Skip to content

cpu: annotate faulting instructions in Exec trace output#2941

Merged
BobbyRBruce merged 1 commit intogem5:developfrom
BobbyRBruce:fix/exec-trace-faulting-tag
Mar 4, 2026
Merged

cpu: annotate faulting instructions in Exec trace output#2941
BobbyRBruce merged 1 commit intogem5:developfrom
BobbyRBruce:fix/exec-trace-faulting-tag

Conversation

@BobbyRBruce
Copy link
Member

@BobbyRBruce BobbyRBruce commented Feb 11, 2026

Summary

This PR makes gem5's Exec trace output less misleading for faulting instructions by appending a clear FAULTING marker when an instruction is known to have faulted (and ExecFaulting tracing is enabled).

This is especially helpful for O3CPU runs in syscall-emulation (SE) mode where a faulting memory operation may be re-fetched and re-executed after the fault handler (e.g., lazy stack growth) runs. In that situation, users can otherwise interpret two Exec lines for the same PC as a “duplicate execution” bug.

References: gem5 Issue #2902

Motivation / Problem

Issue #2902 reports that a RISC-V O3CPU run shows the same sd instruction appearing twice in the Exec trace (with different FetchSeq values), which looks like gem5 executes the store twice.

In the reproducer attached to the issue, the first dynamic instance of the store faults due to SE-mode page-table handling / lazy stack growth (a GenericPageTableFault which triggers Process::fixupFault() to allocate a new stack page). The CPU then squashes younger instructions and re-fetches from the faulting PC; the store appears again as a new dynamic instruction instance.

Today, the Exec trace line for the faulting instance looks identical to a normal executed MemWrite, making the trace easy to misread.

What this PR changes

When ExecFaulting is enabled and the tracer record is marked as faulting, the Exec trace line now includes a trailing FAULTING tag.

This is deliberately minimal and formatting-only:

  • No pipeline/memory behavior changes.
  • No changes to fault handling.
  • Only adds clarity to an existing debug trace.

Before / After (example from Issue #2902)

Before

The trace excerpt in Issue #2902 looks like two identical stores:

2643000: system.cpu: T0 : 0x11a4e @_Z11modify_datai+2170 : sd a0, -2016(a2) : MemWrite : D=0x00000000000166d2 A=0x7fffffffffffc6f0 FetchSeq=653
2849000: system.cpu: T0 : 0x11a4e @_Z11modify_datai+2170 : sd a0, -2016(a2) : MemWrite : D=0x00000000000166d2 A=0x7fffffffffffc6f0 FetchSeq=684

After

With this change, the faulting dynamic instance is clearly labeled:

2643000: system.cpu: T0 : 0x11a4e @_Z11modify_datai+2170 : sd a0, -2016(a2) : MemWrite : D=0x00000000000166d2 A=0x7fffffffffffc6f0 FetchSeq=653  FAULTING
2849000: system.cpu: T0 : 0x11a4e @_Z11modify_datai+2170 : sd a0, -2016(a2) : MemWrite : D=0x00000000000166d2 A=0x7fffffffffffc6f0 FetchSeq=684

This makes it explicit that the first appearance is not a successful architectural store retirement, but a faulting instance which will be handled and then retried.

Notes

  • Exec already includes the ExecFaulting flag (via the CompoundFlag('Exec', ...)), so users enabling --debug-flags=Exec automatically benefit from the clearer output.
  • The marker is intentionally concise (FAULTING) to minimize impact on existing trace parsing.

@BobbyRBruce BobbyRBruce force-pushed the fix/exec-trace-faulting-tag branch from 8f3b4d6 to cf41ef0 Compare February 11, 2026 14:27
@BobbyRBruce BobbyRBruce changed the title Annotate faulting instructions in Exec trace output cpu: annotate faulting instructions in Exec trace output Feb 11, 2026
@BobbyRBruce BobbyRBruce added cpu General gem5 CPU code (e.g., `BaseCPU`) sim-se gem5's Syscall Emulation Mode enhancement labels Feb 11, 2026
@BobbyRBruce BobbyRBruce marked this pull request as ready for review February 11, 2026 14:30
@BobbyRBruce BobbyRBruce mentioned this pull request Feb 11, 2026
Closed
@BobbyRBruce BobbyRBruce requested a review from Copilot February 11, 2026 14:38
Copilot AI reviewed Feb 11, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR enhances gem5's execution trace output by annotating faulting instructions with a clear "FAULTING" marker when the ExecFaulting debug flag is enabled. This addresses confusion in Issue #2902 where faulting memory operations in O3CPU appear twice in the trace - once when they fault (triggering SE-mode page fault handling) and again when successfully re-executed after fault resolution. Without the marker, users can misinterpret this as duplicate execution rather than the expected fault-and-retry behavior.

Changes:

  • Add include for debug/ExecFaulting.hh header
  • Append " FAULTING" marker to exec trace output when an instruction has faulted and ExecFaulting tracing is enabled

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@erin-le erin-le linked an issue Feb 17, 2026 that may be closed by this pull request
arch-riscv: O3CPU execute twice Store Doubleword instruction (sd) #2902
Closed
@BobbyRBruce BobbyRBruce merged commit 0b8ebe6 into gem5:develop Mar 4, 2026
55 of 56 checks passed
@BobbyRBruce BobbyRBruce deleted the fix/exec-trace-faulting-tag branch March 4, 2026 04:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@powerjg powerjg powerjg approved these changes

Assignees

No one assigned

Labels

cpu General gem5 CPU code (e.g., `BaseCPU`) enhancement sim-se gem5's Syscall Emulation Mode

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

arch-riscv: O3CPU execute twice Store Doubleword instruction (sd)

3 participants

@BobbyRBruce @powerjg