Analysing the softkeyboard in Android

After connecting to the Android device via “adb shell”, and “ps” to identify the softkeyboard:

app_24 99 30 105168 17108 ffffffff afe0da04 S com.example.android.softkeyboard

We do a strace attach:

# strace -p 99
Process 99 attached – interrupt to quit
recv(1176084, NULL, 4294967261, 0) = 0
msgget(0x1, 0xbeea1930, 0, 0xa9d214e8) = 0
msgget(0x1, 0xbeea1930, 0, 0xa9d214e8) = 0
msgget(0x1, 0xbeea1930, 0, 0xa9d214e8) = 0
msgget(0x1, 0xbeea1930, 0, 0xa9d214e8) = 0
msgget(0x1, 0xbeea1930, 0, 0xa9d214e8) = 0
ioctl(21, 0xc0186201, 0xbeea17f8) = 0
ioctl(21, 0xc0186201, 0xbeea17f8) = 0
msgget(0x1, 0xbeea1930, 0, 0xa9d214e8) = 0
msgget(0x3, 0xbeea16d8, 0, 0xa9d214e8) = 0
SYS_224(0, 0xc0000001, 0x138b24, 0) = 99
SYS_224(0, 0x3141592, 0x80a030dc, 0x138b24) = 99
SYS_224(0, 0xc0000001, 0x138b24, 0) = 99
msgget(0x1, 0xbeea1930, 0, 0xa9d214e8) = 0
SYS_224(0, 0x3141592, 0x80a030dc, 0x138b24) = 99
recv(1114697732, ptrace: umoven: I/O error
0x1, 2147483647, 0) = 0
msgget(0x3, 0xbeea1880, 0, 0xa9d214e8) = 0
ioctl(21, 0xc0186201, 0xbeea1708) = 0
msgget(0x1, 0xbeea1930, 0, 0xa9d214e8) = 0

If it curious you, SYS_224() is actually gettid() – from “kernel/arch-arm/asm/unistd.h” in Android download:

#define __NR_gettid (__NR_SYSCALL_BASE+224)

Not easily understood. Using DDMS to attach to the softkeyboard (must have source codes available, in order for DDMS to work), and tracing the execution:

mysoftkeyboard1 [Android Application]
DalvikVM[localhost:8613]
Thread [<3> main] (Suspended (entry into method onKeyDown in SoftKeyboard))
SoftKeyboard.onKeyDown(int, KeyEvent) line: 338
KeyEvent.dispatch(KeyEvent$Callback, KeyEvent$DispatcherState, Object) line: 1037
InputMethodService$InputMethodSessionImpl(AbstractInputMethodService$AbstractInputMethodSessionImpl).dispatchKeyEvent(int, KeyEvent, InputMethodSession$EventCallback) line: 135
IInputMethodSessionWrapper.executeMessage(Message) line: 76
HandlerCaller$MyHandler.handleMessage(Message) line: 45
HandlerCaller$MyHandler(Handler).dispatchMessage(Message) line: 99
Looper.loop() line: 123
ActivityThread.main(String[]) line: 4363
Method.invokeNative(Object, Object[], Class, Class[], Class, int, boolean) line: not available [native method]
Method.invoke(Object, Object…) line: 521
ZygoteInit$MethodAndArgsCaller.run() line: 860
ZygoteInit.main(String[]) line: 618
NativeStart.main(String[]) line: not available [native
method]
Thread [<13> Binder Thread #2] (Running)
Thread [<11> Binder Thread #1] (Running)
Thread [<15> Binder Thread #3] (Running)

Further analysis of “KeyEvent.dispatch(KeyEvent$Callback, KeyEvent$DispatcherState, Object)” took another post.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: