I was debugging an App when I met the following instructions:
0x0003409c vcmpe.f64 d17, d16
0x000340a0 vmrs APSR_nzcv, fpscr
0x000340a4 bpl 0x34100
I thought the 3 instructions were to:
- Compares two floating-point registers, or one floating-point register and zero. i.e. compares D17 and D16 by subtracting D16 from D17 (D17 - D16); Note that D16 & D17 are both NEON registers.
- Transfer contents from a NEON and VFP system register to an ARM register.
- Branch if N clear, i.e. the subtracting turns to be positive.
D17 and D16 were originally the same:
* thread #1: tid = 0x5bec9, 0x0011209c GJOfficeBuild`___lldb_unnamed_function1113$$GJOfficeBuild + 1056, queue = 'com.apple.main-thread', stop reason = breakpoint 4.1
frame #0: 0x0011209c GJOfficeBuild`___lldb_unnamed_function1113$$GJOfficeBuild + 1056
GJOfficeBuild`___lldb_unnamed_function1113$$GJOfficeBuild:
-> 0x11209c <+1056>: vcmpe.f64 d17, d16
0x1120a0 <+1060>: vmrs APSR_nzcv, fpscr
0x1120a4 <+1064>: bpl 0x112100 ; <+1156>
0x1120a6 <+1066>: ldr r0, [sp, #0xc]
(lldb) p $d17
(double) $27 = 1
(lldb) p $d16
(double) $28 = 1
I wanna branch at 0x1120a4 so I tried to set D17 to a much bigger value than D16:
(lldb) register write $d17 9
(lldb) p $d17
(double) $23 = 9
(lldb) p $d16
(double) $24 = 9
(lldb) register write $d17 6
(lldb) p $d17
(double) $25 = 6
(lldb) p $d16
(double) $26 = 6
And vice versa:
(lldb) register write $d16 0
(lldb) p $d17
(double) $29 = 0
(lldb) p $d16
(double) $30 = 0
(lldb) register write $d16 9
(lldb) p $d17
(double) $31 = 9
(lldb) p $d16
(double) $32 = 9
As you can see, the 2 registers changed together. Why was that happening? And how do I modify D17 without changing D16?
Thanks,
snakeninny