feat(compositor): upgrade wlroots to 0.19

[K1ngst0m]

User description

• Upgrade project dependency wiring from wlroots 0.18 to 0.19
• Update compositor integration code for wlroots 0.19 API changes
• Improve compositor shutdown safety by detaching Wayland listeners cleanly
• Refresh input forwarding docs to reflect the new wlroots version
• Add OpenSpec change artifacts for unified Vulkan GPU policy rollout

---

PR Type

Enhancement

---

Description

• Upgrade wlroots dependency from 0.18 to 0.19 with API compatibility updates

• Add explicit Vulkan renderer initialization with DRM render node support

• Implement safe Wayland listener detachment during compositor shutdown

• Update wlroots swapchain API calls to match 0.19 signature changes

• Add OpenSpec design and proposal artifacts for unified GPU policy enforcement

---

Diagram Walkthrough

flowchart LR
  A["wlroots 0.18"] -->|upgrade| B["wlroots 0.19"]
  B -->|explicit creation| C["Vulkan Renderer"]
  C -->|DRM FD| D["GPU Policy"]
  E["Listener Cleanup"] -->|detach| F["Safe Shutdown"]
  G["Swapchain API"] -->|update calls| H["0.19 Compatibility"]
  D -->|enforce| I["Unified GPU Stack"]

Loading

File Walkthrough

	Relevant files
Enhancement	1 files compositor_server.cpp Add listener detachment and update wlroots 0.19 API calls +16/-5
Dependencies	2 files Dependencies.cmake Update wlroots package requirement to 0.19                              +1/-1      pixi.toml Switch wlroots dependency path to 0.19 package                      +1/-1
Documentation	9 files input_forwarding.md Update wlroots version documentation to 0.19                          +1/-1      .openspec.yaml Add OpenSpec metadata for GPU policy change                            +2/-0      design.md Add comprehensive design document for unified GPU policy  +93/-0    proposal.md Add proposal for unified Vulkan GPU stack enforcement        +28/-0    spec.md Add GPU selection and policy requirement specifications    +49/-0    spec.md Add compositor Vulkan renderer requirement specifications +45/-0    spec.md Add wlroots 0.19 dependency requirement specifications      +19/-0    spec.md Add layer GPU policy inheritance requirement specifications +20/-0    tasks.md Add implementation task breakdown for GPU policy rollout  +37/-0
Configuration changes	2 files pixi.toml Update wlroots package metadata to 0.19.2                                +4/-4      recipe.yaml Update wlroots build recipe and pkg-config for 0.19            +21/-18

---

Summary by CodeRabbit

• New Features

  • Unified Vulkan GPU stack: explicit GPU selection (index/name), canonical GPU identity propagation, and hard-fail on mismatches.
  • Explicit Vulkan renderer initialization with DRM render-node mapping and modifier negotiation (with LINEAR fallback).
  • Improved XWayland surface handling and more robust shutdown behavior.

• Chores

  • Bumped wlroots to 0.19 and updated packaging/build metadata and dependency config.

[coderabbitai]

Warning

Rate limit exceeded

@K1ngst0m has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 3 minutes and 55 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📝 Walkthrough

Walkthrough

Bumps wlroots from 0.18→0.19 across build, packaging, and docs; adds a set of OpenSpec design/proposal/spec/task files for a unified Vulkan GPU stack and GPU-selection policy; and adjusts compositor server listener lifecycle and swapchain/presentation call sites.

Changes

Cohort / File(s)	Summary
CMake & Docs cmake/Dependencies.cmake, docs/input_forwarding.md	Updated required wlroots pkg-config version from 0.18 to 0.19.
wlroots package & pixi packages/wlroots_0_19/pixi.toml, packages/wlroots_0_19/recipe.yaml, pixi.toml	Added wlroots 0.19 package (identity/version/source hash updated), adjusted pkg-config handling and local pixi reference.
OpenSpec: design & proposal openspec/changes/update-unified-vulkan-gpu-stack/.openspec.yaml, .../design.md, .../proposal.md, .../tasks.md	New metadata, design, proposal, and task plan defining a canonical GPU UUID/DRM/ICD policy and phased migration to Vulkan compositor renderer.
OpenSpec: formal specs .../specs/app-window/spec.md, .../specs/compositor-capture/spec.md, .../specs/dependency-management/spec.md, .../specs/vk-layer-capture/spec.md	Added specification files requiring wlroots 0.19 Vulkan baseline and defining startup/selection, UUID→DRM resolution, ICD propagation, modifier negotiation, and hard-fail behaviors.
Compositor server src/compositor/compositor_server.cpp	Added detach_listener utility; registered new_xwayland_surface listener and detach on shutdown; updated XWayland maximized call to 3 args; removed swapchain acquire age parameter and explicit wlr_swapchain_set_buffer_submitted.
Build backend bumps packages/*/pixi.toml (multiple: bs-thread-pool, expected-lite, imgui, slang-shaders, stb, sysroot-i686, tracy)	Updated pixi build backend version from ==0.3.5 → ==0.3.7 in several package pixi.toml files.
Other package tweaks packages/imgui/recipe.yaml	Tightened host requirement for SDL3 to 3.2.* (minor packaging tweak).

Sequence Diagram(s)

sequenceDiagram
  participant Launcher
  participant Goggles as Viewer/Compositor
  participant GPU_Policy as GPU Policy Resolver
  participant DRM
  participant Vulkan as Vulkan/ICD
  participant LayerApp as Layer/App

  Launcher->>Goggles: start (optional --gpu selector)
  Goggles->>GPU_Policy: resolve canonical GPU (UUID → DRM node, ICD)
  GPU_Policy->>DRM: verify render node accessible
  GPU_Policy->>Vulkan: map UUID → physical device / ICD identity
  Vulkan-->>Goggles: device & ICD identity confirmed
  Goggles->>Vulkan: create explicit Vulkan renderer using DRM FD
  Vulkan-->>Goggles: renderer created (or hard-fail)
  Goggles->>LayerApp: spawn with propagated ICD/UUID env (or fail)
  LayerApp->>Vulkan: use same ICD/device for capture (enforced)

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• chore: archive complete openspec proposals #46: Related wlroots 0.19 dependency and spec updates.
• docs: update documentation #34: Overlapping CMake/Dependencies.cmake changes for wlroots handling.
• fix(compositor): add frame_done signaling for XWayland surfaces #59: Related edits to compositor_server.cpp XWayland listener and presentation logic.

Suggested labels

Review effort 4/5

Poem

🐰
I hopped through specs and packages bright,
Found GPUs bounded in a single light.
Vulkan drums and listeners sing,
Swapchains hum — the rabbit's spring! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title 'feat(compositor): upgrade wlroots to 0.19' directly and accurately describes the primary change throughout the changeset: upgrading the wlroots dependency from 0.18 to 0.19 and adapting compositor integration for the new version.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dev/update-wlroots

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
⚪	Supply chain dependency Description: The build now fetches a prebuilt wlroots tarball from an external GitHub release URL, which introduces a supply-chain risk if the upstream release account/artifact is compromised (even with a pinned sha256, reviewers should verify the provenance and release signing/ownership controls for the wlroots-0.19.2.tar.xz artifact). recipe.yaml [5-8] Referred Code source: url: https://github.com/K1ngst0m/Goggles/releases/download/wlroots-0.19.2/wlroots-0.19.2.tar.xz sha256: 7f7e7ead653c15a86b4df267e99cf42d03c7000bf517853ec4f96c5aac149d64
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
Update

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

PR Code Suggestions ✨

Latest suggestions up to 4ef45b0

Category	Suggestion	Impact
Possible issue	Release swapchain buffers on success Add a call to wlr_buffer_unlock(buffer) on the success path within render_surface_to_frame to prevent a resource leak that would exhaust the swapchain and stall rendering. src/compositor/compositor_server.cpp [2708-2731] wlr_buffer* buffer = wlr_swapchain_acquire(present_swapchain); if (!buffer) { return false; } wlr_render_pass* pass = wlr_renderer_begin_buffer_pass(renderer, buffer, nullptr); if (!pass) { wlr_buffer_unlock(buffer); return false; } render_root_surface_tree(pass, root_surface); if (target.root_xsurface) { render_xwayland_popup_surfaces(pass, target); } render_cursor_overlay(pass); if (!wlr_render_pass_submit(pass)) { wlr_buffer_unlock(buffer); return false; } wlr_dmabuf_attributes attribs{}; if (!wlr_buffer_get_dmabuf(buffer, &attribs)) { + wlr_buffer_unlock(buffer); + return false; +} +// If the DMA-BUF is copied out (FDs dup'd) and the wlr_buffer isn't needed anymore, +// release it here to avoid exhausting the swapchain. +wlr_buffer_unlock(buffer); + [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 9 __ Why: The suggestion correctly identifies a critical resource leak where swapchain buffers are not released on the success path, which would exhaust the swapchain and stall rendering.	High
	Fail fast on bad package layout In the wlroots_0_19 recipe, add checks to verify the existence of the include and lib directories before copying, and fail the build if they are missing. packages/wlroots_0_19/recipe.yaml [16-28] SRC=wlroots-0.19.2 if [ ! -d "$SRC" ]; then SRC=. +fi + +if [ ! -d "$SRC/include" ]; then + echo "wlroots package error: missing '$SRC/include' directory" >&2 + exit 1 +fi +if [ ! -d "$SRC/lib/x86_64-linux-gnu" ]; then + echo "wlroots package error: missing '$SRC/lib/x86_64-linux-gnu' directory" >&2 + exit 1 fi # Install to $PREFIX mkdir -p $PREFIX/include $PREFIX/lib $PREFIX/share # Copy includes (already in wlroots-0.19 subdirectory) cp -a $SRC/include/* $PREFIX/include/ # Copy libs (flatten x86_64-linux-gnu directory) cp -a $SRC/lib/x86_64-linux-gnu/* $PREFIX/lib/ Apply / Chat Suggestion importance[1-10]: 7 __ Why: The suggestion improves the build script's robustness by adding validation to ensure required directories exist, preventing the creation of a broken package and providing clearer error messages.	Medium
	Safely detach signal listeners Improve the detach_listener function by using the canonical check to determine if a listener is linked before attempting to remove it, preventing potential list corruption. src/compositor/compositor_server.cpp [389-394] void detach_listener(wl_listener& listener) { - if (listener.link.next != nullptr && listener.link.prev != nullptr) { + const bool initialized = (listener.link.next != nullptr && listener.link.prev != nullptr); + const bool linked = initialized && (listener.link.next != &listener.link); + + if (linked) { wl_list_remove(&listener.link); } + wl_list_init(&listener.link); } Apply / Chat Suggestion importance[1-10]: 6 __ Why: The suggestion correctly identifies that the check for a linked wl_listener is non-idiomatic and could lead to wl_list_remove being called on an unlinked item, which is unsafe and can cause subtle bugs.	Low
Update

---

Previous suggestions

Suggestions up to commit cb1eca4

Category	Suggestion	Impact
Possible issue	Initialize listener links first Initialize all wl_listener links upon creation to prevent undefined behavior when detaching them later. The PR currently only initializes one of the four listeners being detached. src/compositor/compositor_server.cpp [912-1122] +// Initialize all listener links before use wl_list_init(&listeners.new_xwayland_surface.link); +wl_list_init(&listeners.new_pointer_constraint.link); +wl_list_init(&listeners.new_xdg_popup.link); +wl_list_init(&listeners.new_xdg_toplevel.link); ... detach_listener(impl.listeners.new_xwayland_surface); detach_listener(impl.listeners.new_pointer_constraint); detach_listener(impl.listeners.new_xdg_popup); detach_listener(impl.listeners.new_xdg_toplevel); Suggestion importance[1-10]: 7 __ Why: The PR introduces a detach_listener function but only initializes one of the four listeners (new_xwayland_surface) that are detached, creating a risk of undefined behavior for the other three. This is a valid correctness fix.	Medium