i3 feature support #2
Comments
|
Nice write up! Especially looking for a i3 statusbar |
|
It'll probably be a while before I tackle i3bar (swaybar?) |
|
exec implemented. |
ddevault
added a commit
that referenced
this issue
Aug 9, 2015
|
Today we implemented splith, splitv, fullscreen, and focus. Thanks for helping out, @jdiez17! |
|
workspace [name] done. |
|
You forgot the scratchpad functionality. |
|
Good call. |
|
Nice, I have been looking at i3way but there's no single line of code after so many years. I want to propose a feature request though, which i3 developers ignored: A tiling mode for binary space layout representing windows as the leaves of a full binary tree, very similar to default window tiling mode that comes with bspwm. It could be very handy letting the software manage my windows(specially terminals) instead of managing the arrangement in a single desktop. I don't want to break any compatibility though so I am hoping it does not. Also an option to set the gap between windows would be nice. This was done in i3 but by a third party git fork. I don't know why it was deemed not a necessity by i3 developers. BTW This project should also get its own website. |
Perhaps eventually. That doesn't sound like it needs to be a high priority.
This is in the list of features to add.
Yeah, it'll have one eventually. |
Due to it not fitting the i3 way, which means using all the screen space. I can understand why, but that doesn't mean this project has to enforce the same rules. |
|
Will have a go at the move command. Should have some results tonight. |
|
Hi. I want to propose a feature request: vertical bar. I think the easiest way is to only do a 90° rotation. The text orientation should be configurable: bottom to top, or top to bottom. |
|
Will consider that once we hit feature parity with i3. |
|
Sway looks like a really great project. I love i3, and the lack of something similar is the only thing that has been stopping me from giving Wayland a try. Great work so far! However, looking at the list above, I see that sway is still missing tabbed layout, which is essential for my workflow; I use it heavily in i3. This is the main thing stopping me from trying out sway at this point. I could live without the other missing features. Once tabbed layout is done, I will try playing around with sway. I am really looking forward to it. Hope to catch/report some bugs and maybe contribute some patches. I honestly think this project has the potential to eventually become even better than i3. |
|
The tabbed layout is sort of blocked by the lack of borders. |
|
@Swoorup This is off-topic, but
We don't want this in i3 for many reasons. For one, the i3-gaps patch (of which I am the maintainer) is really more of a hack (for example, window decorations don't work with it). But that could be solved. However, gaps violate the i3 tiling philosophy and that is why they will never be found in i3 itself. Being a collaborator of i3 I understand this reasoning, being the maintainer of i3-gaps I obviously personally prefer gaps, though. ;) |
|
Would it be sensible to have our own wallpaper management, or somehow hook into a process like feh? |
|
No, we'll have something like feh for you to use instead. |
|
And you can't do that hinting, I've been asking @Cloudef for it in wlc for a while. |
Closed
|
hi, |
|
That's not really our problem, it's wlc's problem. And wlc let's you set it through XKB environment variables, |
|
@SirCmpwn In the longterm, sway should implement configuration options for input and output devices, but that has to wait until wlc implements an API for that. Maybe even provide some ipc options to allow dynamic changes like xinput/xrandr. |
|
Sway already does provide configuration options to alter the size, position, and status(on/off) of monitors. As of right now dynamic changes are not available though. |
|
Sorry , but the other keyboard are not supported on my pc (fr). |
|
I used to use bindcode in i3 for unknown symbols. I'm guessing another wlc feature. —Reply to this email directly or view it on GitHub. |
|
bindcode isn't supported on sway yet. Try binding "ampersand". |
|
yes i have try but i have the message. |
|
Updated with features from i3 4.11. |
kennylevinsen
pushed a commit
that referenced
this issue
Apr 22, 2021
remove view from its own unmap event listener so when subsurfaces
link try to remove themselves they won't run into it.
This fixes the following ASAN use-after-free error on a build slightly
modified to instrument wl_list operations:
==71705==ERROR: AddressSanitizer: heap-use-after-free on address 0x6160000829a0 at pc 0x000000508eb7 bp 0x7ffec8fd8030 sp 0x7ffec8fd8028
WRITE of size 8 at 0x6160000829a0 thread T0
#0 0x508eb6 in wl_list_remove ../common/list.c:181
#1 0x4f4998 in view_child_destroy ../sway/tree/view.c:1131
#2 0x4f38fa in subsurface_handle_destroy ../sway/tree/view.c:946
#3 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
#4 0x7fda5072f0dd in subsurface_destroy ../types/wlr_surface.c:649
#5 0x7fda507312c4 in subsurface_handle_surface_destroy ../types/wlr_surface.c:1094
#6 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
#7 0x7fda5072f305 in surface_handle_resource_destroy ../types/wlr_surface.c:677
#8 0x7fda508180ce in destroy_resource (/lib64/libwayland-server.so.0+0xc0ce)
#9 0x7fda508187f2 in wl_client_destroy (/lib64/libwayland-server.so.0+0xc7f2)
#10 0x7fda50818e5f in wl_client_connection_data (/lib64/libwayland-server.so.0+0xce5f)
#11 0x7fda50818219 in wl_event_loop_dispatch (/lib64/libwayland-server.so.0+0xc219)
#12 0x7fda50818984 in wl_display_run (/lib64/libwayland-server.so.0+0xc984)
#13 0x43122c in server_run ../sway/server.c:254
#14 0x42f47c in main ../sway/main.c:433
#15 0x7fda503cab74 in __libc_start_main (/lib64/libc.so.6+0x27b74)
#16 0x40f6fd in _start (/opt/wayland/bin/sway+0x40f6fd)
0x6160000829a0 is located 288 bytes inside of 592-byte region [0x616000082880,0x616000082ad0)
freed by thread T0 here:
#0 0x7fda50f01a27 in free (/lib64/libasan.so.6+0xaea27)
#1 0x4532d8 in destroy ../sway/desktop/xdg_shell.c:262
#2 0x4ed17b in view_destroy ../sway/tree/view.c:67
#3 0x4ed300 in view_begin_destroy ../sway/tree/view.c:83
#4 0x454a3f in handle_destroy ../sway/desktop/xdg_shell.c:507
#5 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
#6 0x7fda506e2c87 in reset_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:481
#7 0x7fda506e3018 in destroy_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:516
#8 0x7fda506dfbe5 in xdg_client_handle_resource_destroy ../types/xdg_shell/wlr_xdg_shell.c:71
#9 0x7fda508180ce in destroy_resource (/lib64/libwayland-server.so.0+0xc0ce)
previously allocated by thread T0 here:
#0 0x7fda50f01ed7 in calloc (/lib64/libasan.so.6+0xaeed7)
#1 0x454bc8 in handle_xdg_shell_surface ../sway/desktop/xdg_shell.c:528
#2 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
#3 0x7fda506e2363 in handle_xdg_surface_commit ../types/xdg_shell/wlr_xdg_surface.c:378
#4 0x7fda5072e368 in surface_commit_state ../types/wlr_surface.c:455
#5 0x7fda5072e51d in surface_commit_pending ../types/wlr_surface.c:474
#6 0x7fda5072ea58 in surface_commit ../types/wlr_surface.c:542
#7 0x7fda4fb3ac03 in ffi_call_unix64 (/lib64/libffi.so.6+0x6c03)
Fixes #5168
Emantor
added a commit
to Emantor/sway
that referenced
this issue
Apr 29, 2021
When a criteria places the view into the scratchpad, map_ws is NULL and
trying to access map_ws->fullscreen will result in SIGSEGFAULT with:
#0 0x0000000000455327 in should_focus (view=0x15a6a70) at ../sway/tree/view.c:604
prev_con = 0x0
len = <optimized out>
seat = 0x12233c0
prev_ws = 0x1264c80
map_ws = 0x0
criterias = <optimized out>
seat = <optimized out>
prev_con = <optimized out>
prev_ws = <optimized out>
map_ws = <optimized out>
criterias = <optimized out>
len = <optimized out>
num_children = <optimized out>
swaywm#1 view_map (view=view@entry=0x15a6a70, wlr_surface=0x15a5cb0, fullscreen=<optimized out>, fullscreen_output=<optimized out>, decoration=<optimized out>) at ../sway/tree/view.c:809
__PRETTY_FUNCTION__ = "view_map"
ws = <optimized out>
seat = <optimized out>
node = <optimized out>
target_sibling = <optimized out>
container = 0x1625400
set_focus = <optimized out>
app_id = <optimized out>
class = <optimized out>
swaywm#2 0x0000000000423a7e in handle_map (listener=0x15a6c78, data=<optimized out>) at ../sway/desktop/xdg_shell.c:454
xdg_shell_view = 0x15a6a70
view = 0x15a6a70
xdg_surface = 0x15a6620
csd = <optimized out>
swaywm#3 0x00007f508bd3674c in wlr_signal_emit_safe (signal=signal@entry=0x15a6718, data=data@entry=0x15a6620) at ../subprojects/wlroots/util/signal.c:29
pos = 0x15a6c78
l = 0x15a6c78
cursor = {link = {prev = 0x15a6c78, next = 0x7fff53d58190}, notify = 0x7f508bd366c0 <handle_noop>}
end = {link = {prev = 0x7fff53d58170, next = 0x15a6718}, notify = 0x7f508bd366c0 <handle_noop>}
swaywm#4 0x00007f508bd15b29 in handle_xdg_surface_commit (wlr_surface=<optimized out>) at ../subprojects/wlroots/types/xdg_shell/wlr_xdg_surface.c:384
surface = 0x15a6620
swaywm#5 0x00007f508bd2e981 in surface_commit_state (surface=surface@entry=0x15a5cb0, next=next@entry=0x15a5e18) at ../subprojects/wlroots/types/wlr_surface.c:455
__PRETTY_FUNCTION__ = "surface_commit_state"
invalid_buffer = <optimized out>
subsurface = 0x15a6038
swaywm#6 0x00007f508bd2f53b in surface_commit_pending (surface=0x15a5cb0) at ../subprojects/wlroots/types/wlr_surface.c:474
next_seq = 3
next_seq = <optimized out>
swaywm#7 surface_commit (client=<optimized out>, resource=<optimized out>) at ../subprojects/wlroots/types/wlr_surface.c:542
surface = 0x15a5cb0
subsurface = <optimized out>
If map_ws is NULL we assume the view is places into the scratchpad and
return false as well.
emersion
pushed a commit
that referenced
this issue
Apr 29, 2021
When a criteria places the view into the scratchpad, map_ws is NULL and
trying to access map_ws->fullscreen will result in SIGSEGFAULT with:
#0 0x0000000000455327 in should_focus (view=0x15a6a70) at ../sway/tree/view.c:604
prev_con = 0x0
len = <optimized out>
seat = 0x12233c0
prev_ws = 0x1264c80
map_ws = 0x0
criterias = <optimized out>
seat = <optimized out>
prev_con = <optimized out>
prev_ws = <optimized out>
map_ws = <optimized out>
criterias = <optimized out>
len = <optimized out>
num_children = <optimized out>
#1 view_map (view=view@entry=0x15a6a70, wlr_surface=0x15a5cb0, fullscreen=<optimized out>, fullscreen_output=<optimized out>, decoration=<optimized out>) at ../sway/tree/view.c:809
__PRETTY_FUNCTION__ = "view_map"
ws = <optimized out>
seat = <optimized out>
node = <optimized out>
target_sibling = <optimized out>
container = 0x1625400
set_focus = <optimized out>
app_id = <optimized out>
class = <optimized out>
#2 0x0000000000423a7e in handle_map (listener=0x15a6c78, data=<optimized out>) at ../sway/desktop/xdg_shell.c:454
xdg_shell_view = 0x15a6a70
view = 0x15a6a70
xdg_surface = 0x15a6620
csd = <optimized out>
#3 0x00007f508bd3674c in wlr_signal_emit_safe (signal=signal@entry=0x15a6718, data=data@entry=0x15a6620) at ../subprojects/wlroots/util/signal.c:29
pos = 0x15a6c78
l = 0x15a6c78
cursor = {link = {prev = 0x15a6c78, next = 0x7fff53d58190}, notify = 0x7f508bd366c0 <handle_noop>}
end = {link = {prev = 0x7fff53d58170, next = 0x15a6718}, notify = 0x7f508bd366c0 <handle_noop>}
#4 0x00007f508bd15b29 in handle_xdg_surface_commit (wlr_surface=<optimized out>) at ../subprojects/wlroots/types/xdg_shell/wlr_xdg_surface.c:384
surface = 0x15a6620
#5 0x00007f508bd2e981 in surface_commit_state (surface=surface@entry=0x15a5cb0, next=next@entry=0x15a5e18) at ../subprojects/wlroots/types/wlr_surface.c:455
__PRETTY_FUNCTION__ = "surface_commit_state"
invalid_buffer = <optimized out>
subsurface = 0x15a6038
#6 0x00007f508bd2f53b in surface_commit_pending (surface=0x15a5cb0) at ../subprojects/wlroots/types/wlr_surface.c:474
next_seq = 3
next_seq = <optimized out>
#7 surface_commit (client=<optimized out>, resource=<optimized out>) at ../subprojects/wlroots/types/wlr_surface.c:542
surface = 0x15a5cb0
subsurface = <optimized out>
If map_ws is NULL we assume the view is places into the scratchpad and
return false as well.
RagnarGrootKoerkamp
pushed a commit
to RagnarGrootKoerkamp/sway
that referenced
this issue
Jun 17, 2021
remove view from its own unmap event listener so when subsurfaces
link try to remove themselves they won't run into it.
This fixes the following ASAN use-after-free error on a build slightly
modified to instrument wl_list operations:
==71705==ERROR: AddressSanitizer: heap-use-after-free on address 0x6160000829a0 at pc 0x000000508eb7 bp 0x7ffec8fd8030 sp 0x7ffec8fd8028
WRITE of size 8 at 0x6160000829a0 thread T0
#0 0x508eb6 in wl_list_remove ../common/list.c:181
swaywm#1 0x4f4998 in view_child_destroy ../sway/tree/view.c:1131
swaywm#2 0x4f38fa in subsurface_handle_destroy ../sway/tree/view.c:946
swaywm#3 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
swaywm#4 0x7fda5072f0dd in subsurface_destroy ../types/wlr_surface.c:649
swaywm#5 0x7fda507312c4 in subsurface_handle_surface_destroy ../types/wlr_surface.c:1094
swaywm#6 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
swaywm#7 0x7fda5072f305 in surface_handle_resource_destroy ../types/wlr_surface.c:677
swaywm#8 0x7fda508180ce in destroy_resource (/lib64/libwayland-server.so.0+0xc0ce)
swaywm#9 0x7fda508187f2 in wl_client_destroy (/lib64/libwayland-server.so.0+0xc7f2)
swaywm#10 0x7fda50818e5f in wl_client_connection_data (/lib64/libwayland-server.so.0+0xce5f)
swaywm#11 0x7fda50818219 in wl_event_loop_dispatch (/lib64/libwayland-server.so.0+0xc219)
swaywm#12 0x7fda50818984 in wl_display_run (/lib64/libwayland-server.so.0+0xc984)
swaywm#13 0x43122c in server_run ../sway/server.c:254
swaywm#14 0x42f47c in main ../sway/main.c:433
swaywm#15 0x7fda503cab74 in __libc_start_main (/lib64/libc.so.6+0x27b74)
swaywm#16 0x40f6fd in _start (/opt/wayland/bin/sway+0x40f6fd)
0x6160000829a0 is located 288 bytes inside of 592-byte region [0x616000082880,0x616000082ad0)
freed by thread T0 here:
#0 0x7fda50f01a27 in free (/lib64/libasan.so.6+0xaea27)
swaywm#1 0x4532d8 in destroy ../sway/desktop/xdg_shell.c:262
swaywm#2 0x4ed17b in view_destroy ../sway/tree/view.c:67
swaywm#3 0x4ed300 in view_begin_destroy ../sway/tree/view.c:83
swaywm#4 0x454a3f in handle_destroy ../sway/desktop/xdg_shell.c:507
swaywm#5 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
swaywm#6 0x7fda506e2c87 in reset_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:481
swaywm#7 0x7fda506e3018 in destroy_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:516
swaywm#8 0x7fda506dfbe5 in xdg_client_handle_resource_destroy ../types/xdg_shell/wlr_xdg_shell.c:71
swaywm#9 0x7fda508180ce in destroy_resource (/lib64/libwayland-server.so.0+0xc0ce)
previously allocated by thread T0 here:
#0 0x7fda50f01ed7 in calloc (/lib64/libasan.so.6+0xaeed7)
swaywm#1 0x454bc8 in handle_xdg_shell_surface ../sway/desktop/xdg_shell.c:528
swaywm#2 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
swaywm#3 0x7fda506e2363 in handle_xdg_surface_commit ../types/xdg_shell/wlr_xdg_surface.c:378
swaywm#4 0x7fda5072e368 in surface_commit_state ../types/wlr_surface.c:455
swaywm#5 0x7fda5072e51d in surface_commit_pending ../types/wlr_surface.c:474
swaywm#6 0x7fda5072ea58 in surface_commit ../types/wlr_surface.c:542
swaywm#7 0x7fda4fb3ac03 in ffi_call_unix64 (/lib64/libffi.so.6+0x6c03)
Fixes swaywm#5168
RagnarGrootKoerkamp
pushed a commit
to RagnarGrootKoerkamp/sway
that referenced
this issue
Jun 17, 2021
When a criteria places the view into the scratchpad, map_ws is NULL and
trying to access map_ws->fullscreen will result in SIGSEGFAULT with:
#0 0x0000000000455327 in should_focus (view=0x15a6a70) at ../sway/tree/view.c:604
prev_con = 0x0
len = <optimized out>
seat = 0x12233c0
prev_ws = 0x1264c80
map_ws = 0x0
criterias = <optimized out>
seat = <optimized out>
prev_con = <optimized out>
prev_ws = <optimized out>
map_ws = <optimized out>
criterias = <optimized out>
len = <optimized out>
num_children = <optimized out>
swaywm#1 view_map (view=view@entry=0x15a6a70, wlr_surface=0x15a5cb0, fullscreen=<optimized out>, fullscreen_output=<optimized out>, decoration=<optimized out>) at ../sway/tree/view.c:809
__PRETTY_FUNCTION__ = "view_map"
ws = <optimized out>
seat = <optimized out>
node = <optimized out>
target_sibling = <optimized out>
container = 0x1625400
set_focus = <optimized out>
app_id = <optimized out>
class = <optimized out>
swaywm#2 0x0000000000423a7e in handle_map (listener=0x15a6c78, data=<optimized out>) at ../sway/desktop/xdg_shell.c:454
xdg_shell_view = 0x15a6a70
view = 0x15a6a70
xdg_surface = 0x15a6620
csd = <optimized out>
swaywm#3 0x00007f508bd3674c in wlr_signal_emit_safe (signal=signal@entry=0x15a6718, data=data@entry=0x15a6620) at ../subprojects/wlroots/util/signal.c:29
pos = 0x15a6c78
l = 0x15a6c78
cursor = {link = {prev = 0x15a6c78, next = 0x7fff53d58190}, notify = 0x7f508bd366c0 <handle_noop>}
end = {link = {prev = 0x7fff53d58170, next = 0x15a6718}, notify = 0x7f508bd366c0 <handle_noop>}
swaywm#4 0x00007f508bd15b29 in handle_xdg_surface_commit (wlr_surface=<optimized out>) at ../subprojects/wlroots/types/xdg_shell/wlr_xdg_surface.c:384
surface = 0x15a6620
swaywm#5 0x00007f508bd2e981 in surface_commit_state (surface=surface@entry=0x15a5cb0, next=next@entry=0x15a5e18) at ../subprojects/wlroots/types/wlr_surface.c:455
__PRETTY_FUNCTION__ = "surface_commit_state"
invalid_buffer = <optimized out>
subsurface = 0x15a6038
swaywm#6 0x00007f508bd2f53b in surface_commit_pending (surface=0x15a5cb0) at ../subprojects/wlroots/types/wlr_surface.c:474
next_seq = 3
next_seq = <optimized out>
swaywm#7 surface_commit (client=<optimized out>, resource=<optimized out>) at ../subprojects/wlroots/types/wlr_surface.c:542
surface = 0x15a5cb0
subsurface = <optimized out>
If map_ws is NULL we assume the view is places into the scratchpad and
return false as well.
emersion
pushed a commit
to emersion/sway
that referenced
this issue
Jun 23, 2021
remove view from its own unmap event listener so when subsurfaces
link try to remove themselves they won't run into it.
This fixes the following ASAN use-after-free error on a build slightly
modified to instrument wl_list operations:
==71705==ERROR: AddressSanitizer: heap-use-after-free on address 0x6160000829a0 at pc 0x000000508eb7 bp 0x7ffec8fd8030 sp 0x7ffec8fd8028
WRITE of size 8 at 0x6160000829a0 thread T0
#0 0x508eb6 in wl_list_remove ../common/list.c:181
swaywm#1 0x4f4998 in view_child_destroy ../sway/tree/view.c:1131
swaywm#2 0x4f38fa in subsurface_handle_destroy ../sway/tree/view.c:946
swaywm#3 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
swaywm#4 0x7fda5072f0dd in subsurface_destroy ../types/wlr_surface.c:649
swaywm#5 0x7fda507312c4 in subsurface_handle_surface_destroy ../types/wlr_surface.c:1094
swaywm#6 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
swaywm#7 0x7fda5072f305 in surface_handle_resource_destroy ../types/wlr_surface.c:677
swaywm#8 0x7fda508180ce in destroy_resource (/lib64/libwayland-server.so.0+0xc0ce)
swaywm#9 0x7fda508187f2 in wl_client_destroy (/lib64/libwayland-server.so.0+0xc7f2)
swaywm#10 0x7fda50818e5f in wl_client_connection_data (/lib64/libwayland-server.so.0+0xce5f)
swaywm#11 0x7fda50818219 in wl_event_loop_dispatch (/lib64/libwayland-server.so.0+0xc219)
swaywm#12 0x7fda50818984 in wl_display_run (/lib64/libwayland-server.so.0+0xc984)
swaywm#13 0x43122c in server_run ../sway/server.c:254
swaywm#14 0x42f47c in main ../sway/main.c:433
swaywm#15 0x7fda503cab74 in __libc_start_main (/lib64/libc.so.6+0x27b74)
swaywm#16 0x40f6fd in _start (/opt/wayland/bin/sway+0x40f6fd)
0x6160000829a0 is located 288 bytes inside of 592-byte region [0x616000082880,0x616000082ad0)
freed by thread T0 here:
#0 0x7fda50f01a27 in free (/lib64/libasan.so.6+0xaea27)
swaywm#1 0x4532d8 in destroy ../sway/desktop/xdg_shell.c:262
swaywm#2 0x4ed17b in view_destroy ../sway/tree/view.c:67
swaywm#3 0x4ed300 in view_begin_destroy ../sway/tree/view.c:83
swaywm#4 0x454a3f in handle_destroy ../sway/desktop/xdg_shell.c:507
swaywm#5 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
swaywm#6 0x7fda506e2c87 in reset_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:481
swaywm#7 0x7fda506e3018 in destroy_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:516
swaywm#8 0x7fda506dfbe5 in xdg_client_handle_resource_destroy ../types/xdg_shell/wlr_xdg_shell.c:71
swaywm#9 0x7fda508180ce in destroy_resource (/lib64/libwayland-server.so.0+0xc0ce)
previously allocated by thread T0 here:
#0 0x7fda50f01ed7 in calloc (/lib64/libasan.so.6+0xaeed7)
swaywm#1 0x454bc8 in handle_xdg_shell_surface ../sway/desktop/xdg_shell.c:528
swaywm#2 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
swaywm#3 0x7fda506e2363 in handle_xdg_surface_commit ../types/xdg_shell/wlr_xdg_surface.c:378
swaywm#4 0x7fda5072e368 in surface_commit_state ../types/wlr_surface.c:455
swaywm#5 0x7fda5072e51d in surface_commit_pending ../types/wlr_surface.c:474
swaywm#6 0x7fda5072ea58 in surface_commit ../types/wlr_surface.c:542
swaywm#7 0x7fda4fb3ac03 in ffi_call_unix64 (/lib64/libffi.so.6+0x6c03)
Fixes swaywm#5168
(cherry picked from commit 8529141)
emersion
pushed a commit
to emersion/sway
that referenced
this issue
Jun 23, 2021
When a criteria places the view into the scratchpad, map_ws is NULL and
trying to access map_ws->fullscreen will result in SIGSEGFAULT with:
#0 0x0000000000455327 in should_focus (view=0x15a6a70) at ../sway/tree/view.c:604
prev_con = 0x0
len = <optimized out>
seat = 0x12233c0
prev_ws = 0x1264c80
map_ws = 0x0
criterias = <optimized out>
seat = <optimized out>
prev_con = <optimized out>
prev_ws = <optimized out>
map_ws = <optimized out>
criterias = <optimized out>
len = <optimized out>
num_children = <optimized out>
swaywm#1 view_map (view=view@entry=0x15a6a70, wlr_surface=0x15a5cb0, fullscreen=<optimized out>, fullscreen_output=<optimized out>, decoration=<optimized out>) at ../sway/tree/view.c:809
__PRETTY_FUNCTION__ = "view_map"
ws = <optimized out>
seat = <optimized out>
node = <optimized out>
target_sibling = <optimized out>
container = 0x1625400
set_focus = <optimized out>
app_id = <optimized out>
class = <optimized out>
swaywm#2 0x0000000000423a7e in handle_map (listener=0x15a6c78, data=<optimized out>) at ../sway/desktop/xdg_shell.c:454
xdg_shell_view = 0x15a6a70
view = 0x15a6a70
xdg_surface = 0x15a6620
csd = <optimized out>
swaywm#3 0x00007f508bd3674c in wlr_signal_emit_safe (signal=signal@entry=0x15a6718, data=data@entry=0x15a6620) at ../subprojects/wlroots/util/signal.c:29
pos = 0x15a6c78
l = 0x15a6c78
cursor = {link = {prev = 0x15a6c78, next = 0x7fff53d58190}, notify = 0x7f508bd366c0 <handle_noop>}
end = {link = {prev = 0x7fff53d58170, next = 0x15a6718}, notify = 0x7f508bd366c0 <handle_noop>}
swaywm#4 0x00007f508bd15b29 in handle_xdg_surface_commit (wlr_surface=<optimized out>) at ../subprojects/wlroots/types/xdg_shell/wlr_xdg_surface.c:384
surface = 0x15a6620
swaywm#5 0x00007f508bd2e981 in surface_commit_state (surface=surface@entry=0x15a5cb0, next=next@entry=0x15a5e18) at ../subprojects/wlroots/types/wlr_surface.c:455
__PRETTY_FUNCTION__ = "surface_commit_state"
invalid_buffer = <optimized out>
subsurface = 0x15a6038
swaywm#6 0x00007f508bd2f53b in surface_commit_pending (surface=0x15a5cb0) at ../subprojects/wlroots/types/wlr_surface.c:474
next_seq = 3
next_seq = <optimized out>
swaywm#7 surface_commit (client=<optimized out>, resource=<optimized out>) at ../subprojects/wlroots/types/wlr_surface.c:542
surface = 0x15a5cb0
subsurface = <optimized out>
If map_ws is NULL we assume the view is places into the scratchpad and
return false as well.
(cherry picked from commit 30e400c)
emersion
pushed a commit
to emersion/sway
that referenced
this issue
Jun 24, 2021
remove view from its own unmap event listener so when subsurfaces
link try to remove themselves they won't run into it.
This fixes the following ASAN use-after-free error on a build slightly
modified to instrument wl_list operations:
==71705==ERROR: AddressSanitizer: heap-use-after-free on address 0x6160000829a0 at pc 0x000000508eb7 bp 0x7ffec8fd8030 sp 0x7ffec8fd8028
WRITE of size 8 at 0x6160000829a0 thread T0
#0 0x508eb6 in wl_list_remove ../common/list.c:181
swaywm#1 0x4f4998 in view_child_destroy ../sway/tree/view.c:1131
swaywm#2 0x4f38fa in subsurface_handle_destroy ../sway/tree/view.c:946
swaywm#3 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
swaywm#4 0x7fda5072f0dd in subsurface_destroy ../types/wlr_surface.c:649
swaywm#5 0x7fda507312c4 in subsurface_handle_surface_destroy ../types/wlr_surface.c:1094
swaywm#6 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
swaywm#7 0x7fda5072f305 in surface_handle_resource_destroy ../types/wlr_surface.c:677
swaywm#8 0x7fda508180ce in destroy_resource (/lib64/libwayland-server.so.0+0xc0ce)
swaywm#9 0x7fda508187f2 in wl_client_destroy (/lib64/libwayland-server.so.0+0xc7f2)
swaywm#10 0x7fda50818e5f in wl_client_connection_data (/lib64/libwayland-server.so.0+0xce5f)
swaywm#11 0x7fda50818219 in wl_event_loop_dispatch (/lib64/libwayland-server.so.0+0xc219)
swaywm#12 0x7fda50818984 in wl_display_run (/lib64/libwayland-server.so.0+0xc984)
swaywm#13 0x43122c in server_run ../sway/server.c:254
swaywm#14 0x42f47c in main ../sway/main.c:433
swaywm#15 0x7fda503cab74 in __libc_start_main (/lib64/libc.so.6+0x27b74)
swaywm#16 0x40f6fd in _start (/opt/wayland/bin/sway+0x40f6fd)
0x6160000829a0 is located 288 bytes inside of 592-byte region [0x616000082880,0x616000082ad0)
freed by thread T0 here:
#0 0x7fda50f01a27 in free (/lib64/libasan.so.6+0xaea27)
swaywm#1 0x4532d8 in destroy ../sway/desktop/xdg_shell.c:262
swaywm#2 0x4ed17b in view_destroy ../sway/tree/view.c:67
swaywm#3 0x4ed300 in view_begin_destroy ../sway/tree/view.c:83
swaywm#4 0x454a3f in handle_destroy ../sway/desktop/xdg_shell.c:507
swaywm#5 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
swaywm#6 0x7fda506e2c87 in reset_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:481
swaywm#7 0x7fda506e3018 in destroy_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:516
swaywm#8 0x7fda506dfbe5 in xdg_client_handle_resource_destroy ../types/xdg_shell/wlr_xdg_shell.c:71
swaywm#9 0x7fda508180ce in destroy_resource (/lib64/libwayland-server.so.0+0xc0ce)
previously allocated by thread T0 here:
#0 0x7fda50f01ed7 in calloc (/lib64/libasan.so.6+0xaeed7)
swaywm#1 0x454bc8 in handle_xdg_shell_surface ../sway/desktop/xdg_shell.c:528
swaywm#2 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
swaywm#3 0x7fda506e2363 in handle_xdg_surface_commit ../types/xdg_shell/wlr_xdg_surface.c:378
swaywm#4 0x7fda5072e368 in surface_commit_state ../types/wlr_surface.c:455
swaywm#5 0x7fda5072e51d in surface_commit_pending ../types/wlr_surface.c:474
swaywm#6 0x7fda5072ea58 in surface_commit ../types/wlr_surface.c:542
swaywm#7 0x7fda4fb3ac03 in ffi_call_unix64 (/lib64/libffi.so.6+0x6c03)
Fixes swaywm#5168
(cherry picked from commit 8529141)
emersion
pushed a commit
to emersion/sway
that referenced
this issue
Jun 24, 2021
When a criteria places the view into the scratchpad, map_ws is NULL and
trying to access map_ws->fullscreen will result in SIGSEGFAULT with:
#0 0x0000000000455327 in should_focus (view=0x15a6a70) at ../sway/tree/view.c:604
prev_con = 0x0
len = <optimized out>
seat = 0x12233c0
prev_ws = 0x1264c80
map_ws = 0x0
criterias = <optimized out>
seat = <optimized out>
prev_con = <optimized out>
prev_ws = <optimized out>
map_ws = <optimized out>
criterias = <optimized out>
len = <optimized out>
num_children = <optimized out>
swaywm#1 view_map (view=view@entry=0x15a6a70, wlr_surface=0x15a5cb0, fullscreen=<optimized out>, fullscreen_output=<optimized out>, decoration=<optimized out>) at ../sway/tree/view.c:809
__PRETTY_FUNCTION__ = "view_map"
ws = <optimized out>
seat = <optimized out>
node = <optimized out>
target_sibling = <optimized out>
container = 0x1625400
set_focus = <optimized out>
app_id = <optimized out>
class = <optimized out>
swaywm#2 0x0000000000423a7e in handle_map (listener=0x15a6c78, data=<optimized out>) at ../sway/desktop/xdg_shell.c:454
xdg_shell_view = 0x15a6a70
view = 0x15a6a70
xdg_surface = 0x15a6620
csd = <optimized out>
swaywm#3 0x00007f508bd3674c in wlr_signal_emit_safe (signal=signal@entry=0x15a6718, data=data@entry=0x15a6620) at ../subprojects/wlroots/util/signal.c:29
pos = 0x15a6c78
l = 0x15a6c78
cursor = {link = {prev = 0x15a6c78, next = 0x7fff53d58190}, notify = 0x7f508bd366c0 <handle_noop>}
end = {link = {prev = 0x7fff53d58170, next = 0x15a6718}, notify = 0x7f508bd366c0 <handle_noop>}
swaywm#4 0x00007f508bd15b29 in handle_xdg_surface_commit (wlr_surface=<optimized out>) at ../subprojects/wlroots/types/xdg_shell/wlr_xdg_surface.c:384
surface = 0x15a6620
swaywm#5 0x00007f508bd2e981 in surface_commit_state (surface=surface@entry=0x15a5cb0, next=next@entry=0x15a5e18) at ../subprojects/wlroots/types/wlr_surface.c:455
__PRETTY_FUNCTION__ = "surface_commit_state"
invalid_buffer = <optimized out>
subsurface = 0x15a6038
swaywm#6 0x00007f508bd2f53b in surface_commit_pending (surface=0x15a5cb0) at ../subprojects/wlroots/types/wlr_surface.c:474
next_seq = 3
next_seq = <optimized out>
swaywm#7 surface_commit (client=<optimized out>, resource=<optimized out>) at ../subprojects/wlroots/types/wlr_surface.c:542
surface = 0x15a5cb0
subsurface = <optimized out>
If map_ws is NULL we assume the view is places into the scratchpad and
return false as well.
(cherry picked from commit 30e400c)
emersion
pushed a commit
that referenced
this issue
Jun 24, 2021
remove view from its own unmap event listener so when subsurfaces
link try to remove themselves they won't run into it.
This fixes the following ASAN use-after-free error on a build slightly
modified to instrument wl_list operations:
==71705==ERROR: AddressSanitizer: heap-use-after-free on address 0x6160000829a0 at pc 0x000000508eb7 bp 0x7ffec8fd8030 sp 0x7ffec8fd8028
WRITE of size 8 at 0x6160000829a0 thread T0
#0 0x508eb6 in wl_list_remove ../common/list.c:181
#1 0x4f4998 in view_child_destroy ../sway/tree/view.c:1131
#2 0x4f38fa in subsurface_handle_destroy ../sway/tree/view.c:946
#3 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
#4 0x7fda5072f0dd in subsurface_destroy ../types/wlr_surface.c:649
#5 0x7fda507312c4 in subsurface_handle_surface_destroy ../types/wlr_surface.c:1094
#6 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
#7 0x7fda5072f305 in surface_handle_resource_destroy ../types/wlr_surface.c:677
#8 0x7fda508180ce in destroy_resource (/lib64/libwayland-server.so.0+0xc0ce)
#9 0x7fda508187f2 in wl_client_destroy (/lib64/libwayland-server.so.0+0xc7f2)
#10 0x7fda50818e5f in wl_client_connection_data (/lib64/libwayland-server.so.0+0xce5f)
#11 0x7fda50818219 in wl_event_loop_dispatch (/lib64/libwayland-server.so.0+0xc219)
#12 0x7fda50818984 in wl_display_run (/lib64/libwayland-server.so.0+0xc984)
#13 0x43122c in server_run ../sway/server.c:254
#14 0x42f47c in main ../sway/main.c:433
#15 0x7fda503cab74 in __libc_start_main (/lib64/libc.so.6+0x27b74)
#16 0x40f6fd in _start (/opt/wayland/bin/sway+0x40f6fd)
0x6160000829a0 is located 288 bytes inside of 592-byte region [0x616000082880,0x616000082ad0)
freed by thread T0 here:
#0 0x7fda50f01a27 in free (/lib64/libasan.so.6+0xaea27)
#1 0x4532d8 in destroy ../sway/desktop/xdg_shell.c:262
#2 0x4ed17b in view_destroy ../sway/tree/view.c:67
#3 0x4ed300 in view_begin_destroy ../sway/tree/view.c:83
#4 0x454a3f in handle_destroy ../sway/desktop/xdg_shell.c:507
#5 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
#6 0x7fda506e2c87 in reset_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:481
#7 0x7fda506e3018 in destroy_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:516
#8 0x7fda506dfbe5 in xdg_client_handle_resource_destroy ../types/xdg_shell/wlr_xdg_shell.c:71
#9 0x7fda508180ce in destroy_resource (/lib64/libwayland-server.so.0+0xc0ce)
previously allocated by thread T0 here:
#0 0x7fda50f01ed7 in calloc (/lib64/libasan.so.6+0xaeed7)
#1 0x454bc8 in handle_xdg_shell_surface ../sway/desktop/xdg_shell.c:528
#2 0x7fda50744892 in wlr_signal_emit_safe ../util/signal.c:29
#3 0x7fda506e2363 in handle_xdg_surface_commit ../types/xdg_shell/wlr_xdg_surface.c:378
#4 0x7fda5072e368 in surface_commit_state ../types/wlr_surface.c:455
#5 0x7fda5072e51d in surface_commit_pending ../types/wlr_surface.c:474
#6 0x7fda5072ea58 in surface_commit ../types/wlr_surface.c:542
#7 0x7fda4fb3ac03 in ffi_call_unix64 (/lib64/libffi.so.6+0x6c03)
Fixes #5168
(cherry picked from commit 8529141)
emersion
pushed a commit
that referenced
this issue
Jun 24, 2021
When a criteria places the view into the scratchpad, map_ws is NULL and
trying to access map_ws->fullscreen will result in SIGSEGFAULT with:
#0 0x0000000000455327 in should_focus (view=0x15a6a70) at ../sway/tree/view.c:604
prev_con = 0x0
len = <optimized out>
seat = 0x12233c0
prev_ws = 0x1264c80
map_ws = 0x0
criterias = <optimized out>
seat = <optimized out>
prev_con = <optimized out>
prev_ws = <optimized out>
map_ws = <optimized out>
criterias = <optimized out>
len = <optimized out>
num_children = <optimized out>
#1 view_map (view=view@entry=0x15a6a70, wlr_surface=0x15a5cb0, fullscreen=<optimized out>, fullscreen_output=<optimized out>, decoration=<optimized out>) at ../sway/tree/view.c:809
__PRETTY_FUNCTION__ = "view_map"
ws = <optimized out>
seat = <optimized out>
node = <optimized out>
target_sibling = <optimized out>
container = 0x1625400
set_focus = <optimized out>
app_id = <optimized out>
class = <optimized out>
#2 0x0000000000423a7e in handle_map (listener=0x15a6c78, data=<optimized out>) at ../sway/desktop/xdg_shell.c:454
xdg_shell_view = 0x15a6a70
view = 0x15a6a70
xdg_surface = 0x15a6620
csd = <optimized out>
#3 0x00007f508bd3674c in wlr_signal_emit_safe (signal=signal@entry=0x15a6718, data=data@entry=0x15a6620) at ../subprojects/wlroots/util/signal.c:29
pos = 0x15a6c78
l = 0x15a6c78
cursor = {link = {prev = 0x15a6c78, next = 0x7fff53d58190}, notify = 0x7f508bd366c0 <handle_noop>}
end = {link = {prev = 0x7fff53d58170, next = 0x15a6718}, notify = 0x7f508bd366c0 <handle_noop>}
#4 0x00007f508bd15b29 in handle_xdg_surface_commit (wlr_surface=<optimized out>) at ../subprojects/wlroots/types/xdg_shell/wlr_xdg_surface.c:384
surface = 0x15a6620
#5 0x00007f508bd2e981 in surface_commit_state (surface=surface@entry=0x15a5cb0, next=next@entry=0x15a5e18) at ../subprojects/wlroots/types/wlr_surface.c:455
__PRETTY_FUNCTION__ = "surface_commit_state"
invalid_buffer = <optimized out>
subsurface = 0x15a6038
#6 0x00007f508bd2f53b in surface_commit_pending (surface=0x15a5cb0) at ../subprojects/wlroots/types/wlr_surface.c:474
next_seq = 3
next_seq = <optimized out>
#7 surface_commit (client=<optimized out>, resource=<optimized out>) at ../subprojects/wlroots/types/wlr_surface.c:542
surface = 0x15a5cb0
subsurface = <optimized out>
If map_ws is NULL we assume the view is places into the scratchpad and
return false as well.
(cherry picked from commit 30e400c)
FlexW
pushed a commit
to FlexW/sway
that referenced
this issue
Aug 1, 2021
Signed-off-by: Felix Weilbach <[email protected]>
This was referenced Nov 29, 2021
Closed
Nefsen402
added a commit
to Nefsen402/sway
that referenced
this issue
Dec 13, 2021
There seems to be a null pointer access that can happen. I was able to reproduce this by running the cemu emulator[1] with the new collabora wine wayland driver[2] and opening and closing some sub menus. Adding a trival null check seems to do the trick to stop sway from crashing and returning to tty and everything else works normally. [1]: http://cemu.info/ [2]: https://www.winehq.org/pipermail/wine-devel/2021-December/203035.html Stack trace from lldb: * thread #1, name = 'sway', stop reason = signal SIGSEGV: invalid address (fault address: 0xf8) frame #0: 0x00005555555c3fc3 sway`view_child_init(child=0x0000555555f67940, impl=0x00005555555ee030, view=0x00005555565bc590, surface=0x00005555565b6940) at view.c:1117:25 1114 wl_signal_add(&view->events.unmap, &child->view_unmap); 1115 child->view_unmap.notify = view_child_handle_view_unmap; 1116 -> 1117 struct sway_workspace *workspace = child->view->container->pending.workspace; 1118 if (workspace) { 1119 wlr_surface_send_enter(child->surface, workspace->output->wlr_output); 1120 } (lldb) up error: sway {0x000342ab}: DIE has DW_AT_ranges(DW_FORM_sec_offset 0x67) attribute, but range extraction failed (invalid range list offset 0x67), please file a bug and attach the file at the start of this error message frame #1: 0x00005555555c39f8 sway`view_child_subsurface_create(child=0x00005555564a10d0, wlr_subsurface=0x0000555556586910) at view.c:985:2 982 } 983 subsurface->child.parent = child; 984 wl_list_insert(&child->children, &subsurface->child.link); -> 985 view_child_init(&subsurface->child, &subsurface_impl, child->view, 986 wlr_subsurface->surface); 987 988 wl_signal_add(&wlr_subsurface->events.destroy, &subsurface->destroy); (lldb) up frame swaywm#2: 0x00005555555c3c2a sway`view_child_handle_surface_new_subsurface(listener=0x00005555564a1130, data=0x0000555556586910) at view.c:1031:2 1028 struct sway_view_child *child = 1029 wl_container_of(listener, child, surface_new_subsurface); 1030 struct wlr_subsurface *subsurface = data; -> 1031 view_child_subsurface_create(child, subsurface); 1032 } 1033 1034 static void view_child_handle_surface_destroy(struct wl_listener *listener, (lldb) up frame swaywm#3: 0x00007ffff78f4bfe libwlroots.so.10`wlr_signal_emit_safe(signal=0x00005555565b2470, data=0x0000555556586910) at signal.c:29:3 26 wl_list_remove(&cursor.link); 27 wl_list_insert(pos, &cursor.link); 28 -> 29 l->notify(l, data); 30 } 31 32 wl_list_remove(&cursor.link); (lldb) up frame swaywm#4: 0x00007ffff78e5a41 libwlroots.so.10`subsurface_parent_commit(subsurface=0x0000555556586910) at wlr_surface.c:517:3 514 515 if (!subsurface->added) { 516 subsurface->added = true; -> 517 wlr_signal_emit_safe(&subsurface->parent->events.new_subsurface, 518 subsurface); 519 } 520 } (lldb) up frame swaywm#5: 0x00007ffff78e56fa libwlroots.so.10`surface_commit_state(surface=0x00005555565b21b0, next=0x00005555565b2338) at wlr_surface.c:439:3 436 wl_list_insert(&surface->current.subsurfaces_above, 437 &subsurface->current.link); 438 -> 439 subsurface_parent_commit(subsurface); 440 } 441 wl_list_for_each_reverse(subsurface, &surface->pending.subsurfaces_below, 442 pending.link) { (lldb) up frame swaywm#6: 0x00007ffff78e5b88 libwlroots.so.10`surface_handle_commit(client=0x0000555556564c80, resource=0x0000555556599a20) at wlr_surface.c:555:3 552 if (surface->pending.cached_state_locks > 0 || !wl_list_empty(&surface->cached)) { 553 surface_cache_pending(surface); 554 } else { -> 555 surface_commit_state(surface, &surface->pending); 556 } 557 } 558 (lldb) up frame swaywm#7: 0x00007ffff7000d4a libffi.so.8`___lldb_unnamed_symbol118 + 82 libffi.so.8`___lldb_unnamed_symbol118: -> 0x7ffff7000d4a <+82>: leaq 0x18(%rbp), %rsp 0x7ffff7000d4e <+86>: movq (%rbp), %rcx 0x7ffff7000d52 <+90>: movq 0x8(%rbp), %rdi 0x7ffff7000d56 <+94>: movq 0x10(%rbp), %rbp (lldb) up frame swaywm#8: 0x00007ffff7000267 libffi.so.8`___lldb_unnamed_symbol115 + 439 libffi.so.8`___lldb_unnamed_symbol115: -> 0x7ffff7000267 <+439>: movq -0x38(%rbp), %rax 0x7ffff700026b <+443>: subq %fs:0x28, %rax 0x7ffff7000274 <+452>: jne 0x7ffff70004e7 ; <+1079> 0x7ffff700027a <+458>: leaq -0x28(%rbp), %rsp (lldb) up frame swaywm#9: 0x00007ffff795a173 libwayland-server.so.0`___lldb_unnamed_symbol271 + 371 libwayland-server.so.0`___lldb_unnamed_symbol271: -> 0x7ffff795a173 <+371>: movq 0x8(%r12), %rax 0x7ffff795a178 <+376>: movq 0x8(%rax), %rdi 0x7ffff795a17c <+380>: movl (%r12), %eax 0x7ffff795a180 <+384>: testl %eax, %eax (lldb) up frame swaywm#10: 0x00007ffff795555c libwayland-server.so.0`___lldb_unnamed_symbol210 + 588 libwayland-server.so.0`___lldb_unnamed_symbol210: -> 0x7ffff795555c <+588>: jmp 0x7ffff7955435 ; <+293> 0x7ffff7955561 <+593>: nopl (%rax) 0x7ffff7955568 <+600>: callq *0xd76a(%rip) 0x7ffff795556e <+606>: cmpl $0xb, (%rax) (lldb) up frame swaywm#11: 0x00007ffff795804a libwayland-server.so.0`wl_event_loop_dispatch + 202 libwayland-server.so.0`wl_event_loop_dispatch: -> 0x7ffff795804a <+202>: addq $0xc, %r15 0x7ffff795804e <+206>: cmpq %r15, %rbp 0x7ffff7958051 <+209>: jne 0x7ffff7958038 ; <+184> 0x7ffff7958053 <+211>: movq 0x8(%rsp), %rcx1 (lldb) up frame swaywm#12: 0x00007ffff7955bc7 libwayland-server.so.0`wl_display_run + 39 libwayland-server.so.0`wl_display_run: -> 0x7ffff7955bc7 <+39>: movl 0x8(%rbx), %eax 0x7ffff7955bca <+42>: testl %eax, %eax 0x7ffff7955bcc <+44>: jne 0x7ffff7955bb0 ; <+16> 0x7ffff7955bce <+46>: popq %rbx (lldb) up frame swaywm#13: 0x00005555555756eb sway`server_run(server=0x00005555555f0640) at server.c:296:2 293 void server_run(struct sway_server *server) { 294 sway_log(SWAY_INFO, "Running compositor on wayland display '%s'", 295 server->socket); -> 296 wl_display_run(server->wl_display); 297 } (lldb) up frame swaywm#14: 0x0000555555574947 sway`main(argc=1, argv=0x00007fffffffe8d8) at main.c:428:2 425 swaynag_show(&config->swaynag_config_errors); 426 } 427 -> 428 server_run(&server); 429 430 shutdown: 431 sway_log(SWAY_INFO, "Shutting down sway"); (lldb) up frame swaywm#15: 0x00007ffff761db25 libc.so.6`__libc_start_main + 213 libc.so.6`__libc_start_main: -> 0x7ffff761db25 <+213>: movl %eax, %edi 0x7ffff761db27 <+215>: callq 0x7ffff7635630 ; exit 0x7ffff761db2c <+220>: movq (%rsp), %rax 0x7ffff761db30 <+224>: leaq 0x163929(%rip), %rdi (lldb) up frame swaywm#16: 0x00005555555656be sway`_start + 46 sway`_start: -> 0x5555555656be <+46>: hlt 0x5555555656bf: nop sway`deregister_tm_clones: 0x5555555656c0 <+0>: leaq 0x8aeb9(%rip), %rdi ; optind@GLIBC_2.2.5 0x5555555656c7 <+7>: leaq 0x8aeb2(%rip), %rax ; optind@GLIBC_2.2.5 Signed-off-by: Alexander Orzechowski <[email protected]>
emersion
pushed a commit
that referenced
this issue
Dec 13, 2021
There seems to be a null pointer access that can happen. I was able to reproduce this by running the cemu emulator[1] with the new collabora wine wayland driver[2] and opening and closing some sub menus. Adding a trival null check seems to do the trick to stop sway from crashing and returning to tty and everything else works normally. [1]: http://cemu.info/ [2]: https://www.winehq.org/pipermail/wine-devel/2021-December/203035.html Stack trace from lldb: * thread #1, name = 'sway', stop reason = signal SIGSEGV: invalid address (fault address: 0xf8) frame #0: 0x00005555555c3fc3 sway`view_child_init(child=0x0000555555f67940, impl=0x00005555555ee030, view=0x00005555565bc590, surface=0x00005555565b6940) at view.c:1117:25 1114 wl_signal_add(&view->events.unmap, &child->view_unmap); 1115 child->view_unmap.notify = view_child_handle_view_unmap; 1116 -> 1117 struct sway_workspace *workspace = child->view->container->pending.workspace; 1118 if (workspace) { 1119 wlr_surface_send_enter(child->surface, workspace->output->wlr_output); 1120 } (lldb) up error: sway {0x000342ab}: DIE has DW_AT_ranges(DW_FORM_sec_offset 0x67) attribute, but range extraction failed (invalid range list offset 0x67), please file a bug and attach the file at the start of this error message frame #1: 0x00005555555c39f8 sway`view_child_subsurface_create(child=0x00005555564a10d0, wlr_subsurface=0x0000555556586910) at view.c:985:2 982 } 983 subsurface->child.parent = child; 984 wl_list_insert(&child->children, &subsurface->child.link); -> 985 view_child_init(&subsurface->child, &subsurface_impl, child->view, 986 wlr_subsurface->surface); 987 988 wl_signal_add(&wlr_subsurface->events.destroy, &subsurface->destroy); (lldb) up frame #2: 0x00005555555c3c2a sway`view_child_handle_surface_new_subsurface(listener=0x00005555564a1130, data=0x0000555556586910) at view.c:1031:2 1028 struct sway_view_child *child = 1029 wl_container_of(listener, child, surface_new_subsurface); 1030 struct wlr_subsurface *subsurface = data; -> 1031 view_child_subsurface_create(child, subsurface); 1032 } 1033 1034 static void view_child_handle_surface_destroy(struct wl_listener *listener, (lldb) up frame #3: 0x00007ffff78f4bfe libwlroots.so.10`wlr_signal_emit_safe(signal=0x00005555565b2470, data=0x0000555556586910) at signal.c:29:3 26 wl_list_remove(&cursor.link); 27 wl_list_insert(pos, &cursor.link); 28 -> 29 l->notify(l, data); 30 } 31 32 wl_list_remove(&cursor.link); (lldb) up frame #4: 0x00007ffff78e5a41 libwlroots.so.10`subsurface_parent_commit(subsurface=0x0000555556586910) at wlr_surface.c:517:3 514 515 if (!subsurface->added) { 516 subsurface->added = true; -> 517 wlr_signal_emit_safe(&subsurface->parent->events.new_subsurface, 518 subsurface); 519 } 520 } (lldb) up frame #5: 0x00007ffff78e56fa libwlroots.so.10`surface_commit_state(surface=0x00005555565b21b0, next=0x00005555565b2338) at wlr_surface.c:439:3 436 wl_list_insert(&surface->current.subsurfaces_above, 437 &subsurface->current.link); 438 -> 439 subsurface_parent_commit(subsurface); 440 } 441 wl_list_for_each_reverse(subsurface, &surface->pending.subsurfaces_below, 442 pending.link) { (lldb) up frame #6: 0x00007ffff78e5b88 libwlroots.so.10`surface_handle_commit(client=0x0000555556564c80, resource=0x0000555556599a20) at wlr_surface.c:555:3 552 if (surface->pending.cached_state_locks > 0 || !wl_list_empty(&surface->cached)) { 553 surface_cache_pending(surface); 554 } else { -> 555 surface_commit_state(surface, &surface->pending); 556 } 557 } 558 (lldb) up frame #7: 0x00007ffff7000d4a libffi.so.8`___lldb_unnamed_symbol118 + 82 libffi.so.8`___lldb_unnamed_symbol118: -> 0x7ffff7000d4a <+82>: leaq 0x18(%rbp), %rsp 0x7ffff7000d4e <+86>: movq (%rbp), %rcx 0x7ffff7000d52 <+90>: movq 0x8(%rbp), %rdi 0x7ffff7000d56 <+94>: movq 0x10(%rbp), %rbp (lldb) up frame #8: 0x00007ffff7000267 libffi.so.8`___lldb_unnamed_symbol115 + 439 libffi.so.8`___lldb_unnamed_symbol115: -> 0x7ffff7000267 <+439>: movq -0x38(%rbp), %rax 0x7ffff700026b <+443>: subq %fs:0x28, %rax 0x7ffff7000274 <+452>: jne 0x7ffff70004e7 ; <+1079> 0x7ffff700027a <+458>: leaq -0x28(%rbp), %rsp (lldb) up frame #9: 0x00007ffff795a173 libwayland-server.so.0`___lldb_unnamed_symbol271 + 371 libwayland-server.so.0`___lldb_unnamed_symbol271: -> 0x7ffff795a173 <+371>: movq 0x8(%r12), %rax 0x7ffff795a178 <+376>: movq 0x8(%rax), %rdi 0x7ffff795a17c <+380>: movl (%r12), %eax 0x7ffff795a180 <+384>: testl %eax, %eax (lldb) up frame #10: 0x00007ffff795555c libwayland-server.so.0`___lldb_unnamed_symbol210 + 588 libwayland-server.so.0`___lldb_unnamed_symbol210: -> 0x7ffff795555c <+588>: jmp 0x7ffff7955435 ; <+293> 0x7ffff7955561 <+593>: nopl (%rax) 0x7ffff7955568 <+600>: callq *0xd76a(%rip) 0x7ffff795556e <+606>: cmpl $0xb, (%rax) (lldb) up frame #11: 0x00007ffff795804a libwayland-server.so.0`wl_event_loop_dispatch + 202 libwayland-server.so.0`wl_event_loop_dispatch: -> 0x7ffff795804a <+202>: addq $0xc, %r15 0x7ffff795804e <+206>: cmpq %r15, %rbp 0x7ffff7958051 <+209>: jne 0x7ffff7958038 ; <+184> 0x7ffff7958053 <+211>: movq 0x8(%rsp), %rcx1 (lldb) up frame #12: 0x00007ffff7955bc7 libwayland-server.so.0`wl_display_run + 39 libwayland-server.so.0`wl_display_run: -> 0x7ffff7955bc7 <+39>: movl 0x8(%rbx), %eax 0x7ffff7955bca <+42>: testl %eax, %eax 0x7ffff7955bcc <+44>: jne 0x7ffff7955bb0 ; <+16> 0x7ffff7955bce <+46>: popq %rbx (lldb) up frame #13: 0x00005555555756eb sway`server_run(server=0x00005555555f0640) at server.c:296:2 293 void server_run(struct sway_server *server) { 294 sway_log(SWAY_INFO, "Running compositor on wayland display '%s'", 295 server->socket); -> 296 wl_display_run(server->wl_display); 297 } (lldb) up frame #14: 0x0000555555574947 sway`main(argc=1, argv=0x00007fffffffe8d8) at main.c:428:2 425 swaynag_show(&config->swaynag_config_errors); 426 } 427 -> 428 server_run(&server); 429 430 shutdown: 431 sway_log(SWAY_INFO, "Shutting down sway"); (lldb) up frame #15: 0x00007ffff761db25 libc.so.6`__libc_start_main + 213 libc.so.6`__libc_start_main: -> 0x7ffff761db25 <+213>: movl %eax, %edi 0x7ffff761db27 <+215>: callq 0x7ffff7635630 ; exit 0x7ffff761db2c <+220>: movq (%rsp), %rax 0x7ffff761db30 <+224>: leaq 0x163929(%rip), %rdi (lldb) up frame #16: 0x00005555555656be sway`_start + 46 sway`_start: -> 0x5555555656be <+46>: hlt 0x5555555656bf: nop sway`deregister_tm_clones: 0x5555555656c0 <+0>: leaq 0x8aeb9(%rip), %rdi ; optind@GLIBC_2.2.5 0x5555555656c7 <+7>: leaq 0x8aeb2(%rip), %rax ; optind@GLIBC_2.2.5 Signed-off-by: Alexander Orzechowski <[email protected]>
michaelweiser
added a commit
to michaelweiser/sway
that referenced
this issue
Feb 28, 2022
This change prevents swaybar from crashing when trying to open the
context menu of a StatusNotifierItem. Observed with blueman-applet.
The backtrace is:
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x000055fa7472b150 in dbusmenu_menu_find_menu_surface (menu=0x0, surface=0x55fa74d290d0) at ../sway-1.7/swaybar/tray/dbusmenu.c:1203
1203 if (menu->surface && menu->surface->surface == surface) {
(gdb) bt
#0 0x000055fa7472b150 in dbusmenu_menu_find_menu_surface (menu=0x0, surface=0x55fa74d290d0) at ../sway-1.7/swaybar/tray/dbusmenu.c:1203
#1 0x000055fa7472b4a3 in dbusmenu_pointer_enter
(data=0x55fa74d28310, wl_pointer=0x55fa74d22e10, serial=348969, surface=0x55fa74d290d0, surface_x=365306, surface_y=6803)
at ../sway-1.7/swaybar/tray/dbusmenu.c:1278
swaywm#2 0x000055fa747192eb in wl_pointer_enter
(data=0x55fa74d28310, wl_pointer=0x55fa74d22e10, serial=348969, surface=0x55fa74d290d0, surface_x=365306, surface_y=6803)
at ../sway-1.7/swaybar/input.c:121
swaywm#3 0x00007f9eced29e1a in () at /usr/lib64/libffi.so.8
swaywm#4 0x00007f9eced2937c in () at /usr/lib64/libffi.so.8
swaywm#5 0x00007f9ecf6da4c1 in () at /usr/lib64/libwayland-client.so.0
swaywm#6 0x00007f9ecf6d6a0a in () at /usr/lib64/libwayland-client.so.0
swaywm#7 0x00007f9ecf6d832c in wl_display_dispatch_queue_pending () at /usr/lib64/libwayland-client.so.0
swaywm#8 0x00007f9ecf6d884f in wl_display_roundtrip_queue () at /usr/lib64/libwayland-client.so.0
swaywm#9 0x000055fa7472acc8 in swaybar_dbusmenu_create (sni=0x55fa74e05590, output=0x55fa74d28d60, seat=0x55fa74d28310, serial=348944, x=5230, y=1100)
at ../sway-1.7/swaybar/tray/dbusmenu.c:1107
swaywm#10 0x000055fa74724de8 in handle_click
(sni=0x55fa74e05590, output=0x55fa74d28d60, seat=0x55fa74d28310, serial=348944, x=5230, y=1100, button=273, delta=1)
at ../sway-1.7/swaybar/tray/item.c:379
swaywm#11 0x000055fa74725137 in icon_hotspot_callback
(output=0x55fa74d28d60, hotspot=0x55fa74db12f0, seat=0x55fa74d28310, serial=348944, x=1390.921875, y=20.99609375, button=273, data=0x55fa74f33e40) at ../sway-1.7/swaybar/tray/item.c:423
swaywm#12 0x000055fa74719555 in process_hotspots (output=0x55fa74d28d60, seat=0x55fa74d28310, serial=348944, x=1390.921875, y=20.99609375, button=273)
at ../sway-1.7/swaybar/input.c:175
swaywm#13 0x000055fa74719693 in wl_pointer_button (data=0x55fa74d28310, wl_pointer=0x55fa74d22e10, serial=348944, time=1003868332, button=273, state=1)
at ../sway-1.7/swaybar/input.c:207
swaywm#14 0x00007f9eced29e1a in () at /usr/lib64/libffi.so.8
swaywm#15 0x00007f9eced2937c in () at /usr/lib64/libffi.so.8
swaywm#16 0x00007f9ecf6da4c1 in () at /usr/lib64/libwayland-client.so.0
swaywm#17 0x00007f9ecf6d6a0a in () at /usr/lib64/libwayland-client.so.0
swaywm#18 0x00007f9ecf6d832c in wl_display_dispatch_queue_pending () at /usr/lib64/libwayland-client.so.0
swaywm#19 0x000055fa74716aa9 in display_in (fd=136, mask=1, data=0x55fa7473ba40 <swaybar>) at ../sway-1.7/swaybar/bar.c:470
swaywm#20 0x000055fa7472d414 in loop_poll (loop=0x55fa74d20fd0) at ../sway-1.7/common/loop.c:84
swaywm#21 0x000055fa74716d52 in bar_run (bar=0x55fa7473ba40 <swaybar>) at ../sway-1.7/swaybar/bar.c:519
swaywm#22 0x000055fa7471cec2 in main (argc=3, argv=0x7fff4c24db38) at ../sway-1.7/swaybar/main.c:101
RagnarGrootKoerkamp
pushed a commit
to RagnarGrootKoerkamp/sway
that referenced
this issue
Mar 29, 2022
There seems to be a null pointer access that can happen. I was able to reproduce this by running the cemu emulator[1] with the new collabora wine wayland driver[2] and opening and closing some sub menus. Adding a trival null check seems to do the trick to stop sway from crashing and returning to tty and everything else works normally. [1]: http://cemu.info/ [2]: https://www.winehq.org/pipermail/wine-devel/2021-December/203035.html Stack trace from lldb: * thread swaywm#1, name = 'sway', stop reason = signal SIGSEGV: invalid address (fault address: 0xf8) frame #0: 0x00005555555c3fc3 sway`view_child_init(child=0x0000555555f67940, impl=0x00005555555ee030, view=0x00005555565bc590, surface=0x00005555565b6940) at view.c:1117:25 1114 wl_signal_add(&view->events.unmap, &child->view_unmap); 1115 child->view_unmap.notify = view_child_handle_view_unmap; 1116 -> 1117 struct sway_workspace *workspace = child->view->container->pending.workspace; 1118 if (workspace) { 1119 wlr_surface_send_enter(child->surface, workspace->output->wlr_output); 1120 } (lldb) up error: sway {0x000342ab}: DIE has DW_AT_ranges(DW_FORM_sec_offset 0x67) attribute, but range extraction failed (invalid range list offset 0x67), please file a bug and attach the file at the start of this error message frame swaywm#1: 0x00005555555c39f8 sway`view_child_subsurface_create(child=0x00005555564a10d0, wlr_subsurface=0x0000555556586910) at view.c:985:2 982 } 983 subsurface->child.parent = child; 984 wl_list_insert(&child->children, &subsurface->child.link); -> 985 view_child_init(&subsurface->child, &subsurface_impl, child->view, 986 wlr_subsurface->surface); 987 988 wl_signal_add(&wlr_subsurface->events.destroy, &subsurface->destroy); (lldb) up frame swaywm#2: 0x00005555555c3c2a sway`view_child_handle_surface_new_subsurface(listener=0x00005555564a1130, data=0x0000555556586910) at view.c:1031:2 1028 struct sway_view_child *child = 1029 wl_container_of(listener, child, surface_new_subsurface); 1030 struct wlr_subsurface *subsurface = data; -> 1031 view_child_subsurface_create(child, subsurface); 1032 } 1033 1034 static void view_child_handle_surface_destroy(struct wl_listener *listener, (lldb) up frame swaywm#3: 0x00007ffff78f4bfe libwlroots.so.10`wlr_signal_emit_safe(signal=0x00005555565b2470, data=0x0000555556586910) at signal.c:29:3 26 wl_list_remove(&cursor.link); 27 wl_list_insert(pos, &cursor.link); 28 -> 29 l->notify(l, data); 30 } 31 32 wl_list_remove(&cursor.link); (lldb) up frame swaywm#4: 0x00007ffff78e5a41 libwlroots.so.10`subsurface_parent_commit(subsurface=0x0000555556586910) at wlr_surface.c:517:3 514 515 if (!subsurface->added) { 516 subsurface->added = true; -> 517 wlr_signal_emit_safe(&subsurface->parent->events.new_subsurface, 518 subsurface); 519 } 520 } (lldb) up frame swaywm#5: 0x00007ffff78e56fa libwlroots.so.10`surface_commit_state(surface=0x00005555565b21b0, next=0x00005555565b2338) at wlr_surface.c:439:3 436 wl_list_insert(&surface->current.subsurfaces_above, 437 &subsurface->current.link); 438 -> 439 subsurface_parent_commit(subsurface); 440 } 441 wl_list_for_each_reverse(subsurface, &surface->pending.subsurfaces_below, 442 pending.link) { (lldb) up frame swaywm#6: 0x00007ffff78e5b88 libwlroots.so.10`surface_handle_commit(client=0x0000555556564c80, resource=0x0000555556599a20) at wlr_surface.c:555:3 552 if (surface->pending.cached_state_locks > 0 || !wl_list_empty(&surface->cached)) { 553 surface_cache_pending(surface); 554 } else { -> 555 surface_commit_state(surface, &surface->pending); 556 } 557 } 558 (lldb) up frame swaywm#7: 0x00007ffff7000d4a libffi.so.8`___lldb_unnamed_symbol118 + 82 libffi.so.8`___lldb_unnamed_symbol118: -> 0x7ffff7000d4a <+82>: leaq 0x18(%rbp), %rsp 0x7ffff7000d4e <+86>: movq (%rbp), %rcx 0x7ffff7000d52 <+90>: movq 0x8(%rbp), %rdi 0x7ffff7000d56 <+94>: movq 0x10(%rbp), %rbp (lldb) up frame swaywm#8: 0x00007ffff7000267 libffi.so.8`___lldb_unnamed_symbol115 + 439 libffi.so.8`___lldb_unnamed_symbol115: -> 0x7ffff7000267 <+439>: movq -0x38(%rbp), %rax 0x7ffff700026b <+443>: subq %fs:0x28, %rax 0x7ffff7000274 <+452>: jne 0x7ffff70004e7 ; <+1079> 0x7ffff700027a <+458>: leaq -0x28(%rbp), %rsp (lldb) up frame swaywm#9: 0x00007ffff795a173 libwayland-server.so.0`___lldb_unnamed_symbol271 + 371 libwayland-server.so.0`___lldb_unnamed_symbol271: -> 0x7ffff795a173 <+371>: movq 0x8(%r12), %rax 0x7ffff795a178 <+376>: movq 0x8(%rax), %rdi 0x7ffff795a17c <+380>: movl (%r12), %eax 0x7ffff795a180 <+384>: testl %eax, %eax (lldb) up frame swaywm#10: 0x00007ffff795555c libwayland-server.so.0`___lldb_unnamed_symbol210 + 588 libwayland-server.so.0`___lldb_unnamed_symbol210: -> 0x7ffff795555c <+588>: jmp 0x7ffff7955435 ; <+293> 0x7ffff7955561 <+593>: nopl (%rax) 0x7ffff7955568 <+600>: callq *0xd76a(%rip) 0x7ffff795556e <+606>: cmpl $0xb, (%rax) (lldb) up frame swaywm#11: 0x00007ffff795804a libwayland-server.so.0`wl_event_loop_dispatch + 202 libwayland-server.so.0`wl_event_loop_dispatch: -> 0x7ffff795804a <+202>: addq $0xc, %r15 0x7ffff795804e <+206>: cmpq %r15, %rbp 0x7ffff7958051 <+209>: jne 0x7ffff7958038 ; <+184> 0x7ffff7958053 <+211>: movq 0x8(%rsp), %rcx1 (lldb) up frame swaywm#12: 0x00007ffff7955bc7 libwayland-server.so.0`wl_display_run + 39 libwayland-server.so.0`wl_display_run: -> 0x7ffff7955bc7 <+39>: movl 0x8(%rbx), %eax 0x7ffff7955bca <+42>: testl %eax, %eax 0x7ffff7955bcc <+44>: jne 0x7ffff7955bb0 ; <+16> 0x7ffff7955bce <+46>: popq %rbx (lldb) up frame swaywm#13: 0x00005555555756eb sway`server_run(server=0x00005555555f0640) at server.c:296:2 293 void server_run(struct sway_server *server) { 294 sway_log(SWAY_INFO, "Running compositor on wayland display '%s'", 295 server->socket); -> 296 wl_display_run(server->wl_display); 297 } (lldb) up frame swaywm#14: 0x0000555555574947 sway`main(argc=1, argv=0x00007fffffffe8d8) at main.c:428:2 425 swaynag_show(&config->swaynag_config_errors); 426 } 427 -> 428 server_run(&server); 429 430 shutdown: 431 sway_log(SWAY_INFO, "Shutting down sway"); (lldb) up frame swaywm#15: 0x00007ffff761db25 libc.so.6`__libc_start_main + 213 libc.so.6`__libc_start_main: -> 0x7ffff761db25 <+213>: movl %eax, %edi 0x7ffff761db27 <+215>: callq 0x7ffff7635630 ; exit 0x7ffff761db2c <+220>: movq (%rsp), %rax 0x7ffff761db30 <+224>: leaq 0x163929(%rip), %rdi (lldb) up frame swaywm#16: 0x00005555555656be sway`_start + 46 sway`_start: -> 0x5555555656be <+46>: hlt 0x5555555656bf: nop sway`deregister_tm_clones: 0x5555555656c0 <+0>: leaq 0x8aeb9(%rip), %rdi ; optind@GLIBC_2.2.5 0x5555555656c7 <+7>: leaq 0x8aeb2(%rip), %rax ; optind@GLIBC_2.2.5 Signed-off-by: Alexander Orzechowski <[email protected]>
Emantor
added a commit
to Emantor/sway
that referenced
this issue
Jun 14, 2023
In case a display is unplugged, the sway output may be removed from the
userdata before the gamma_control can be reset. In this case we can't
schedule a commit on the output, simply return within the function.
backtrace full:
#0 handle_gamma_control_set_gamma (listener=0x4856a8 <server+616>, data=0x7ffce1ed59c0) at ../sway/desktop/output.c:1105
server = 0x485440 <server>
event = 0x7ffce1ed59c0
output = 0x0
swaywm#1 0x00007f430d1dca0c in wl_signal_emit_mutable ()
from /nix/store/ky1g6ylzr2m4bq8fy0gzrnqmjr6948k5-wayland-1.22.0/lib/libwayland-server.so.0
No symbol table info available.
swaywm#2 0x00007f430d142370 in gamma_control_destroy (gamma_control=0x29eb9b0) at ../types/wlr_gamma_control_v1.c:37
manager = 0x27e33e0
output = 0x2a10770
event = {output = 0x2a10770, control = 0x0}
swaywm#3 0x00007f430d14239b in gamma_control_handle_output_destroy (listener=<optimized out>, data=<optimized out>)
at ../types/wlr_gamma_control_v1.c:59
gamma_control = <optimized out>
swaywm#4 0x00007f430d1dca0c in wl_signal_emit_mutable ()
from /nix/store/ky1g6ylzr2m4bq8fy0gzrnqmjr6948k5-wayland-1.22.0/lib/libwayland-server.so.0
No symbol table info available.
swaywm#5 0x00007f430d12a0e0 in wlr_output_destroy (output=output@entry=0x2a10770) at ../types/output/output.c:384
cursor = <optimized out>
tmp_cursor = <optimized out>
layer = <optimized out>
tmp_layer = <optimized out>
swaywm#6 0x00007f430d114ecf in disconnect_drm_connector (conn=conn@entry=0x2a10770) at ../backend/drm/drm.c:1757
__PRETTY_FUNCTION__ = "disconnect_drm_connector"
swaywm#7 0x00007f430d117078 in scan_drm_connectors (drm=drm@entry=0x1eebab0, event=event@entry=0x7ffce1ed5c1c) at ../backend/drm/drm.c:1597
c = <optimized out>
wlr_conn = 0x2a10770
drm_conn = 0x2e760d0
conn_id = <optimized out>
index = 4
i = 4
res = 0x2e761f0
seen_len = 5
seen = {true, true, true, true, true, false}
new_outputs_len = 0
new_outputs = 0x7ffce1ed5ab0
conn = <optimized out>
tmp_conn = <optimized out>
index = <optimized out>
swaywm#8 0x00007f430d113425 in handle_dev_change (listener=0x1eebbb0, data=0x7ffce1ed5c18) at ../backend/drm/backend.c:157
drm = 0x1eebab0
change = 0x7ffce1ed5c18
swaywm#9 0x00007f430d1dca0c in wl_signal_emit_mutable ()
from /nix/store/ky1g6ylzr2m4bq8fy0gzrnqmjr6948k5-wayland-1.22.0/lib/libwayland-server.so.0
No symbol table info available.
swaywm#10 0x00007f430d111696 in handle_udev_event (fd=<optimized out>, mask=<optimized out>, data=<optimized out>)
at ../backend/session/session.c:213
event = {type = WLR_DEVICE_HOTPLUG, {hotplug = {connector_id = 0, prop_id = 0}}}
devnum = <optimized out>
dev = 0x1ed9460
session = <optimized out>
udev_dev = 0x2e70db0
sysname = 0x2e73c60 "card0"
devnode = <optimized out>
action = 0x7f430d6677b5 "change"
seat = <optimized out>
__PRETTY_FUNCTION__ = "handle_udev_event"
swaywm#11 0x00007f430d1de8e2 in wl_event_loop_dispatch ()
from /nix/store/ky1g6ylzr2m4bq8fy0gzrnqmjr6948k5-wayland-1.22.0/lib/libwayland-server.so.0
No symbol table info available.
swaywm#12 0x00007f430d1dc445 in wl_display_run () from /nix/store/ky1g6ylzr2m4bq8fy0gzrnqmjr6948k5-wayland-1.22.0/lib/libwayland-server.so.0
No symbol table info available.
swaywm#13 0x000000000041daa5 in server_run (server=server@entry=0x485440 <server>) at ../sway/server.c:338
No locals.
swaywm#14 0x000000000041cf4d in main (argc=<optimized out>, argv=0x7ffce1ed5fe8) at ../sway/main.c:415
verbose = false
debug = false
validate = false
allow_unsupported_gpu = false
config_path = 0x0
c = <optimized out>
where event->output->data is NULL:
(gdb) p event->output->data
$5 = (void *) 0x0
emersion
pushed a commit
that referenced
this issue
Jun 14, 2023
In case a display is unplugged, the sway output may be removed from the
userdata before the gamma_control can be reset. In this case we can't
schedule a commit on the output, simply return within the function.
backtrace full:
#0 handle_gamma_control_set_gamma (listener=0x4856a8 <server+616>, data=0x7ffce1ed59c0) at ../sway/desktop/output.c:1105
server = 0x485440 <server>
event = 0x7ffce1ed59c0
output = 0x0
#1 0x00007f430d1dca0c in wl_signal_emit_mutable ()
from /nix/store/ky1g6ylzr2m4bq8fy0gzrnqmjr6948k5-wayland-1.22.0/lib/libwayland-server.so.0
No symbol table info available.
#2 0x00007f430d142370 in gamma_control_destroy (gamma_control=0x29eb9b0) at ../types/wlr_gamma_control_v1.c:37
manager = 0x27e33e0
output = 0x2a10770
event = {output = 0x2a10770, control = 0x0}
#3 0x00007f430d14239b in gamma_control_handle_output_destroy (listener=<optimized out>, data=<optimized out>)
at ../types/wlr_gamma_control_v1.c:59
gamma_control = <optimized out>
#4 0x00007f430d1dca0c in wl_signal_emit_mutable ()
from /nix/store/ky1g6ylzr2m4bq8fy0gzrnqmjr6948k5-wayland-1.22.0/lib/libwayland-server.so.0
No symbol table info available.
#5 0x00007f430d12a0e0 in wlr_output_destroy (output=output@entry=0x2a10770) at ../types/output/output.c:384
cursor = <optimized out>
tmp_cursor = <optimized out>
layer = <optimized out>
tmp_layer = <optimized out>
#6 0x00007f430d114ecf in disconnect_drm_connector (conn=conn@entry=0x2a10770) at ../backend/drm/drm.c:1757
__PRETTY_FUNCTION__ = "disconnect_drm_connector"
#7 0x00007f430d117078 in scan_drm_connectors (drm=drm@entry=0x1eebab0, event=event@entry=0x7ffce1ed5c1c) at ../backend/drm/drm.c:1597
c = <optimized out>
wlr_conn = 0x2a10770
drm_conn = 0x2e760d0
conn_id = <optimized out>
index = 4
i = 4
res = 0x2e761f0
seen_len = 5
seen = {true, true, true, true, true, false}
new_outputs_len = 0
new_outputs = 0x7ffce1ed5ab0
conn = <optimized out>
tmp_conn = <optimized out>
index = <optimized out>
#8 0x00007f430d113425 in handle_dev_change (listener=0x1eebbb0, data=0x7ffce1ed5c18) at ../backend/drm/backend.c:157
drm = 0x1eebab0
change = 0x7ffce1ed5c18
#9 0x00007f430d1dca0c in wl_signal_emit_mutable ()
from /nix/store/ky1g6ylzr2m4bq8fy0gzrnqmjr6948k5-wayland-1.22.0/lib/libwayland-server.so.0
No symbol table info available.
#10 0x00007f430d111696 in handle_udev_event (fd=<optimized out>, mask=<optimized out>, data=<optimized out>)
at ../backend/session/session.c:213
event = {type = WLR_DEVICE_HOTPLUG, {hotplug = {connector_id = 0, prop_id = 0}}}
devnum = <optimized out>
dev = 0x1ed9460
session = <optimized out>
udev_dev = 0x2e70db0
sysname = 0x2e73c60 "card0"
devnode = <optimized out>
action = 0x7f430d6677b5 "change"
seat = <optimized out>
__PRETTY_FUNCTION__ = "handle_udev_event"
#11 0x00007f430d1de8e2 in wl_event_loop_dispatch ()
from /nix/store/ky1g6ylzr2m4bq8fy0gzrnqmjr6948k5-wayland-1.22.0/lib/libwayland-server.so.0
No symbol table info available.
#12 0x00007f430d1dc445 in wl_display_run () from /nix/store/ky1g6ylzr2m4bq8fy0gzrnqmjr6948k5-wayland-1.22.0/lib/libwayland-server.so.0
No symbol table info available.
#13 0x000000000041daa5 in server_run (server=server@entry=0x485440 <server>) at ../sway/server.c:338
No locals.
#14 0x000000000041cf4d in main (argc=<optimized out>, argv=0x7ffce1ed5fe8) at ../sway/main.c:415
verbose = false
debug = false
validate = false
allow_unsupported_gpu = false
config_path = 0x0
c = <optimized out>
where event->output->data is NULL:
(gdb) p event->output->data
$5 = (void *) 0x0
emersion
added a commit
to emersion/sway
that referenced
this issue
Apr 12, 2024
../sway/config/output.c:33:21: runtime error: member access within null pointer of type 'struct sway_output'
AddressSanitizer:DEADLYSIGNAL
=================================================================
==7856==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000080 (pc 0x63da8558205c bp 0x7ffdc35881a0 sp 0x7ffdc3588160 T0)
==7856==The signal is caused by a READ memory access.
==7856==Hint: address points to the zero page.
#0 0x63da8558205c in output_get_identifier ../sway/config/output.c:33
swaywm#1 0x63da855865c3 in store_output_config ../sway/config/output.c:220
swaywm#2 0x63da855d4066 in cmd_output ../sway/commands/output.c:106
swaywm#3 0x63da8547f2e3 in config_command ../sway/commands.c:425
swaywm#4 0x63da8548f3fc in read_config ../sway/config.c:822
swaywm#5 0x63da8548a224 in load_config ../sway/config.c:435
swaywm#6 0x63da8548b065 in load_main_config ../sway/config.c:507
swaywm#7 0x63da854bee8d in main ../sway/main.c:351
swaywm#8 0x77e2ea643ccf (/usr/lib/libc.so.6+0x25ccf) (BuildId: c0caa0b7709d3369ee575fcd7d7d0b0fc48733af)
swaywm#9 0x77e2ea643d89 in __libc_start_main (/usr/lib/libc.so.6+0x25d89) (BuildId: c0caa0b7709d3369ee575fcd7d7d0b0fc48733af)
swaywm#10 0x63da8547ad64 in _start (/home/simon/src/sway/build/sway/sway+0x372d64) (BuildId: 3fa2e8838c1c32713b40aec6b1e84bbe4db5bde8)
Fixes: 1267e47 ("config/output: Refactor handling of tiered configs")
kennylevinsen
pushed a commit
that referenced
this issue
Apr 12, 2024
../sway/config/output.c:33:21: runtime error: member access within null pointer of type 'struct sway_output'
AddressSanitizer:DEADLYSIGNAL
=================================================================
==7856==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000080 (pc 0x63da8558205c bp 0x7ffdc35881a0 sp 0x7ffdc3588160 T0)
==7856==The signal is caused by a READ memory access.
==7856==Hint: address points to the zero page.
#0 0x63da8558205c in output_get_identifier ../sway/config/output.c:33
#1 0x63da855865c3 in store_output_config ../sway/config/output.c:220
#2 0x63da855d4066 in cmd_output ../sway/commands/output.c:106
#3 0x63da8547f2e3 in config_command ../sway/commands.c:425
#4 0x63da8548f3fc in read_config ../sway/config.c:822
#5 0x63da8548a224 in load_config ../sway/config.c:435
#6 0x63da8548b065 in load_main_config ../sway/config.c:507
#7 0x63da854bee8d in main ../sway/main.c:351
#8 0x77e2ea643ccf (/usr/lib/libc.so.6+0x25ccf) (BuildId: c0caa0b7709d3369ee575fcd7d7d0b0fc48733af)
#9 0x77e2ea643d89 in __libc_start_main (/usr/lib/libc.so.6+0x25d89) (BuildId: c0caa0b7709d3369ee575fcd7d7d0b0fc48733af)
#10 0x63da8547ad64 in _start (/home/simon/src/sway/build/sway/sway+0x372d64) (BuildId: 3fa2e8838c1c32713b40aec6b1e84bbe4db5bde8)
Fixes: 1267e47 ("config/output: Refactor handling of tiered configs")
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
and others
Layouts
Saving layouts to diskwill not supportLoading layouts from diskwill not supportConfig/commands
Features
See also:
IPC feature support: #98
i3bar feature support: #343
i3-gaps feature support: #307
The text was updated successfully, but these errors were encountered: