Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

blueshogun96

macrumors regular
Original poster
Nov 24, 2012
112
2
I haven't found much information on Mac OSX's memory layout (who am I kidding, I haven't found a darn thing), so I was hoping that someone would be able to shed some light on this.

This is going to be a rather "off the wall" request, but I want to use mmap() to claim the first 4GB of the 64-bit address space in Mac OSX (more specifically, the memory range of 0x10000 - 0xFFFFFFFF). I'm assuming that it may be impossible to get access to that memory range. In Windows, I can at least get that specific base address with a few hacky methods, but I'm still rather new to MacOSX and UNIX altogether.

I was thinking of trying something like this:

void* memptr = (void*) 0x10000;
mmap( memptr, 0xFFFFFFFF, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_FIXED, -1, 0 );

Would this work?
 

gnasher729

Suspended
Nov 25, 2005
17,980
5,565
I haven't found much information on Mac OSX's memory layout (who am I kidding, I haven't found a darn thing), so I was hoping that someone would be able to shed some light on this.

This is going to be a rather "off the wall" request, but I want to use mmap() to claim the first 4GB of the 64-bit address space in Mac OSX (more specifically, the memory range of 0x10000 - 0xFFFFFFFF). I'm assuming that it may be impossible to get access to that memory range. In Windows, I can at least get that specific base address with a few hacky methods, but I'm still rather new to MacOSX and UNIX altogether.

I was thinking of trying something like this:

void* memptr = (void*) 0x10000;
mmap( memptr, 0xFFFFFFFF, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_FIXED, -1, 0 );

Would this work?

In MacOS X 64 bit, the first four Gigabyte of address space are always unmapped. The idea is that casting a 32 bit int to a pointer should be guaranteed to crash. I wouldn't think you can get around that, and you'd better tell us what you are actually trying to achieve.
 

blueshogun96

macrumors regular
Original poster
Nov 24, 2012
112
2
In MacOS X 64 bit, the first four Gigabyte of address space are always unmapped. The idea is that casting a 32 bit int to a pointer should be guaranteed to crash. I wouldn't think you can get around that, and you'd better tell us what you are actually trying to achieve.

I'm writing an emulator/VM in an attempt to emulate the P6 architecture (Pentium III to be specific). To be more specific, I'm writing an hardware level Xbox emulator. I've managed to get this technique to work on Windows before.

I've already taken multiple precautions into account here (non-encodable instructions, mmio, privileged registers, exception handling, etc.), so now I needed to make sure that the first 4GB of address space are available for usage in 64-bit.

I don't think I've seen this yet. Thanks.
 

Cromulent

macrumors 604
Oct 2, 2006
6,801
1,096
The Land of Hope and Glory
I've already taken multiple precautions into account here (non-encodable instructions, mmio, privileged registers, exception handling, etc.), so now I needed to make sure that the first 4GB of address space are available for usage in 64-bit.

Forgive me if I am misunderstanding something here but why don't you just write your own memory access functions that take an address in the first 4GBs of memory space and converts it to the actual address that Mac OS X has allocated you? Some sort of memory address translation. That would solve the problem at hand, would work on any operating system and means you don't need to do any sort of hacky stuff.
 

blueshogun96

macrumors regular
Original poster
Nov 24, 2012
112
2
Forgive me if I am misunderstanding something here but why don't you just write your own memory access functions that take an address in the first 4GBs of memory space and converts it to the actual address that Mac OS X has allocated you? Some sort of memory address translation. That would solve the problem at hand, would work on any operating system and means you don't need to do any sort of hacky stuff.

I have thought about this, and quite frankly, it's not that simple to do in this particular case. Example, Xbox games most commonly reference absolute addresses and make absolute calls/jumps. Relative addresses are rarely used. Another example is that Xbox games are fixed at a very specific base address, and so far, using this particular method, no one has ever gotten this to work unless we have gotten access to the specific memory range.

It sounds like a good idea, but it really creates more hurdles to deal with.
 

mfram

Contributor
Jan 23, 2010
1,303
340
San Diego, CA USA
You aren't quite understanding. Treat the VM as virtual memory. To the VM side, it will see the 32bit address space. But when you store the data in your program, you store it at a base address pus the 32bit address. Then you ask the OS to give you a 4GB block of address space. You don't care where it is. Just store the base address and do translations on every VM access. The is essentially how virtual memory works (with some more complications).
 

mfram

Contributor
Jan 23, 2010
1,303
340
San Diego, CA USA
Virtualbox is open source, so you can download the source and take a look. But in that case, they are emulating the x86 processor so there would be a whole lot more complexity in the memory mapping code. The memory mapping the O.P. is describing sounds a lot simpler.
 

blueshogun96

macrumors regular
Original poster
Nov 24, 2012
112
2
You aren't quite understanding. Treat the VM as virtual memory. To the VM side, it will see the 32bit address space. But when you store the data in your program, you store it at a base address pus the 32bit address. Then you ask the OS to give you a 4GB block of address space. You don't care where it is. Just store the base address and do translations on every VM access. The is essentially how virtual memory works (with some more complications).

I do understand what you're saying. Although this is a bit more clear, this is what I'd rather avoid. It can be done, but it's much more work than it sounds. If that's the only way to do it, then I guess I have no choice.

How do virtual machines such as virtualbox, parallels and vmware work under Mac OS X?

They use virtualization instructions (processor specific), such as Intel VMX. VMX is a special instruction set used to create virtual machines, but it's a rather complex instruction set and using it doesn't appear to be very straightforward.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.