From: Manfred Spraul <manfred@colorfullife.com>

Independent from the other patches:

undo operations should not result in out of range semaphore values.  The test
for newval > SEMVMX is missing.  The attached patch adds the test and a
comment.

Signed-Off-By: Manfred Spraul <manfred@colorfullife.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 25-akpm/ipc/sem.c |   17 ++++++++++++++++-
 1 files changed, 16 insertions(+), 1 deletion(-)

diff -puN ipc/sem.c~ipc-3-3-enforce-semvmx-limit-for-undo ipc/sem.c
--- 25/ipc/sem.c~ipc-3-3-enforce-semvmx-limit-for-undo	2004-07-03 13:09:20.804207792 -0700
+++ 25-akpm/ipc/sem.c	2004-07-03 13:09:20.808207184 -0700
@@ -1286,8 +1286,23 @@ found:
 			struct sem * sem = &sma->sem_base[i];
 			if (u->semadj[i]) {
 				sem->semval += u->semadj[i];
+				/*
+				 * Range checks of the new semaphore value,
+				 * not defined by sus:
+				 * - Some unices ignore the undo entirely
+				 *   (e.g. HP UX 11i 11.22, Tru64 V5.1)
+				 * - some cap the value (e.g. FreeBSD caps
+				 *   at 0, but doesn't enforce SEMVMX)
+				 *
+				 * Linux caps the semaphore value, both at 0
+				 * and at SEMVMX.
+				 *
+				 * 	Manfred <manfred@colorfullife.com>
+				 */
 				if (sem->semval < 0)
-					sem->semval = 0; /* shouldn't happen */
+					sem->semval = 0;
+				if (sem->semval > SEMVMX)
+					sem->semval = SEMVMX;
 				sem->sempid = current->tgid;
 			}
 		}
_