Hello,
While executing programs on FVP (MORELLO PLATFORM MODEL target architecture is morello-purecap) with CHERIBSD OS I like to trace the register values. Any information on how to get it please.
We used this technique for some earlier work, and recorded our method: https://github.com/capablevms/cheri_misidioms/blob/master/code/fvp-analyses/READMEIt might work for you, depending on what you're trying to do.
As a summary:
You can get the model to generate "TARMAC" trace, but since you're running an OS, you won't want to run it from the start because it traces the whole system and produces a huge amount of output. Instead, you'll want to enable "ToggleMTIPlugin", and then execute a special HLT instruction (typically hlt #0xbeef) from your workload to turn the tracing on and off.
hlt #0xbeef
You'll get a trace that looks something like this:
314 clk cluster1.cpu1 IT (4950928406) (1|ffffc00000010005|ffff0000004ebc5c):0000f04ebc5c_NS aa0003f4 O EL1h_n : MOV x20,x0 314 clk cluster1.cpu1 R X20 FFFF0000E7EF6000 315 clk cluster1.cpu1 IT (4950928407) (1|ffffc00000010005|ffff0000004ebc60):0000f04ebc60_NS b9400035 O EL1h_n : LDR w21,[x1,#0] 315 clk cluster1.cpu1 R X21 0000000000000001 316 clk cluster1.cpu1 IT (4950928408) (1|ffffc00000010005|ffff0000004ebc64):0000f04ebc64_NS 42c08420 O EL1h_n : LDP c0,c1,[x1,#0x10] 316 clk cluster1.cpu1 R C0 1|dc5dc00050a45094|0000000040185094 316 clk cluster1.cpu1 R C1 1|dc5d40007a30fa20|0000fffffff7fa20
Notably, this is still a full-system trace, so if any other task (or the kernel) is active, it'll show up here too. That often doesn't matter, but it might do.
If you want to map this back to ELF symbols, you'll also need to record the VM mappings, and use some tool to combine everything and give you symbol information. On CheriBSD, you can record the mappings using the BSD kinfo_getvmmap (like this). There's a nice tool suite for doing the subsequent analysis, but sadly it doesn't support Morello (or at least, it didn't when we wanted it). We wrote some (much simpler) tools to do a similar thing for Morello FVP.
kinfo_getvmmap
Sorry I am starting up a QEMU VM running CheriBSD on top of the Morello ISA using the following command:
$./cheribuild.py run-morello-purecap -d
Following which I am compiling the c file named file.c to generate its corresponding executable_file with the command
$./ccc morello-purecap -o executable_file file.c
./ccc morello-purecap -o executable_file file.c
then transferring the generated executable_file into the VM running CHERIBSD for final execution.
So in this process I like to trace the register values while it is finally executing in the VM running CHERIBSD .
Ok, well my technique will only work for FVP, but your workload probably works there too. For example, you could use `run-fvp-morello-purecap` to do that, adding the extra configurations noted in my links to make tracing work.
If you really need to use QEMU for some reason, you probably need to ask the CTSRD-CHERI team. They have a mailing list, and a public Slack channel, for example.
If your test is small, it may be easier to simply run it under GDB (or some other debugger). You could write a GDB script to print registers periodically (or even before every instruction), for example. This approach would also work on Morello hardware.