VirtualBox GDT Trick bug? Please confirm

Peterbjornx · **Posted:** Sat Jun 10, 2017 11:44 am

I think i just found a bug in vbox:

On a 64bit host, running a 32bit guest that uses the GDT trick to boot:

Code:

00:11.308331 fatal error in recompiler cpu: Trying to execute code with memory type addr_code=0000000100125020 addend=00007f9e4acd8000 at 0000000100125570. (iHandlerMemType=0x38 iMMIOMemType=0x30)
00:11.308332 
00:11.308368 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Register dump:

Code:

eax=2bad0010 ebx=001a8084 ecx=001a8084 edx=2badb002 esi=001b8588 edi=001b8588
eip=c0125570 esp=0007ff00 ebp=0007fe5c iopl=0 nv up di pl nz na pe nc
cs=0008 ds=0010 es=0010 fs=0010 gs=0010 ss=0010               eflags=00200002

GDT dump:

Code:

CodeER Bas=40000000 Lim=fffff000 DPL=0 P  A  G BIG AVL=0 L=0
DataRW Bas=40000000 Lim=fffff000 DPL=0 P  A  G BIG AVL=0 L=0
CodeER Bas=00000000 Lim=fffff000 DPL=0 P  NA G BIG AVL=0 L=0
DataRW Bas=00000000 Lim=fffff000 DPL=0 P  NA G BIG AVL=0 L=0
CodeER Bas=00000000 Lim=fffff000 DPL=3 P  NA G BIG AVL=0 L=0
DataRW Bas=00000000 Lim=fffff000 DPL=3 P  NA G BIG AVL=0 L=0
Tss32A Bas=00000000 Lim=0000ffff DPL=0 P  NB   BIG AVL=0 R=2

As you can see, it does not wrap around to 0x00125020 but instead tries to reference 0x0000000100125020.

Can somebody try to replicate this before I submit a bug report?

iansjack · **Posted:** Sat Jun 10, 2017 2:11 pm

It's well known that Virtual OS doesn't support this nasty hack, so I doubt they would be interested in a bug report. And what makes you think that all processors will support it?

Use paging. You know it makes sense.

OSDev.org

VirtualBox GDT Trick bug? Please confirm

Who is online