xen/arm: Fix the issue in cmp_mmio_handler used in find_mmio_handler

This patch fixes the wrong range check done in cmp_mmio_handler().

This function returns -1 , 0 or 1  based on whether the key value
is below the range, in the range or above the range where the range is
(start, start+size). However, it should check against (start, start+size-1)
because start+size falls outside the range.

This resulted in returning a wrong mmio_handler for a given mmio address which
happened to be start+size.

This bug was introduced when the mmio region search switched from
linear search to binary search in the following commit:

8047e09 "xen/arm: io: Use binary search for mmio handler lookup".

Signed-off-by: Bhupinder Thakur <bhupinder.thakur@linaro.org>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>

diff --git a/xen/arch/arm/io.c b/xen/arch/arm/io.c
index e2161289a314c7280e0329ab5f63a89c357e8e5d..c748d8f5bf22bbb53b5b60d779f761024b6f65cd 100644 (file)
--- a/xen/arch/arm/io.c
+++ b/xen/arch/arm/io.c
@@ -79,7 +79,7 @@ static int cmp_mmio_handler(const void *key, const void *elem)
     if ( handler0->addr < handler1->addr )
         return -1;
 
-    if ( handler0->addr > (handler1->addr + handler1->size) )
+    if ( handler0->addr >= (handler1->addr + handler1->size) )
         return 1;
 
     return 0;