Simon Ser wrote: > Sometimes the two processes don't trust each other, for instance in the > case of Wayland. Bad clients may try to crash the compositor. > > One way to crash the compositor is to send a shared memory file descriptor > and then shrink the file. When the compositor tries to read the > now-unmapped part of the file it'll receive SIGBUS. > > What the compositor currently does is that it handles SIGBUS and ignores it > if it's about a memory slice mmapped from IPC. Apart from being a hack, > this makes things complicated because:
I'be been reminded that there's a different way to solve this problem in OpenBSD. The secret __MAP_NOFAULT flag to mmap. See for instance use in libxshmfence.
