Bug 757132

Created attachment 559301 [details]
insane console in early boot

The boot failure in comment#8 is unrelated.

I was confused.  The patched code affects QEMU's virtual console, *not* the guest's text console.  Here's a way to test the QEMU console.

1. Configure a serial device connected to a "vc" character device:

    -chardev vc,id=serial0 -device isa-serial,chardev=serial0

   Make sure it's the only serial device configured, or else you may have to echo to another character device file in step 4.

2. Start vncviewer.  Ctrl-Alt-<number> switches between virtual consoles.  Find the one that shows "serial0 console" in the top left corner.  That's the one connected to our serial device.

3. Boot the guest.

4. You should be able to login on one of the virtual consoles now. Which one doesn't matter.  Run "echo -e 'eins\e[4mzwei\e[mdrei' >/dev/ttyS0".

This should draw "einszweidrei" with "zwei" underlined on the virtual console connected to our serial device.

Bug is reproduced when you can see crap pixels near the "zwei" with the unpatched qemu-kvm.  It may not be reproducible.

Fix is verified when there aren't any crap pixels near "zwei" with the patched qemu-kvm.

Created attachment 560884 [details]
the snapshot of serial console

Hi Markus,
 I really appreciate it. But seems still fails to reproduce, please see the snapshot.

Tried the steps mentioned in Comment #10, with qemu-kvm-0.12.1.2-2.225.el6.x86_64.rpm, I don't see any crap pixels near the "zwei" on the virtual console after "echo -e 'eins\e[4mzwei\e[mdrei' >/dev/ttyS0"

CLI:
# /usr/libexec/qemu-kvm  -M rhel6.2.0 -enable-kvm -m 2048 -smp 2,sockets=1,cores=2,threads=1 -name rhel6.2 -uuid 9a2fcf21-04e9-3737-6c3c-85011ce1a90c -rtc base=utc -boot menu=on -drive file=/home/rhel6.2.qcow2,if=none,id=drive-virtio-disk0,cache=none,werror=stop,rerror=stop,format=qcow2 -device virtio-blk-pci,drive=drive-virtio-disk0,id=virtio-disk0 -vga qxl -vnc :1 -monitor stdio -nodefaults -chardev vc,id=serial -device isa-serial,chardev=serial



Markus,
 Could you tell if the results are good enough to verify this bug? Thanks!

The bug has always been theoretical.  We decided to fix it because the patch is simple and low risk.  Your testing indicates that the patch is safe.  That's good enough for me.  Thanks!

    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Cause:
Invalid font data.

Consequence:
Crap pixels are being drawn to VGA console.

Fix:
Right data are now being set.

Result:
VGA console doesn't show any crap pixels.

    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1,11 +1,11 @@
 Cause:
-Invalid font data.
+Implementation of VGA underline attribute can read beyond an array.
 
 Consequence:
-Crap pixels are being drawn to VGA console.
+Crap pixels in underlined characters might be visible with a guest running a non-framebuffer text console.  Never actually reproduced.
 
 Fix:
-Right data are now being set.
+Don't read beyond the array.
 
 Result:
-VGA console doesn't show any crap pixels.+Static analysis is happy.  I doubt this is worth a tech note, but I'm leaving that to the people in charge of them.

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0746.html