@@ -525,20 +525,25 @@ _syscall4(int, sys_prlimit64, pid_t, pid, int, resource,
#if defined(TARGET_NR_timer_create)
/* Maximum of 32 active POSIX timers allowed at any one time. */
-static timer_t g_posix_timers[32] = { 0, } ;
+#define GUEST_TIMER_MAX 32
+static timer_t g_posix_timers[GUEST_TIMER_MAX];
+static int g_posix_timer_allocated[GUEST_TIMER_MAX];
static inline int next_free_host_timer(void)
{
- int k ;
- /* FIXME: Does finding the next free slot require a lock? */
- for (k = 0; k < ARRAY_SIZE(g_posix_timers); k++) {
- if (g_posix_timers[k] == 0) {
- g_posix_timers[k] = (timer_t) 1;
+ int k;
+ for (k = 0; k < ARRAY_SIZE(g_posix_timer_allocated); k++) {
+ if (qatomic_xchg(g_posix_timer_allocated + k, 1) == 0) {
return k;
}
}
return -1;
}
+
+static inline void free_host_timer_slot(int id)
+{
+ qatomic_store_release(g_posix_timer_allocated + id, 0);
+}
#endif
static inline int host_to_target_errno(int host_errno)
@@ -12896,15 +12901,18 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1,
phost_sevp = &host_sevp;
ret = target_to_host_sigevent(phost_sevp, arg2);
if (ret != 0) {
+ free_host_timer_slot(timer_index);
return ret;
}
}
ret = get_errno(timer_create(clkid, phost_sevp, phtimer));
if (ret) {
- phtimer = NULL;
+ free_host_timer_slot(timer_index);
} else {
if (put_user(TIMER_MAGIC | timer_index, arg3, target_timer_t)) {
+ timer_delete(*phtimer);
+ free_host_timer_slot(timer_index);
return -TARGET_EFAULT;
}
}
@@ -13040,7 +13048,7 @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1,
} else {
timer_t htimer = g_posix_timers[timerid];
ret = get_errno(timer_delete(htimer));
- g_posix_timers[timerid] = 0;
+ free_host_timer_slot(timerid);
}
return ret;
}