This fixes an issue where views might commit to a transaction ahead of
the first one, and applying the first transaction causes us to save a
buffer of the wrong size.
* The OP_RESIZE seat operation has been renamed to OP_RESIZE_FLOATING,
and OP_RESIZE_TILING has been introduced.
* Similar to the above, seat_begin_resize and handle_resize_motion have
been renamed and tiling variants introduced.
* resize.c's resize_tiled has to be used, so container_resize_tiled has
been introduced in resize.c to allow external code to call it.
This fixes two issues which were both introduced in #2396.
First issue:
The PR changes the location of the buffer save to transaction_apply, but
puts it inside the should_configure block. For unmapping (destroying)
views, should_configure returns false so it wasn't saving the buffer. If
a frame was rendered between the unmap and the transaction applying then
it would result in a crash.
Second issue:
If a destroying view is involved in two transactions, we must not
release the buffer between the transactions because there is no live
buffer to grab any more.
Fixes#2364.
Suppose a view is 600px wide, and we tell it to resize to 601px during a
resize operation. We create a transaction, save the 600px buffer and
send the configure. This buffer is saved into the associated
instruction, and is rendered while we wait for the view to commit a
601px buffer.
Before the view commits the 601px buffer, suppose we tell it to resize
to 602px. The new transaction will also save the buffer, but it's still
the 600px buffer because we haven't received a new one yet.
Then suppose the view commits its original 601px buffer. This completes
the first transaction, so we apply the 601px width to the container.
There's still the second (now only) transaction remaining, so we render
the saved buffer from that. But this is still the 600px buffer, and we
believe it's 601px. Whoops.
The problem here is we can't stack buffers like this. So this commit
removes the saved buffer from the instructions, places it in the view
instead, and re-saves the latest buffer every time the view completes a
transaction and still has further pending transactions.
As saved buffers are now specific to views rather than instructions, the
functions for saving and removing the saved buffer have been moved to
view.c.
The calls to save and restore the buffer have been relocated to more
appropriate functions too, favouring transaction_commit and
transaction_apply rather than transaction_add_container and
transaction_destroy.
Fixes the render and container_at order for popups.
Fixes#2210
For rendering:
* render_view_surfaces has been renamed to render_view_toplevels
* render_view_toplevels now uses output_surface_for_each_surface (which
is now public), as that function uses wlr_surface_for_each_surface which
doesn't descend into popups
* Views now have a for_each_popup iterator, which is used by the
renderer to render the focused view's popups
* When rendering a popup, toplevels (xdg subsurfaces) of that popup are
also rendered
For sending frame done, the logic has been updated to match the
rendering logic:
* send_frame_done_container no longer descends into popups
* for_each_popup is used to send frame done to the focused view's popups
and their child toplevels
For container_at:
* floating_container_at is now static, which means it had to be moved
higher in the file.
* container_at now considers popups for the focused view before checking
containers.
* tiling_container_at has been introduced, so that it doesn't call
container_at recursively (it would check popups recursively if it did)
Things worth noting:
* When a fullscreen view unmaps, the check to unset fullscreen on the
workspace has been moved out of view_unmap and into container_destroy,
because containers can be fullscreen too
* The calls to `container_reap_empty_recursive(workspace)` have been
removed from `container_set_floating`. That function reaps upwards so it
wouldn't do anything. I'm probably the one who originally added it...
* My fix (b14bd1b0b1) for the tabbed child
crash has a side effect where when you close a floating container, focus
is not given to the tiled container again. I've removed my fix and
removed the call to `send_cursor_motion` from `seat_set_focus_warp`. We
should consider calling it from somewhere earlier in the call stack.
The solution used in 073ac425d5 doesn't
work in all cases because the freed instruction might be ahead in the
list, not necessarily behind.
The new solution delays running the queue until after the loop has
finished iterating, thus avoiding the problem completely.
In set_instructions_ready, calling set_instruction_ready may cause any
number of transactions to get applied, which removes them from the list
being iterated. The iteration variables need to be adjusted
accordingly.
The rendering code doesn't use the exclusive input surface at all
anymore to decide to skip rendering of shell surfaces. This fixes
a weird situation in which a client requests exclusive input but
isn't an overlay layer surface.
The renderer also renders all overlay surfaces in this situation,
not just one. This simplifies the code and fixes rendering when
there are more than one overlay surfaces (e.g. for a virtual
keyboard to type the lockscreen password).
This allows to update the title even if the view doesn't commit.
This is useful e.g. when a terminal sets its toplevel title to
the currently running command and when the view isn't visible.
Also does a few other related things:
* Now uses enum wlr_edges instead of our own enum resize_edge
* Now uses wlr_xcursor_get_resize_name and removes our own
find_resize_edge_name
* Renames drag to move for consistency
When interactively resizing some views (eg. Nautilus), new transactions
are added to the queue faster than the client can process them.
Previously, we would wait for the entire queue to be ready before
applying any of them, but in this case the transactions would time out,
giving the client choppy performance.
This changes the queue handling so it applies the transactions up to the
first waiting transaction, without waiting for the entire queue to be
ready.
The directive sets the timeout before an urgent view becomes normal
again after switching to it from another workspace.
Also:
* When an xwayland surface removes the urgent hint while the timer is
active, we now ignore the request. This happens as soon as the view
receives focus, so it was effectively making the timer pointless.
* The timeout is now only applied when switching to it from another
workspace.
This removes the urgency stuff from the commit handler and puts it in a
new set_hints handler instead. This allows the xwayland surface to
become urgent without having to commit (which doesn't happen if it's on
an non-visible workspace).
Introduces a command to manually set urgency, as well as rendering of
urgent views, sending the IPC event, removing urgency after focused for
one second, and matching urgent views via criteria.
Rather than maintain copies of the entire focus stack, this PR
transactionises the focus by introducing two new properties to the
container state and using those when rendering.
* `bool focused` means this container has actual focus. Only one
container should have this equalling true in its current state.
* `struct sway_container *focus_inactive_child` points to the immediate
child that was most recently focused (eg. for tabbed and stacked
containers).
We currently have several ways of setting debug flags, including command
line arguments, environment variables, and compile-time macros. This
replaces the lot with command line flags.
This PR changes the way we handle transactions to a more simple method.
The new method is to mark containers as dirty from low level code
(eg. arranging, or container_destroy, and eventually seat_set_focus),
then call transaction_commit_dirty which picks up those containers and
runs them through a transaction. The old methods of using transactions
(arrange_and_commit, or creating one manually) are now no longer
possible.
The highest-level code (execute_command and view implementation
handlers) will call transaction_commit_dirty, so most other code just
needs to set containers as dirty. This is done by arranging, but can
also be done by calling container_set_dirty.
The title and marks textures would have their height set from the
config's computed max font height, but the textures were not regenerated
when the config's max font height changed which made a gap appear.
Rather than making it regenerate the title textures every time the
config font height was changed, I've changed it to just make the
textures the height of the title itself and fill any gap when rendering.
Also, the title_width and marks_width variables have been renamed to
make it more obvious that they are in output-buffer-local coordinates.
Fixes#1936.
If we set an instruction as ready twice, it decreases the transaction's
num_waiting a second time and applies the transaction earlier than it
should. This no doubt has undesired effects, probably resulting in a use
after free.
Hopefully fixes the first part of #2207.
When you spawn a process with the exec command, sway now notes the
workspace you had focused and the pid of the child process, then assigns
that workspace to the child when its window appears.
Some of this is carried over from sway 0.15, but with some major
refactoring and centralization of state.
That event comes from the toplevel and not the surface, so would cause
a use-after-free on destroy if the toplevel got destroyed first:
==5454==ERROR: AddressSanitizer: heap-use-after-free on address 0x6110001ed198 at pc 0x000000472d10 bp 0x7ffc19070a80 sp 0x7ffc19070a70
WRITE of size 8 at 0x6110001ed198 thread T0
#0 0x472d0f in wl_list_remove ../common/list.c:157
#1 0x42e159 in handle_destroy ../sway/desktop/xdg_shell_v6.c:243
#2 0x7fa9e5b28ce8 in wlr_signal_emit_safe ../util/signal.c:29
#3 0x7fa9e5afd6b1 in destroy_xdg_surface_v6 ../types/xdg_shell_v6/wlr_xdg_surface_v6.c:101
#4 0x7fa9e5d98025 in destroy_resource src/wayland-server.c:688
#5 0x7fa9e5d98091 in wl_resource_destroy src/wayland-server.c:705
#6 0x7fa9e27f103d in ffi_call_unix64 (/lib64/libffi.so.6+0x603d)
#7 0x7fa9e27f09fe in ffi_call (/lib64/libffi.so.6+0x59fe)
#8 0x7fa9e5d9bf2c (/lib64/libwayland-server.so.0+0xbf2c)
#9 0x7fa9e5d983de in wl_client_connection_data src/wayland-server.c:420
#10 0x7fa9e5d99f01 in wl_event_loop_dispatch src/event-loop.c:641
#11 0x7fa9e5d98601 in wl_display_run src/wayland-server.c:1260
#12 0x40a2f4 in main ../sway/main.c:433
#13 0x7fa9e527318a in __libc_start_main ../csu/libc-start.c:308
#14 0x40b749 in _start (/opt/wayland/bin/sway+0x40b749)
0x6110001ed198 is located 152 bytes inside of 240-byte region [0x6110001ed100,0x6110001ed1f0)
freed by thread T0 here:
#0 0x7fa9e7c89880 in __interceptor_free (/lib64/libasan.so.5+0xee880)
#1 0x7fa9e5affce9 in destroy_xdg_toplevel_v6 ../types/xdg_shell_v6/wlr_xdg_toplevel_v6.c:23
#2 0x7fa9e5d98025 in destroy_resource src/wayland-server.c:688
previously allocated by thread T0 here:
#0 0x7fa9e7c89e50 in calloc (/lib64/libasan.so.5+0xeee50)
#1 0x7fa9e5b00eea in create_xdg_toplevel_v6 ../types/xdg_shell_v6/wlr_xdg_toplevel_v6.c:427
#2 0x7fa9e27f103d in ffi_call_unix64 (/lib64/libffi.so.6+0x603d)
The toplevel only notifies the compositor on destroy if it was mapped,
so only listen to events at map time.
A flash of background was happening for two reasons:
1) We were using the xsurface's dimensions to check if the surface is
ready, but these are pending dimensions.
2) In my particular setup, the default geometry of the xsurface does not
intersect any output, which prevented it from receiving a frame done
event. This made the transaction time out and the client would only
redraw once it's been rendered.
The view was configured with the container coordinates.
Although they were right on the first configure, they
changed after a XCB_CONFIGURE_REQUEST, when the
border was already drawn.
Both sway_output and sway_layer_shell listen to wlr's output destroy event,
but sway_layer_shell needs to access into sway_output's data strucure and needs
to be destroyed first.
Resolve this by making sway_layer_shell listen to a new event that happens at
start of sway_output's destroy handler
Fixes this kind of use-after-free:
==1795==ERROR: AddressSanitizer: heap-use-after-free on address 0x612000191ef0 at pc 0x00000048c388 bp 0x7ffe308f0410 sp 0x7ffe308f0400
WRITE of size 8 at 0x612000191ef0 thread T0
#0 0x48c387 in wl_list_remove ../common/list.c:157
#1 0x42196b in handle_destroy ../sway/desktop/layer_shell.c:275
#2 0x7f55cc2549fa in wlr_signal_emit_safe ../util/signal.c:29
#3 0x7f55cc22cf68 in layer_surface_destroy ../types/wlr_layer_shell.c:182
#4 0x7f55cc22d084 in layer_surface_resource_destroy ../types/wlr_layer_shell.c:196
#5 0x7f55cc4ca025 in destroy_resource src/wayland-server.c:688
#6 0x7f55cc4ca091 in wl_resource_destroy src/wayland-server.c:705
#7 0x7f55cc22c3a2 in resource_handle_destroy ../types/wlr_layer_shell.c:18
#8 0x7f55c8ef103d in ffi_call_unix64 (/lib64/libffi.so.6+0x603d)
#9 0x7f55c8ef09fe in ffi_call (/lib64/libffi.so.6+0x59fe)
#10 0x7f55cc4cdf2c (/lib64/libwayland-server.so.0+0xbf2c)
#11 0x7f55cc4ca3de in wl_client_connection_data src/wayland-server.c:420
#12 0x7f55cc4cbf01 in wl_event_loop_dispatch src/event-loop.c:641
#13 0x7f55cc4ca601 in wl_display_run src/wayland-server.c:1260
#14 0x40bb1e in server_run ../sway/server.c:141
#15 0x40ab2f in main ../sway/main.c:432
#16 0x7f55cb97318a in __libc_start_main ../csu/libc-start.c:308
#17 0x408d29 in _start (/opt/wayland/bin/sway+0x408d29)
0x612000191ef0 is located 48 bytes inside of 312-byte region [0x612000191ec0,0x612000191ff8)
freed by thread T0 here:
#0 0x7f55ce3bb880 in __interceptor_free (/lib64/libasan.so.5+0xee880)
#1 0x42f1db in handle_destroy ../sway/desktop/output.c:1275
#2 0x7f55cc2549fa in wlr_signal_emit_safe ../util/signal.c:29
#3 0x7f55cc23b4c2 in wlr_output_destroy ../types/wlr_output.c:284
#4 0x7f55cc1ddc20 in xdg_toplevel_handle_close ../backend/wayland/output.c:235
#5 0x7f55c8ef103d in ffi_call_unix64 (/lib64/libffi.so.6+0x603d)
previously allocated by thread T0 here:
#0 0x7f55ce3bbe50 in calloc (/lib64/libasan.so.5+0xeee50)
#1 0x42f401 in handle_new_output ../sway/desktop/output.c:1308
#2 0x7f55cc2549fa in wlr_signal_emit_safe ../util/signal.c:29
#3 0x7f55cc1d6cbf in new_output_reemit ../backend/multi/backend.c:113
#4 0x7f55cc2549fa in wlr_signal_emit_safe ../util/signal.c:29
#5 0x7f55cc1deac7 in wlr_wl_output_create ../backend/wayland/output.c:327
#6 0x7f55cc1db353 in backend_start ../backend/wayland/backend.c:55
#7 0x7f55cc1bad55 in wlr_backend_start ../backend/backend.c:35
#8 0x7f55cc1d67a0 in multi_backend_start ../backend/multi/backend.c:24
#9 0x7f55cc1bad55 in wlr_backend_start ../backend/backend.c:35
#10 0x40ba8a in server_run ../sway/server.c:136
#11 0x40ab2f in main ../sway/main.c:432
#12 0x7f55cb97318a in __libc_start_main ../csu/libc-start.c:308
We were freeing the sway_output immediately upon disconnect which left
a dangling pointer in the output's container. It then tried to use the
pointer when the container is freed.
We don't need to store the sway_output in an output's container which is
destroying, so the fix is to set the pointer to NULL and remove the use
in container_free.
Also added an arrange when the output is disconnected for good measure.
Prompts e.g. authentication request from firefox-wayland ought to be
floating.
This is a bit coarse but just fixed size is not enough, here is what
firefox does:
[1285461.363] -> xdg_wm_base@18.get_xdg_surface(new id xdg_surface@68, wl_surface@71)
[1285461.508] -> xdg_surface@68.get_toplevel(new id xdg_toplevel@67)
[1285461.571] -> xdg_toplevel@67.set_parent(xdg_toplevel@37)
[1285461.630] -> xdg_toplevel@67.set_title("Authentication Required")
[1285461.736] -> xdg_toplevel@67.set_app_id("firefox")
...
[1285476.549] xdg_toplevel@67.configure(0, 0, array)
...
[1285502.080] -> xdg_toplevel@67.set_min_size(299, 187)
[1285502.140] -> xdg_toplevel@67.set_max_size(1920, 32767)
This can also be observed with e.g. the open window of gedit
(gedit->open->other documents)
* The arrange_foo functions are now replaced with arrange_and_commit, or
with manually created transactions and arrange_windows x2.
* The arrange functions are now only called from the highest level
functions rather than from both high level and low level functions.
* Due to the previous point, view_set_fullscreen_raw and
view_set_fullscreen are both merged into one function again.
* Floating and fullscreen are now working with transactions.
