From nobody Sat Nov 15 12:46:52 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=quarantine dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1752494178; cv=none; d=zohomail.com; s=zohoarc; b=hU4sDbWBbNLfpnf/eEWe7U+6GEaJjUWFzEabVqW+QPm+Y2JsYoCrfvvdMEMGF2o1s0gfsQCtKTdKpPL5FHkSmrxRdfRYupOLWHxAYpFqRja+3JvIP6NQEucRib+zlfuvgBnlpqWPGMdX/p1YsMUG2zpNgDn8htJq9MrciFYzDfU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1752494178; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=Lx/3OjKQQiRwtu1QUxLqhLmOvdf3soAfb9Z3azPYw/Q=; b=V20Hm5hcWrIVjqC9XR/PaLWzcdxnEB3Mv4YV5KAM2yVP6AJ1LFTQlnPOY3xreN/B6YP0RlJ9hBqOmSKJltND/fYqk820RP8a6rEJrYAlSUYMGApB35K/WolWarbDP/jihuxhpUzRc38lB7juUxoEdsJ6ZVZkyqU7Jp4GtnU3OSE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1752494178949695.9849119454576; Mon, 14 Jul 2025 04:56:18 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ubHas-0003fw-AZ; Mon, 14 Jul 2025 07:43:38 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ubH1r-0002Gs-Gi for qemu-devel@nongnu.org; Mon, 14 Jul 2025 07:07:27 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ubH1o-0002I8-SL for qemu-devel@nongnu.org; Mon, 14 Jul 2025 07:07:27 -0400 Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-63-GbReMxxdN62UnJ_54_n1SQ-1; Mon, 14 Jul 2025 07:07:22 -0400 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-4561a196f70so4845325e9.1 for ; Mon, 14 Jul 2025 04:07:22 -0700 (PDT) Received: from [192.168.10.48] ([151.49.73.155]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3b5e8e0d587sm11907762f8f.46.2025.07.14.04.07.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 14 Jul 2025 04:07:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1752491243; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Lx/3OjKQQiRwtu1QUxLqhLmOvdf3soAfb9Z3azPYw/Q=; b=H7mwPrpJYIq3UYx4OisjagINGW1EKLm3l9rpDMp/nDB9/n7BYYRgTTEN95uAL5axwCq2r/ ZiGLev/QqRV3I0uom4ZGMvLU63AB3EzCl0R8n0VINwEB2kf8QfRPjYe0cUe+yZ1b3YH/sn SpCBXhj4/rywuqz+Ngkab6lja2wlMQ4= X-MC-Unique: GbReMxxdN62UnJ_54_n1SQ-1 X-Mimecast-MFC-AGG-ID: GbReMxxdN62UnJ_54_n1SQ_1752491241 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1752491241; x=1753096041; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Lx/3OjKQQiRwtu1QUxLqhLmOvdf3soAfb9Z3azPYw/Q=; b=lAatpUyt91DrKtwrhDA7QtymlowfpKPn/syDJjOVYwkGoYab1FulcsrzXB1EHwPp2P KtiQYhtNlzssEx+wecD7WYZSqjQcusY1e7TYEPz0byMFuBnqOzM7k15ujTQIH4P62Or1 GwyZgTyA9Ft0WswaWr/FdsPN9N2cAfufxFPkxD5FCQbYN4JIao8RQCo3b88zjwZKPpmJ Z97x8+Jcy2YeZp1VqPqBmwD7LJo/IsttsuKtkDn1CUOzZyPwDScbaFnOzaPEYaVlsFDn MndgfEqABCR7AB7BaWgQD5nIM1yp5my+FCchxYfOXg5UazNhfB42cxMHxxVW6KUYzc1g qrWA== X-Gm-Message-State: AOJu0YxwwCWijPv6xMC6iMOFP1jI0UVkOeB5nS7YR3pPjKYbXXKbMj8u 1iq+A7+uBAp6kM+LBmH9PROP1o7aqLBHeTWyF1Herzlg2XMkNNGHOt1iCdNzTsDI4BEfsIdm9r3 4QiKwEq+3Fh/5OcsY+nfkoDObKycS9375vIfKNa6xZQ77fq51qIcIr04eY2zKZYv5eQLJwU+55E xWJbyMwFuOOt1eXiPPI1nFNchQU/wsPcY3YsDR3KTb X-Gm-Gg: ASbGncsZokWtBiB0qaw9yTfMNHuKbUJzyH0H0iV5TIqtGDjGOeZLBSIZ7TBuEv+KxQt eZsKPCmd0lHO95Hlm3Sz12DB8r9MSSYMsgSdv+KCoqQoUQrUVI+dkFsNPPXUV12u3XFszgsCsye Nu02P4L9KJaehkXOZGhWDk/9XfxStWuQLez9Go4jb6rcFd3wdFf/Ixy0+vxa9/x5qNdIToXhNh2 1yad2nYYrRFuhUJNLVh+Mh56HdLzwN0M/zZWhtG0pLwm7LXc+X71kJobSDi8g62a9De+sDOcvRe kDjmDsKm0rn2YD8SRzC5X9Ya9yeLjAdpuJkQ98kCx1c= X-Received: by 2002:a05:600c:1c23:b0:456:2347:3f01 with SMTP id 5b1f17b1804b1-45623474399mr4341475e9.20.1752491240714; Mon, 14 Jul 2025 04:07:20 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHecDM8iuOfxAcVoT02BLVouFzGYITNitOhWCHtmLENnuMQ7tX9cWWYCHnvgUBPgiaIlFfK2w== X-Received: by 2002:a05:600c:1c23:b0:456:2347:3f01 with SMTP id 5b1f17b1804b1-45623474399mr4340995e9.20.1752491239785; Mon, 14 Jul 2025 04:07:19 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Cc: Qian Wen , qemu-stable@nongnu.org, Xiaoyao Li , Zhao Liu Subject: [PULL 75/77] i386/cpu: Fix cpu number overflow in CPUID.01H.EBX[23:16] Date: Mon, 14 Jul 2025 13:04:04 +0200 Message-ID: <20250714110406.117772-76-pbonzini@redhat.com> X-Mailer: git-send-email 2.50.0 In-Reply-To: <20250714110406.117772-1-pbonzini@redhat.com> References: <20250714110406.117772-1-pbonzini@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=pbonzini@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1752494181807116600 Content-Type: text/plain; charset="utf-8" From: Qian Wen The legacy topology enumerated by CPUID.1.EBX[23:16] is defined in SDM Vol2: Bits 23-16: Maximum number of addressable IDs for logical processors in this physical package. When threads_per_socket > 255, it will 1) overwrite bits[31:24] which is apic_id, 2) bits [23:16] get truncated. Specifically, if launching the VM with -smp 256, the value written to EBX[23:16] is 0 because of data overflow. If the guest only supports legacy topology, without V2 Extended Topology enumerated by CPUID.0x1f or Extended Topology enumerated by CPUID.0x0b to support over 255 CPUs, the return of the kernel invoking cpu_smt_allowed() is false and APs (application processors) will fail to bring up. Then only CPU 0 is online, and others are offline. For example, launch VM via: qemu-system-x86_64 -M q35,accel=3Dkvm,kernel-irqchip=3Dsplit \ -cpu qemu64,cpuid-0xb=3Doff -smp 256 -m 32G \ -drive file=3Dguest.img,if=3Dnone,id=3Dvirtio-disk0,format=3Draw \ -device virtio-blk-pci,drive=3Dvirtio-disk0,bootindex=3D1 --nographic The guest shows: CPU(s): 256 On-line CPU(s) list: 0 Off-line CPU(s) list: 1-255 To avoid this issue caused by overflow, limit the max value written to EBX[23:16] to 255 as the HW does. Cc: qemu-stable@nongnu.org Reviewed-by: Xiaoyao Li Signed-off-by: Qian Wen Signed-off-by: Zhao Liu Link: https://lore.kernel.org/r/20250714080859.1960104-6-zhao1.liu@intel.com Signed-off-by: Paolo Bonzini --- target/i386/cpu.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 12e719e9957..608fdcf7578 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -7871,6 +7871,8 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, = uint32_t count, } *edx =3D env->features[FEAT_1_EDX]; if (threads_per_pkg > 1) { + uint32_t num; + /* * For CPUID.01H.EBX[Bits 23-16], AMD requires logical process= or * count, but Intel needs maximum number of addressable IDs for @@ -7878,10 +7880,13 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index= , uint32_t count, */ if (cpu->vendor_cpuid_only_v2 && (IS_INTEL_CPU(env) || IS_ZHAOXIN_CPU(env))) { - *ebx |=3D 1 << apicid_pkg_offset(topo_info) << 16; + num =3D 1 << apicid_pkg_offset(topo_info); } else { - *ebx |=3D threads_per_pkg << 16; + num =3D threads_per_pkg; } + + /* Fixup overflow: max value for bits 23-16 is 255. */ + *ebx |=3D MIN(num, 255) << 16; } break; case 2: { /* cache info: needed for Pentium Pro compatibility */ --=20 2.50.0