Caught by covscan:
spice/server/spice_bitmap_utils.c:54: var_decl: Declaring variable "n_pixel_bits" without initializer.
spice/server/spice_bitmap_utils.c:106: uninit_use: Using uninitialized value "n_pixel_bits".
In reds_send_link_ack(), lookup the channel with the same id as the link
message.
The bug was found during code review a while ago.
A reproducer bug was later reported:
https://bugzilla.redhat.com/show_bug.cgi?id=1058625
When adding Opus support, SPICE_INTERFACE_PLAYBACK_FREQ and
SPICE_INTERFACE_RECORD_FREQ in the public header 'spice.h' were changed
from 44100 to 48000.
However, this was not really useful as these constants are not used in
spice-server, but only by users of spice-server (ie QEMU).
It turns out changing these values is actually harmful. QEMU uses these
constants in 2 situations:
1. when it's a version of QEMU with this commit, but we are compiling
against older spice-server headers (before Opus support was added)
2. when it's a version of QEMU without commit 795ca114d35 which added
what is needed for Opus support
When we are in the second situation, having 48000 in the public header
will actually cause issues as spice-server will know QEMU does not
support Opus, so internally spice-server will be using a 44100 rate for
audio. However, QEMU will be using SPICE_INTERFACE_.*_FREQ and think it
should use a 48000 rate, which will cause distorsions as experienced in
bug https://bugzilla.redhat.com/show_bug.cgi?id=1129961
Reverting these constants back to 44100 will fix audio in the 'new
spice-server/old QEMU' scenario, and won't cause issues either when both
support Opus as in this case these constants are not used.
The beginning of the surface data needs to be computed correctly if the
stride is negative, otherwise, it should point already to the beginning
of the surface data. This bug seems to exists since 4a208b (0.5.2)
https://bugzilla.redhat.com/show_bug.cgi?id=1029646
Some users have been reaching this error:
snd_receive: ASSERT n failed
A misbehaving client could easily hit that condition by sending too big
messages. Instead of assert(), replace with a warning. When a message
too big to fit is received, it will simply disconnect the channel.
https://bugzilla.redhat.com/show_bug.cgi?id=962187
If mjpeg_encoder_reset_quality() is called with the same quality as currently
set, it will not reset last_enc_size but not reset num_recent_enc_frames,
violating some assumptions in _adjust_params_to_bit_rate(). To avoid aborting
the server, simply return early from this function.
Resolves: rhbz#1086820
https://bugs.freedesktop.org/show_bug.cgi?id=79246
As a developer, I maybe want to see the detail compress stat of spice, like this:
Method count orig_size(MB) enc_size(MB) enc_time(s)
QUIC 846 948.02 147.22 7.51
GLZ 2895 594.90 26.60 1.33
ZLIB GLZ 0 0.00 0.00 0.00
LZ 1 3.15 0.01 0.00
JPEG 0 0.00 0.00 0.00
JPEG-RGBA 0 0.00 0.00 0.00
----------------------------------------------------------------------------
Total 3742 1546.07 173.83 8.84
But when I uncommented the COMPRESS_STAT and COMPRESS_DEBUG in red_worker.c and make.
I got some error(in Bugzilla). This error because of some simple syntax errors.
Commit this patch to fix this issue.
Signed-off-by: Wang Qiang <wangqiang.hunan@gmail.com>
gcc's some integer type definitions are different between 32/64bit system.
This causes platform dependency problem with printf function. However,
we can avoid this problem by using PRI macros that supports platform
independent printf.
9feed69 moved the async reader code to RedsStream so that it can be used
for the SASL authentication code. In particular, it introduced a
RedsStream::async_read member which is used by the SASL authentication code
for its async operations.
However, what was not done is to remove the now redundant
RedLinkInfo::async_read field. This causes failures when using SASL
authentication as the async read error callback is getting set
on the RedLinkInfo::async_read structure, but then the SASL code is trying
to use the RedeStream::async_read structure for its async IOs, which do not
have the needed error callback set.
This commit makes use of the newly introduced reds_stream_async_read()
helper in order to make use of RedsStream::async_read.
This replaces async_read_set_error_handler() which was unused. This sets a
callback to be called when an async operation fails.
We could pass the error_handler to each reds_stream_async_read() call, but as
we will be using the same one for all async calls, it's more convenient to set it
once and for all.
AsyncRead is going to be private to reds_stream.c in one of the next
commits, and the error handler will need to be set from reds.c,
hence the move to a public RedsStream method.
There are 2 SASL-related function prototypes which are unused in the
--without-sasl case. They cause a warning, and a build failure
when using -Werror. Wrapping them in #if HAVE_SASL avoids this issue.
This can fail in fips mode for example. If we ignore the failure, we'll get
a crash:
#0 0x00007f38d63728a0 in BN_num_bits () from /lib64/libcrypto.so.10
#1 0x00007f38d639661d in RSA_size () from /lib64/libcrypto.so.10
#2 0x00007f38d7991762 in reds_handle_read_link_done () from /lib64/libspice-server.so.1
#3 0x00007f38d7990c06 in spice_server_add_client () from /lib64/libspice-server.so.1
#4 0x00007f38d7990c6a in reds_accept () from /lib64/libspice-server.so.1
#5 0x00007f38dc0d2946 in qemu_iohandler_poll (pollfds=0x7f38dedce200, ret=755449965, ret@entry=1) at iohandler.c:143
#6 0x00007f38dc0d6ea8 in main_loop_wait (nonblocking=<optimized out>) at main-loop.c:465
#7 0x00007f38dbffd7c0 in main_loop () at vl.c:1988
#8 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4357
This commit will cause the client connection to fail but qemu won't
segfault.
static void _spice_timer_set(SpiceTimer *timer, uint32_t ms, uint32_t now)
The _spice_timer_set() function takes a 32-bit integer for the "now" value.
The now value passed in however, can exceed 2^32 (it's in ms and derived
from CLOCK_MONOTONIC, which will wrap around a 32-bit integer in around 46
days).
If the now value passed in exceeds 2^32, this will mean timers are inserted
into the active list with expiry values before the current time, they will
immediately trigger, and (if they don't make themselves inactive) be
reinserted still before the current time.
This leads to an infinite loop in spice_timer_queue_cb().
https://bugzilla.redhat.com/show_bug.cgi?id=1072700
For example, with qemu, a webdav channel can be created this way:
-chardev spiceport,name=org.spice-space.webdav.0,...
And redirected to a virtio port:
-device virtserialport,...,name=org.spice-space.webdav.0
When trying to start mjpeg compression mode, mjpeg_encoder_start_frame()
tests the image format as its only able to compress 24/32bpp images. On
images with lower bit depths, we return MJPEG_ENCODER_FRAME_UNSUPPORTED to
indicate this is not a format we can compress. However, this return goes
with a spice_warning("unsupported format"). As the rest of the code can
cope with this unsupported format by not doing mjpeg compression, it's
nicer to downgrade this spice_warning() to spice_debug().
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1070028
The private data is allocated at the same time as RedsStream and
goes immediatly after the main RedsStream data.
This private member will allow to hide internal RedsStream
implementation details from the rest of spice-server.
SASL authentication mostly use members from RedsStream to do its work, so
it makes sense to have its code in reds_stream.c. This should allow to make
RedsStream::sasl private in the future.
The AsyncRead structure in reds.h wraps an async read + callback to
be done on a stream. Moving it to reds_stream.h is needed in order
to move SASL authentication there.
Now that stream creation and SSL enabling are done by helpers
in reds_stream.c, we can move the initialization of the vfunc
read/write pointers there too.
Initializing a new stream means initializing quite a few fields.
This commit factors this initialization in a dedicated reds_stream_new
helper. This also helps moving more code from reds.c to reds_stream.c
test-display-streaming is calling malloc() without checking its return
value. Coverity warns about this. This commit switches to g_malloc() to
sidestep this warning (g_malloc() never returns NULL but aborts instead).
