From: Peter Maydell <peter.maydell@linaro.org>
To: Gerd Hoffmann <kraxel@redhat.com>
Cc: QEMU Developers <qemu-devel@nongnu.org>
Subject: Re: [Qemu-devel] [PULL 10/14] ui: fix VNC client throttling when audio capture is active
Date: Thu, 18 Jan 2018 13:29:35 +0000 [thread overview]
Message-ID: <CAFEAcA8UAbOvZuhxwjD2zAA7GBGucD8MAf5E0h05tb3NXKdGqw@mail.gmail.com> (raw)
In-Reply-To: <20180112125854.18261-11-kraxel@redhat.com>
On 12 January 2018 at 12:58, Gerd Hoffmann <kraxel@redhat.com> wrote:
> From: "Daniel P. Berrange" <berrange@redhat.com>
>
> The VNC server must throttle data sent to the client to prevent the 'output'
> buffer size growing without bound, if the client stops reading data off the
> socket (either maliciously or due to stalled/slow network connection).
Hi. Coverity (CID 1385147) complains about a suspicious sign extension
in this patch:
> +/*
> + * Figure out how much pending data we should allow in the output
> + * buffer before we throttle incremental display updates, and/or
> + * drop audio samples.
> + *
> + * We allow for equiv of 1 full display's worth of FB updates,
> + * and 1 second of audio samples. If audio backlog was larger
> + * than that the client would already suffering awful audio
> + * glitches, so dropping samples is no worse really).
> + */
> +static void vnc_update_throttle_offset(VncState *vs)
> +{
> + size_t offset =
> + vs->client_width * vs->client_height * vs->client_pf.bytes_per_pixel;
because the multiply is done with the "int" type, and then may
be sign-extended when converted to the probably-64-bit unsigned
size_t, resulting in the high bits all being set if the
multiply ended up with a 1 in bit 31.
thanks
-- PMM
next prev parent reply other threads:[~2018-01-18 13:29 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-12 12:58 [Qemu-devel] [PULL 00/14] Vnc 20180112 patches Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 01/14] vnc: fix debug spelling Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 02/14] ui: remove 'sync' parameter from vnc_update_client Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 03/14] ui: remove unreachable code in vnc_update_client Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 04/14] ui: remove redundant indentation in vnc_client_update Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 05/14] ui: avoid pointless VNC updates if framebuffer isn't dirty Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 06/14] ui: track how much decoded data we consumed when doing SASL encoding Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 07/14] ui: introduce enum to track VNC client framebuffer update request state Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 08/14] ui: correctly reset framebuffer update state after processing dirty regions Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 09/14] ui: refactor code for determining if an update should be sent to the client Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 10/14] ui: fix VNC client throttling when audio capture is active Gerd Hoffmann
2018-01-18 13:29 ` Peter Maydell [this message]
2018-01-18 13:36 ` Daniel P. Berrange
2018-01-18 13:54 ` Paolo Bonzini
2018-01-18 14:12 ` Daniel P. Berrange
2018-01-18 14:46 ` Paolo Bonzini
2018-01-18 14:50 ` Peter Maydell
2018-01-18 15:33 ` Paolo Bonzini
2018-01-18 16:06 ` Thomas Huth
2018-01-18 16:13 ` Paolo Bonzini
2018-01-25 9:08 ` Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 11/14] ui: fix VNC client throttling when forced update is requested Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 12/14] ui: place a hard cap on VNC server output buffer size Gerd Hoffmann
2018-01-12 16:40 ` Peter Maydell
2018-01-12 16:50 ` Daniel P. Berrange
2018-01-12 12:58 ` [Qemu-devel] [PULL 13/14] ui: add trace events related to VNC client throttling Gerd Hoffmann
2018-01-12 12:58 ` [Qemu-devel] [PULL 14/14] ui: mix misleading comments & return types of VNC I/O helper methods Gerd Hoffmann
2018-01-12 16:41 ` [Qemu-devel] [PULL 00/14] Vnc 20180112 patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAFEAcA8UAbOvZuhxwjD2zAA7GBGucD8MAf5E0h05tb3NXKdGqw@mail.gmail.com \
--to=peter.maydell@linaro.org \
--cc=kraxel@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.