Revision as of 09:03, 19 April 2017 by Groug (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Warning of unsupported host systems

This release includes changes to the configure script so that it will now report some host operating systems and platforms as "unsupported". These are host setups which we do not have access to and are thus unable to test. They will continue to work in this 2.9 release (though configure will warn you about the unsupported status), but in a future QEMU release we may drop support for those hosts unless somebody volunteers to help us with maintaining them (and can provide build/CI machines).

This affects the CPU architectures:

  • ia64

and the OSes:

  • GNU/kFreeBSD
  • DragonFly BSD
  • NetBSD
  • OpenBSD
  • Solaris
  • AIX
  • Haiku

System emulation

Incompatible changes

  • Improvements to "-drive":
    • "-drive"'s if option defaults to "none" on machines that do not have an onboard IDE or SCSI controller.
    • "-drive if=scsi" does not work anymore with PC machine types, as it created an obsolete SCSI controller model. QEMU supports better controllers (megasas, mptsas, virtio-scsi) but which to use depends on the guest you are using.
    • "Orphan" -drive options, where an if option is not supported by the emulated machine (e.g. "if=mtd" on x86) is now a fatal error. It had been triggering a warning since version 2.2.

Future incompatible changes

  • Three options are using different names on the command line and in configuration file. In particular:
    • The "acpi" configuration file section matches command-line option "acpitable";
    • The "boot-opts" configuration file section matches command-line option "boot";
    • The "smp-opts" configuration file section matches command-line option "smp".
-readconfig will standardize on the name for the command line option.
  • Behavior of automatic calculation of SMP topology when some SMP topology options for -smp are omitted (sockets, cores, threads) will change in the future. If guest ABI needs to be preserved on upgrades while using the SMP topology options, users should either set set all options explicitly (sockets, cores, threads), or omit all of them.
  • Devices "allwinner-a10", "pc87312", "ssi-sd" will be configured with explicit properties instead of implicitly. This is unlikely to affect users.
  • For x86, specifying a CPUID feature with both "+feature/-feature" and "feature=on/off" will cause a warning. The current behavior for this combination ("+feature/-feature" wins over "feature=on/off") will be changed so that "+feature" and "-feature" will be synonyms for "feature=on" and "feature=off" respectively).


  • MTTCG is enabled by default for Alpha guests running on x86_64 host


  • Support for many 680x0 opcodes.
  • The "dummy" machine has been removed. You can use the "none" machine as plain instruction set simulator now instead.


  • MTTCG is enabled by default for ARM guests running on x86_64 hosts
  • Support for the hardware RNG, BCM2835 SD host controller and GPIO controller on the Raspberry Pi board
  • Support migration for the GICv3 when using KVM
  • improve ARMv7M NVIC and exception handling emulation (in particular fixing priority masking bugs)
  • basic emulation of the PMU for AArch64 TCG guests
  • Emulation of EL2 is now supported for the 'virt' board with an AArch64 TCG CPU and GICv3


  • New MIPS Boston board (-M boston) on MIPS64EL.


  • New target, with support for Nios-II R1, emulating the 10M50 development kit with the Nios2 GHRD loaded in the FPGA.


  • Many fixes and many instructions added.


  • Lots of POWER9 instructions are implemented for TCG.
  • New "40p" machine type, essentially a cleaned up version of the old "-M prep".
  • Under KVM, the guest timebase stops when the guest is stopped.


  • Support for the H_SIGNAL_SYS_RESET hypercall




  • Support for Niagara has been rewritten; "-M niagara" has replaced the old "-M Niagara" (with uppercase N) machine type.
  • Fix for sun4m regression booting with real SS-20 PROM (see bug #1622547)
  • Fix for programming 64-bit PCI BARs on sun4u machines allows virtio to work in non-legacy mode once again (OpenBIOS)



  • Support for more instructions (UPDFL, more JNE/MOV variants, MADD.F, MSUB.F, FTOUZ).


  • TCG supports 5-level paging.
  • The q35 machine type offers SMI feature negotiation to interested guest firmware.
  • Intel IOMMU emulation can now report the caching mode capability to the guest through the "caching-mode=on" property. This is disabled by default.
  • FIXME: query-cpu-model-expansion?


  • QEMU now supports hardware acceleration for i686 / x86_64 system emulation on Windows. The acceleration requires the Intel Hardware Accelerated Execution Manager (Intel HAXM). Due to limitations of the current HAXM implementation (RAM size is 32 bit), guest machines can only use up to 4095 MiB of RAM. Versions of HAXM before 6.1.2 are known to be buggy, so for best results always use the latest version of HAXM which is available.


  • When KVM is in use, the VMware-specific CPUID leaf for the TSC frequency can be passed to guests if the TSC frequency of the guest is stable. This happens with either "-cpu ...,invtsc" or "-cpu ...,tsc-freq=HZ"
  • When Hyper-V crash reporting is active, QEMU will augment GUEST_PANICKED events with the bugcheck code and arguments
  • When running on Haswell processors that report TSX to be present, but have a broken TSX implementation, QEMU will warn (or fail to start with "-cpu enforce") when requesting the TSX CPUID feature.


  • Support for unplugging NVMe disks at startup


  • Support for -icount.

Device emulation and assignment


  • The QEMU linker/loader command set has been extended with WRITE_POINTER, which lets guest firmware pass the address of firmware-allocated areas back to QEMU.
  • QEMU provies ATSR information in the DMAR table. ATSR is required for software that wants to enable ATS on endpoint devices behind a PCIe Root Port.
  • QEMU provides an VMGENID

Block devices

  • I/O threads (supported by virtio-blk and experimentally by virtio-scsi) will poll for I/O submission and completion for a limited time after they have been woken up. This improves performance on some I/O-heavy testcases but 10-20%. Polling settings are also included in query-iothreads output.
  • -blockdev: In the long run, this option is supposed to replace -drive. From a user's perspective, it works very similar to -drive if=none except for the fact that it does not accept device-level options. These are the following:
    • id, snapshot, aio, cache.writeback, format, rerror, werror, throttling.*, copy-on-read, stats-account-invalid, stats-account-failed
    • Instead of id, you have to specify a node-name for the root level. This name will be used for identifying the block device at a guest device, like so:
      • Old: -drive id=drv0,if=none,driver=qcow2,file.driver=file,file.filename=foo.qcow2 -device virtio-blk,drive=drv0
      • New: -blockdev node-name=blk0,driver=qcow2,file.driver=file,file.filename=foo.qcow2 -device virtio-blk,drive=blk0
    • From a more technical perspective, this option is basically blockdev-add for the command line.
  • blockdev-add: This QMP command is no longer experimental, together with blockdev-del. Notable changes since it was added first:
    • Less option nesting:
      • Was: { "execute": "blockdev-add", "arguments": { "options": { ... } } }
      • Is now: { "execute": "blockdev-add", "arguments": { ... } }
    • The root node no longer takes special options. Therefore, id and in fact any of the options that are allowed for -drive if=none but not for -blockdev (see above) may no longer be specified. Instead of id, blockdev-add now requires a node-name for the root node (just as -blockdev does).
      • From an internal perspective, this means that blockdev-add no longer creates a BlockBackend. This is an object used for connecting BlockDriverState objects (block layer “nodes”) to guest devices, the built-in NBD server, etc.. Instead, it only creates plain nodes; the BlockBackend is created implicitly when attaching a node to e.g. a guest device. In order to connect the two, the node needs to be identified and this is done using its node-name.
      • (Note that this is also the main difference between -drive and -blockdev: -drive creates a BlockBackend (and even a guest device unless if=none has been given), -blockdev does not.)
    • Support for all block drivers available in QEMU. (Some block drivers that used to have only a very basic interface (e.g. just took a filename and parsed it) now have a much nicer QAPIfied interface.)

Network devices

  • virtio-net devices can pass the MTU to the guest.



  • New device "pcie-root-port" provides a generic PCIe root port.
  • New machine types have SHPC disabled on PCI-to-PCI bridges, and only use ACPI for hotplug support. This makes slot 0 usable.


  • Many XHCI emulation bugfixes.



  • virtio-crypto devices support hotplug.
  • virtio-pci devices enable Address Translation Service (ATS). This is needed to support vhost for devices sitting behind an IOMMU.



The DMA interface to fw_cfg now supports writeable blobs.

The fw_cfg_io and fw_cfg_mem devices now have more slots for files; the FW_CFG_FILE_SLOTS constant has been replaced with the (internal only) x-file-slots property. The property can be further raised in future machine types if absolutely necessary.


  • No more vulnerable to symlink attacks (CVE-2016-9602, CVE-2017-7471).
  • I/O throttle support similar to blockdev (command line only at the moment, QMP will be added later).

Character devices

  • A new backend "wctablet" provides emulation for Wacom Penpartner serial tablets.

Crypto subsystem

  • The crypto subsystem now includes support for HMAC algorithms, which are used in virtio-crypto. (?)


  • "-display vnc" can specify multiple VNC listen addresses.
  • "-display vnc" can listen on all resolved addresses for a hostname, including for example IPv4 and IPv6 addresses.
  • Updates are currently only done when vCPUs are quiescent in TCG mode to prevent races


  • QEMU now includes Texinfo documentation for all QMP commands and events.
  • The guest memory map can be dumped in flat format (i.e. with all subregions resolved) with "info mtree -f".


  • A new option --only-migratable will prevent adding devices that cannot be live-migrated.
  • Postcopy migration can now be used with hugepages backed by hugetlbfs. This requires Linux kernel 4.11. See docs/migration.txt for detail.


  • slirp's TFTP server supports dynamic block sizes.

Block devices and tools

  • the qemu-img convert command now works asynchronously which up to doubles performance if network based storage like iSCSI, NFS or RBD is used.
  • qemu-nbd supports systemd socket activation

User-mode emulation

  • Support for hppa-linux emulation.
  • Support for nios2-linux emulation.

Removed target support

New functionality

  • Signal handling support added for x86-64 linux-user


  • Core MTTCG (thread-per-vCPU in system emulation) support has been merged, enabled by default for Alpha and ARM guests on x86_64
  • BQL in no longer held while vCPU is running (part of MTTCG work). This allows for better IO performance although it has regressed the reliability of record/replay.
  • Improvements to MIPS code generation.
  • TCG can use host opcodes for "extract", "count leading/trailing zeros", "population count"

Guest agent

  • qemu-ga now supports systemd socket activation

New dependencies

Build dependencies

  • QEMU now requires a minimum dtc version of 1.4.2.

Run-time dependencies

  • QEMU now requires Windows Vista or newer.

Known issues

  • see Planning/2.9
  • The hardware acceleration for QEMU on Windows (Intel HAXM) currently only supports 4095 MiB of RAM for the guest machine. If QEMU is started with a larger memory size, this results in a runtime error.
  • The emulation of Raspberry Pi is still missing some features which are required to run newer versions of Raspbian.
  • While record/replay does work as of -rc4 it is still temperamental. More work will be required for the 2.10 series