From 351f94ff4bf3a7795ca5b282305aa610e598eec0 Mon Sep 17 00:00:00 2001
From: Alex Bligh <alex@alex.org.uk>
Date: Wed, 6 Mar 2013 14:59:27 +0000
Subject: [PATCH] xen: xen_sync_dirty_bitmap: attempt to fix SEGV

When xc_hvm_track_dirty_vram fails, iterate through pages based on
vram_offset and npages, rather than start_addr and size. DPRINTF
before the loop too.

[ Fixes a regression introduced by
  eccc68722696864fc4823f048c7be58d11281b97 - iwj ]

Signed-off-by: Alex Bligh <alex@alex.org.uk>
Tested-by: Ian Jackson <ian.jackson@eu.citrix.com>
---
 xen-all.c | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/xen-all.c b/xen-all.c
index dbd759cb0..96a34a900 100644
--- a/xen-all.c
+++ b/xen-all.c
@@ -472,18 +472,17 @@ static int xen_sync_dirty_bitmap(XenIOState *state,
                                  bitmap);
     if (rc < 0) {
         if (rc != -ENODATA) {
-            ram_addr_t addr, end;
-
-            xen_modified_memory(start_addr, size);
-            
-            end = TARGET_PAGE_ALIGN(start_addr + size);
-            for (addr = start_addr & TARGET_PAGE_MASK; addr < end; addr += TARGET_PAGE_SIZE) {
-                cpu_physical_memory_set_dirty(addr);
-            }
+            target_phys_addr_t todirty;
 
             DPRINTF("xen: track_dirty_vram failed (0x" TARGET_FMT_plx
                     ", 0x" TARGET_FMT_plx "): %s\n",
                     start_addr, start_addr + size, strerror(-rc));
+
+            xen_modified_memory(vram_offset, npages * TARGET_PAGE_SIZE);
+
+            for (todirty = vram_offset, i=0; i < npages; todirty += TARGET_PAGE_SIZE, i++) {
+                cpu_physical_memory_set_dirty(todirty);
+            }
         }
         return rc;
     }
-- 
2.39.5