<html>
    <head>
      <base href="https://bugs.llvm.org/">
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_NEW "
   title="NEW - Stop with a watchpoint, only on register values"
   href="https://bugs.llvm.org/show_bug.cgi?id=47758">47758</a>
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>Stop with a watchpoint, only on register values
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>lldb
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>unspecified
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>PC
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>All
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>NEW
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>enhancement
          </td>
        </tr>

        <tr>
          <th>Priority</th>
          <td>P
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>All Bugs
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>lldb-dev@lists.llvm.org
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>rustymagnet3001@gmail.com
          </td>
        </tr>

        <tr>
          <th>CC</th>
          <td>jdevlieghere@apple.com, llvm-bugs@lists.llvm.org
          </td>
        </tr></table>
      <p>
        <div>
        <pre>If a system call is written with inline ASM and C, how do you stop lldb when
you don't know which function calls the syscall and you (only) want rely on the
registers containing values that match the syscall you are expecting?  Do I
want gdb's `catch syscall` in lldb ?   Is a better way to solve the issue with
existing lldb capabilities?

/*************************/
(lldb) b syscall
Breakpoint 2: where = libsystem_kernel.dylib`__syscall, address =
0x00007fff522079f0

/** Breakpoint fires **/
(lldb) frame info       
frame #0: 0x00007fff522079f0 libsystem_kernel.dylib`__syscall

(lldb) po (char *) $arg2
"/path/to/debugger_challenge.app/Info.plist"
/*************************/

I can extend this breakpoint with a condition.  It almost achieves what I want.
The breakpoint stops in syscall when a substring is found in one register:

`br s -n syscall -c '(char *) strnstr((char *)$rsi, "Info.plist",
(int)strlen((char *) $rsi)) != NULL'`

I got this idea from Jim Ingham:
<a href="https://stackoverflow.com/questions/36679156/lldb-how-to-set-breakpoint-whch-stops-when-register-somevalue">https://stackoverflow.com/questions/36679156/lldb-how-to-set-breakpoint-whch-stops-when-register-somevalue</a>

/******* Challenge *******/
If the same syscall is written with inline ASM and C, a `syscall` breakpoint
won't fire, as expected.  I can't place a breakpoint as I don't have a function
name to feed the breakpoint.  I don't know where in the binary contains the
`svc` opcode.

I tried `watchpoints` but these never seemed to trigger correctly.

watchpoint set expression -w read_write -- $rsi
watchpoint set expression -w read -- $arg2


For completeness, please see an arm64 example of inline ASM that calls the C
API Access() to check if a file exists:

/******* code that calls ASM function *******/

    NSString *filepath = [appbundle pathForResource:@"Info" ofType:@"plist"];
    const char *fp = filepath.fileSystemRepresentation;
    #if defined(__arm64__)
    int64_t result = [self asmSyscallFunction:fp];

/******* Inline ASM function *******/
 +(int64_t) asmSyscallFunction:(const char *) fp{

     int64_t res = 99;                   // signed 64 bit wide int, as api can
return -1
     #if defined(__arm64__)
     __asm (
            "mov x0, #33\n"              // access syscall number on arm
            "mov x1, %[input_path]\n"    // copy char* to x1
            "mov x2, #0\n"               // File exist check == 0
            "mov x16, #0\n"
            "svc #33\n"
            "mov %[result], x0 \n"
     : [result] "=r" (res)
     : [input_path] "r" (fp)
     : "x0", "x1", "x2", "x16", "memory"
     );
    #endif
    return res;
}</pre>
        </div>
      </p>


      <hr>
      <span>You are receiving this mail because:</span>

      <ul>
          <li>You are on the CC list for the bug.</li>
      </ul>
    </body>
</html>