diff --git a/libafl_qemu/src/arm.rs b/libafl_qemu/src/arm.rs
index 5220f60e6b..d23deb91c8 100644
--- a/libafl_qemu/src/arm.rs
+++ b/libafl_qemu/src/arm.rs
@@ -8,7 +8,16 @@ use pyo3::prelude::*;
 pub use strum_macros::EnumIter;
 pub use syscall_numbers::arm::*;
 
-use crate::{sync_backdoor::SyncBackdoorArgs, CallingConvention};
+use crate::{sync_backdoor::SyncBackdoorArgs, CPUStatePtr, CallingConvention, Emulator};
+extern "C" {
+    fn libafl_qemu_read_user_sp_unchecked(cpu: CPUStatePtr) -> i32;
+}
+
+pub fn read_user_reg_unchecked(emu : &Emulator) -> i32
+{
+    unsafe {libafl_qemu_read_user_sp_unchecked(emu.current_cpu().unwrap().ptr)}.into()
+}
+
 
 /// Registers for the ARM instruction set.
 #[derive(IntoPrimitive, TryFromPrimitive, Debug, Clone, Copy, EnumIter)]
diff --git a/libafl_qemu/src/emu.rs b/libafl_qemu/src/emu.rs
index 1f69251703..0afbfa339c 100644
--- a/libafl_qemu/src/emu.rs
+++ b/libafl_qemu/src/emu.rs
@@ -491,7 +491,7 @@ extern "C" fn gdb_cmd(data: *const (), buf: *const u8, len: usize) -> i32 {
 #[derive(Debug)]
 #[repr(transparent)]
 pub struct CPU {
-    ptr: CPUStatePtr,
+    pub ptr: CPUStatePtr,
 }
 
 #[derive(Debug, PartialEq)]