graphic: 0.181
semantic: 0.130
device: 0.107
network: 0.081
PID: 0.074
vnc: 0.067
boot: 0.062
other: 0.056
permissions: 0.055
socket: 0.048
files: 0.044
performance: 0.043
debug: 0.032
KVM: 0.019
debug: 0.534
semantic: 0.078
PID: 0.059
files: 0.059
other: 0.059
performance: 0.059
boot: 0.030
KVM: 0.024
socket: 0.020
device: 0.019
network: 0.019
graphic: 0.018
permissions: 0.013
vnc: 0.009

wrgsbase misemulated in x86_64-softmmu

qemu revision: cfe4cade054c0e0d00d0185cdc433a9e3ce3e2e4
command: ./qemu-system-x86_64 -m 2048 -nographic -net none -smp 4,threads=2 -machine q35 -kernel zircon.bin -cpu Haswell,+smap,-check -initrd bootdata.bin -append 'TERM=screen kernel.halt-on-panic=true '

On this revision, the VM reports CPUID.07H.0H.EBX[0] = 1.  In this VM, with CR4[16] set to 1, wrgsbase triggers #UD, which mismatches the behavior described in Intel's instruction reference.

For further data, the faulting instruction is
f3 48 0f ae df          wrgsbase %rdi

Fix is in staging: https://github.com/ehabkost/qemu/commit/cdcc80d41360e278b45c91de29a29d797264e85d

Fix is in master: https://github.com/qemu/qemu/commit/e0dd5fd41a1a38766009f442967fab700d2d0550