arch-riscv: reduced lr/sc implementation

In gem5::RiscvISA::ISA, handleLocked* functions maintain an address
stack(i.e. locked_addrs) to check whether each SC matches the most
recent LR. However, there are some problems with this implementation.

First, the elements in the stack may only be popped when the
handleLockedSnoop function is invoked. In other cases, the elements
in the stack will not be popped even if the SC and LR match. This
makes the `locked_addrs` get bigger and bigger as gem5 runs.

Second, LR/SC does not always match. For example, in Linux's __cmpxchg[1],
after executing LR, if the value read is not equal to the old value,
the subsequent SC is skipped. For gem5's current implementation, this
would cause the address to be pushed into `locked_addrs` every time
__cmpxchg is failed. But these addresses are never popped. This also
makes the `locked_addrs` get bigger and bigger.

Third, existing emulator implementations (spike, qemu) do not use the
stack, but only record the last address accessed by LR. Afterward,
when executing SC, these implementations determine whether the address
accessed by SC is the same as the one recorded.

This patch modifies gem5's handleLocked* function by referring to
other existing RISC-V implementations. It eliminates `locked_addrs`
and simplifies the related code. Thus, it fixes the "memory leak"-like
error that can occur on `locked_addrs` when executing LR/SC.

Related links:
[1] Linux's cmpxchg implementation for RISC-V:
[2] spike lr/sc implementation:
[3] rocket lr/sc implementation:
[4] QEMU lr/sc implementation:

Change-Id: Ic79444cace62e39b7fe9e01f665cb13e4d990d0a
Reviewed-by: Bobby Bruce <>
Reviewed-by: Jason Lowe-Power <>
Maintainer: Jason Lowe-Power <>
Tested-by: kokoro <>
1 file changed