1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
|
permissions: 0.963
peripherals: 0.961
assembly: 0.954
architecture: 0.952
semantic: 0.951
PID: 0.949
kernel: 0.949
debug: 0.945
arm: 0.943
boot: 0.938
ppc: 0.937
files: 0.937
alpha: 0.933
system: 0.932
network: 0.930
TCG: 0.930
graphic: 0.927
virtual: 0.927
socket: 0.926
vnc: 0.926
device: 0.926
operating system: 0.913
register: 0.913
i386: 0.905
performance: 0.905
KVM: 0.891
VMM: 0.887
hypervisor: 0.886
risc-v: 0.883
user-level: 0.879
x86: 0.858
mistranslation: 0.855
[Bug] QEMU TCG warnings after commit c6bd2dd63420 - HTT / CMP_LEG bits
Hi Community,
This email contains 3 bugs appear to share the same root cause.
[1] We ran into the following warnings when running QEMU v10.0.0 in TCG mode:
qemu-system-x86_64 \
-machine q35 \
-m 4G -smp 4 \
-kernel ./arch/x86/boot/bzImage \
-bios /usr/share/ovmf/OVMF.fd \
-drive file=~/kernel/rootfs.ext4,index=0,format=raw,media=disk \
-drive file=~/kernel/swap.img,index=1,format=raw,media=disk \
-nographic \
-append 'root=/dev/sda rw resume=/dev/sdb console=ttyS0 nokaslr'
qemu-system-x86_64: warning: TCG doesn't support requested feature:
CPUID.01H:EDX.ht [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature:
CPUID.80000001H:ECX.cmp-legacy [bit 1]
(repeats 4 times, once per vCPU)
Tracing the history shows that commit c6bd2dd63420 "i386/cpu: Set up CPUID_HT in
x86_cpu_expand_features() instead of cpu_x86_cpuid()" is what introduced the
warnings.
Since that commit, TCG unconditionally advertises HTT (CPUID 1 EDX[28]) and
CMP_LEG (CPUID 8000_0001 ECX[1]). Because TCG itself has no SMT support, these
bits trigger the warnings above.
[2] Also, Zhao pointed me to a similar report on GitLab:
https://gitlab.com/qemu-project/qemu/-/issues/2894
The symptoms there look identical to what we're seeing.
By convention we file one issue per email, but these two appear to share the
same root cause, so I'm describing them together here.
[3] My colleague Alan noticed what appears to be a related problem: if we launch
a guest with '-cpu <model>,-ht --enable-kvm', which means explicitly removing
the ht flag, but the guest still reports HT(cat /proc/cpuinfo in linux guest)
enabled. In other words, under KVM the ht bit seems to be forced on even when
the user tries to disable it.
Best regards,
Ewan
On 4/29/25 11:02 AM, Ewan Hai wrote:
Hi Community,
This email contains 3 bugs appear to share the same root cause.
[1] We ran into the following warnings when running QEMU v10.0.0 in TCG mode:
qemu-system-x86_64 \
 -machine q35 \
 -m 4G -smp 4 \
 -kernel ./arch/x86/boot/bzImage \
 -bios /usr/share/ovmf/OVMF.fd \
 -drive file=~/kernel/rootfs.ext4,index=0,format=raw,media=disk \
 -drive file=~/kernel/swap.img,index=1,format=raw,media=disk \
 -nographic \
 -append 'root=/dev/sda rw resume=/dev/sdb console=ttyS0 nokaslr'
qemu-system-x86_64: warning: TCG doesn't support requested feature:
CPUID.01H:EDX.ht [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature:
CPUID.80000001H:ECX.cmp-legacy [bit 1]
(repeats 4 times, once per vCPU)
Tracing the history shows that commit c6bd2dd63420 "i386/cpu: Set up CPUID_HT in
x86_cpu_expand_features() instead of cpu_x86_cpuid()" is what introduced the
warnings.
Since that commit, TCG unconditionally advertises HTT (CPUID 1 EDX[28]) and
CMP_LEG (CPUID 8000_0001 ECX[1]). Because TCG itself has no SMT support, these
bits trigger the warnings above.
[2] Also, Zhao pointed me to a similar report on GitLab:
https://gitlab.com/qemu-project/qemu/-/issues/2894
The symptoms there look identical to what we're seeing.
By convention we file one issue per email, but these two appear to share the
same root cause, so I'm describing them together here.
[3] My colleague Alan noticed what appears to be a related problem: if we launch
a guest with '-cpu <model>,-ht --enable-kvm', which means explicitly removing
the ht flag, but the guest still reports HT(cat /proc/cpuinfo in linux guest)
enabled. In other words, under KVM the ht bit seems to be forced on even when
the user tries to disable it.
XiaoYao reminded me that issue [3] stems from a different patch. Please ignore
it for nowâI'll start a separate thread to discuss that one independently.
Best regards,
Ewan
On 4/29/2025 11:02 AM, Ewan Hai wrote:
Hi Community,
This email contains 3 bugs appear to share the same root cause.
[1] We ran into the following warnings when running QEMU v10.0.0 in TCG
mode:
qemu-system-x86_64 \
 -machine q35 \
 -m 4G -smp 4 \
 -kernel ./arch/x86/boot/bzImage \
 -bios /usr/share/ovmf/OVMF.fd \
 -drive file=~/kernel/rootfs.ext4,index=0,format=raw,media=disk \
 -drive file=~/kernel/swap.img,index=1,format=raw,media=disk \
 -nographic \
 -append 'root=/dev/sda rw resume=/dev/sdb console=ttyS0 nokaslr'
qemu-system-x86_64: warning: TCG doesn't support requested feature:
CPUID.01H:EDX.ht [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature:
CPUID.80000001H:ECX.cmp-legacy [bit 1]
(repeats 4 times, once per vCPU)
Tracing the history shows that commit c6bd2dd63420 "i386/cpu: Set up
CPUID_HT in x86_cpu_expand_features() instead of cpu_x86_cpuid()" is
what introduced the warnings.
Since that commit, TCG unconditionally advertises HTT (CPUID 1 EDX[28])
and CMP_LEG (CPUID 8000_0001 ECX[1]). Because TCG itself has no SMT
support, these bits trigger the warnings above.
[2] Also, Zhao pointed me to a similar report on GitLab:
https://gitlab.com/qemu-project/qemu/-/issues/2894
The symptoms there look identical to what we're seeing.
By convention we file one issue per email, but these two appear to share
the same root cause, so I'm describing them together here.
It was caused by my two patches. I think the fix can be as follow.
If no objection from the community, I can submit the formal patch.
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 1f970aa4daa6..fb95aadd6161 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -776,11 +776,12 @@ void x86_cpu_vendor_words2str(char *dst, uint32_t
vendor1,
CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC | CPUID_SEP | \
CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \
- CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE)
+ CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE | \
+ CPUID_HT)
/* partly implemented:
CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */
/* missing:
- CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */
+ CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_TM, CPUID_PBE */
/*
* Kernel-only features that can be shown to usermode programs even if
@@ -848,7 +849,8 @@ void x86_cpu_vendor_words2str(char *dst, uint32_t
vendor1,
#define TCG_EXT3_FEATURES (CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM | \
CPUID_EXT3_CR8LEG | CPUID_EXT3_ABM | CPUID_EXT3_SSE4A | \
- CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_KERNEL_FEATURES)
+ CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_KERNEL_FEATURES | \
+ CPUID_EXT3_CMP_LEG)
#define TCG_EXT4_FEATURES 0
[3] My colleague Alan noticed what appears to be a related problem: if
we launch a guest with '-cpu <model>,-ht --enable-kvm', which means
explicitly removing the ht flag, but the guest still reports HT(cat /
proc/cpuinfo in linux guest) enabled. In other words, under KVM the ht
bit seems to be forced on even when the user tries to disable it.
This has been the behavior of QEMU for many years, not some regression
introduced by my patches. We can discuss how to address it separately.
Best regards,
Ewan
On Tue, Apr 29, 2025 at 01:55:59PM +0800, Xiaoyao Li wrote:
>
Date: Tue, 29 Apr 2025 13:55:59 +0800
>
From: Xiaoyao Li <xiaoyao.li@intel.com>
>
Subject: Re: [Bug] QEMU TCG warnings after commit c6bd2dd63420 - HTT /
>
CMP_LEG bits
>
>
On 4/29/2025 11:02 AM, Ewan Hai wrote:
>
> Hi Community,
>
>
>
> This email contains 3 bugs appear to share the same root cause.
>
>
>
> [1] We ran into the following warnings when running QEMU v10.0.0 in TCG
>
> mode:
>
>
>
> qemu-system-x86_64 \
>
> Â -machine q35 \
>
> Â -m 4G -smp 4 \
>
> Â -kernel ./arch/x86/boot/bzImage \
>
> Â -bios /usr/share/ovmf/OVMF.fd \
>
> Â -drive file=~/kernel/rootfs.ext4,index=0,format=raw,media=disk \
>
> Â -drive file=~/kernel/swap.img,index=1,format=raw,media=disk \
>
> Â -nographic \
>
> Â -append 'root=/dev/sda rw resume=/dev/sdb console=ttyS0 nokaslr'
>
>
>
> qemu-system-x86_64: warning: TCG doesn't support requested feature:
>
> CPUID.01H:EDX.ht [bit 28]
>
> qemu-system-x86_64: warning: TCG doesn't support requested feature:
>
> CPUID.80000001H:ECX.cmp-legacy [bit 1]
>
> (repeats 4 times, once per vCPU)
>
>
>
> Tracing the history shows that commit c6bd2dd63420 "i386/cpu: Set up
>
> CPUID_HT in x86_cpu_expand_features() instead of cpu_x86_cpuid()" is
>
> what introduced the warnings.
>
>
>
> Since that commit, TCG unconditionally advertises HTT (CPUID 1 EDX[28])
>
> and CMP_LEG (CPUID 8000_0001 ECX[1]). Because TCG itself has no SMT
>
> support, these bits trigger the warnings above.
>
>
>
> [2] Also, Zhao pointed me to a similar report on GitLab:
>
>
https://gitlab.com/qemu-project/qemu/-/issues/2894
>
> The symptoms there look identical to what we're seeing.
>
>
>
> By convention we file one issue per email, but these two appear to share
>
> the same root cause, so I'm describing them together here.
>
>
It was caused by my two patches. I think the fix can be as follow.
>
If no objection from the community, I can submit the formal patch.
>
>
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
>
index 1f970aa4daa6..fb95aadd6161 100644
>
--- a/target/i386/cpu.c
>
+++ b/target/i386/cpu.c
>
@@ -776,11 +776,12 @@ void x86_cpu_vendor_words2str(char *dst, uint32_t
>
vendor1,
>
CPUID_PAE | CPUID_MCE | CPUID_CX8 | CPUID_APIC | CPUID_SEP | \
>
CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
>
CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \
>
- CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE)
>
+ CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS | CPUID_DE | \
>
+ CPUID_HT)
>
/* partly implemented:
>
CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */
>
/* missing:
>
- CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */
>
+ CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_TM, CPUID_PBE */
>
>
/*
>
* Kernel-only features that can be shown to usermode programs even if
>
@@ -848,7 +849,8 @@ void x86_cpu_vendor_words2str(char *dst, uint32_t
>
vendor1,
>
>
#define TCG_EXT3_FEATURES (CPUID_EXT3_LAHF_LM | CPUID_EXT3_SVM | \
>
CPUID_EXT3_CR8LEG | CPUID_EXT3_ABM | CPUID_EXT3_SSE4A | \
>
- CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_KERNEL_FEATURES)
>
+ CPUID_EXT3_3DNOWPREFETCH | CPUID_EXT3_KERNEL_FEATURES | \
>
+ CPUID_EXT3_CMP_LEG)
>
>
#define TCG_EXT4_FEATURES 0
This fix is fine for me...at least from SDM, HTT depends on topology and
it should exist when user sets "-smp 4".
>
> [3] My colleague Alan noticed what appears to be a related problem: if
>
> we launch a guest with '-cpu <model>,-ht --enable-kvm', which means
>
> explicitly removing the ht flag, but the guest still reports HT(cat
>
> /proc/cpuinfo in linux guest) enabled. In other words, under KVM the ht
>
> bit seems to be forced on even when the user tries to disable it.
>
>
XiaoYao reminded me that issue [3] stems from a different patch. Please
>
ignore it for nowâI'll start a separate thread to discuss that one
>
independently.
I haven't found any other thread :-).
By the way, just curious, in what cases do you need to disbale the HT
flag? "-smp 4" means 4 cores with 1 thread per core, and is it not
enough?
As for the â-htâ behavior, I'm also unsure whether this should be fixed
or not - one possible consideration is whether â-htâ would be useful.
On 5/8/25 5:04 PM, Zhao Liu wrote:
[3] My colleague Alan noticed what appears to be a related problem: if
we launch a guest with '-cpu <model>,-ht --enable-kvm', which means
explicitly removing the ht flag, but the guest still reports HT(cat
/proc/cpuinfo in linux guest) enabled. In other words, under KVM the ht
bit seems to be forced on even when the user tries to disable it.
XiaoYao reminded me that issue [3] stems from a different patch. Please
ignore it for nowâI'll start a separate thread to discuss that one
independently.
I haven't found any other thread :-).
Please refer to
https://lore.kernel.org/all/db6ae3bb-f4e5-4719-9beb-623fcff56af2@zhaoxin.com/
.
By the way, just curious, in what cases do you need to disbale the HT
flag? "-smp 4" means 4 cores with 1 thread per core, and is it not
enough?
As for the â-htâ behavior, I'm also unsure whether this should be fixed
or not - one possible consideration is whether â-htâ would be useful.
I wasn't trying to target any specific use case, using "-ht" was simply a way to
check how the ht feature behaves under both KVM and TCG. There's no special
workload behind it; I just wanted to confirm that the flag is respected (or not)
in each mode.
|