id = 1768
title = "Could not allocate more than ~2GB with qemu-user"
state = "closed"
created_at = "2023-07-18T12:15:24.069Z"
closed_at = "2023-07-25T17:27:25.780Z"
labels = []
url = "https://gitlab.com/qemu-project/qemu/-/issues/1768"
host-os = "Slackware GNU/Linux"
host-arch = "x86_64"
qemu-version = "8.0.50 (git commit hash 4633c1e2c576fbabfe5c8c93f4b842504b69c096)"
guest-os = "GNU/Linux user-space"
guest-arch = "arm, hppa, i386, or1k, ppc, sparc"
description = """On qemu-user, failed to allocate more than about 2GB on 32bit platform supporting up to 4GB (arm, ppc, etc.)"""
reproduce = """1. Try to allocate more than 2GB [e.g. for(i=0;i<64;i++) if(malloc(64*1024*1024)==NULL) perror("Failed to allocate 64MB");]
2. Only 1 64MB chunck is allocated in the upper 2GB memory space
3. Failed to allocate after about 2GB."""
additional = """The problem is in **pageflags_find** and **pageflags_next** functions (found in _accel/tcg/user-exec.c_) 3rd parameters, that should be **target_ulong** instead of incorrect _target_long_ (the parameter will be converted signed extended to uint64_t).
The testing program is the following:
```
#include <stdio.h>
#include <stdlib.h>

int main(int argc,char *argv[]) {
  unsigned int a;
  unsigned int i;
  char *al;
  unsigned int sss=1U*1024*1024*64;
  for(a=0;a<128;a++) {
    al=malloc(sss);
    if(al!=NULL) {
      printf("ALLOC OK %u (%08lX)!\\n",sss*(a+1),al);
    }
    else {
      printf("Cannot alloc %d\\n",(a+1)*sss);
      perror("Cannot alloc");
      exit(1);
    }
  }
}
```"""