Re: [Qemu-devel] [Bug 796480] [NEW] Addresses with 4GB differences are c

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [Bug 796480] [NEW] Addresses with 4GB differences are c

From:	malc
Subject:	Re: [Qemu-devel] [Bug 796480] [NEW] Addresses with 4GB differences are consider as one single address in QEMU
Date:	Mon, 13 Jun 2011 13:11:07 +0400 (MSD)
User-agent:	Alpine 2.00 (LNX 1167 2008-08-23)

On Mon, 13 Jun 2011, Khansa Butt wrote:

> Public bug reported:
> 
> THIS IS THE ISSUE OF USER MODE EMULATION
> Information about guest and host
> **********************************
> guest: 64 bit x86 user mode binary
> host: 32 bit Linux OS
> uname -a :Linux KICS-HPCNL-32blue 2.6.33.3-85.fc13.i686.PAE #1 SMP
> architecture: intel64
> Bug Description
> ****************
> for memory reference instructions, suppose I have two addresses in guest 
> address space(64 bit)
> 0x220000000
> 0x320000000
> as lower 32 bit part of both addresses are same, when particular instructions 
> are translated into host code(32 bit)
> in both above cases the value is loaded from same memory and we get same 
> value. where actual behaviour was to get two different values.
> here is the program which i used to test:
> #include <stdio.h>
> #include <stdlib.h>
> #include <limits.h>
> #define SIZE 4294967298 /* 4Gib*/
> 
> int main() {

Invalid declaration of main.

>    char *array;
>    unsigned int i;

i is never used.

> 
>    array = malloc(sizeof(char) * SIZE);

sizeof(char) is by definition 1.

>    if(array == NULL)    {
>       fprintf(stderr, "Could not allocate that much memory");

This lacks line termination.

>       return 1;    }
>     array[0] = 'a';
>    array[SIZE-2] = 'z';
>    printf("array[SIZE-2] = %c array[0] = %c\n",array[SIZE-2], array[0]);
>   return 0;
> }

> I have 8 gib RAM
> I compiled this program on 64 bit linux  and run this on 32 bit linux with 
> qemu
> QEMU command line and output
> **********************************
> $x86_64-linux-user/qemu-x86_64 ~/ar_x86 
> output: array[SIZE-1] = z,array[0] = z 

And this doesn't match what you printf at all (it's spelled "SIZE-2" in 
the format string in the code snippet above), but since main is misdeclared
(hello UB) all bets are off and nasal monsters are to be expected anyways.

> Release information
> ********************
> x86_64 binary is tested with latest release : qemu-0.14.1
> and with current development tree as well( live code of QEMU using git)
> 
> ** Affects: qemu
>      Importance: Undecided
>          Status: New
> 

-- 
mailto:address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH V3] e1000: Handle IO Port., Anthony PERARD, 2011/06/30

Prev by Date: Re: [Qemu-devel] QEMU suitable for mission critical applications?
Next by Date: Re: [Qemu-devel] [PATCH] CPU consumption optimization of 'qemu-img convert' using bdrv_is_allocated()
Previous by thread: [Qemu-devel] [sparc64] Miscomputed minimum of a group of numbers in sparc64 emulation
Index(es):
- Date
- Thread