Hi, > I think the problem is for all the named CPU model, that they don't have > phys_bits defined. Thus they all have "cpu->phys-bits == 0", which leads to > cpu->phys_bits = TCG_PHYS_ADDR_BITS (36 for 32-bits build and 40 for 64-bits > build) Exactly. And if you run on hardware with phys-bits being 36 or 39 (common for intel desktop processors) things explode when the guest tries to use the whole range. > Anyway, IMO, guest including guest firmware, should always consult from > CPUID leaf 0x80000008 for physical address length. It simply can't for the reason outlined above. Even if we fix qemu today that doesn't solve the problem for the firmware because we want backward compatibility with older qemu versions. Thats why I want the extra bit which essentially says "CPUID leaf 0x80000008 actually works". take care, Gerd