linux-user: Fix unlock_user() call in return from poll()

Correct the broken attempt to calculate the third argument
to unlock_user() in the code path which unlocked the pollfd
array on return from poll() and ppoll() emulation. (This
only caused a problem if unlock_user() wasn't a no-op, eg
if DEBUG_REMAP is defined.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 23d7a63..bb0999d 100644 (file)
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -6318,10 +6318,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
                 for(i = 0; i < nfds; i++) {
                     target_pfd[i].revents = tswap16(pfd[i].revents);
                 }
-                ret += nfds * (sizeof(struct target_pollfd)
-                               - sizeof(struct pollfd));
             }
-            unlock_user(target_pfd, arg1, ret);
+            unlock_user(target_pfd, arg1, sizeof(struct target_pollfd) * nfds);
         }
         break;
 #endif