On 18.01.2018 16:33, Paolo Bonzini wrote: > On 18/01/2018 15:50, Peter Maydell wrote: >> On 18 January 2018 at 14:46, Paolo Bonzini <pbonz...@redhat.com> wrote: >>> On 18/01/2018 15:12, Daniel P. Berrange wrote: >>>>> In addition to that, do we support a >= 2 GiB framebuffer at all? (Even >>>>> with unsigned ints, Coverity would rightly complain about a truncated >>>>> 32-bit multiplication being assigned to a 64-bit value). >>>> client_width/client_height are values that are initialized from the >>>> graphics card frontend config, and thus limited by amount of video >>>> RAM QEMU allows. bytes_per_pixel is limited to 8/16/32. >>>> >>>> So I think we're safe from 2GB overflow in any normal case. >>>> >>>> That said, VGA RAM size is configurable, so I'm curious what would happen >>>> if someone configured an insanely large VGA RAM and asked for a big frame >>>> buffer in guest. >>>> >>>> VNC is protocol limited to uint16 for width/height size, and so is X11 >>>> so I imagine some exploding behavour would follow :-) >>> >>> Indeed, and even 2^16 x 2^16 * 32bpp is already 34 bits. So perhaps we >>> should limit VNC to 16384 pixels on each axis (maximum frame buffer size >>> 1 GiB). >> >> Google says you can already get graphics cards that can do 15360x8640, >> which is really quite close to that 16384 limit... > > Then we can do 32767 * 16384 * 4, but I'm a bit afraid of off-by-ones.
Simply limit it to 30000 * 20000 ? Thomas
