The assertion in PointerConstraint.confine() can currently still be
triggered if the input region of a surface is changed and the pointer is
moved outside of the new intersection of input region and constraint
region before PointerConstraint.updateState() is called.
This can happen, for example, when a client is made non-fullscreen at
the same time as the pointer is moved across the boundary of the new,
post-fullscreen, input region. If the pointer crosses the boundary
before the transaction completes and updateState() is called, the
assertion in PointerConstraint.confine() will fail.
To fix this, listen for the surface commit event rather than the
set_region event to handle possible deactivation on region changes.
Currently keyboard focus is stolen from layer surfaces with
on_demand keyboard interactivity any time Root.applyPending() is called.
This commit fixes the behavior to only steal focus when explicitly
focusing a different window/layer surface.
Currently we send the first configure for xdg popups before the popup
has made its initial commit. This is incorrect according to the protocol
and may confuse clients.
The wlroots Wayland backend does not support gamma LUT application and
will currently fail to render anything if river commits a gamma LUT.
To fix this, test the state when applying a gamma LUT and fall back to a
state with no gamma LUT set if that fails.
This problem was revealed by 2e09b66 which flags gamma as dirty on all
outputs when they are enabled.
The X11 protocol uses 16 bit integers for width/height but we use
32 bit integers everywhere else in river. Make sure that values outside
the range of a 16 bit integer don't cause river to crash with an
assertion failure.
I think that coordinates outside the range of a 16 bit integer could
theoretically be reasonable with tiled high resolution displays in the
future. I doubt they ever get used in practice today but at the same
time we can't allow an errant layout generator to crash river.
We must clean up the user data of the wlr_surface for layer surfaces and
lock surfaces as fromSurface() may be called (e.g. by the idle inhibit
implementation) after the scene node has been destroyed but before the
wlr_surface is destroyed.
This assert is incorrect if Xwayland is enabled and an Override Redirect
window steals the keyboard focus from the parent surface.
It also seems likely to be hit if a Wayland client attempts to use a
pointer constraint on a subsurface. I don't think a pointer constraint
on a subsurface is likely to work entirely correctly and I don't know of
any Wayland clients that try such a thing. We can't let them crash river
by trying though.
Currently if a second keyboard input device is created river will send
a wl_keyboard.leave event immediately followed by a wl_keyboard.enter
event. This serves no purpose and can confuse clients, in particular due
to fctix creating/destroying virtual keyboards on focus change.
Fixes: https://codeberg.org/river/river/issues/1062
References: https://github.com/fcitx/fcitx5/issues/1044
Xwayland clients on outputs at negative positions don't currently
receive mouse events due to a bug in Xwayland. As a workaround, we
disallow negative output positions when Xwayland is enabled.
References: https://gitlab.freedesktop.org/xorg/xserver/-/issues/899Closes: #1058
Currently if a client commits a geometry with a different x/y value but
does not change the width/height we might not update the clip
coordinates of the surface tree, potentially causing part of the surface
to be unintentionally clipped off.
To fix this, check for change in geometry x/y as well as width/height on
commit if the client is not currently part of an ongoing transaction.
Firefox for example it seems may respond to a configure non-atomically
with multiple commits:
1. commit new buffer and new geometry of a new width/height.
2. commit again with the same width/height but a new geometry x/y.
I don't think this is technically a bug but it doesn't seem like the
most efficient way to do things. I think this may also cause imperfect
frames. In any case, this should no longer cause river to crop off part
of firefox's surface.
It seems layer-shell clients such as waybar can commit bogus exclusive
zones larger than the width/height of the output. While this client
behavior is questionable at best, it must not cause river to crash or
otherwise misbehave.
Therefore, close layer surfaces causing the usable (not exclusive zone)
area of an output to be reduced below half of the width/height.
Currently if we disable an output due to a wlr-output-power-management
protocol request we do not update Output.lock_render_state properly.
This is fine if the output is also re-enabled using the
wlr-output-power-management protocol but causes an assertion failure
if it is re-enabled using wlr-output-management instead.
Also clean up this code a bit, it's no longer necessary to split these
one line functions out into separate files as Zig's conditional
compilation support has improved since these functions were originally
written.
This field being nullable at all is code smell. I think what needs to
happen here long term is for a proper separation of "window management
output" and "physical output" as concepts and integration outputs into
the transaction system.
That's a much larger change and I don't want to cause that amount of
code churn just before a release though.
I have managed to crash river (because the relevant assertion was wrong)
on this using fcitx5 (5.1.8) and anthy with the following sequence of
key events on a physical keyboard (every line followed by releasing
everything):
super-; (my shortcut to enable anthy)
shift-letter (fcitx doesn't release shift on its virtual keyboard)
escape
shift (fcitx sends another press event)
The failure to release shift is not the only weirdness happening, but
it's what eventually lead to the assertion failure.
This makes tablet tool cursors visually distinct from pointer cursors by
default. Client may of course continue to set custom cursors for tablet
tools if they have focus.
Also fixes a custom cursor set by a client persisting after the tablet
exits the client's surface until proximity out.
This was dropped from 200ms to 50ms in 4a65af66. However 50ms seems
to be a bit too short in practice. I often hit ugly frame imperfection
do to timeouts when toggling mpv between a small floating window and
fullscreen for example, even on a relatively beefy desktop computer.
This only happens while the video is playing in mpv, not while it is
paused. I believe this is due to mpv ignoring the compositor's hints for
when to render a new frame entirely while playing a video. It instead
renders at the framerate of the video being played, even if the
compositor requests a change in size. This isn't great but seems
unlikely to change [1].
Overall, hitting 100ms timeouts subjectively doesn't feel anywhere near
as sluggish as hitting 200ms timeouts and offers better frame perfection
than 50ms timeouts in at least this one example, there are bound to be
others.
[1]: https://dudemanguy.github.io/blog/posts/2022-06-10-wayland-xorg/wayland-xorg.html
Currently we can hit an assertion failure in the putNoClobber() call in
response to the down event since we fail to handle the cancel event.
This commit fixes that issue.
Currently we only support interactive move/resize with the pointer,
touch and tablet tool support are TODO.
Validate the serial here to ensure we don't start a pointer move/resize
in response to the client attempting to start a move/resize with
touch/tablet tool.
This fixes an assertion failure that the pointer's cursor is not hidden
during move/resize, which is how the issue was discovered. Another win
for assertions :)
Sensitive Wayland protocols such as wlr_screencopy and wlr_data_control
(clipboard managment) are now blocked by default inside security
contexts (e.g. flatpak 1.15.6 or later).
User configuration of the allowlist/blocklist is TODO.
