How to use python to read and write a register via LLDB?

Question

I'm trying to use python to read/write a register when it hits the breakpoint.

I was able to execute a simple python script when a breakpoint is triggered.

The problem I'm having is reading and writing a single register. I can get a list of registers, but not a register.

* thread #1, stop reason = signal SIGSTOP
    frame #0: 0x000000010521562c dyld` ImageLoaderMachO::usablePrebinding(ImageLoader::LinkContext const&) const  + 56
dyld`ImageLoaderMachO::usablePrebinding:
->  0x10521562c <+56>: ldrb   w8, [x19, #0x76]
    0x105215630 <+60>: ldrh   w9, [x19, #0x74]
    0x105215634 <+64>: bfi    w9, w8, #16, #8
    0x105215638 <+68>: tbz    w9, #0x9, 0x105215694     ; <+160>
    0x10521563c <+72>: ldr    x8, [x19]
    0x105215640 <+76>: ldr    x8, [x8, #0x378]
    0x105215644 <+80>: mov    x0, x19
    0x105215648 <+84>: blr    x8
Target 0: (BBM) stopped.
(lldb) script
Python Interactive Interpreter. To exit, type 'quit()', 'exit()' or Ctrl-D.
>>> print lldb.frame.registers

Can anyone help me which python api I can use to change the x1 register value?

Answer 1

The registers property on SBFrames is an SBValueList that stores the sets of registers (GPR's, etc.). Each register set is an SBValue, and the individual registers are represented as children of the register set, with the child name being the register name. x1 is a GPR, and the GPR's are always the first register set in registers. SBValueList also GetFirstValueByName to get an element by name, so you can also find the "General Purpose Register"'s programmatically.

So you would do something like:

error = lldb.SBError()
did_change = lldb.frame.registers[0].GetChildMemberWithName('x1').SetValueFromCString("0x12345",error)

SetValueFromCString returns True if it was able to change the value, and if it wasn't, the reason why will be stored in the error parameter.

Note that volatile registers like x1 aren't stored across function calls, so you can only access or change their values in the currently executing frame.

SBValues are described here:

https://lldb.llvm.org/python_reference/lldb.SBValue-class.html

if you want to know what else you can do with them.