Hi, I know this is kind of last-minute, I was hoping that Peter would come up with a fix before jaunty comes out, but this is probably not going to happen. The bug in questions is this one:
http://bugs.freedesktop.org/show_bug.cgi?id=19034 The issue is associated to slave device cursors, basically an artifact of how the xserver-1.6 code is derived from master. There is no API to access device cursors in 1.6, but it turns out that under certain circumstances (I'm not exactly sure how this happens but it seems to be some kind of race condition between XI and core grabs), it is possible that a device cursor will be set anyway. If it's a regular cursor (that is what the bug report was originally about), this is not a problem anymore since this will just modify the core cursor, but if it's an animated cursor, we're in trouble: The device cursor will keep replacing the core cursor (so the user will notice an animated cursor that shouldn't be there), and when the client destroys the animated cursor, the device animated cursor will stay active leading to a server crash the next time the cursor is updated. There is a patch attached to the fdo bug report that fixes the issue by basically doing the same thing for an animated cursor that we do for a regular cursor: Apply the change to the associated master device. This is safe for 1.6 since this code path should never be hit in the first place, but unfortunately, this is not the direction that Peter wants to go for master where each device has its own sprite (I'm not sure how things are supposed to work with animated cursors there). The crash happens randomly when an application that grabs an Xi device (such as easystroke) is running when clicking on firefox menus, but it's fairly easy to reproduce reliably by setting up a timeout gesture in easystroke to rotate the cube in compiz via Control+Shift+Button1 and invoke the gesture when firefox is loading a page and showing a 'sandbox'. The patch is available at http://bugs.freedesktop.org/attachment.cgi?id=21710 It would be great if it could be applied to the ubuntu package. The regression potential is very low: This code path is only hit under very specific circumstances and when it is, it basically means that the server is going to crash as soon as the client is closed. Thanks, Tom -- Ubuntu-x mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-x
