On 16.01.2012, at 20:33, Anthony Liguori wrote: > On 01/08/2012 05:52 PM, Alexander Graf wrote: >> During discussions on whether to make -cpu host the default in SLE, I found >> myself disagreeing to the thought, because it potentially opens a big can >> of worms for potential bugs. But if I already am so opposed to it for SLE, >> how >> can it possibly be reasonable to default to -cpu host in upstream QEMU? And >> what would a sane default look like? > > > What are the arguments against -cpu host?
It's hard to test. New CPUs have new features and we're having a hard time to catch up. With -cpu best we only select from a pool of known-good CPU types. If you want to check that everything works, go to a box that has the maximum available features, go through all -cpu options that users could run into and you're good. With -cpu host you can't really test (unless you own all possible CPUs there are). We expose CPUID information that doesn't exist that way in the real world. A small example from today's code. There are a bunch of CPUID leafs. On Nehalem, one of them is a list of possible C-States to go into. With -cpu host we sync feature bits, CPU name, CPU family and some other bits of information, but not the C-State information. So we end up with a CPU inside the guest that looks and feels like a Nehalem CPU, but doesn't expose any C-State information. Linux now boots, goes in, checks that it's running on Nehalem, sets the powersave mechanism to the respective model and fills an internal callback table with the C-State information with a loop that ends without any action, since we expose 0 C-State bits. When the guest now calls the idle callback, it dereferences that table, which contains a NULL pointer, oops. That is just one example from current Linux. Another one would be my development AMD box that when it came out wasn't around in the market yet, so guests would just refuse to boot at all. Since they'd just say the CPUID is unknown. Overall, I used to be a big fan of -cpu host, but it's a maintainability nightmare. It can be great for testing stuff, so we should definitely keep it around. But after thinking about it again, I don't think it should be the default. The default should be something safe. Alex