Opcode (hex) Opcode name Explanation Example
00 nop No operation 0000 - nop
01 move vx,vy Moves the content of vy into vx. Both registers must be in the first 256 register range. 0110 - move v0, v1Moves v1 into v0.
02 move/from16 vx,vy Moves the content of vy into vx. vy may be in the 64k register range while vx is one of the first 256 registers. 0200 1900 - move/from16 v0, v25Moves v25 into v0.
03 move/16
04 move-wide
05 move-wide/from16 vx,vy Moves a long/double value from vy to vx. vy may be in the 64k register range while wx is one of the first 256 registers. 0516 0000 - move-wide/from16 v22, v0Moves v0 into v22.
06 move-wide/16
07 move-object vx,vy Moves the object reference from vy to vx. 0781 - move-object v1, v8Moves the object reference in v8 to v1.
08 move-object/from16 vx,vy Moves the object reference from vy to vx, vy can address 64k registers and vx can address 256 registers. 0801 1500 - move-object/from16 v1, v21Move the object reference in v21 to v1.
09 move-object/16
0A move-result vx Move the result value of the previous method invocation into vx. 0A00 - move-result v0Move the return value of a previous method invocation into v0.
0B move-result-wide vx Move the long/double result value of the previous method invocation into vx,vx+1. 0B02 - move-result-wide v2Move the long/double result value of the previous method invocation into v2,v3.
0C move-result-object vx Move the result object reference of the previous method invocation into vx. 0C00 - move-result-object v0
0D move-exception vx Move the exception object reference thrown during a method invocation into vx. 0D19 - move-exception v25
0E return-void Return without a return value 0E00 - return-void
0F return vx Return with vx return value 0F00 - return v0Returns with return value in v0.
10 return-wide vx Return with double/long result in vx,vx+1. 1000 - return-wide v0Returns with a double/long value in v0,v1.
11 return-object vx Return with vx object reference value. 1100 - return-object v0Returns with object reference value in v0
12 const/4 vx,lit4 Puts the 4 bit constant into vx 1221 - const/4 v1, #int2Moves literal 2 into v1. The destination register is in the lower 4 bit in the second byte, the literal 2 is in the higher 4 bit.
13 const/16 vx,lit16 Puts the 16 bit constant into vx 1300 0A00 - const/16 v0, #int 10Puts the literal constant of 10 into v0.
14 const vx, lit32 Puts the integer constant into vx 1400 4E61 BC00 - const v0, #12345678 // #00BC614EMoves literal 12345678 into v0.
15 const/high16 v0, lit16 Puts the 16 bit constant into the topmost bits of the register. Used to initialize float values. 1500 2041 - const/high16 v0, #float 10.0 // #41200000Moves the floating literal of 10.0 into v0. The 16 bit literal in the instruction carries the top 16 bits of the floating point number.
16 const-wide/16 vx, lit16 Puts the integer constant into vx and vx+1 registers, expanding the integer constant into a long constant.. 1600 0A00 - const-wide/16 v0, #long 10Moves literal 10 into v0 and v1 registers.
17 const-wide/32 vx, lit32 Puts the 32 bit constant into vx and vx+1 registers, expanding the integer constant into a long constant. 1702 4e61 bc00 - const-wide/32 v2, #long 12345678 // #00bc614ePuts #12345678 into v2 and v3 registers.
18 const-wide vx, lit64 Puts the 64 bit constant into vx and vx+1 registers. 1802 874b 6b5d 54dc 2b00- const-wide v2, #long 12345678901234567 // #002bdc545d6b4b87Puts #12345678901234567 into v2 and v3 registers.
19 const-wide/high16 vx,lit16 Puts the 16 bit constant into the highest 16 bit of vx and vx+1 registers. Used to initialize double values. 1900 2440 - const-wide/high16 v0, #double 10.0 // #402400000Puts the double constant of 10.0 into v0 register.
1A const-string vx,string_id Puts reference to a string constant identified by string_id into vx. 1A08 0000 - const-string v8, "" // string@0000Puts reference to string@0000 (entry #0 in the string table) into v8.
1B const-string-jumbo
1C const-class vx,type_id Moves the class object of a class identified by type_id (e.g. Object.class) into vx. 1C00 0100 - const-class v0, Test3 // type@0001Moves reference to Test3.class (entry#1 in the type id table) into
1D monitor-enter vx Obtains the monitor of the object referenced by vx. 1D03 - monitor-enter v3Obtains the monitor of the object referenced by v3.
1E monitor-exit Releases the monitor of the object referenced by vx. 1E03 - monitor-exit v3Releases the monitor of the object referenced by v3.
1F check-cast vx, type_id Checks whether the object reference in vx can be cast to an instance of a class referenced by type_id. Throws ClassCastException if the cast is not possible, continues execution otherwise. 1F04 0100 - check-cast v4, Test3 // type@0001Checks whether the object reference in v4 can be cast to type@0001 (entry #1 in the type id table)
20 instance-of vx,vy,type_id Checks whether vy is instance of a class identified by type_id. Sets vx non-zero if it is, 0 otherwise. 2040 0100 - instance-of v0, v4, Test3 // type@0001Checks whether the object reference in v4 is an instance of type@0001 (entry #1 in the type id table). Sets v0 to non-zero if v4 is instance of Test3, 0 otherwise.
21 array-length vx,vy Calculates the number of elements of the array referenced by vy and puts the length value into vx. 2111 - array-length v1, v1Calculates the number of elements of the array referenced by v1 and puts the result into v1.
22 new-instance vx,type Instantiates an object type and puts the reference of the newly created instance into vx. 2200 1500 - new-instance v0, java.io.FileInputStream // type@0015Instantiates type@0015 (entry #15H in the type table) and puts its reference into v0.
23 new-array vx,vy,type_id Generates a new array of type_id type and vy element size and puts the reference to the array into vx. 2312 2500 - new-array v2, v1, char[] // type@0025Generates a new array of type@0025 type and v1 size and puts the reference to the new array into v2.
24 filled-new-array {parameters},type_id Generates a new array of type_id and fills it with the parameters5. Reference to the newly generated array can be obtained by a move-result-object instruction, immediately following the filled-new-array instruction. 2420 530D 0000 - filled-new-array {v0,v0},[I // type@0D53Generates a new array of type@0D53. The array's size will be 2 and both elements will be filled with the contents of v0 register.
25 filled-new-array-range {vx..vy},type_id Generates a new array of type_id and fills it with a range of parameters. Reference to the newly generated array can be obtained by a move-result-object instruction, immediately following the filled-new-array instruction. 2503 0600 1300 - filled-new-array/range {v19..v21}, [B // type@0006Generates a new array of type@0D53. The array's size will be 3 and the elements will be filled using the v19,v20 and v21 registers4.
26 fill-array-data vx,array_data_offset Fills the array referenced by vx with the static data. The location of the static data is the sum of  the position of the current instruction and the offset 2606 2500 0000 - fill-array-data v6, 00e6 // +0025Fills the array referenced by v0 with the static data at current instruction+25H words location. The offset is expressed as a 32-bit number. The static data is stored in the following format:0003 // Table type: static array data0400 // Byte per array element (in this case, 4 byte integers)0300 0000 // Number of elements in the table0100 0000  // Element #0: integer 10200 0000 // Element #1: integer 20300 0000 // Element #2: integer3
27 throw vx Throws an exception object. The reference of the exception object is in vx. 2700 - throw v0Throws an exception. The exception object reference is in v0.
28 goto target Unconditional jump by short offset2. 28F0 - goto 0005 // -0010Jumps to current position-16 words (hex 10). 0005 is the label of the target instruction.
29 goto/16 target Unconditional jump by 16 bit offset2. 2900 0FFE - goto/16 002f // -01f1Jumps to the current position-1F1H words. 002F is the label of the target instruction.
2A goto/32 target
2B packed-switch vx,table Implements a switch statement where the case constants are close to each other. The instruction uses an index table. vx indexes into this table to find the offset of the instruction for a particular case. If vx falls out of the index table, the execution continues on the next instruction (default case). 2B02 0C00 0000 - packed-switch v2, 000c // +000cExecute a packed switch according to the switch argument in v2. The position of the index table is at current instruction+0CH words. The table looks like the following:0001 // Table type: packed switch table0300 // number of elements0000 0000 // element base0500 0000  0: 00000005 // case 0: +000000050700 0000  1: 00000007 // case 1: +000000070900 0000  2: 00000009 // case 2: +00000009
2C sparse-switch vx,table Implements a switch statement with sparse case table. The instruction uses a lookup table with case constants and offsets for each case constant. If there is no match in the table, execution continues on the next instruction (default case). 2C02 0c00 0000 - sparse-switch v2, 000c // +000cExecute a sparse switch according to the switch argument in v2. The position of the lookup table is at current instruction+0CH words. The table looks like the following.0002 // Table type: sparse switch table0300 // number of elements9cff ffff // first case: -100fa00 0000 // second case constant: 250e803 0000 // third case constant: 10000500 0000 // offset for the first case constant: +50700 0000 // offset for the second case constant: +70900 0000 // offset for the third case constant: +9
2D cmpl-float Compares the float values in vy and vz and sets the integer value in vx accordingly3 2D00 0607 - cmpl-float v0, v6, v7Compares the float values in v6 and v7 then sets v0 accordingly. NaN bias is less-than, the instruction will return -1 if any of the parameters is NaN.
2E cmpg-float vx, vy, vz Compares the float values in vy and vz and sets the integer value in vx accordingly3. 2E00 0607 - cmpg-float v0, v6, v7Compares the float values in v6 and v7 then sets v0 accordingly. NaN bias is greater-than, the instruction will return 1 if any of the parameters is NaN.
2F cmpl-double vx,vy,vz Compares the double values in vy and vz2 and sets the integer value in vx accordingly3. 2F19 0608 - cmpl-double v25, v6, v8Compares the double values in v6,v7 and v8,v9 and sets v25 accordingly. NaN bias is less-than, the instruction will return -1 if any of the parameters is NaN.
30 cmpg-double vx, vy, vz Compares the double values in vy and vz2 and sets the integer value in vx accordingly3. 3000 080A - cmpg-double v0, v8, v10Compares the double values in v8,v9 and v10,v11 then sets v0 accordingly. NaN bias is greater-than, the instruction will return 1 if any of the parameters is NaN.
31 cmp-long vx, vy, vz Compares the long values in vy and vz and sets the integer value in vx accordingly3. 3100 0204 - cmp-long v0, v2, v4Compares the long values in v2 and v4 then sets v0 accordingly.
32 if-eq vx,vy,target Jumps to target if vx==vy2. vx and vy are integer values. 32b3 6600 - if-eq v3, v11, 0080 // +0066Jumps to the current position+66H words if v3==v11. 0080 is the label of the target instruction.
33 if-ne vx,vy,target Jumps to target if vx!=vy2. vx and vy are integer values. 33A3 1000 - if-ne v3, v10, 002c // +0010Jumps to the current position+10H words if v3!=v10. 002c is the label of the target instruction.
34 if-lt vx,vy,target Jumps to target is vx<vy2. vx and vy are integer values. 3432 CBFF - if-lt v2, v3, 0023 // -0035Jumps to the current position-35H words if v2<v3. 0023 is the label of the target instruction.
35 if-ge vx, vy,target Jumps to target if vx>=vy2. vx and vy are integer values. 3510 1B00 - if-ge v0, v1, 002b // +001bJumps to the current position+1BH words if v0>=v1. 002b is the label of the target instruction.
36 if-gt vx,vy,target Jumps to target if vx>vy2. vx and vy are integer values. 3610 1B00 - if-ge v0, v1, 002b // +001bJumps to the current position+1BH words if v0>v1. 002b is the label of the target instruction.
37 if-le vx,vy,target Jumps to target if vx<=vy2. vx and vy are integer values. 3756 0B00 - if-le v6, v5, 0144 // +000bJumps to the current position+0BH words if v6<=v5. 0144 is the label of the target instruction.
38 if-eqz vx,target Jumps to target if vx==02. vx is an integer value. 3802 1900 - if-eqz v2, 0038 // +0019Jumps to the current position+19H words if v2==0. 0038 is the label of the target instruction.
39 if-nez vx,target Checks vx and jumps if vx is nonzero2. 3902 1200 - if-nez v2, 0014 // +0012Jumps to current position+18 words (hex 12) if v2 is nonzero. 0014 is the label of the target instruction.
3A if-ltz vx,target Checks vx and jumps if vx<02. 3A00 1600 - if-ltz v0, 002d // +0016Jumps to the current position+16H words if v0<0. 002d is the label of the target instruction.
3B if-gez vx,target Checks vx and jumps if vx>=02. 3B00 1600 - if-gez v0, 002d // +0016Jumps to the current position+16H words if v0 >=0. 002d is the label of the target instruction.
3C if-gtz vx,target Checks vx and jumps if vx>02. 3C00 1D00 - if-gtz v0, 004a // +001dJumps to the current position+1DH words if v0>0. 004A is the label of the target instruction.
3D if-lez vx,target Checks vx and jumps if vx<=02. 3D00 1D00 - if-lez v0, 004a // +001dJumps to the current position+1DH words if v0<=0. 004A is the label of the target instruction.
3E unused_3E
3F unused_3F
40 unused_40
41 unused_41
42 unused_42
43 unused_43
44 aget vx,vy,vz Gets an integer value of an object reference array into vx. The array is referenced by vy and is indexed by vz. 4407 0306 - aget v7, v3, v6Gets an integer array element. The array is referenced by v3 and the element is indexed by v6. The element will be put into v7.
45 aget-wide vx,vy,vz Gets a long/double value of long/double array into vx,vx+1. The array is referenced by vy and is indexed by vz. 4505 0104 - aget-wide v5, v1, v4Gets a long/double array element. The array is referenced by v1 and the element is indexed by v4. The element will be put into v5,v6.
46 aget-object vx,vy,vz Gets an object reference value of an object reference array into vx. The array is referenced by vy and is indexed by vz. 4602 0200 - aget-object v2, v2, v0Gets an object reference array element. The array is referenced by v2 and the element is indexed by v0. The element will be put into v2.
47 aget-boolean vx,vy,vz Gets a boolean value of a boolean array into vx. The array is referenced by vy and is indexed by vz. 4700 0001 - aget-boolean v0, v0, v1Gets a boolean array element. The array is referenced by v0 and the element is indexed by v1. The element will be put into v0.
48 aget-byte vx,vy,vz Gets a byte value of a byte array into vx. The array is referenced by vy and is indexed by vz. 4800 0001 - aget-byte v0, v0, v1Gets a byte array element. The array is referenced by v0 and the element is indexed by v1. The element will be put into v0.
49 aget-char vx, vy,vz Gets a char value  of a character array into vx. The element is indexed by vz, the array object is referenced by vy 4905 0003 - aget-char v5, v0, v3Gets a character array element. The array is referenced by v0 and the element is indexed by v3. The element will be put into v5.
4A aget-short vx,vy,vz Gets a short value  of a short array into vx. The element is indexed by vz, the array object is referenced by vy. 4A00 0001 - aget-short v0, v0, v1Gets a short array element. The array is referenced by v0 and the element is indexed by v1. The element will be put into v0.
4B aput vx,vy,vz Puts the integer value in vx into an element of an integer array. The element is indexed by vz, the array object is referenced by vy. 4B00 0305 - aput v0, v3, v5Puts the integer value in v2 into an integer array referenced by v0. The target array element is indexed by v1.
4C aput-wide vx,vy,vz Puts the double/long value in vx,vx+1 into a double/long array. The array is referenced by vy, the element is indexed by vz. 4C05 0104 - aput-wide v5, v1, v4Puts the double/long value in v5,v6 into a double/long array referenced by v1. The target array element is indexed by v4.
4D aput-object vx,vy,vz Puts the object reference value in vx into an element of an object reference array. The element is indexed by vz, the array object is referenced by vy. 4D02 0100 - aput-object v2, v1, v0Puts the object reference value in v2 into an object reference array referenced by v0. The target array element is indexed by v1.
4E aput-boolean vx,vy,vz Puts the boolean value in vx into an element of a boolean array. The element is indexed by vz, the array object is referenced by vy. 4E01 0002 - aput-boolean v1, v0, v2Puts the boolean value in v1 into an object reference array referenced by v0. The target array element is indexed by v2.
4F aput-byte vx,vy,vz Puts the byte value in vx into an element of a byte array. The element is indexed by vz, the array object is referenced by vy. 4F02 0001 - aput-byte v2, v0, v1Puts the boolean value in v2 into a byte array referenced by v0. The target array element is indexed by v1.
50 aput-char vx,vy,vz Puts the char value in vx into an element of a character array. The element is indexed by vz, the array object is referenced by vy. 5003 0001 - aput-char v3, v0, v1Puts the character value in v3 into a character array referenced by v0. The target array element is indexed by v1.
51 aput-short vx,vy,vz Puts the short value in vx into an element of a short array. The element is indexed by vz, the array object is referenced by vy. 5102 0001 - aput-short v2, v0, v1Puts the short value in v2 into a character array referenced by v0. The target array element is indexed by v1.
52 iget vx, vy, field_id Reads an instance field into vx. The instance is referenced by vy. 5210 0300 - iget v0, v1, Test2.i6:I // field@0003Reads field@0003 into v0 (entry #3 in the field id table). The instance is referenced by v1.
53 iget-wide vx,vy,field_id Reads an instance field into vx1. The instance is referenced by vy. 5320 0400 - iget-wide v0, v2, Test2.l0:J // field@0004Reads field@0004 into v0 and v1 registers (entry #4 in the field id table). The instance is referenced by v2.
54 iget-object vx,vy,field_id Reads an object reference instance field into vx. The instance is referenced by vy. iget-object v1, v2, LineReader.fis:Ljava/io/FileInputStream; // field@0002Reads field@0002 into v1  (entry #2 in the field id table). The instance is referenced by v2.
55 iget-boolean vx,vy,field_id Reads a boolean instance field into vx. The instance is referenced by vy. 55FC 0000 - iget-boolean v12, v15, Test2.b0:Z // field@0000Reads the boolean field@0000 into v12 register (entry #0 in the field id table). The instance is referenced by v15.
56 iget-byte vx,vy,field_id Reads a byte instance field into vx. The instance is referenced by vy. 5632 0100 - iget-byte v2, v3, Test3.bi1:B // field@0001Reads the char field@0001 into v2 register (entry #1 in the field id table). The instance is referenced by v3.
57 iget-char vx,vy,field_id Reads a char instance field into vx. The instance is referenced by vy. 5720 0300 - iget-char v0, v2, Test3.ci1:C // field@0003Reads the char field@0003 into v0 register (entry #3 in the field id table). The instance is referenced by v2.
58 iget-short vx,vy,field_id Reads a short instance field into vx. The instance is referenced by vy. 5830 0800 - iget-short v0, v3, Test3.si1:S // field@0008Reads the short field@0008 into v0 register (entry #8 in the field id table). The instance is referenced by v3.
59 iput vx,vy, field_id Puts vx into an instance field. The instance is referenced by vy. 5920 0200 - iput v0,v2, Test2.i6:I // field@0002Stores v0 into field@0002 (entry #2 in the field id table). The instance is referenced by v2.
5A iput-wide vx,vy, field_id Puts the wide value located in vx and vx+1 registers into an instance field. The instance is referenced by vy. 5A20 0000 - iput-wide v0,v2, Test2.d0:D // field@0000Stores the wide value in v0, v1 registers into field@0000 (entry #0 in the field id table). The instance is referenced by v2.
5B iput-object vx,vy,field_id Puts the object reference in vx into an instance field. The instance is referenced by vy. 5B20 0000 - iput-object v0, v2, LineReader.bis:Ljava/io/BufferedInputStream; // field@0000Stores the object reference in v0 into field@0000 (entry #0 in the field table). The instance is referenced by v2.
5C iput-boolean vx,vy, field_id Puts the boolean value located in vx into an instance field. The instance is referenced by vy. 5C30 0000 - iput-boolean v0, v3, Test2.b0:Z // field@0000Puts the boolean value in v0 into field@0000 (entry #0 in the field id table). The instance is referenced by v3.
5D iput-byte vx,vy,field_id Puts the byte value located in vx into an instance field. The instance is referenced by vy. 5D20 0100 - iput-byte v0, v2, Test3.bi1:B // field@0001Puts the boolean value in v0 into field@0001 (entry #1 in the field id table). The instance is referenced by v2.
5E iput-char vx,vy,field_id Puts the char value located in vx into an instance field. The instance is referenced by vy. 5E20 0300 - iput-char v0, v2, Test3.ci1:C // field@0003Puts the char value in v0 into field@0003 (entry #3 in the field id table). The instance is referenced by v2.
5F iput-short vx,vy,field_id Puts the short value located in vx into an instance field. The instance is referenced by vy. 5F21 0800 - iput-short v1, v2, Test3.si1:S // field@0008Puts the short value in v1 into field@0008 (entry #8 in the field id table). The instance is referenced by v2.
60 sget vx,field_id Reads the integer field identified by the field_id into vx. 6000 0700 - sget v0, Test3.is1:I // field@0007Reads field@0007 (entry #7 in the field id table) into v0.
61 sget-wide vx, field_id Reads the static field identified by the field_id into vx and vx+1 registers. 6100 0500 - sget-wide v0, Test2.l1:J // field@0005Reads field@0005 (entry #5 in the field id table) into v0 and v1 registers.
62 sget-object vx,field_id Reads the object reference field identified by the field_id into vx. 6201 0C00 - sget-object v1, Test3.os1:Ljava/lang/Object; // field@000cReads field@000c (entry #CH in the field id table) into v1.
  1. Note that double and long values occupy two registers (e.g. the value addressed by vy is located in vy and vy+1 registers)
  2. The offset can be positive or negative and it is calculated from the offset of the starting byte of the instruction. The offset is always interpreted in words (2 bytes per 1 offset value increment/decrement). Negative offset is stored in two's complement format. The current position is the offset of the starting byte of the instruction.
  3. Compare operations return positive value if the first operand is greater than the second operand, 0 if they are equal and negative value if the first operand is smaller than the second operand.
  4. Not seen in the wild, interpolated from Dalvik bytecode list.
  5. The invocation parameter list encoding is somewhat weird. Starting if parameter number > 4 and parameter number % 4 == 1, the 5th (9th, etc.) parameter is encoded on the 4 lowest bit of the byte immediately following the instruction. Curiously, this encoding is not used in case of 1 parameter, in this case an entire 16 bit word is added after the method index of which only 4 bit is used to encode the single parameter while the lowest 4 bit of the byte following the instruction byte is left unused.
  6. This is an unsafe instruction and occurs only in ODEX files.
  7. In Smali, there are different types of instructions used to define different types of constants, including const/16 and const-wide/16.

Source

Dalvik opcodes

Practice

.method public static func(I)I
    .parameter n, "n"

    .prologue
    const/4 v0, 0x0         
    if-ne v0, p0, :cond_0   
    const/4 v0, 0x1         
    return v0

    :cond_0
    sub-int v1, p0, 0x1     
    invoke-static {v1}, LMyClass;->func(I)I   
    mul-int/2addr v0, p0    
    return v0
.end method

Convert this code to java.