This allows for a color to be set when the wallpaper does not fill the
entire output. If specified, the fallback color is also used when the
image path is inaccessible.
Rationale: Sticky containers are always assigned to the visible
workspace.
The basic idea here is to check the destination's output (move.c:190).
But if the command was `move container to workspace x` then a workspace
might have been created for it. We could destroy the workspace in this
case, but that results in unnecessary IPC events.
To avoid this, the logic for `move container to workspace x` has been
adjusted. It now delays creating the workspace until the end, and uses
`workspace_get_initial_output` to determine and check the output before
creating it.
* Removes container_floating_move_to_container, instead opting to put
that logic in container_move_to
* In the seat code, focusing a floating view now updates the pending
state only and lets the next transaction carry it over to the current
state. This is required, otherwise it would crash.
* When unfullscreening a floating container, an output check is now done
to see if it should center it.
In a multi-output setup, if a sticky container is on one output and
focus is on the other output, and you run (eg) `workspace 1` to focus
the workspace containing the sticky container, an infinite loop would
occur. It would loop infinitely because it would remove the sticky
container from the workspace, add it back to the same workspace, and
then decrement the iterator variable.
The fix just wraps the loop in a workspace comparison.
The back_and_forth condition is intended to be handled in the else-if
block, but this was never reached because it remained in the first
block's conditions.
container_move_to handled moving containers to new parents, as well as
moving workspaces to new outputs.
This commit removes the workspace-moving code from this function and
introduces workspace_move_to_output. Moving workspaces using
container_move_to only happened from the move command, so it's been
implemented as a static function in that file.
Simplifying container_move_to makes it easier for me to fix some issues
in #2420.
I've got the following SIGSEGV when terminating sway:
```
Program terminated with signal SIGSEGV, Segmentation fault.
0x00005607dc603af5 in view_unmap (view=0x5607dcb3d350) at ../sway/tree/view.c:599
599 if (surviving_ancestor->type >= C_WORKSPACE) {
```
surviving_ancestor was NULL at that time
This commit is trying to fix this problem.
- Some platforms don't expose kill() unless _POSIX_C_SOURCE is defined.
- fork(), execl(), and setsid() need unistd.h on some platforms.
Basically, this fixes some platform-specific build errors.
This creates a root.c and moves bits and pieces from elsewhere into it.
* layout_init has been renamed to root_create and moved into root.c
* root_destroy has been created and is called on shutdown
* scratchpad code has been moved into root.c, because hidden scratchpad
containers are stored in the root struct
Calling container_at_view fails an assertion if the container isn't a
view. Calling tiling_container_at works correctly, as that function
checks if the container is a view and calls container_at_view if so.
When a view unmaps, normally the surviving ancestor (ie. after reaping)
needs to be arranged. When a fullscreen view unmaps, it arranges the
workspace rather than the surviving ancestor, but didn't handle cases
where the workspace itself was reaped. This happens if the workspace is
not currently shown and the fullscreen view was the last container on
that workspace.
This commit rewrites this part of view_unmap so it's more readable, and
fixes the crash by not arranging the workspace if it's been reaped. Note
that it no longer arranges the output under any circumstance - this
wasn't required anyway.
* seat_set_focus_warp lacked a container NULL check
* view mapping code needs to use seat_get_focus_inactive
Also, seat_set_focus_warp triggered the wrong IPC event if focus was a
workspace, which resulted in swaybar not showing the workspace as
active.
wlroots uses wl_event_loop_add_signal to handle SIGUSR1 from Xwayland.
wl_event_loop_add_signal works by masking the signal and receiving it from a
signalfd. The signal mask is preserved across fork and exec, so subprocesses
spawned by Sway start with SIGUSR1 masked. Most subprocesses do not expect this
and never unmask the signal, resulting in missing functionality or unexpected
behavior for processes that use SIGUSR1 (such as i3status).
Fix this by unmasking all signals between fork and exec.
This fixes two issues which were both introduced in #2396.
First issue:
The PR changes the location of the buffer save to transaction_apply, but
puts it inside the should_configure block. For unmapping (destroying)
views, should_configure returns false so it wasn't saving the buffer. If
a frame was rendered between the unmap and the transaction applying then
it would result in a crash.
Second issue:
If a destroying view is involved in two transactions, we must not
release the buffer between the transactions because there is no live
buffer to grab any more.
When a container is moved from, say, workspace 1 to workspace 2, workspace 2 is focused in order to arrange the windows before focus is moved back to workspace 1, which caused a workspace:focus event from workspace 2 to workspace 1 to be emitted. This commit inhibits that event.
Fixes#2364.
Suppose a view is 600px wide, and we tell it to resize to 601px during a
resize operation. We create a transaction, save the 600px buffer and
send the configure. This buffer is saved into the associated
instruction, and is rendered while we wait for the view to commit a
601px buffer.
Before the view commits the 601px buffer, suppose we tell it to resize
to 602px. The new transaction will also save the buffer, but it's still
the 600px buffer because we haven't received a new one yet.
Then suppose the view commits its original 601px buffer. This completes
the first transaction, so we apply the 601px width to the container.
There's still the second (now only) transaction remaining, so we render
the saved buffer from that. But this is still the 600px buffer, and we
believe it's 601px. Whoops.
The problem here is we can't stack buffers like this. So this commit
removes the saved buffer from the instructions, places it in the view
instead, and re-saves the latest buffer every time the view completes a
transaction and still has further pending transactions.
As saved buffers are now specific to views rather than instructions, the
functions for saving and removing the saved buffer have been moved to
view.c.
The calls to save and restore the buffer have been relocated to more
appropriate functions too, favouring transaction_commit and
transaction_apply rather than transaction_add_container and
transaction_destroy.
Fixes the render and container_at order for popups.
Fixes#2210
For rendering:
* render_view_surfaces has been renamed to render_view_toplevels
* render_view_toplevels now uses output_surface_for_each_surface (which
is now public), as that function uses wlr_surface_for_each_surface which
doesn't descend into popups
* Views now have a for_each_popup iterator, which is used by the
renderer to render the focused view's popups
* When rendering a popup, toplevels (xdg subsurfaces) of that popup are
also rendered
For sending frame done, the logic has been updated to match the
rendering logic:
* send_frame_done_container no longer descends into popups
* for_each_popup is used to send frame done to the focused view's popups
and their child toplevels
For container_at:
* floating_container_at is now static, which means it had to be moved
higher in the file.
* container_at now considers popups for the focused view before checking
containers.
* tiling_container_at has been introduced, so that it doesn't call
container_at recursively (it would check popups recursively if it did)
Now 'repeat_delay' and 'repeat_rate' control the initial delay
and rate (per second) of repeated binding invocations.
If the repeat delay is zero, binding repetition is disabled.
When the repeat rate is zero, the binding is repeated exactly
once, assuming no other key events intervene.
Each sway_keyboard is provided with a wayland timer event source.
When a valid keypress binding has been found, a callback to
handle_keyboard_repeat is set. Any key event will either clear
the callback or (if the new key event is a valid keypress binding)
delay the callback again.
Example config that produces the crash (with a single output):
workspace 1
workspace 2
Prior to this commit, container_workspace_free would manually mark the
L_FLOATING container as destroying and free it. This assumed the
L_FLOATING container would never be involved in a transaction. This was
a safe assumption when it was implemented, but became an incorrect
assumption once parent/child relationships became transactionised.
This commit removes the L_FLOATING free from container_workspace_free.
When the workspace is destroyed, it starts the normal destroy process on
the L_FLOATING container so it can be freed via transactions.
Also fixes a crash when unfloating a window. It needs to add it back to
the tiling tree as a sibling rather than a child, because the reference
container might be a view.
This introduces seat_get_focus_inactive_tiling and updates
`focus mode_toggle` to use it instead, because the previous method
wasn't guaranteed to return a tiling view.
It would focus the split container rather than the child.
This commit makes it track the child and the split container separately
and send the surface click to the child.
Things worth noting:
* When a fullscreen view unmaps, the check to unset fullscreen on the
workspace has been moved out of view_unmap and into container_destroy,
because containers can be fullscreen too
* The calls to `container_reap_empty_recursive(workspace)` have been
removed from `container_set_floating`. That function reaps upwards so it
wouldn't do anything. I'm probably the one who originally added it...
* My fix (b14bd1b0b1) for the tabbed child
crash has a side effect where when you close a floating container, focus
is not given to the tiled container again. I've removed my fix and
removed the call to `send_cursor_motion` from `seat_set_focus_warp`. We
should consider calling it from somewhere earlier in the call stack.
The solution used in 073ac425d5 doesn't
work in all cases because the freed instruction might be ahead in the
list, not necessarily behind.
The new solution delays running the queue until after the loop has
finished iterating, thus avoiding the problem completely.
In set_instructions_ready, calling set_instruction_ready may cause any
number of transactions to get applied, which removes them from the list
being iterated. The iteration variables need to be adjusted
accordingly.
* Move workspace selection into separate function
* Instead of keeping a `prev_focus` variable, do the check in
`should_focus` (ie. views can only take focus if they're mapped into the
active workspace)
* Fix assign-to-output - it previously set `prev_focus` but should be
`target_sibling`
* Remove call to `workspace_switch` as we'll only ever focus the view if
it's in the active workspace
After setting the keymap, try to enable NumLock and disable CapsLock.
This only works if sway has the xkb master state and controls the keyboard.
Prepare configuration settings for later use as well.
when using 2 display, if scaling is different
`container_update_textures_recursive` is called when moving workspace on
different display.
We need to call `container_update_title_textures` only for container of type
"CONTAINER" or "VIEW" in order to be consistent with the assert in
`update_title_texture`.
The crash only occurs if the mouse cursor is above the tabbed container
when the last child is closed.
Introduced in 03d49490cc, over a week ago
and unnoticed until now :O
The above commit changes the behaviour of a focus change. When you
change focus, it sends pointer motion which makes the client set a new
cursor image. We already had this behaviour for workspace switching, but
this commit adds it for view switching too, such as in a tabbed
container or when closing a view.
The sequence of events that leads to the crash is:
* The last child of a tabbed container unmaps, which triggers a
`destroy` event before we've cleaned up the child or reaped the tabbed
container.
* The seat code listens to the `destroy` event and removes the seat
container from the focus stack. As part of this, it decides to set focus
to the parent (my fix alters this decision).
* When setting focus to the new parent, the container motion is sent as
per the previously mentioned commit.
* The motion code uses `container_at`, which encounters the tabbed
container and its child in a half destroyed state, and everything blows
up from there.
`con->parent` is needed because scratchpad containers don't have parents
if they're hidden, so this probably fixes a crash when a hidden
scratchpad container closes too.
The `con->parent->children->length > 1` check should catch any cases
where the parent is about to be reaped.
The rendering code doesn't use the exclusive input surface at all
anymore to decide to skip rendering of shell surfaces. This fixes
a weird situation in which a client requests exclusive input but
isn't an overlay layer surface.
The renderer also renders all overlay surfaces in this situation,
not just one. This simplifies the code and fixes rendering when
there are more than one overlay surfaces (e.g. for a virtual
keyboard to type the lockscreen password).
This makes it so if you hold mod and right click on a surface to resize
it, the resize direction is chosen based on which quarter of the surface
you've clicked. The previous implementation only resized towards the
bottom right.
The mouse binding logic is inspired/copied from the
keyboard binding logic; we store a sorted list of the
currently pressed buttons, and trigger a binding when
the currently pressed (or just recently pressed, in
the case of a release binding) buttons, as well as
modifiers/container region, match those of a given
binding.
As the code to execute a binding is not very keyboard
specific, keyboard_execute_command is renamed to
seat_execute_command and moved to where the other
binding handling functions are. The call to
transaction_commit_dirty has been lifted out.
First, the existing sway_binding structure is given an
enumerated type code. As all flags to bindsym/bindcode
are boolean, a single uint32 is used to hold all flags.
The _BORDER, _CONTENTS, _TITLEBAR flags, when active,
indicate in which part of a container the binding can
trigger; to localize complexity, they do not overlap
with the command line arguments, which center around
_TITLEBAR being set by default.
The keyboard handling code is adjusted for this change,
as is binding_key_compare; note that BINDING_LOCKED
is *not* part of the key portion of the binding.
Next, list of mouse bindings is introduced and cleaned up.
Finally, the binding command parsing code is extended
to handle the case where bindsym is used to describe
a mouse binding rather than a keysym binding; the
difference between the two may be detected as late as
when the first key/button is parsed, or as early as
the first flag. As bindings can have multiple
keycodes/keysyms/buttons, mixed keysym/button sequences
are prohibited.
cursor_set_image only uploads the named image if it doesn't match the
previous named image. This means when setting the cursor image to a
surface as given by a client, we have to clear the currently stored
image.
Implements the following commands:
* move scratchpad
* scratchpad show
* [criteria] scratchpad show
Also fixes these:
* Fix memory leak when executing command with criteria
(use `list_free(views)` instead of `free(views)`)
* Fix crash when running `move to` with no further arguments
This allows to update the title even if the view doesn't commit.
This is useful e.g. when a terminal sets its toplevel title to
the currently running command and when the view isn't visible.
Also does a few other related things:
* Now uses enum wlr_edges instead of our own enum resize_edge
* Now uses wlr_xcursor_get_resize_name and removes our own
find_resize_edge_name
* Renames drag to move for consistency
When interactively resizing some views (eg. Nautilus), new transactions
are added to the queue faster than the client can process them.
Previously, we would wait for the entire queue to be ready before
applying any of them, but in this case the transactions would time out,
giving the client choppy performance.
This changes the queue handling so it applies the transactions up to the
first waiting transaction, without waiting for the entire queue to be
ready.
This implements the following:
* `floating_modifier` configuration directive
* Drag a floating window by its title bar
* Hold mod + drag a floating window from anywhere
* Resize a floating view by dragging the border
* Resize a floating view by holding mod and right clicking anywhere on
the view
* Resize a floating view and keep aspect ratio by holding shift while
resizing using either method
* Mouse cursor turns into resize when hovering floating border or corner
The directive sets the timeout before an urgent view becomes normal
again after switching to it from another workspace.
Also:
* When an xwayland surface removes the urgent hint while the timer is
active, we now ignore the request. This happens as soon as the view
receives focus, so it was effectively making the timer pointless.
* The timeout is now only applied when switching to it from another
workspace.
This removes the urgency stuff from the commit handler and puts it in a
new set_hints handler instead. This allows the xwayland surface to
become urgent without having to commit (which doesn't happen if it's on
an non-visible workspace).
Fixes#2303, as well as a crash.
To replicate the crash:
* Have multiple outputs
* In config: for_window [<criteria>] workspace foo
* Also in config: workspace foo output <left-output-name>
* Focus the right output, and ensure workspace foo doesn't exist
* Launch the app that triggers the criteria
When the view maps, it calls workspace_switch which calls
send_set_focus which calls cursor_send_pointer_motion which calls
transaction_commit_dirty. This call to transaction_commit_dirty is not
meant to happen at this time because the tree isn't guaranteed to be in
a consistent state, but I'm not sure how exactly this leads to the crash
or render issues.
In this case the transaction is already committed by the view
implementation's handle_map function. So the solution is to remove it
from cursor_send_pointer_motion and add it to the other functions in
cursor.c which call cursor_send_pointer_motion.
This allows to send wl_pointer.enter when switching between views
in a split/tabbed layout for instance. This (1) updates the cursor
image accordingly (2) makes it unnecessary to move the mouse before
scrolling. It's harmless to always call cursor_send_pointer_motion
because in case the focused surface hasn't changed this is a no-op.
The `last_focus != NULL` condition is required otherwise
cursor_send_pointer_motion will crash when sway starts up (the
sway_output doesn't yet have a workspace).
When an xwayland view is mapped, the IPC urgent event was being sent on
every surface commit.
I had intentionally ommitted the check because I figured an urgent
surface could update its urgent timestamp by sending urgent a second
time. But that's not how it works in xwayland's case, and it makes for
more complicated code.
Introduces a command to manually set urgency, as well as rendering of
urgent views, sending the IPC event, removing urgency after focused for
one second, and matching urgent views via criteria.
Rather than maintain copies of the entire focus stack, this PR
transactionises the focus by introducing two new properties to the
container state and using those when rendering.
* `bool focused` means this container has actual focus. Only one
container should have this equalling true in its current state.
* `struct sway_container *focus_inactive_child` points to the immediate
child that was most recently focused (eg. for tabbed and stacked
containers).
We currently have several ways of setting debug flags, including command
line arguments, environment variables, and compile-time macros. This
replaces the lot with command line flags.
This PR changes the way we handle transactions to a more simple method.
The new method is to mark containers as dirty from low level code
(eg. arranging, or container_destroy, and eventually seat_set_focus),
then call transaction_commit_dirty which picks up those containers and
runs them through a transaction. The old methods of using transactions
(arrange_and_commit, or creating one manually) are now no longer
possible.
The highest-level code (execute_command and view implementation
handlers) will call transaction_commit_dirty, so most other code just
needs to set containers as dirty. This is done by arranging, but can
also be done by calling container_set_dirty.
Now the scroll_button will not accept:
- letters on string beginning;
- negative numbers.
What is tolerated:
- letters after number;
- rational numbers: the fraction after dot will be omitted.
This commit introduces a scroll_button option, which is intended to be
used with scroll_method. Now user can edit his sway config and add an
scroll_button option to device section.
The title and marks textures would have their height set from the
config's computed max font height, but the textures were not regenerated
when the config's max font height changed which made a gap appear.
Rather than making it regenerate the title textures every time the
config font height was changed, I've changed it to just make the
textures the height of the title itself and fill any gap when rendering.
Also, the title_width and marks_width variables have been renamed to
make it more obvious that they are in output-buffer-local coordinates.
Fixes#1936.
The only user of this function would copy the string right away
to get rid of the const flag anyway, and freeing a const string
afterwards might work but is not meant to be done according to the
json-c API.
If we set an instruction as ready twice, it decreases the transaction's
num_waiting a second time and applies the transaction earlier than it
should. This no doubt has undesired effects, probably resulting in a use
after free.
Hopefully fixes the first part of #2207.
wl_event_source_remove() is illegal after display has been destroyed,
so just destroy everything when we still can.
==20392==ERROR: AddressSanitizer: heap-use-after-free on address 0x607000001240 at pc 0x00000048e86e bp 0x7ffe4b557e00 sp 0x7ffe4b557df0
READ of size 8 at 0x607000001240 thread T0
#0 0x48e86d in wl_list_insert ../common/list.c:149
#1 0x7fdf673d4d7d in wl_event_source_remove src/event-loop.c:487
#2 0x41b742 in ipc_terminate ../sway/ipc-server.c:94
#3 0x40b1ad in main ../sway/main.c:440
#4 0x7fdf6664c18a in __libc_start_main ../csu/libc-start.c:308
#5 0x409359 in _start (/opt/wayland/bin/sway+0x409359)
0x607000001240 is located 48 bytes inside of 72-byte region [0x607000001210,0x607000001258)
freed by thread T0 here:
#0 0x7fdf692c4880 in __interceptor_free (/lib64/libasan.so.5+0xee880)
#1 0x7fdf673d371a in wl_display_destroy src/wayland-server.c:1097
previously allocated by thread T0 here:
#0 0x7fdf692c4c48 in malloc (/lib64/libasan.so.5+0xeec48)
#1 0x7fdf673d4d9e in wl_event_loop_create src/event-loop.c:522
#2 0x40acb2 in main ../sway/main.c:363
#3 0x7fdf6664c18a in __libc_start_main ../csu/libc-start.c:308
When you have an unfocused container (so one view is focused_inactive),
and you focus any other view in that container, the view with
focused_inactive was not damaged. This is because we damaged the
previous focus and new focus, but needed to damage the parent of the new
focus.
We would previously run all config commands without the environment,
which would appear to work as our socket name is the default one, but
wayland clients would start up in the wrong sway session.
(This explains why 'sometimes' my swayidle processes wouldn't die with
sway, as they weren't listening to the correct socket)
Fixes#2192.
seat_get_active_current_child is intended to return a child of the given
container which has finished its mapping transaction and is able to be
rendered on screen. The previous implementation was capable of returning
a pending child, which caused a child of a tabbed or stacked view to be
rendered prematurely while it was mapping.
If init fails halfway through it will call the destroy function,
which needs some coherent stuff filled.
Allocate with calloc and fill in what cannot fail first
Found through static analysis.
The check didn't include && ws_num < 100 so l would always be 1 or 2
Instead of fixing logic it's simpler to just call snprintf twice to get
length and use that.
Also change malloc failure check to sway_assert because both callers of
this function do not do null check and would segfault...
Found through static analysis.
No logic change here, this one is mostly to please static analyzer:
- client->fd can never be -1 (and if it could, close() a few lines below
would have needed the same check)
- we never send permission denied error (dead code)
ipc_send_reply already does client disconnect on error, so we shouldn't
do it again.
We also need to process current index again as disconnect removes client
from the list we currently are processing (this is an indexed "list")
Found through static analysis.
size_t/ssize_t are 8 bytes on 64bit systems, so use the proper size to
transmit that information.
This could lead to ridiculously large alloc as len is not initialized to zero
Found through static analysis
- child would leak in the workspace_record_pid path
- removing malloc lets us get rid of That Comment nobody seems
to remember what it was about
- we would leak pipe fds on first fork failling
- we didn't return an error if second fork failed
- the final executed process still had both pipe fds
(would show up in /proc/23560/fd in launched programs)
- we would write twice to the pipe if execl failed for some reason
(e.g. if /bin/sh doesn't exist?!)
When you spawn a process with the exec command, sway now notes the
workspace you had focused and the pid of the child process, then assigns
that workspace to the child when its window appears.
Some of this is carried over from sway 0.15, but with some major
refactoring and centralization of state.
That event comes from the toplevel and not the surface, so would cause
a use-after-free on destroy if the toplevel got destroyed first:
==5454==ERROR: AddressSanitizer: heap-use-after-free on address 0x6110001ed198 at pc 0x000000472d10 bp 0x7ffc19070a80 sp 0x7ffc19070a70
WRITE of size 8 at 0x6110001ed198 thread T0
#0 0x472d0f in wl_list_remove ../common/list.c:157
#1 0x42e159 in handle_destroy ../sway/desktop/xdg_shell_v6.c:243
#2 0x7fa9e5b28ce8 in wlr_signal_emit_safe ../util/signal.c:29
#3 0x7fa9e5afd6b1 in destroy_xdg_surface_v6 ../types/xdg_shell_v6/wlr_xdg_surface_v6.c:101
#4 0x7fa9e5d98025 in destroy_resource src/wayland-server.c:688
#5 0x7fa9e5d98091 in wl_resource_destroy src/wayland-server.c:705
#6 0x7fa9e27f103d in ffi_call_unix64 (/lib64/libffi.so.6+0x603d)
#7 0x7fa9e27f09fe in ffi_call (/lib64/libffi.so.6+0x59fe)
#8 0x7fa9e5d9bf2c (/lib64/libwayland-server.so.0+0xbf2c)
#9 0x7fa9e5d983de in wl_client_connection_data src/wayland-server.c:420
#10 0x7fa9e5d99f01 in wl_event_loop_dispatch src/event-loop.c:641
#11 0x7fa9e5d98601 in wl_display_run src/wayland-server.c:1260
#12 0x40a2f4 in main ../sway/main.c:433
#13 0x7fa9e527318a in __libc_start_main ../csu/libc-start.c:308
#14 0x40b749 in _start (/opt/wayland/bin/sway+0x40b749)
0x6110001ed198 is located 152 bytes inside of 240-byte region [0x6110001ed100,0x6110001ed1f0)
freed by thread T0 here:
#0 0x7fa9e7c89880 in __interceptor_free (/lib64/libasan.so.5+0xee880)
#1 0x7fa9e5affce9 in destroy_xdg_toplevel_v6 ../types/xdg_shell_v6/wlr_xdg_toplevel_v6.c:23
#2 0x7fa9e5d98025 in destroy_resource src/wayland-server.c:688
previously allocated by thread T0 here:
#0 0x7fa9e7c89e50 in calloc (/lib64/libasan.so.5+0xeee50)
#1 0x7fa9e5b00eea in create_xdg_toplevel_v6 ../types/xdg_shell_v6/wlr_xdg_toplevel_v6.c:427
#2 0x7fa9e27f103d in ffi_call_unix64 (/lib64/libffi.so.6+0x603d)
The toplevel only notifies the compositor on destroy if it was mapped,
so only listen to events at map time.
A flash of background was happening for two reasons:
1) We were using the xsurface's dimensions to check if the surface is
ready, but these are pending dimensions.
2) In my particular setup, the default geometry of the xsurface does not
intersect any output, which prevented it from receiving a frame done
event. This made the transaction time out and the client would only
redraw once it's been rendered.
We were arranging a parent which may have been deleted by the reaper,
which meant the `current` children list of the surviving parent had a
dangling pointer.
Instead, we now reap the workspace.
The view was configured with the container coordinates.
Although they were right on the first configure, they
changed after a XCB_CONFIGURE_REQUEST, when the
border was already drawn.
Rather than allocate a structure and expect callers to free it, take a
pointer to an existing struct as an argument.
This function is no longer called anywhere though.
- fixes a double-free error when access() failed.
- refactor code to make memory managment (alloc/free) more straightforward
- do not bring the temporary wordexp_t struct around
- do not postpone errors handling
Both sway_output and sway_layer_shell listen to wlr's output destroy event,
but sway_layer_shell needs to access into sway_output's data strucure and needs
to be destroyed first.
Resolve this by making sway_layer_shell listen to a new event that happens at
start of sway_output's destroy handler
Fixes this kind of use-after-free:
==1795==ERROR: AddressSanitizer: heap-use-after-free on address 0x612000191ef0 at pc 0x00000048c388 bp 0x7ffe308f0410 sp 0x7ffe308f0400
WRITE of size 8 at 0x612000191ef0 thread T0
#0 0x48c387 in wl_list_remove ../common/list.c:157
#1 0x42196b in handle_destroy ../sway/desktop/layer_shell.c:275
#2 0x7f55cc2549fa in wlr_signal_emit_safe ../util/signal.c:29
#3 0x7f55cc22cf68 in layer_surface_destroy ../types/wlr_layer_shell.c:182
#4 0x7f55cc22d084 in layer_surface_resource_destroy ../types/wlr_layer_shell.c:196
#5 0x7f55cc4ca025 in destroy_resource src/wayland-server.c:688
#6 0x7f55cc4ca091 in wl_resource_destroy src/wayland-server.c:705
#7 0x7f55cc22c3a2 in resource_handle_destroy ../types/wlr_layer_shell.c:18
#8 0x7f55c8ef103d in ffi_call_unix64 (/lib64/libffi.so.6+0x603d)
#9 0x7f55c8ef09fe in ffi_call (/lib64/libffi.so.6+0x59fe)
#10 0x7f55cc4cdf2c (/lib64/libwayland-server.so.0+0xbf2c)
#11 0x7f55cc4ca3de in wl_client_connection_data src/wayland-server.c:420
#12 0x7f55cc4cbf01 in wl_event_loop_dispatch src/event-loop.c:641
#13 0x7f55cc4ca601 in wl_display_run src/wayland-server.c:1260
#14 0x40bb1e in server_run ../sway/server.c:141
#15 0x40ab2f in main ../sway/main.c:432
#16 0x7f55cb97318a in __libc_start_main ../csu/libc-start.c:308
#17 0x408d29 in _start (/opt/wayland/bin/sway+0x408d29)
0x612000191ef0 is located 48 bytes inside of 312-byte region [0x612000191ec0,0x612000191ff8)
freed by thread T0 here:
#0 0x7f55ce3bb880 in __interceptor_free (/lib64/libasan.so.5+0xee880)
#1 0x42f1db in handle_destroy ../sway/desktop/output.c:1275
#2 0x7f55cc2549fa in wlr_signal_emit_safe ../util/signal.c:29
#3 0x7f55cc23b4c2 in wlr_output_destroy ../types/wlr_output.c:284
#4 0x7f55cc1ddc20 in xdg_toplevel_handle_close ../backend/wayland/output.c:235
#5 0x7f55c8ef103d in ffi_call_unix64 (/lib64/libffi.so.6+0x603d)
previously allocated by thread T0 here:
#0 0x7f55ce3bbe50 in calloc (/lib64/libasan.so.5+0xeee50)
#1 0x42f401 in handle_new_output ../sway/desktop/output.c:1308
#2 0x7f55cc2549fa in wlr_signal_emit_safe ../util/signal.c:29
#3 0x7f55cc1d6cbf in new_output_reemit ../backend/multi/backend.c:113
#4 0x7f55cc2549fa in wlr_signal_emit_safe ../util/signal.c:29
#5 0x7f55cc1deac7 in wlr_wl_output_create ../backend/wayland/output.c:327
#6 0x7f55cc1db353 in backend_start ../backend/wayland/backend.c:55
#7 0x7f55cc1bad55 in wlr_backend_start ../backend/backend.c:35
#8 0x7f55cc1d67a0 in multi_backend_start ../backend/multi/backend.c:24
#9 0x7f55cc1bad55 in wlr_backend_start ../backend/backend.c:35
#10 0x40ba8a in server_run ../sway/server.c:136
#11 0x40ab2f in main ../sway/main.c:432
#12 0x7f55cb97318a in __libc_start_main ../csu/libc-start.c:308
Emitting the close event needs to happen before
container_output_destroy, because container_output_destroy sets the
sway_output to NULL and sway_output is used in IPC.
We were freeing the sway_output immediately upon disconnect which left
a dangling pointer in the output's container. It then tried to use the
pointer when the container is freed.
We don't need to store the sway_output in an output's container which is
destroying, so the fix is to set the pointer to NULL and remove the use
in container_free.
Also added an arrange when the output is disconnected for good measure.
Prompts e.g. authentication request from firefox-wayland ought to be
floating.
This is a bit coarse but just fixed size is not enough, here is what
firefox does:
[1285461.363] -> xdg_wm_base@18.get_xdg_surface(new id xdg_surface@68, wl_surface@71)
[1285461.508] -> xdg_surface@68.get_toplevel(new id xdg_toplevel@67)
[1285461.571] -> xdg_toplevel@67.set_parent(xdg_toplevel@37)
[1285461.630] -> xdg_toplevel@67.set_title("Authentication Required")
[1285461.736] -> xdg_toplevel@67.set_app_id("firefox")
...
[1285476.549] xdg_toplevel@67.configure(0, 0, array)
...
[1285502.080] -> xdg_toplevel@67.set_min_size(299, 187)
[1285502.140] -> xdg_toplevel@67.set_max_size(1920, 32767)
This can also be observed with e.g. the open window of gedit
(gedit->open->other documents)
It happened when a view is a grandchild or deeper of the workspace, is
fullscreen, and unmaps. The workspace would not be included in the
transaction and its pointer to the fullscreen view was left dangling.