In function sanitize_e820_map(struct e820entry * biosmap, char * pnr_map) of file e820.c, the last argument is treated as an integer, but when compiling with gcc it belongs to [-128,127]. Inside the body of that function, however, we use that argument as an int to fill up a table of a different size, namely: static struct change_member *change_point [256] static struct change_member change_point_list [256] static int __init sanitize_e820_map(struct e820entry * biosmap, char * pnr_map) { ... old_nr = *pnr_map; ... for (i=0; i < 2*old_nr; i++) { change_point[i] = &change_point_list[i]; ... } After the loop, change_point is not completely filled-up, as change_point [254] and change_point [255] are never filled nor used. Is it voluntary that pnr_map gets typed and used like this? Armand _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel