Understanding the behavior of simulated architectures in gem5 is critical for studying complex, deeply integrated computing systems. However, conventional analysis methods provide only an indirect view of the simulated system internals. In this work, we show that call-stack profiling of gem5 itself offers a powerful yet underutilized perspective: the simulator's own call-stack directly reflects the activity of the simulated system, exposing insights that conventional statistics may overlook. Profiling gem5's call-stacks is challenging due to its highly layered and complex software design patterns. To address this, we introduce a specialized, lightweight profiling framework built on Linux's perf_event interface which samples gem5's runtime call-stacks throughout the simulation, resolves symbols on the fly, and merges samples into a hierarchical call-tree representation supporting both high-level structural views and focused, user-defined, component-specific analysis. Moreover, all profiling is performed in a separate process running alongside the main gem5 process, avoiding intrusive changes and overheads to the simulation itself. We apply our framework to gem5's three major CPU models -- AtomicSimpleCPU, TimingSimpleCPU, and O3CPU -- together with the Ruby memory system, and uncover behaviors that are not easily observable in conventional gem5 statistics. Our case studies reveal, for example, that TimingSimpleCPU is inefficient due to its use of a lockup-cache model and, despite its conceptual simplicity, does not simulate faster than a full out-of-order core. In addition, our tool makes it straightforward to detect cache coherence protocol deadlock and livelock -- issues that are otherwise difficult to identify, since the simulation either appears to run normally or terminates abruptly, making it hard to pinpoint when these conditions occur.

翻译：理解 gem5 中模拟架构的行为对于研究复杂、深度集成的计算系统至关重要。然而，传统的分析方法只能提供对模拟系统内部机制的间接视角。在这项工作中，我们表明对 gem5 本身进行调用栈剖析提供了一种强大但未被充分利用的视角：模拟器自身的调用栈直接反映了模拟系统的活动，揭示了传统统计方法可能忽略的见解。由于 gem5 高度分层且复杂的软件设计模式，对其调用栈进行剖析颇具挑战。为解决此问题，我们引入了一个基于 Linux perf_event 接口的专用轻量级剖析框架。该框架在整个模拟过程中采样 gem5 的运行时调用栈，动态解析符号，并将样本合并到支持高层结构视图与聚焦的、用户定义的、组件特定分析的分层调用树表示中。此外，所有剖析都在与主 gem5 进程并行运行的独立进程中进行，避免了对模拟本身产生侵入性更改和开销。我们将该框架应用于 gem5 的三大主要 CPU 模型——AtomicSimpleCPU、TimingSimpleCPU 和 O3CPU，并结合 Ruby 内存系统，揭示了在传统 gem5 统计数据中不易观察到的行为。例如，我们的案例研究表明，TimingSimpleCPU 由于使用了锁缓存模型而效率低下，并且尽管其概念简单，但模拟速度并不比完整的乱序核快。此外，我们的工具使得检测缓存一致性协议的死锁和活锁变得直接——这些是其他情况下难以识别的问题，因为模拟要么看似正常运行，要么突然终止，从而难以确定这些条件发生的时间点。