Skip to content

SIGILL in parse_display_range_limits() due to overflow of max_pixel_clock_hz

Saw this preventing startplasma-wayland from working while packaging and starting to run KDE Plasma 6 on https://chimera-linux.org/:

$ lldb -c coredump-1698747008-kwin_wayland.1295
(lldb) target create --core "coredump-1698747008-kwin_wayland.1295"
Core file 'coredump-1698747008-kwin_wayland.1295' (x86_64) was loaded.
(lldb) bt
* thread #1, name = 'kwin_wayland', stop reason = signal SIGILL
  * frame #0: 0x00007f415d60e8cb libdisplay-info.so.1`_di_edid_parse [inlined] parse_display_range_limits(edid=0x00007f4159f0fba0, data="", priv=0x00007f415a71cb88) at edid.c:0
    frame #1: 0x00007f415d60e8cb libdisplay-info.so.1`_di_edid_parse [inlined] parse_byte_descriptor(edid=0x00007f4159f0fba0, data="") at edid.c:1076:8
    frame #2: 0x00007f415d60e8c9 libdisplay-info.so.1`_di_edid_parse(data=0x00007f416121c9f0, size=<unavailable>, failure_msg_file=<unavailable>) at edid.c:1271:8
    frame #3: 0x00007f415d60fb35 libdisplay-info.so.1`di_info_parse_edid(data=0x00007f416121c9f0, size=256) at info.c:27:9
    frame #4: 0x00007f4160de17fe libkwin.so.5`KWin::Edid::Edid(this=0x00007ffee51cd910, data=0x00007f416121c9f0, size=256) at edid.cpp:104:17
    frame #5: 0x00007f4160d70176 libkwin.so.5`KWin::DrmConnector::updateProperties(this=0x00007f4159f14c38) at drm_connector.cpp:262:18
    frame #6: 0x00007f4160d84233 libkwin.so.5`KWin::DrmGpu::updateOutputs() [inlined] KWin::DrmObject::init(this=0x00007f4159f14c38) at drm_object.cpp:30:12
    frame #7: 0x00007f4160d84229 libkwin.so.5`KWin::DrmGpu::updateOutputs(this=0x00007f4159d02ed0) at drm_gpu.cpp:273:24
    frame #8: 0x00007f4160d62985 libkwin.so.5`KWin::DrmBackend::updateOutputs(this=0x00007f415bb06050) at drm_backend.cpp:252:20
    frame #9: 0x00007f415e34c1f8 libQt6Core.so.6`::doActivate<false>() [inlined] call at qobjectdefs_impl.h:433:51
    frame #10: 0x00007f415e34c1e1 libQt6Core.so.6`::doActivate<false>() at qobject.cpp:4021:26
    frame #11: 0x00007f4160ad26c5 libkwin.so.5`KWin::WaylandCompositor::start() [inlined] KWin::Compositor::sceneCreated(this=0x00007f415d3b2990) at moc_compositor.cpp:263:5
    frame #12: 0x00007f4160ad26af libkwin.so.5`KWin::WaylandCompositor::start(this=0x00007f415d3b2990) at compositor_wayland.cpp:183:12
    frame #13: 0x00007f415e342aa9 libQt6Core.so.6`::event() at qobject.cpp:1437:18
    frame #14: 0x00007f415f0911d1 libQt6Widgets.so.6`::notify_helper() at qapplication.cpp:3290:26
    frame #15: 0x00007f415f092257 libQt6Widgets.so.6`::notify() at qapplication.cpp:0:18
    frame #16: 0x00007f415e2f7123 libQt6Core.so.6`::notifyInternal2() at qcoreapplication.cpp:1118:18
    frame #17: 0x00007f415e2f839a libQt6Core.so.6`::sendPostedEvents() [inlined] sendEvent at qcoreapplication.cpp:1536:12
    frame #18: 0x00007f415e2f838b libQt6Core.so.6`::sendPostedEvents() at qcoreapplication.cpp:1898:9
    frame #19: 0x00007f415e497cff libQt6Core.so.6`::processEvents() at qeventdispatcher_unix.cpp:432:5
    frame #20: 0x00007f415ed4a14a libQt6Gui.so.6`QUnixEventDispatcherQPA::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) at qunixeventdispatcher.cpp:27:54
    frame #21: 0x00007f415e301c0a libQt6Core.so.6`::exec() [inlined] processEvents at qeventloop.cpp:100:55
    frame #22: 0x00007f415e301bed libQt6Core.so.6`::exec() at qeventloop.cpp:182:9
    frame #23: 0x00007f415e2f77f9 libQt6Core.so.6`::exec() at qcoreapplication.cpp:1439:32
    frame #24: 0x0000555ad40371bf kwin_wayland`main(argc=<unavailable>, argv=0x00007ffee51ce698) at main_wayland.cpp:608:12
    frame #25: 0x00007f416145824a ld-musl-x86_64.so.1`libc_start_main_stage2(main=(kwin_wayland`main at main_wayland.cpp:256), argc=<unavailable>, argv=0x00007ffee51ce698) at __libc_start_main.c:95:7
    frame #26: 0x0000555ad4005f56 kwin_wayland`_start + 22

I can reproduce this 100% of the time under a Chimera Linux QEMU/KVM with virtio-gpu on latest git master commit of KDE framework/plasma packages and both libdisplay-info 0.1.1 and tip of main (8829bab6) with https://gitlab.freedesktop.org/emersion/libdisplay-info/-/blob/0.1.1/edid.c#L559 being the exact line it encounters a SIGILL on: data[9] = 255 which overflows the multiplication to 2550000000 past the int32_t's 2147483647 max if I understand this correctly.

I'm happy to provide any other information to solve this issue, at the moment my "workaround" in kwin to get it initially running was the following which I'd rather get rid of sooner than later:

--- a/src/utils/edid.cpp
+++ b/src/utils/edid.cpp
@@ -101,6 +101,7 @@ Edid::Edid(const void *data, uint32_t size)
 
     const uint8_t *bytes = static_cast<const uint8_t *>(data);
 
+    return; // FIXME: below crashes on chimera kvm
     auto info = di_info_parse_edid(data, size);
     if (!info) {
         return;
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information