On 05/02/16 07:25 AM, Pekka Paalanen wrote: > From: Pekka Paalanen <[email protected]> > > Since shm_pool_resize() uses mremap(MREMAP_MAYMOVE), the pool's base > address may change at that point. > > If a compositor stores the pointer and a client enlarges the pool, the > compositor will have a stale pointer. > > Signed-off-by: Pekka Paalanen <[email protected]>
Looks good to me, Reviewed-by: Derek Foreman <[email protected]> > --- > src/wayland-shm.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/src/wayland-shm.c b/src/wayland-shm.c > index a4343a4..7e42dcb 100644 > --- a/src/wayland-shm.c > +++ b/src/wayland-shm.c > @@ -348,6 +348,10 @@ wl_shm_buffer_get_stride(struct wl_shm_buffer *buffer) > * to crash you should call wl_shm_buffer_begin_access and > * wl_shm_buffer_end_access around code that reads from the memory. > * > + * @note The return value of this function must not be stored across > + * dispatching client requests. If a client resizes the underlying shm pool, > + * the resize request handler will remap, and the pool base address may > change. > + * > * \memberof wl_shm_buffer > */ > WL_EXPORT void * > _______________________________________________ wayland-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/wayland-devel
