SUMMARY kamoso crashes on the first frame render. STEPS TO REPRODUCE Plug-in Logitech Brio camera. Start kamoso. OBSERVED RESULT kamoso crashes when trying to display the first frame, judging from the stacktrace. EXPECTED RESULT kamoso doesn't crash. SOFTWARE/OS VERSIONS Linux/KDE Plasma: Kubuntu 18.04.4 LTS, kernel 4.15.0-101-generic. KDE Plasma Version: 5.12.9. KDE Frameworks Version: 5.44.0. Qt Version: 5.9.5. ADDITIONAL INFORMATION nvidia-driver-440, version 440.59-0ubuntu0.18.04.1. cheese version 3.28.0-1ubuntu1 works with no issues. obs-studio version 25.0.8-0obsproject1~bion works with no issues. kamoso crashes. gdb backtrace: Starting program: /usr/bin/kamoso [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". [New Thread 0x7fffe4f49700 (LWP 19268)] [New Thread 0x7fffdac06700 (LWP 19273)] [New Thread 0x7fffda3b4700 (LWP 19274)] [New Thread 0x7fffd228d700 (LWP 19275)] [New Thread 0x7fffbc776700 (LWP 19276)] [New Thread 0x7fffbbf24700 (LWP 19277)] [New Thread 0x7fffbb6d2700 (LWP 19278)] [New Thread 0x7fffbae80700 (LWP 19279)] [New Thread 0x7fffba62e700 (LWP 19280)] [New Thread 0x7fffb9ddc700 (LWP 19281)] [New Thread 0x7fffb958a700 (LWP 19282)] [New Thread 0x7fffb8d38700 (LWP 19283)] [New Thread 0x7fff97fff700 (LWP 19284)] [New Thread 0x7fff9759b700 (LWP 19285)] [New Thread 0x7fff969b2700 (LWP 19293)] Thread 15 "QSGRenderThread" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fff9759b700 (LWP 19285)] 0x00000000400b0e71 in ?? () (gdb) bt #0 0x00000000400b0e71 in () #1 0x00007fffa0e56593 in () #2 0x00007fff883c1c20 in () #3 0x00007fff9759a030 in () #4 0x0000000000000001 in () #5 0x00007fffd2cbe706 in () at /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.440.59 #6 0x00007fffd2cc92ea in () at /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.440.59 #7 0x00007fffd2e384f3 in () at /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.440.59 #8 0x00007fffd2e031e0 in () at /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.440.59 #9 0x00007fffd2e0d445 in () at /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.440.59 #10 0x00007fffd2e10f89 in () at /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.440.59 #11 0x00007fffd2e28027 in () at /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.440.59 #12 0x00007fffc1d184ac in VideoMaterial::bindTexture(int, unsigned char const*) () at /usr/lib/x86_64-linux-gnu/gstreamer-1.0/libgstqt5videosink.so #13 0x00007fffc1d1862c in VideoMaterial::bind() () at /usr/lib/x86_64-linux-gnu/gstreamer-1.0/libgstqt5videosink.so #14 0x00007fffc1d18bcd in VideoMaterialShader::updateState(QSGMaterialShader::RenderState const&, QSGMaterial*, QSGMaterial*) () at /usr/lib/x86_64-linux-gnu/gstreamer-1.0/libgstqt5videosink.so #15 0x00007ffff5a5bdc7 in QSGBatchRenderer::Renderer::renderMergedBatch(QSGBatchRenderer::Batch const*) () at /usr/lib/x86_64-linux-gnu/libQt5Quick.so.5 #16 0x00007ffff5a5d00d in QSGBatchRenderer::Renderer::renderBatches() () at /usr/lib/x86_64-linux-gnu/libQt5Quick.so.5 #17 0x00007ffff5a6285e in QSGBatchRenderer::Renderer::render() () at /usr/lib/x86_64-linux-gnu/libQt5Quick.so.5 #18 0x00007ffff5a532a0 in QSGRenderer::renderScene(QSGBindable const&) () at /usr/lib/x86_64-linux-gnu/libQt5Quick.so.5 #19 0x00007ffff5a5375b in QSGRenderer::renderScene(unsigned int) () at /usr/lib/x86_64-linux-gnu/libQt5Quick.so.5 #20 0x00007ffff5a8daf0 in QSGDefaultRenderContext::renderNextFrame(QSGRenderer*, unsigned int) () at /usr/lib/x86_64-linux-gnu/libQt5Quick.so.5 #21 0x00007ffff5aebb68 in QQuickWindowPrivate::renderSceneGraph(QSize const&) () at /usr/lib/x86_64-linux-gnu/libQt5Quick.so.5 #22 0x00007ffff5a96bbc in () at /usr/lib/x86_64-linux-gnu/libQt5Quick.so.5 #23 0x00007ffff5a9bac8 in () at /usr/lib/x86_64-linux-gnu/libQt5Quick.so.5 #24 0x00007ffff407817d in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #25 0x00007ffff13036db in start_thread (arg=0x7fff9759b700) at pthread_create.c:463 #26 0x00007ffff375b88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 (gdb) info threads Id Target Id Frame 1 Thread 0x7ffff7fa4800 (LWP 19264) "kamoso" 0x00007ffff374ebf9 in __GI___poll (fds=0x5555565572d0, nfds=6, timeout=12) at ../sysdeps/unix/sysv/linux/poll.c:29 2 Thread 0x7fffe4f49700 (LWP 19268) "QXcbEventReader" 0x00007ffff374ebf9 in __GI___poll (fds=0x7fffe4f48ca8, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29 3 Thread 0x7fffdac06700 (LWP 19273) "QDBusConnection" 0x00007ffff374ebf9 in __GI___poll (fds=0x7fffd4004db0, nfds=3, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29 4 Thread 0x7fffda3b4700 (LWP 19274) "QQmlThread" 0x00007ffff374ebf9 in __GI___poll (fds=0x7fffcc004660, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29 5 Thread 0x7fffd228d700 (LWP 19275) "QQmlThread" 0x00007ffff374ebf9 in __GI___poll (fds=0x7fffc8003ce0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29 6 Thread 0x7fffbc776700 (LWP 19276) "queue5:src" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38 7 Thread 0x7fffbbf24700 (LWP 19277) "queue4:src" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38 8 Thread 0x7fffbb6d2700 (LWP 19278) "queue0:src" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38 9 Thread 0x7fffbae80700 (LWP 19279) "queue2:src" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38 10 Thread 0x7fffba62e700 (LWP 19280) "viewfinderbin-q" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38 11 Thread 0x7fffb9ddc700 (LWP 19281) "queue1:src" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38 12 Thread 0x7fffb958a700 (LWP 19282) "preview-appsrc:" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38 13 Thread 0x7fffb8d38700 (LWP 19283) "queue3:src" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38 14 Thread 0x7fff97fff700 (LWP 19284) "v4l2src0:src" 0x00007ffff374ecf6 in __GI_ppoll (fds=0x7fff900151a0, nfds=2, timeout=<optimised out>, sigmask=0x0) at ../sysdeps/unix/sysv/linux/ppoll.c:39 * 15 Thread 0x7fff9759b700 (LWP 19285) "QSGRenderThread" 0x00000000400b0e71 in ?? () 16 Thread 0x7fff969b2700 (LWP 19293) "pool" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38 (gdb) q
Crash is in the NVIDIA binary OpenGL drivers. If this is reproducible, please report this issue directly to NVIDIA developers via https://forums.developer.nvidia.com/t/if-you-have-a-problem-please-read-this-first/27131
(In reply to Christoph Feck from comment #1) > Crash is in the NVIDIA binary OpenGL drivers. If this is reproducible, > please report this issue directly to NVIDIA developers via > https://forums.developer.nvidia.com/t/if-you-have-a-problem-please-read-this- > first/27131 No other video application crashes in NVidia drivers, apart from kamoso. Given that, it is much more likely the bug is in kamoso, not NVidia drivers. But I know some developers refuse to investigate and fix their bugs when they see nvidia binary driver in the stack trace.
If we had the sources of the driver we could investigate. The backtrace doesn't even have symbol information for the driver to check which function was being called.
(In reply to Christoph Feck from comment #3) > If we had the sources of the driver we could investigate. The backtrace > doesn't even have symbol information for the driver to check which function > was being called. Some more info: VideoMaterial::bindTexture calls glTexImage2D and this call crashes: #12 0x00007fffc1e5c4ac in VideoMaterial::bindTexture(int, unsigned char const*) () from /usr/lib/x86_64-linux-gnu/gstreamer-1.0/libgstqt5videosink.so (gdb) disassemble Dump of assembler code for function _ZN13VideoMaterial11bindTextureEiPKh: 0x00007fffc1e5c460 <+0>: movsxd rsi,esi 0x00007fffc1e5c463 <+3>: push r12 0x00007fffc1e5c465 <+5>: push rbp 0x00007fffc1e5c466 <+6>: push rbx 0x00007fffc1e5c467 <+7>: lea rbx,[rdi+rsi*4] 0x00007fffc1e5c46b <+11>: mov rbp,rdi 0x00007fffc1e5c46e <+14>: mov edi,0xde1 0x00007fffc1e5c473 <+19>: mov r12,rdx 0x00007fffc1e5c476 <+22>: mov esi,DWORD PTR [rbx+0x2c] 0x00007fffc1e5c479 <+25>: call 0x7fffc1e56b40 <glBindTexture@plt> 0x00007fffc1e5c47e <+30>: movsxd rax,DWORD PTR [rbx+0x50] 0x00007fffc1e5c482 <+34>: sub rsp,0x8 0x00007fffc1e5c486 <+38>: mov ecx,DWORD PTR [rbx+0x38] 0x00007fffc1e5c489 <+41>: mov edx,DWORD PTR [rbp+0x6c] 0x00007fffc1e5c48c <+44>: xor r9d,r9d 0x00007fffc1e5c48f <+47>: xor esi,esi 0x00007fffc1e5c491 <+49>: mov edi,0xde1 0x00007fffc1e5c496 <+54>: add r12,rax 0x00007fffc1e5c499 <+57>: push r12 0x00007fffc1e5c49b <+59>: mov eax,DWORD PTR [rbp+0x70] 0x00007fffc1e5c49e <+62>: push rax 0x00007fffc1e5c49f <+63>: mov eax,DWORD PTR [rbp+0x68] 0x00007fffc1e5c4a2 <+66>: push rax 0x00007fffc1e5c4a3 <+67>: mov r8d,DWORD PTR [rbx+0x44] 0x00007fffc1e5c4a7 <+71>: call 0x7fffc1e56ad0 <glTexImage2D@plt> => 0x00007fffc1e5c4ac <+76>: add rsp,0x20 0x00007fffc1e5c4b0 <+80>: mov edx,0x2601 0x00007fffc1e5c4b5 <+85>: mov esi,0x2800 0x00007fffc1e5c4ba <+90>: mov edi,0xde1 0x00007fffc1e5c4bf <+95>: call 0x7fffc1e56340 <glTexParameteri@plt> 0x00007fffc1e5c4c4 <+100>: mov edx,0x2601 0x00007fffc1e5c4c9 <+105>: mov esi,0x2801 0x00007fffc1e5c4ce <+110>: mov edi,0xde1 0x00007fffc1e5c4d3 <+115>: call 0x7fffc1e56340 <glTexParameteri@plt> 0x00007fffc1e5c4d8 <+120>: mov edx,0x812f 0x00007fffc1e5c4dd <+125>: mov esi,0x2802 0x00007fffc1e5c4e2 <+130>: mov edi,0xde1 0x00007fffc1e5c4e7 <+135>: call 0x7fffc1e56340 <glTexParameteri@plt> 0x00007fffc1e5c4ec <+140>: pop rbx 0x00007fffc1e5c4ed <+141>: pop rbp 0x00007fffc1e5c4ee <+142>: pop r12 0x00007fffc1e5c4f0 <+144>: mov edx,0x812f 0x00007fffc1e5c4f5 <+149>: mov esi,0x2803 0x00007fffc1e5c4fa <+154>: mov edi,0xde1 0x00007fffc1e5c4ff <+159>: jmp 0x7fffc1e56340 <glTexParameteri@plt> Registers in glTexImage2D just before the crash: Thread 15 "QSGRenderThread" hit Breakpoint 1, 0x00007ffff0866700 in glTexImage2D () from /usr/lib/x86_64-linux-gnu/libGL.so.1 (gdb) info registers rax 0x1907 6407 rbx 0x7fff881b5da4 140735476882852 rcx 0x7f 127 rdx 0x8051 32849 rsi 0x0 0 rdi 0xde1 3553 rbp 0x7fff881b5da0 0x7fff881b5da0 rsp 0x7fff9f7fd678 0x7fff9f7fd678 r8 0x7f 127 r9 0x0 0 r10 0x1 1 r11 0x3f800000 1065353216 r12 0x7fff98e56593 140735758558611 r13 0x7fff940266b0 140735676573360 r14 0x7fff9f7fd760 140735869343584 r15 0x7fff8816a140 140735476572480 rip 0x7ffff0866700 0x7ffff0866700 <glTexImage2D> eflags 0x206 [ PF IF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 (gdb) x/4xa $rsp 0x7fff9f7fd678: 0x7fffc1e5c4ac <_ZN13VideoMaterial11bindTextureEiPKh+76> 0x1907 0x7fff9f7fd688: 0x1401 0x7fff98e56593 The first 6 args of glTexImage2D are in registers above, the other 3 args are in the stack.