On 25.04.2012 15:19, Michel D?nzer wrote: > On Mit, 2012-04-25 at 14:46 +0200, Christian K?nig wrote: >> Aligning offset can make it bigger than tmp->offset >> leading to an overrun bug in the following subtraction. >> >> Signed-off-by: Christian K?nig<deathsimple at vodafone.de> > Please add > > Cc: stable at vger.kernel.org > > to the commit log (but don't send the patch to that address during > review). That way, once Linus merges the fix, it'll be picked up for the > 3.3.y stable tree. > > With that addition, > > Reviewed-by: Michel D?nzer<michel.daenzer at amd.com> > > I don't think that's necessary, cause I checked the vm code again and Jerome has given it a separate instance of the SA.
So the bug can't happen in the stable kernel, it just happens when you add another user (the semaphore code) to the SA. Over all it's not so critical as I thought it is in the first place and we need to keep digging for VM problems in other places. Thanks for the explanation anyway, Christian.
