From ed068200358463389164df4e0fabc7507254cf9c Mon Sep 17 00:00:00 2001 From: Sebastian Wick Date: Tue, 10 Oct 2023 16:05:14 +0200 Subject: [PATCH] kms/impl-device/atomic: Fix stack overflow Intel has started to advertise big gamma LUT sizes on some hardware because the hardware supports segmented LUTs. This means they have a lot more precision at certain segments then others. The uAPI can't expose this functionality meaningfully so they chose to expose a huge number of TAPs to sample from to their segmented LUT. This increase in uAPI LUT size resulted in stack overflows because we allocated the LUT on the stack. This commit moves it to the heap instead. Closes: https://gitlab.gnome.org/GNOME/mutter/-/issues/3064 Part-of: --- src/backends/native/meta-kms-impl-device-atomic.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/backends/native/meta-kms-impl-device-atomic.c b/src/backends/native/meta-kms-impl-device-atomic.c index d3fd77268..f7f0d60bb 100644 --- a/src/backends/native/meta-kms-impl-device-atomic.c +++ b/src/backends/native/meta-kms-impl-device-atomic.c @@ -675,10 +675,12 @@ process_crtc_color_updates (MetaKmsImplDevice *impl_device, if (color_update->gamma.has_update) { MetaGammaLut *gamma = color_update->gamma.state; - struct drm_color_lut drm_color_lut[gamma->size]; + g_autofree struct drm_color_lut *drm_color_lut = NULL; int i; uint32_t color_lut_blob_id; + drm_color_lut = g_new (struct drm_color_lut, gamma->size); + for (i = 0; i < gamma->size; i++) { drm_color_lut[i].red = gamma->red[i];