> Consider what happens when tmp.num_events is large enough to wrap size. > I suspect that's a kernel exploit as written.
Thanks for pointing this out - I'll fix it in the next iteration. > Also don't you need to copy tmp to new? Yep - somehow I accidentally deleted the lines that did this before I sent out the patch. I'll also fix this.
