FORUMS
Remove All Ads from XDA

[GUIDE] Smali coding guide for beginners

208 posts
Thanks Meter: 355
 
By havocgb, Senior Member on 16th March 2013, 08:39 PM
Post Reply Email Thread
BEGINNER'S GUIDE TO SMALI CODING OF SYSTEMUI
Presenting to you a beginners guide to smali coding. This thread would focus specifically on SystemUI modding. Please keep questions related to other apks out of this thread.

Disclaimer

Quote:

This guide is provided "as is" with no warranties with regard to the accuracy and completeness of the information provided herein. I am not responsible for any bad outcomes you or anyone may have because you followed this guide. When I say beginners, I expect you to have
- Knowledge of some programming language (C,java,etc)
- An inquisitive mind to try things out
- The patience to first google and try to find answers to simple questions


Background

Quote:

I was also a noob at smali coding till few weeks back. What I have learnt through hours of google searching, reading over the internet, figuring things out and experimenting, I will try to write it up in this guide so that it becomes easier for other beginners to get into systemUI smali coding. This guide won't be just a copy paste guide to get certain mods to work in your systemUI. Rather it should get you started to write your own smali codes and edit systemUI. Lastly, I have limited knowledge on smali currently but I'll try to clarigy doubts as much as possible and I sincerely wish that the great devs around who knows smali coding would join up and help make this thread better and I certainly hope that we all get to learn more smali through this thread.


Ok cut the crap. Lets get to the real thing.

If you already know what is smali - goto : post_2
If you already know smaling and baksmaling - goto : post_3
If you just wanna know how to implement the my mod (right finger pull for quick panel toggles) of Serajr's JB like SystemUI - goto : post_4
If you already do smali coding and would like some tips to make life easier - goto : post_6

What is smali?
Android programmers write android apps in java. The compilers like eclipse are then used to build apks from these codes by converting the java source code into dalvik executables (.dex files). The dalvik virtual machine (dalvikvm) in Android can then run these executables. So the perfect way to mod systemUI would be to edit the source code of the systemUI and build the modded systemUI. This is possible for AOSP ROMs like cyanogenmod. So anyone who knows java can download the source code of cyanogenmod, do any crazy modification they want and build CM with the new systemUI. This is all possible because the CM is open source. But unfortunately the OEM Roms like Xperia, Sense, etc are not open source as far as I know. So their source code is not available.

But their dex files are available which would be in a totally unreadable. So to edit it we need to convert this .dex files to a more understandable form. This is where smali comes in. To make it easier to understand I can represent it like this:

.dex <------------------> .smali <--------------------- java source code

Converting a .dex file to smali (called baksmaling) gives us readable code in smali language. Now if you wonder why can't smali be converted into java source, that's because java is a very developed language and smali is more of an assembly based language. And so while going from java source to smali information is lost and that's why smali can't be used to completely reconstruct java source code
The Following 107 Users Say Thank You to havocgb For This Useful Post: [ View ] Gift havocgb Ad-Free
 
 
16th March 2013, 08:40 PM |#2  
havocgb's Avatar
OP Senior Member
Flag Whiterun
Thanks Meter: 355
 
More
How to baksmali SystemUI.apk?
So let us first decode and obtain the smali code from the SystemUI.apk in your phone.

APK Multi-tool: There are many tools out there that can baksmali apks and later recompile them back after you edit the .smali files. I used APK Multi-tool for this purpose and I would say it works really well with SystemUI.apk as the tool handles system apps separately and has a comparatively more decent UI. I used Windows Version v1.0.11

(Don't forget to give thanks to the people who made these tools if these come in handy for you!)

I - Setting up APK Multi-Tool
  1. Download and extract it
  2. Now from your phone copy framework-res.apk from /system/framework and SystemUI.apk from /system/app and paste it in <folder to which you extracted APK-Multitool>\other. Also copy SemcGenericUxpRes.apk from /system/framework. You will need it later. SemcGenericUxpRes.apk is only for Sony stock based ROMs. For ROMs from other OEMs the corresponding file may have different name and/or location
  3. Run Setup.bat (I think it needs to be run as administrator)
  4. Choose option 2. And from there choose the option to install framework-res.apk and SystemUI.apk. After both are installed return to main menu
  5. Choose option 3 to setup directories
  6. Choose 00 to quit



Now that we have APK Multi-Tool setup for use let us do some baksmaling

II - Decompiling and Baksmaling
  1. Run Script.bat (In case you face problems try running it as administrator. But you probably wouldn't need to unless you extracted all this somewhere in your main windows partition)
  2. Place the apk to be modded in 'place-apk-here-for-modding' folder
  3. Choose option 10 in APK Multi-Tool command window
  4. When it asks for the dependee apk as input drag and drop SemcGenericUxpRes.apk you took from your phone earlier at the command input
  5. If all goes well you would return to the main screen. Don't close the script yet. Back at the APK Multi-tool\projects folder you should find a new folder inside which you would find a folder named smali. This folder has all the required smali files

DON'T CLOSE THE SCRIPT YET
The script needs to be open from baksmaling and needs to stay till you smali it again. If you close it in between you will have to start over again

Trouble?
  • Try running the scripts as administrator if you get errors
  • Make sure you have java installed (Latest version recommended. I've used APK MultiTool with v1.6 and 1.7). Open command prompt (Type cmd in run to open command prompt) and type in java. If it says something similar to unknown command, that means you either don't have properly working java or you haven't added java to the command line path. Here is how to add it. The method explained for Vista worked in my Windows 7 laptop
  • If you get an error similar to wrong dependee then try this. Goto %userprofile%/apktool/framework. You must already be having 1.apk there if you successfully installed framework-res.apk in step I.4 above. Just copy and paste it again in that same folder as a copy (don't overwrite the first 1.apk) and rename this copy to 2.apk and try baksmaling again

III - Coding
This is where the actual work happens. As far as I have understood each class in the java source code would make a seperate smali file. Suppose there is a PhoneStatusBar class in the actual SystemUI source code you will find a PhoneStatusBar.smali somewhere in the smali folder APK Multi-Tool just made. If there was one sub class in the PhoneStatusBar class then that would result in a PhoneStatusBar$1.smali and so on. So you need to figure out which file to edit and do it using any text editor. More help on that in the next post

IV - Smaling and Recompiling
After you finished editing all the smali files and xmls and pngs next the whole thing needs to be smalied and then recompiled into the final apk.
  1. From the APK Multi-tool script choose option 11.
  2. When it asks about y/n enter y
  3. You would now find a new folder named keep in the APK Multi-Tool directory. From that folder delete everything that you changed. Obviously you won't find any smali files as they have already been smalied into dex. So if you made changes in any smali file then delete the .dex file in this folder. If you have made changes in any xml then delete the resources.arsc and also the xml file that you changed. Delete any png or any other file you have changed
  4. Go back to the script and press any key to continue
  5. If all goes well you would now have the modded apk waiting for you in the 'place-apk-here-for-modding' folder with its unsigned added to its file name.

Trouble?
  • Try running the scripts as administrator if you get errors
  • In the main window type in option 23 to check the log. Try to figure out what you messed up from the information in the log.
The Following 43 Users Say Thank You to havocgb For This Useful Post: [ View ] Gift havocgb Ad-Free
16th March 2013, 08:40 PM |#3  
havocgb's Avatar
OP Senior Member
Flag Whiterun
Thanks Meter: 355
 
More
Welcome to the world of smali coding!

Smali is not an easy programming language to master. You can get info about almost all smali commands here and here. These two links are excellent references for you all along the way! Here I'll go through some of the facts about smali and some of the things that I have found which might help you in writing your own smali code

Quote:

As far as I know Smali resembles java the most. And the best resource to java in android programming is nothing else than developer.android.com

Quote:

As I said earlier its not possible to reconstruct java source code from smali. But this handy tool APK_OneClick would still get you as close to the source code as possible. That said don't expect to get a compilable code out of it. Set up is pretty straight forward. Running the bat file adds few shell extensions to the right click menu including reconstructing java code. This tool has helped me a lot in understanding the code structure in SystemUI and I highly recommend using it. As a warning don't trust it completely. It did make mistakes a few times mostly when loops are involved

Quote:

That said let us talk more about loops. You might have played with for, while loops, etc before. But well you won't find them in smali. Smali being more of an assembly language handles such loops using labels and goto commands.

Example 1 java code

Code:
if (flagx == 1)
	flagx = 2
else
	flagx = 3
When flagx variable is referenced as v0
Equivalent Example 1 smali code
Code:
const/4 v1, 0x1
if-ne v0, v1, :cond_0
const/4 v2, 0x2
move v0,v2
goto :goto_0
:cond_0
const/4 v2, 0x3
move v0,v2
:goto_0

Quote:

See how much complex the so simple java code became in smali! At this rate how the hell can one figure out the smali for complex java code? Well the easiest way to do it would be starting from the opposite end.

  1. Get Android SDK and Eclipse downloaded and set up
  2. Write the java code which resembles what you want to do as closely as possible for a simple non-system app
  3. Build the apk in eclipse
  4. Decompile and Baksmali the apk and look at the smali code
Through this, if we get to know how the smali code would look, it should be easier to start off. For an example and more details on this check this post and this post

Quote:

Numbers in smali are represented in hex number system and follow IEEE 754 standards. Yeah you guessed right - That's also complicated.

  • Suppose you want to introduce a number in your smali code. Say in example 1, you want flagx to be 330 instead of 3. The best way to find how 330 would look in smali would be to do what I said in the previous quote about starting from the opposite end. Write a java code with 330 replacing 3 and look into the baksmalied file to see how it looks.
  • Online Converter - This is an excellent online converter to make things easier. But even this isn't straight forward. Suppose you find a hexadecimal 0x435c in a smali file. Look for what type of variable is it stored in. And you see that that value is stored in smali in a 16 bit variable. Unfortunately the online converter takes only 32,64 and 128 bits. So type in 435c0000 in the input of the online converter. For 64 bit variables you will have to put more zeros. To find the IEEE 754 hex representation of decimal 330, type in 330 in the online converter and get its hex representation for different bit sizes

I will update this post as and when I get more stuff to add.
The Following 58 Users Say Thank You to havocgb For This Useful Post: [ View ] Gift havocgb Ad-Free
16th March 2013, 08:41 PM |#4  
havocgb's Avatar
OP Senior Member
Flag Whiterun
Thanks Meter: 355
 
More
Pulling Status Bar down from the right side for Quick Panel Toggles in Serajr's SystemUI


This was the first SystemUI mod that I did. I have refined the code a bit after that with suggestions from Serajr (Thanks bro! ) This is a pretty simple edit and do-able for beginners. I will try to explain each step rather than just asking you to copy paste code.

Define a new boolean mTouchRight in PhoneStatusBar class (\SystemUI.apk\smali\com\android\systemui\statusba r\phone\PhoneStatusBar.smali) along with the other .field lines in the beginning part of this smali file.

Code:
.field private mTouchRight:Z
Now define a new method interceptOneFingerStatusBarRightTap to check if the user is touching the statusbar on its right side and make mTouchRight true if he is and false if not. All this is done only if mExpanded is zero

Code:
.method private interceptOneFingerStatusBarRightTap(Landroid/view/MotionEvent;)V
    .locals 2
    .parameter "event"

    .prologue
    iget-boolean v1, p0, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->mExpanded:Z

    if-nez v1, :cond_1

    invoke-virtual {p1}, Landroid/view/MotionEvent;->getRawX()F

    move-result v0

    const/high16 v1, 0x435c

    cmpl-float v0, v0, v1

    if-ltz v0, :cond_0

    const/4 v1, 0x1

    iput-boolean v1, p0, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->mTouchRight:Z

    goto :goto_0

    :cond_0
    const/4 v1, 0x0

    iput-boolean v1, p0, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->mTouchRight:Z

    :cond_1
    :goto_0
    return-void
.end method
You can just add such method definitions at the end of the smali file or in between. Just dont add it within another method!
Now we need to call this method in some function that handles touch events. I will talk about how to figure this out in a later post (Hint: coding logic+Names of variables and methods+using logcat).

In this case the method that we are interested in is interceptTouchEvent.

Original

Code:
if-ge v2, v3, :cond_0

    iget-boolean v2, p0, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->mExpanded:Z

    if-nez v2, :cond_5

    :goto_2
    invoke-virtual {p0, v5, v0}, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->prepareTracking(IZ)V
Change to

Code:
if-ge v2, v3, :cond_0

    iget-boolean v2, p0, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->mExpanded:Z

    if-nez v2, :cond_5

    :goto_2
    invoke-direct {p0, p1}, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->interceptOneFingerStatusBarRightTap(Landroid/view/MotionEvent;)V

    invoke-virtual {p0, v5, v0}, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->prepareTracking(IZ)V
Next we need to make another new method to flip To QuickPanel in case mTouchRight is true.

Code:
.method private oneFingerStatusBarRightTapFlipToQuickPanel()V
    .locals 1

    .prologue
    iget-boolean v0, p0, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->mTouchRight:Z

    if-eqz v0, :cond_0

    invoke-direct {p0}, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->fastFlipToQuickPanel()V

    :cond_0
    return-void
.end method
Now to find out where this method needs to be called, I did the same as what I did with interceptOneFingerStatusBarRightTap (which would be explained in a later post)

I found out that if the call is added in makeExpandedVisible method, as the statusbar starts to get pulled down, the flip-to-quickpanel happens.

Original makeExpandedVisible
Code:
iput-boolean v1, p0, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->mExpandedVisible:Z

invoke-virtual {p0, v1}, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->visibilityChanged(Z)V

const/16 v0, -0x2710

invoke-virtual {p0, v0}, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->updateExpandedViewPos(I)V
Change to:
Code:
iput-boolean v1, p0, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->mExpandedVisible:Z

    invoke-direct {p0}, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->oneFingerStatusBarRightTapFlipToQuickPanel()V

    invoke-virtual {p0, v1}, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->visibilityChanged(Z)V

    const/16 v0, -0x2710

    invoke-virtual {p0, v0}, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->updateExpandedViewPos(I)V
You can also put the call in updateExpandedViewPos method in which case the flip would happen only after the notification panel is completely open. Don't put the call for the method in both makeExpandedVisible and updateExpandedViewPos. Only one of them

Original code:
Code:
if-ne p1, v8, :cond_5

    move v6, v3

    .local v6, pos:I
Change to:
Code:
if-ne p1, v8, :cond_5

move v6, v3

invoke-direct {p0}, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->oneFingerStatusBarRightTapFlipToQuickPanel()V

.local v6, pos:I
The Following 45 Users Say Thank You to havocgb For This Useful Post: [ View ] Gift havocgb Ad-Free
17th March 2013, 02:44 AM |#5  
dhana999's Avatar
Senior Member
Flag Sri lanka
Thanks Meter: 47
 
More
Nice Work
The Following 2 Users Say Thank You to dhana999 For This Useful Post: [ View ] Gift dhana999 Ad-Free
17th March 2013, 03:08 AM |#6  
havocgb's Avatar
OP Senior Member
Flag Whiterun
Thanks Meter: 355
 
More
Figuring out smali


Quote:

So in the previous post I said we should call interceptOneFingerStatusBarRightTap in interceptTouchEvent method. But how does one find that out? In which function to call and where?

Well first of all look at the names of the methods and variables and try to figure out what they do. Look at the parameters in function calls. Like interceptOneFingerStatusBarRightTap requires MotionEvent as its parameter in the function call to be able to use getRawX(). So now look at all the methods in PhoneStatusBar.smali which has acces to MotionEvent. In simple cases you might then be able to figure out where to put the method call if you understand the smali code and/or through trial and error. But in more complex cases you can take the help of logcat

Send messages to logcat
So here our aim is to add the call to interceptOneFingerStatusBarRightTap to a method in PhoneStatusBar.smali that has access to MotionEvent and is called when the user touches the screen. Goto all such methods and add smali code to send messages to the logcat. The smali code would be like this

Code:
const-string v1, "Message1"

const-string v2, "Message2"

invoke-static {v1, v2}, Landroid/util/Log;->d(Ljava/lang/String;Ljava/lang/String;)I
Make sure the variables used doesn't interfere with the code. Let us say we want to see when interceptTouchEvent is called. Add the above code at the beginning of the definition for interceptTouchEvent method. Instead of "Message1" write "interceptTouchEvent" and instead of "Message2" write "beginning". Now if you smali+compile the code to get the unsignedSystemUI.apk and get it working in your phone, connect the phone to your PC/laptop with USB debugging and open up logcat in cmd or eclipse. Now the "interceptTouchEvent" and "beginning" would come up in the logcat the moment the beginning part of interceptTouchEvent is executed. Like this you can find out which method is called when the user touches the status bar and where in the method should the code be added so that the right tap check happens only when you want it to

In some cases you would want to see what value a certain variable holds. Suppose you want to know the value in mTouchRight at the beginning of interceptTouchEvent. The following code would do it

Code:
iget-boolean v1, p0, Lcom/android/systemui/statusbar/phone/PhoneStatusBar;->mTouchRight:Z

const-string v2, "mTouchRightatbegofITE"

invoke-static {v1}, Ljava/lang/String;->valueOf(Z)Ljava/lang/String;

move-result-object v3

invoke-static {v2, v3}, Landroid/util/Log;->d(Ljava/lang/String;Ljava/lang/String;)I
The extra line is to convert the boolen value in mTouchRight to string as Log.d() needs string parameters.
Finally get rid of the log.d() commands you wouldn't require before releasing the final version!

Quote:

Starting from the Opposite End
To aid in this I'll share a simple apk source code that my friend (unfortunately he's not a member of xda) and I made with this post. Just import this project into eclipse and you should be able to build it. Suppose you want to know how much 107.0 is in hex. Just change the value at the place where it checks with getRawX in the java code to 107.0 and build the apk. Decompile/Baksmali the apk to check the corresponding smali hex value of 107.0

This is just a starter. You can probably do many things with this. Do complex codes in java in a dummy apk and see how it looks in smali and then try to implement it in the smali code of the actual apk!

Quote:

Notepad++
If you have already gotten into smali coding you might have seen that just the number of all these smali files are enough to cause headache! How do you find out all the places where interceptTouchEvent is being called? Well if you sit and open all smali files and search for the method your patience would soon abandon you (to put it in a decent way :P) Don't worry, here's notepad++ to the rescue. Here's why I recommend notepad++

  • The above mentioned purpose - Notepad++ has a "find in files" feature. It lets you search for "interceptTouchEvent" in every file that notepad++ can handle (of course including smali). It even lets you know which line in the file in the search result has the search string
  • Smali syntax highlighting - You can get proper syntax highlighted in notepad++ by importing the .xml file for smali. Google for "notepad++ smali user defined language" and find the .xml. Import it in notepad++ as a new user defined language by going to Language>Define you language.. in notepad++. I can't share the .xml file here due to some reasons.
  • Easy to use with multiple-tabs for multiple files
  • More minor reasons are there which I would let you discover for yourself

Attached Files
File Type: zip CoordTeller.zip - [Click for QR Code] (823.8 KB, 1368 views)
The Following 15 Users Say Thank You to havocgb For This Useful Post: [ View ] Gift havocgb Ad-Free
17th March 2013, 04:17 AM |#7  
RavinduSha's Avatar
Senior Member
Flag Kurunegala, Sri Lanka
Thanks Meter: 323
 
Donate to Me
More
Great Work!!!
17th March 2013, 04:41 AM |#8  
soumya_digi's Avatar
Recognized Themer
Flag Kolkata
Thanks Meter: 1,523
 
More
Re: [GUIDE] Smali coding guide for beginners
Wow! Great stuff!!
17th March 2013, 04:43 AM |#9  
sandy7's Avatar
Inactive Recognized Developer
Flag bangalore
Thanks Meter: 6,928
 
Donate to Me
More
trust me serajr will damn happy seeing this..
The Following 4 Users Say Thank You to sandy7 For This Useful Post: [ View ] Gift sandy7 Ad-Free
17th March 2013, 06:03 AM |#10  
samsoul16's Avatar
Senior Member
Flag Thane
Thanks Meter: 523
 
More
Re: [GUIDE] Smali coding guide for beginners
This is awesome..

Sent from my GT-S6102 using Xparent ICS Tapatalk 2
17th March 2013, 06:45 AM |#11  
Re: [GUIDE] Smali coding guide for beginners
Wow. This will be very handy. Thank you so much!

Sent from my Xperia Z using XDA Premium
..Have you tried Tickle My Android yet?
Post Reply Subscribe to Thread

Tags
baksmaling, decompile recompile apk, learn smali, smali

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes