型数值右（无符号）移位指定位数并将结果压入栈顶  
0x7d lushr     将long型数值右（无符号）移位指定位数并将结果压入栈顶  
0x7e iand     将栈顶两int型数值作“按位与”并将结果压入栈顶  
0x7f land     将栈顶两long型数值作“按位与”并将结果压入栈顶  
0x80 ior      将栈顶两int型数值作“按位或”并将结果压入栈顶  
0x81 lor      将栈顶两long型数值作“按位或”并将结果压入栈顶  
0x82 ixor     将栈顶两int型数值作“按位异或”并将结果压入栈顶  
0x83 lxor     将栈顶两long型数值作“按位异或”并将结果压入栈顶  
0x84 iinc     将指定int型变量增加指定值（i++, i--, i+=2）  
0x85 i2l      将栈顶int型数值强制转换成long型数值并将结果压入栈顶  
0x86 i2f      将栈顶int型数值强制转换成float型数值并将结果压入栈顶  
0x87 i2d      将栈顶int型数值强制转换成double型数值并将结果压入栈顶  
0x88 l2i      将栈顶long型数值强制转换成int型数值并将结果压入栈顶  
0x89 l2f      将栈顶long型数值强制转换成float型数值并将结果压入栈顶  
0x8a l2d      将栈顶long型数值强制转换成double型数值并将结果压入栈顶  
0x8b f2i      将栈顶float型数值强制转换成int型数值并将结果压入栈顶  
0x8c f2l      将栈顶float型数值强制转换成long型数值并将结果压入栈顶  
0x8d f2d      将栈顶float型数值强制转换成double型数值并将结果压入栈顶  
0x8e d2i      将栈顶double型数值强制转换成int型数值并将结果压入栈顶  
0x8f d2l      将栈顶double型数值强制转换成long型数值并将结果压入栈顶  
0x90 d2f      将栈顶double型数值强制转换成float型数值并将结果压入栈顶  
0x91 i2b      将栈顶int型数值强制转换成byte型数值并将结果压入栈顶  
0x92 i2c      将栈顶int型数值强制转换成char型数值并将结果压入栈顶  
0x93 i2s      将栈顶int型数值强制转换成short型数值并将结果压入栈顶  
0x94 lcmp     比较栈顶两long型数值大小，并将结果（1，0，-1）压入栈顶  
0x95 fcmpl     比较栈顶两float型数值大小，并将结果（1，0，-1）压入栈顶；当其中一个数值为NaN时，将-1压入栈顶  
0x96 fcmpg     比较栈顶两float型数值大小，并将结果（1，0，-1）压入栈顶；当其中一个数值为NaN时，将1压入栈顶  
0x97 dcmpl     比较栈顶两double型数值大小，并将结果（1，0，-1）压入栈顶；当其中一个数值为NaN时，将-1压入栈顶  
0x98 dcmpg     比较栈顶两double型数值大小，并将结果（1，0，-1）压入栈顶；当其中一个数值为NaN时，将1压入栈顶  
0x99 ifeq     当栈顶int型数值等于0时跳转  
0x9a ifne     当栈顶int型数值不等于0时跳转  
0x9b iflt     当栈顶int型数值小于0时跳转  
0x9c ifge     当栈顶int型数值大于等于0时跳转  
0x9d ifgt     当栈顶int型数值大于0时跳转  
0x9e ifle     当栈顶int型数值小于等于0时跳转  
0x9f if_icmpeq   比较栈顶两int型数值大小，当结果等于0时跳转  
0xa0 if_icmpne   比较栈顶两int型数值大小，当结果不等于0时跳转  
0xa1 if_icmplt   比较栈顶两int型数值大小，当结果小于0时跳转  
0xa2 if_icmpge   比较栈顶两int型数值大小，当结果大于等于0时跳转  
0xa3 if_icmpgt   比较栈顶两int型数值大小，当结果大于0时跳转  
0xa4 if_icmple   比较栈顶两int型数值大小，当结果小于等于0时跳转  
0xa5 if_acmpeq   比较栈顶两引用型数值，当结果相等时跳转  
0xa6 if_acmpne   比较栈顶两引用型数值，当结果不相等时跳转  
0xa7 goto     无条件跳转  
0xa8 jsr      跳转至指定16位offset位置，并将jsr下一条指令地址压入栈顶  
0xa9 ret      返回至本地变量指定的index的指令位置（一般与jsr, jsr_w联合使用）  
0xaa tableswitch    用于switch条件跳转，case值连续（可变长度指令）  
0xab lookupswitch   用于switch条件跳转，case值不连续（可变长度指令）  
0xac ireturn    从当前方法返回int  
0xad lreturn    从当前方法返回long  
0xae freturn    从当前方法返回float  
0xaf dreturn    从当前方法返回double  
0xb0 areturn    从当前方法返回对象引用  
0xb1 return    从当前方法返回void  
0xb2 getstatic   获取指定类的静态域，并将其值压入栈顶  
0xb3 putstatic   为指定的类的静态域赋值  
0xb4 getfield   获取指定类的实例域，并将其值压入栈顶  
0xb5 putfield   为指定的类的实例域赋值  
0xb6 invokevirtual   调用实例方法  
0xb7 invokespecial   调用超类构造方法，实例初始化方法，私有方法  
0xb8 invokestatic   调用静态方法  
0xb9 invokeinterface 调用接口方法  
0xba --  
0xbb new      创建一个对象，并将其引用值压入栈顶  
0xbc newarray   创建一个指定原始类型（如int, float, char…）的数组，并将其引用值压入栈顶  
0xbd anewarray   创建一个引用型（如类，接口，数组）的数组，并将其引用值压入栈顶  
0xbe arraylength 获得数组的长度值并压入栈顶  
0xbf athrow    将栈顶的异常抛出  
0xc0 checkcast   检验类型转换，检验未通过将抛出ClassCastException  
0xc1 instanceof 检验对象是否是指定的类的实例，如果是将1压入栈顶，否则将0压入栈顶  
0xc2 monitorenter   获得对象的锁，用于同步方法或同步块  
0xc3 monitorexit    释放对象的锁，用于同步方法或同步块  
0xc4 wide     <待补充>  
0xc5 multianewarray 创建指定类型和指定维度的多维数组（执行该指令时，操作栈中必须包含各维度的长度值），并将其引用值压入栈顶  
0xc6 ifnull    为null时跳转  
0xc7 ifnonnull   不为null时跳转  
0xc8 goto_w    无条件跳转（宽索引）  
0xc9 jsr_w     跳转至指定32位offset位置，并将jsr_w下一条指令地址压入栈顶

.method private static a(J)I
    .locals 12
    const-wide/16 v4, 0x0  ## v4v5 == 0;
    const/4 v11, 0x3
    const/16 v10, 0x8
    const/4 v0, 0x0
    invoke-static {p0, p1}, Ljava/lang/String;->valueOf(J)Ljava/lang/String;
    move-result-object v1
    invoke-virtual {v1}, Ljava/lang/String;->length()I
    move-result v3  ## v3 = Ljava/lang/String;->length()I
    if-le v3, v10, :cond_1    ## if (i <= 8) goto :cond_1; 长度大于8就返回0
    :cond_0
    :goto_0
    return v0
    :cond_1
    const/16 v2, 0x9
    new-array v6, v2, [C  ## char v6_charArray = new char[9];
    new-array v7, v10, [I  ## int v7_intArray = new int[8];
    invoke-virtual {v1, v0, v3, v6, v0}, Ljava/lang/String;->getChars(II[CI)V
    rsub-int/lit8 v1, v3, 0x8  ## rsub-int/lit8 is reverse sub ? v1 = 0x8 - v3
    move v2, v0    ## v2 = 0
    :goto_1            ## a loop starts.-----循环开始。作用：字符串十进制逐字转为整数。
    
    if-ge v2, v3, :cond_2  ##  v2 = 0, v3 = Ljava/lang/String;->length()I 全部走完了自然走出循环，接着下句执行。
    
    aget-char v8, v6, v2  ## v8 = v6[v2] = v6_charArray[v2_indexFrom0];
    add-int/lit8 v8, v8, -0x30  ## v8 -= '0';
    
    const/16 v9, 0xa
    if-ge v8, v9, :cond_0  ## if(v8 >= 10) goto :cond_0 and return v0; 直接返回。
    
    aget-char v8, v6, v2    ## v8 = v6[v2] = v6_charArray[v2_indexFrom0];
    add-int/lit8 v8, v8, -0x30    ## v8 -= '0';
    aput v8, v7, v1    ## v7[v1] = v7_intArray[v1_indexFrom8_Sub_length] = v8;
    
    add-int/lit8 v2, v2, 0x1    ## v2_indexFrom0 += 1;
    add-int/lit8 v1, v1, 0x1    ## v1_indexFrom8_Sub_length += 1;
    
    goto :goto_1    ## a loop ends.----------循环结束。
    
    :cond_2
    move v1, v0 ## v1 = 0;  v1_indexOfv7_intArray
    move-wide v2, v4    ## v2 = 0; long v2v3 = 0;
    :goto_2 ## a loop starts.---------循环开始。作用：计算v7_intArray中前3个的和，放到v2v3
    if-ge v1, v11, :cond_3 ## if(v1_indexOfv7_intArray >= 3) goto :cond_3; 
    aget v6, v7, v1  ## v6 = v7_intArray[v1_indexOfv7_intArray]; v6_charArray已经释放等待gc了
    int-to-long v8, v6  ## v8v9 = v6;
    add-long/2addr v2, v8  ## v2v3 +=v8v9; long型相加，寄存器扩展了。
    add-int/lit8 v1, v1, 0x1  ## v1_indexOfv7_intArray += 1;
    goto :goto_2 ## a loop ends.----------循环结束。
    :cond_3
    cmp-long v4, v2, v4  ## v4 是long比较v2v3和v4v5的结果
    if-eqz v4, :cond_0    ## 相等返回v0(0);
    :goto_3 ## a loop starts.---------循环开始。作用：接着上面的，计算v7_intArray中后面5个的和，追加到2v3
    if-ge v1, v10, :cond_4 ##  if(v1_indexOfv7_intArray >= 8) goto :cond_4; 
    aget v4, v7, v1
    int-to-long v4, v4
    add-long/2addr v2, v4
    add-int/lit8 v1, v1, 0x1
    goto :goto_3 ## a loop ends.----------循环结束。
    :cond_4
    aget v0, v7, v0 ## 下面就简单了，一条路直通，就是纯计算。
    int-to-long v0, v0
    const-wide/16 v4, 0x6e7
    mul-long/2addr v0, v4
    add-long/2addr v0, v2
    const/4 v2, 0x1
    aget v2, v7, v2
    int-to-long v2, v2
    add-long/2addr v0, v2
    const/4 v2, 0x2
    aget v2, v7, v2
    int-to-long v2, v2
    const-wide/16 v4, 0x17
    mul-long/2addr v2, v4
    const-wide/32 v4, 0xfde9
    mul-long/2addr v2, v4
    add-long/2addr v0, v2
    aget v2, v7, v11
    int-to-long v2, v2
    const-wide/16 v4, 0x5
    mul-long/2addr v2, v4
    add-long/2addr v0, v2
    const/4 v2, 0x4
    aget v2, v7, v2
    int-to-long v2, v2
    const-wide/32 v4, 0x842f3
    mul-long/2addr v2, v4
    add-long/2addr v0, v2
    const/4 v2, 0x5
    aget v2, v7, v2
    int-to-long v2, v2
    const-wide/16 v4, 0xc5
    mul-long/2addr v2, v4
    add-long/2addr v0, v2
    const/4 v2, 0x6
    aget v2, v7, v2
    int-to-long v2, v2
    const-wide/16 v4, 0x11
    mul-long/2addr v2, v4
    add-long/2addr v0, v2
    const/4 v2, 0x7
    aget v2, v7, v2
    int-to-long v2, v2
    const-wide/32 v4, 0x801d
    mul-long/2addr v2, v4
    add-long/2addr v0, v2
    mul-long/2addr v0, v0
    const-wide v2, 0xffffffffL
    and-long/2addr v0, v2
    const-wide/16 v2, 0x200
    div-long/2addr v0, v2
    const-wide/16 v2, 0x26a9
    rem-long/2addr v0, v2
    const-wide/16 v2, 0x65
    add-long/2addr v0, v2
    const-wide/32 v2, 0xffff
    and-long/2addr v0, v2
    long-to-int v0, v0
    goto/16 :goto_0
.end method

posted @ 2014-06-11 22:34 山岚的一缺阅读(19844) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

smali语句类的静态成员查看，invoke-virtual、invoke-direct、invoke-super解释

smali举例：

语法

Stack

Example

Exceptions

Stack

Example

Exceptions

7.7 Invoking Methods

7.8 Working with Class Instances

java

Bytecode for the Dalvik VM

Dalvik opcodes

JVM指令集及各指令的详细使用说明[转的]

公告