[PATCH v2] mm: memblock: fix wrong memmove size in memblock_merge_regions()

From: Lin Feng
Date: Sun Jan 06 2013 - 22:42:30 EST

Next message: David Ahern: "Re: PEBS (in perf) stopped working from 3.6 -> 3.7"
Previous message: Hugh Dickins: "Re: oops in copy_page_rep()"
Next in thread: Tejun Heo: "Re: [PATCH v2] mm: memblock: fix wrong memmove size inmemblock_merge_regions()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The memmove span covers from (next+1) to the end of the array, and the index
of next is (i+1), so the index of (next+1) is (i+2). So the size of remaining
array elements is (type->cnt - (i + 2)).

Cc: Tejun Heo <tj@xxxxxxxxxx>
Reviewed-by: Wanpeng Li <liwanp@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Lin Feng <linfeng@xxxxxxxxxxxxxx>
---
ChangeLog v1->v2:
- Add a comment pointed out by Tejun.
---
mm/memblock.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/mm/memblock.c b/mm/memblock.c
index 6259055..88adc8a 100644
--- a/mm/memblock.c
+++ b/mm/memblock.c
@@ -314,7 +314,8 @@ static void __init_memblock memblock_merge_regions(struct memblock_type *type)
}

this->size += next->size;
- memmove(next, next + 1, (type->cnt - (i + 1)) * sizeof(*next));
+ /* move forward from next + 1, index of which is i + 2 */
+ memmove(next, next + 1, (type->cnt - (i + 2)) * sizeof(*next));
type->cnt--;
}
}
--
1.7.11.7

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Ahern: "Re: PEBS (in perf) stopped working from 3.6 -> 3.7"
Previous message: Hugh Dickins: "Re: oops in copy_page_rep()"
Next in thread: Tejun Heo: "Re: [PATCH v2] mm: memblock: fix wrong memmove size inmemblock_merge_regions()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]