From: Avi Kivity <avi@redhat.com>
Date: Sun, 29 Jan 2012 14:47:47 +0000 (+0200)
Subject: Fix off-by-one in dirty bitmap functions
X-Git-Tag: v1.1-rc0~489
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=fd39941ac78fbe969e292eeb91415ec548bd97a6;p=qemu-xen-unstable.git

Fix off-by-one in dirty bitmap functions

Reported-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
---

diff --git a/exec-obsolete.h b/exec-obsolete.h
index 03cf35ecfb..d2749d36fa 100644
--- a/exec-obsolete.h
+++ b/exec-obsolete.h
@@ -83,9 +83,10 @@ static inline void cpu_physical_memory_set_dirty_range(ram_addr_t start,
     uint8_t *p;
     ram_addr_t addr, end;
 
-    end = start + length;
+    end = TARGET_PAGE_ALIGN(start + length);
+    start &= TARGET_PAGE_MASK;
     p = ram_list.phys_dirty + (start >> TARGET_PAGE_BITS);
-    for (addr = start; addr <= end; addr += TARGET_PAGE_SIZE) {
+    for (addr = start; addr < end; addr += TARGET_PAGE_SIZE) {
         *p++ |= dirty_flags;
     }
 }
@@ -98,10 +99,11 @@ static inline void cpu_physical_memory_mask_dirty_range(ram_addr_t start,
     uint8_t *p;
     ram_addr_t addr, end;
 
-    end = start + length;
+    end = TARGET_PAGE_ALIGN(start + length);
+    start &= TARGET_PAGE_MASK;
     mask = ~dirty_flags;
     p = ram_list.phys_dirty + (start >> TARGET_PAGE_BITS);
-    for (addr = start; addr <= end; addr += TARGET_PAGE_SIZE) {
+    for (addr = start; addr < end; addr += TARGET_PAGE_SIZE) {
         *p++ &= mask;
     }
 }