Fixes heap-use-after-free:
==32046==ERROR: AddressSanitizer: heap-use-after-free on address 0x615000064d20 at pc 0x55571ce4d303 bp 0x7fff545c64c0 sp 0x7fff545c64b0
WRITE of size 8 at 0x615000064d20 thread T0
#0 0x55571ce4d302 in xdg_decoration_handle_destroy ../sway/xdg_decoration.c:13
#1 0x7f64009d6f36 in wlr_signal_emit_safe ../util/signal.c:29
#2 0x7f64009d3c46 in toplevel_decoration_handle_resource_destroy ../types/wlr_xdg_decoration_v1.c:65
#3 0x7f6400a19f8d (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x7f8d)
#4 0x7f6400a19fed in wl_resource_destroy (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x7fed)
#5 0x7f64009d3d1f in toplevel_decoration_handle_surface_destroy ../types/wlr_xdg_decoration_v1.c:82
#6 0x7f64009d6f36 in wlr_signal_emit_safe ../util/signal.c:29
#7 0x7f64009b059c in reset_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:453
#8 0x7f64009b0688 in destroy_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:483
#9 0x7f64009af08c in xdg_client_handle_resource_destroy ../types/xdg_shell/wlr_xdg_shell.c:71
#10 0x7f6400a19f8d (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x7f8d)
#11 0x7f6400a1e211 (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0xc211)
#12 0x7f6400a1e6fe (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0xc6fe)
#13 0x7f6400a1a0ec in wl_client_destroy (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x80ec)
#14 0x7f6400a1a1c4 (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x81c4)
#15 0x7f6400a1b941 in wl_event_loop_dispatch (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x9941)
#16 0x7f6400a1a569 in wl_display_run (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x8569)
#17 0x55571ce4c7fd in server_run ../sway/server.c:214
#18 0x55571ce4ad59 in main ../sway/main.c:405
#19 0x7f640071109a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a)
#20 0x55571ce2cfa9 in _start (/usr/local/bin/sway+0x35fa9)
0x615000064d20 is located 32 bytes inside of 504-byte region [0x615000064d00,0x615000064ef8)
freed by thread T0 here:
#0 0x7f6401531b70 in free (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xedb70)
#1 0x55571ce6c72b in destroy ../sway/desktop/xdg_shell.c:252
#2 0x55571cee3f7b in view_destroy ../sway/tree/view.c:60
#3 0x55571cee4090 in view_begin_destroy ../sway/tree/view.c:73
#4 0x55571ce6dd95 in handle_destroy ../sway/desktop/xdg_shell.c:464
#5 0x7f64009d6f36 in wlr_signal_emit_safe ../util/signal.c:29
#6 0x7f64009b059c in reset_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:453
#7 0x7f64009b0688 in destroy_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:483
#8 0x7f64009af08c in xdg_client_handle_resource_destroy ../types/xdg_shell/wlr_xdg_shell.c:71
#9 0x7f6400a19f8d (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x7f8d)
previously allocated by thread T0 here:
#0 0x7f6401532138 in calloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xee138)
#1 0x55571ce6df39 in handle_xdg_shell_surface ../sway/desktop/xdg_shell.c:485
#2 0x7f64009d6f36 in wlr_signal_emit_safe ../util/signal.c:29
#3 0x7f64009b0167 in handle_xdg_surface_commit ../types/xdg_shell/wlr_xdg_surface.c:350
#4 0x7f64009ce2a5 in surface_commit_pending ../types/wlr_surface.c:372
#5 0x7f64009ce523 in surface_commit ../types/wlr_surface.c:444
#6 0x7f63ff63ddad in ffi_call_unix64 (/usr/lib/x86_64-linux-gnu/libffi.so.6+0x5dad)
Fixes#3759
This modifies the places where output_get_active_workspace is called to
handle a NULL result. Some places already handled it and did not need a
change, some just have guard off code blocks, others return errors, and
some have sway_asserts since the case should never happen. A lot of this
is probably just safety precautions since they probably will never be
called when `output_get_active_workspace` is not fully configured with a
workspace.
If an output's node was dirty and the transaction was committed before a
workspace was moved to or created for the output, the instruction would
have a bad value for `state->active_workspace` due to a missing
length check in `output_get_active_workspace`. If there was no focus on
the output, the first workspace was being returned. If the workspace
list was currently empty, the value was either garbage, or in the case of
an output being disabled and re-enabled, a workspace that may have been
previously freed. This just adds the length check to avoid returning out
of bounds value.
wlr_xdg_popup_destroy will destroy popups, so we need to walk the tree
carefully. It's enough to just destroy all direct children, since destroying
the parent will also destroy all children.
Don't access xdg_surface->toplevel if xdg_surface->role is equal to
WLR_XDG_SURFACE_ROLE_NONE, since this could lead to crash. The same
checks are added for xdg_surface_v6.
Fixes#3311
Just a convenience function that improves readability of the code.
Other things worth noting:
* container_get_siblings and container_sibling_index no longer use the
const keyword
* container_handle_fullscreen_reparent is only ever called after
attaching the container to a workspace, so its con->workspace check has
been changed to an assertion
The goal here is to center fullscreen views when they are both too small
for the output and refuse to resize to the output's dimensions. It has
the side effect of also centering the view when it's too small for its
container.
Example clients that have this behaviour are emersion's hello-wayland
and weston.
It works by introducing surface_{x,y,width,height} properties to the
container struct. The x and y represent layout-local coordinates where
the surface will be rendered. The width and height are only used to
track the surface's previous dimensions so we can detect when the client
has resized it and recenter and apply damage accordingly.
The new surface properties are calculated when a transaction is applied,
as well as when a view resizes itself unexpectedly. The latter is done
in view_update_size. This function was previously restricted to views
which are floating, but can now be called for any views.
For views which refuse to resize *smaller* than a particular size, such
as gnome-calculator, the surface is still anchored to the top left as
per the current behaviour.
In addition to removing unused code, two minor problems are fixed:
(1) `resize set` and `resize adjust` did not error when given
too many arguments.
(2) `orientation` was incorrectly overridden to be 'U' for
scroll events in the swaybar tray `handle_click` function.
This commit mostly duplicates the wlr_log functions, although
with a sway_* prefix. (This is very similar to PR #2009.)
However, the logging function no longer needs to be replaceable,
so sway_log_init's second argument is used to set the exit
callback for sway_abort.
wlr_log_init is still invoked in sway/main.c
This commit makes it easier to remove the wlroots dependency for
the helper programs swaymsg, swaybg, swaybar, and swaynag.
If output->configured is true, then the output has been modeset correctly and
we don't need to try again. If output->enabled is true, then we are in the
process of configuring the output and we shouldn't do anything.
This happens if you plug in more outputs than supported by your GPU.
This patch makes it so outputs without CRTCs appear as disabled. As soon as
they get a CRTC (signalled via the mode event), we can enable them.
This splits each seat operation (drag/move tiling/floating etc) into a
separate file and introduces a struct sway_seatop_impl to abstract the
operation.
The move_tiling_threshold operation has been merged into move_tiling.
The main logic for each operation is untouched aside from variable
renames.
The following previously-static functions have been made public:
* node_at_coords
* container_raise_floating
* render_rect
* premultiply_alpha
* scale_box
../sway/desktop/transaction.c:367:17: error: format specifies type 'long' but the argument has type 'size_t' (aka 'unsigned int') [-Werror,-Wformat]
transaction, transaction->num_waiting);
^~~~~~~~~~~~~~~~~~~~~~~~
/usr/local/include/wlr/util/log.h:56:72: note: expanded from macro 'wlr_log'
_wlr_log(verb, "[%s:%d] " fmt, _wlr_strip_path(__FILE__), __LINE__, ##__VA_ARGS__)
^~~~~~~~~~~
../sway/desktop/transaction.c:477:5: error: format specifies type 'long' but the argument has type 'unsigned int' [-Werror,-Wformat]
transaction->num_configures - transaction->num_waiting + 1,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/local/include/wlr/util/log.h:56:72: note: expanded from macro 'wlr_log'
_wlr_log(verb, "[%s:%d] " fmt, _wlr_strip_path(__FILE__), __LINE__, ##__VA_ARGS__)
^~~~~~~~~~~
../sway/desktop/transaction.c:478:5: error: format specifies type 'long' but the argument has type 'size_t' (aka 'unsigned int') [-Werror,-Wformat]
transaction->num_configures, ms,
^~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/local/include/wlr/util/log.h:56:72: note: expanded from macro 'wlr_log'
_wlr_log(verb, "[%s:%d] " fmt, _wlr_strip_path(__FILE__), __LINE__, ##__VA_ARGS__)
^~~~~~~~~~~
See issue #3359 for reproduction details. When a fullscreen view is
unmapped and there's a preceding transaction waiting, there may be
neither a saved buffer or a surface to render. This change matches
the equivalent code in render_view.
This combines `output_by_name` and `output_by_identifier` into a single
function called `output_by_name_or_id`. This allows for output
identifiers to be used in all commands, simplifies the logic of the
callers, and is more efficient since worst case is a single pass through
the output list.
This adds support for `i3 4.16`'s ability to set the title alignment.
The command is `title_align left|center|right`.
When the title is on the right, marks are moved to the left. Otherwise,
they are on the right.
This renames/moves the following properties:
* sway_view.{x,y,width,height} ->
sway_container.content_{x,y,width,height}
* This is required to support placeholder containers as they don't
have a view.
* sway_container_state.view_{x,y,width,height} ->
sway_container_state.content_{x,y,width,height}
* To remain consistent with the above.
* sway_container_state.con_{x,y,width,height} ->
sway_container_state.{x,y,width,height}
* The con prefix was there to give it contrast from the view
properties, and is no longer useful.
The function container_set_geometry_from_floating_view has also been
renamed to container_set_geometry_from_content.
In i3, when a child of a tabbed or stacked container has no siblings,
its border settings are respected.
This patch achieves the same effect by rendering a lone tabbed/stacked
child as if it's a linear container. This makes the border settings be
respected.
Over in view_autoconfigure, we compensate for this by only adjusting
`y_offset` if there's multiple children.
This approaches cursor rebasing from a different angle. Rather than
littering the codebase with cursor_rebase calls and using transaction
callbacks, this just runs cursor_rebase after applying every transaction
- but only if there's outputs connected, because otherwise it causes a
crash during shutdown.
There is one known case where we still need to call cursor_rebase
directly, and that's when running `seat seat0 cursor move ...`. This
command doesn't set anything as dirty so no transaction occurs.
I originally put the rebase at the end of view_map, but at this point
the view is still at its native size and will ignore the motion event if
it falls outside of its native size. The only way to do this properly is
to rebase the cursor later - either after sending the configure, after
the view commits with the new size, or after applying the transaction. I
chose to do it after applying the transaction for simplicity.
I then attempted to just call cursor_rebase after applying every
transaction, but this causes crashes when exiting sway (and possibly
other places) because cursor_rebase assumes the tree is in a valid
state.
So my chosen solution introduces transaction_commit_dirty_with_callback
which allows handle_map to register a callback which will run when the
transaction is applied.
window_properties is documented to contain a subset of the X11 properties
of a window (its title, class, instance, role, and transient ID). This
commit adds the missing json object from the get_tree output for
xwayland windows only.
This is a follow-up of #2911.
Signed-off-by: Franklin "Snaipe" Mathieu <me@snai.pe>