{"id":2219861,"url":"http://patchwork.ozlabs.org/api/1.2/covers/2219861/?format=json","web_url":"http://patchwork.ozlabs.org/project/qemu-devel/cover/20260405023409.23142-1-mohamed@unpredictable.fr/","project":{"id":14,"url":"http://patchwork.ozlabs.org/api/1.2/projects/14/?format=json","name":"QEMU Development","link_name":"qemu-devel","list_id":"qemu-devel.nongnu.org","list_email":"qemu-devel@nongnu.org","web_url":"","scm_url":"","webscm_url":"","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20260405023409.23142-1-mohamed@unpredictable.fr>","list_archive_url":null,"date":"2026-04-05T02:33:58","name":"[v7,00/11] whpx: i386: bug fixes, feature probing and CPUID","submitter":{"id":91318,"url":"http://patchwork.ozlabs.org/api/1.2/people/91318/?format=json","name":"Mohamed Mediouni","email":"mohamed@unpredictable.fr"},"mbox":"http://patchwork.ozlabs.org/project/qemu-devel/cover/20260405023409.23142-1-mohamed@unpredictable.fr/mbox/","series":[{"id":498757,"url":"http://patchwork.ozlabs.org/api/1.2/series/498757/?format=json","web_url":"http://patchwork.ozlabs.org/project/qemu-devel/list/?series=498757","date":"2026-04-05T02:34:08","name":"whpx: i386: bug fixes, feature probing and CPUID","version":7,"mbox":"http://patchwork.ozlabs.org/series/498757/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/covers/2219861/comments/","headers":{"Return-Path":"<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=unpredictable.fr header.i=@unpredictable.fr\n header.a=rsa-sha256 header.s=sig1 header.b=fC7rhohd;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org\n (client-ip=209.51.188.17; helo=lists.gnu.org;\n envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n receiver=patchwork.ozlabs.org)"],"Received":["from lists.gnu.org (lists.gnu.org [209.51.188.17])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fpGmB5Mvbz1xtJ\n\tfor <incoming@patchwork.ozlabs.org>; Sun, 05 Apr 2026 12:35:54 +1000 (AEST)","from localhost ([::1] helo=lists1p.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.90_1)\n\t(envelope-from <qemu-devel-bounces@nongnu.org>)\n\tid 1w9DJf-0003XY-Lj; Sat, 04 Apr 2026 22:34:23 -0400","from eggs.gnu.org ([2001:470:142:3::10])\n by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from <mohamed@unpredictable.fr>)\n id 1w9DJd-0003Wh-Da\n for qemu-devel@nongnu.org; Sat, 04 Apr 2026 22:34:21 -0400","from p-east2-cluster4-host4-snip4-7.eps.apple.com ([57.103.78.148]\n helo=outbound.st.icloud.com)\n by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from <mohamed@unpredictable.fr>)\n id 1w9DJa-0008FA-Pp\n for qemu-devel@nongnu.org; Sat, 04 Apr 2026 22:34:21 -0400","from outbound.st.icloud.com (unknown [127.0.0.2])\n by p00-icloudmta-asmtp-us-east-1a-60-percent-10 (Postfix) with ESMTPS id\n 3F41A18000B8; Sun, 05 Apr 2026 02:34:13 +0000 (UTC)","from localhost.localdomain (unknown [17.42.251.67])\n by p00-icloudmta-asmtp-us-east-1a-60-percent-10 (Postfix) with ESMTPSA id\n 33B7D1800093; Sun, 05 Apr 2026 02:34:12 +0000 (UTC)"],"Dkim-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed; d=unpredictable.fr;\n s=sig1; t=1775356456; x=1777948456;\n bh=maBgg/c2kmD5VjvdRgATqL1xuf/AQfm/qZT4z1c52b8=;\n h=From:To:Subject:Date:Message-ID:Content-Type:MIME-Version:x-icloud-hme;\n b=fC7rhohd28XE7f5VUqPUzBBeEM+IDp1Xk2uS0E2X8dcW+HXPPFLBzJMuWGaKW2DrmNnIJckoihQHYqHZ7ub5018FH9ziw7Gpwu3ygUNSty4EMf5FUBQSU5vFu6PjaPOJRgMVvvFqRx+u+RZ6THTou9jJYwGqevwhvXV22mkO65xO4BHfBc08cPTWrI45pCfGMcDQeUpXpPy2e0BuViYhat6nUHW/2ZTI4sSluEy/QJ2X+z4xzgrrv0cQaQhq0xckDJ90sOeKdMRmN7ygEjxIt851DBaScfZ5mlOi9Fea4E1VkdAJkyCqFWcDzMEt8rk84nPJSOsIRiO3dDMofA5boQ==","mail-alias-created-date":"1752046281608","From":"Mohamed Mediouni <mohamed@unpredictable.fr>","To":"qemu-devel@nongnu.org","Cc":"Pedro Barbuda <pbarbuda@microsoft.com>, Wei Liu <wei.liu@kernel.org>,\n Mohamed Mediouni <mohamed@unpredictable.fr>,\n Paolo Bonzini <pbonzini@redhat.com>, Roman Bolshakov <rbolshakov@ddn.com>,\n Phil Dennis-Jordan <phil@philjordan.eu>, Zhao Liu <zhao1.liu@intel.com>","Subject":"[PATCH v7 00/11] whpx: i386: bug fixes, feature probing and CPUID","Date":"Sun,  5 Apr 2026 04:33:58 +0200","Message-ID":"<20260405023409.23142-1-mohamed@unpredictable.fr>","X-Mailer":"git-send-email 2.50.1","Content-Type":"text/plain; charset=\"utf-8\"","MIME-Version":"1.0","Content-Transfer-Encoding":"8bit","X-Proofpoint-ORIG-GUID":"VxmcuAJuHFwKxvPrT7JMZu5NUxtmO1Eb","X-Proofpoint-GUID":"VxmcuAJuHFwKxvPrT7JMZu5NUxtmO1Eb","X-Proofpoint-Spam-Details-Enc":"AW1haW4tMjYwNDA1MDAyNCBTYWx0ZWRfX2vW4QigRuG7D\n 2urVUjTQjwShlKLkA6SyKg1KQ+cWBssGRu3cmnIYgdy+PRHnJuxIqyY+pkJzd4ODWDf0G9iECCA\n UthBb1aI4p1JO7UYqWkZum8y7qSQbqVzEiRMSeVeLrBKnohWU58MI72vfS4JLTUC1FrnCrgqw2x\n xFg1y/BzMxbzbCUK8TheMKePPcEE9pOm62B6UGTzI3rrvH2W9XPTuCAWvqYMmVLHNso+dz1BpkQ\n c546Xk3obVh0vp9d1oblskRUr1QUSuy323zw/Z+F0jadKiynFkWVSKSq5AVd7SpbQaw+68fHcUg\n sQKtuVum7UtMRhJFAAFNSfMS5zAIdC/tY2Bju5M5euTm+mfnZVMsT/gtW1K2JU=","X-Authority-Info-Out":"v=2.4 cv=JeOxbEKV c=1 sm=1 tr=0 ts=69d1ca26\n cx=c_apl:c_pps:t_out a=YrL12D//S6tul8v/L+6tKg==:117\n a=YrL12D//S6tul8v/L+6tKg==:17 a=IkcTkHD0fZMA:10 a=A5OVakUREuEA:10\n a=VkNPw1HP01LnGYTKEx00:22 a=1DGgg3L7_nY_qRTbWDsA:9 a=QEXdDO2ut3YA:10","X-Proofpoint-Virus-Version":"vendor=baseguard\n engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49\n definitions=2026-04-05_01,2026-04-03_01,2025-10-01_01","X-Proofpoint-Spam-Details":"rule=notspam policy=default score=0 bulkscore=0\n spamscore=0 malwarescore=0 phishscore=0 adultscore=0 lowpriorityscore=0\n suspectscore=0 clxscore=1030 mlxlogscore=899 mlxscore=0 classifier=spam\n authscore=0 adjust=0 reason=mlx scancount=1 engine=8.22.0-2601150000\n definitions=main-2604050024","Received-SPF":"pass client-ip=57.103.78.148;\n envelope-from=mohamed@unpredictable.fr; helo=outbound.st.icloud.com","X-Spam_score_int":"-20","X-Spam_score":"-2.1","X-Spam_bar":"--","X-Spam_report":"(-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,\n DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,\n RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,\n SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no","X-Spam_action":"no action","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"qemu development <qemu-devel.nongnu.org>","List-Unsubscribe":"<https://lists.nongnu.org/mailman/options/qemu-devel>,\n <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>","List-Archive":"<https://lists.nongnu.org/archive/html/qemu-devel>","List-Post":"<mailto:qemu-devel@nongnu.org>","List-Help":"<mailto:qemu-devel-request@nongnu.org?subject=help>","List-Subscribe":"<https://lists.nongnu.org/mailman/listinfo/qemu-devel>,\n <mailto:qemu-devel-request@nongnu.org?subject=subscribe>","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org"},"content":"This is a supplemental update that includes\n\"whpx: i386: x2apic emulation for kernel-irqchip=off, feature probing\"\nv4 unmodified.\n\nThis might be too big for QEMU 11.0 at this point though...\n\n\"whpx: i386: disable TbFlushHypercalls for emulated LAPIC\" is a\nbugfix, and \"target/i386: emulate: include name of unhandled instruction\"\nis a debugging aid.\n\n\"whpx: i386: x2apic emulation\" makes things slightly better for Windows\n10 users. But I strongly recommend *not* relying on it when possible and\nusing kernel-irqchip=on instead. On Windows 10 however that's more murky\nbecause PIC interrupt injection is broken (interrupts don't wake the vCPU\nfrom HLT) in that case.\n\n\"whpx: i386: wire up feature probing\" is yet another commit adding a code path\nnot used on Windows 10. It'll tell the user today which CPU features they set\nare incompatible with the hardware but it does not sync that to the CPUID view\nthat the guest has.\n\nAnd then another commit to enable x2apic emulation by default even for\nkernel-irqchip=off + re-introducing provided by QEMU enlightenments in a more\nfunctional form to signal that the x2apic can be used. I'm not aware of the\nactual vmware freq leaf being used though.\n\n\"whpx: x2apic emulation for kernel-irqchip=off follow-up\" is rolled into this series.\n\n\"whpx: i386: reintroduce enlightenments for Windows 10\" is a bugfix to make\nx2APIC work as intended on Windows 10 without emulating an IOMMU.\n*And* a massive improvement for Windows 10 hosts in performance for Linux guests\ndue to using the right clocksource instead of HPET.\n\nAnd dependent on this series so included, CPUID intercepts finally...\nHowever that's only supported starting from Windows 11/Server 2022.\n\nAlso ended up switching over Windows 10 to kernel-irqchip=off\nby default due to PIC interrupt injection being broken.\n\nOld performance (or lack thereof...) numbers:\n\nOn a Ryzen 7 8700GE with a Windows 10 VM running with KVM in nested virt, with\nkernel-irqchip=off for the virt Alpine Linux x86_64 ISO (3.23.3) with -smp cores=2,\nboot times as reported through dmesg:\n\n- QEMU 10.2: 83 seconds\n- QEMU 10.2 with a single core: 18.1 seconds\n- as of v6 of this series, x2apic forced off: 29 seconds\n- as of v6 this series, out of the box: 18 seconds\n- v6 with kernel-irqchip=on and EDK2: 16.5 seconds\n- v6 with kernel-irqchip=off and EDK2: 9.5 seconds\n- v6, and with 1 core instead of two: 12.6 seconds\n\nIn v7, the Windows 10 numbers are pretty much at parity with Windows 11 now.\n\nAnd with this series on a Windows 11 VM on the same hardware:\n- kernel-irqchip=on: 6.5 seconds\n- kernel-irqchip=on, x2apic forced off: 7.6 seconds\n- kernel-irqchip=off: 8.3 seconds\n- hyperv=off,kernel-irqchip=off: 7.6 seconds... which is faster,\nso the absence of enlightenment support on Windows 10 doesn't explain things...\n\nWith kernel-irqchip=on on Windows 10, when booting with SeaBIOS, it gets stuck in\nsyslinux due to PIC interrupt injection being broken there. That can be counted\nas an infinite boot time (?).\n\ncheckpatch false positives:\n\nERROR: spaces required around that '*' (ctx:WxV)\n+         UINT32 Ecx, WHV_CPUID_OUTPUT *CpuidOutput))\n\nNot a multiplication but a pointer reference.\n\nERROR: space prohibited after that '&' (ctx:ExW)\n+                    & CPUID_7_0_EDX_CET_IBT) {\n                     ^\n\nERROR: space prohibited after that '&' (ctx:ExW)\n+                    & CPUID_7_0_ECX_CET_SHSTK) {\n                     ^\n\nBecause it's multiline.\n\nChanges in v7:\n\n- Exposing VMware hypervisor identification when not\nusing Hyper-V enlightenments and when the VMware frequency\nCPUID leaf isn't explictly disabled.\n\n- Remove the interrupt priority logic as it has issues with\nPIC interrupts. Can be reintroduced later.\n\n- -cpu max passing through CPUID info from Hyper-V\n- fill xsave info\n\n- OSXSAVE CPUID leaf reporting fix.\n\nChanges in v6:\n\n- kernel-irqchip=off fix: re-registering the interrupt window\nwhen the existing one has too low of a TPR value.\n\nFolded into \"whpx: i386: kernel-irqchip=off fixes\".\n\n- I/O port access fast path cleanup commit added at the end\n\nThe path relied on a side effect of whpx_get_reg instead of\nsomething cleaner.\n\n- Use the CR8 register provided by the hypervisor only when\nkernel-irqchip=off. Rely on the APIC state synchronisation\notherwise.\n\nThis fixes some register sync errors that surfaced when setting\nthe TPR values properly.\n\nChanges in v5/v1 with rename:\n\n- kernel-irqchip=off fixes, notably making 64-bit Windows bootable\n- switching over Windows 10 to kernel-irqchip=off by default\n\nChanges in v4:\n\n- Ugh for a revision sent quickly, unbreaking the arm64 build...\n- and making checkpatch happier to some extent\n\nChanges in v3:\n\n- Fixing CPUID intercepts so that QEMU CPU models work fine now, instead\nof the partial intercept that was present in QEMU 10.2\n- cleanups\n\nChanges in v2:\n\n- GCC warned when a variable name was re-used within a different (but overlapping)\nscope in the same function. It also warned with a -Werror=maybe-uninitialized for\nthe MSR write case. Address those\n- make the in-KVM enlightenments path available on Windows 11 too when -M hyperv=off.\n\nMohamed Mediouni (11):\n  target/i386: emulate: include name of unhandled instruction\n  whpx: i386: x2apic emulation\n  whpx: i386: wire up feature probing\n  whpx: i386: disable TbFlushHypercalls for emulated LAPIC\n  whpx: i386: enable x2apic by default for user-mode LAPIC\n  whpx: i386: reintroduce enlightenments for Windows 10\n  whpx: i386: introduce proper cpuid support\n  whpx: i386: kernel-irqchip=off fixes\n  whpx: i386: use WHvX64RegisterCr8 only when kernel-irqchip=off\n  whpx: i386: disable kernel-irqchip on Windows 10 when PIC enabled\n  whpx: i386: IO port fast path cleanup\n\n accel/whpx/whpx-common.c       |   2 +\n include/system/whpx-common.h   |   1 +\n include/system/whpx-internal.h |  10 +\n target/arm/whpx/whpx-all.c     |   1 +\n target/i386/cpu.c              |  25 ++\n target/i386/emulate/x86_emu.c  |   4 +-\n target/i386/whpx/whpx-all.c    | 533 +++++++++++++++++++++++++++------\n target/i386/whpx/whpx-i386.h   |   4 +\n 8 files changed, 487 insertions(+), 93 deletions(-)\n create mode 100644 target/i386/whpx/whpx-i386.h"}