[PR #703] [MERGED] macos: Remove need for TLS patch by storing TCB pointer in FS. #1726

New issue

Closed

opened 2026-02-27 21:13:42 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 21:13:42 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/shadps4-emu/shadPS4/pull/703
Author: @squidbus
Created: 9/1/2024
Status: ✅ Merged
Merged: 9/1/2024
Merged by: @georgemoralis

Base: main ← Head: mac-tcb

📝 Commits (1)

9e50479 macos: Remove need for TLS patch by storing TCB pointer in FS.

📊 Changes

6 files changed (+103 additions, -28 deletions)

View changed files

📝 CMakeLists.txt (+1 -1)
📝 src/core/cpu_patches.cpp (+5 -9)
📝 src/core/libraries/kernel/thread_management.cpp (+2 -0)
📝 src/core/linker.cpp (+2 -0)
📝 src/core/tls.cpp (+91 -18)
📝 src/core/tls.h (+2 -0)

📄 Description

On macOS we can actually store the TCB pointer at fs:0x0 as expected by using local descriptor tables.

First we define a region in 32-bit address space to hold the pages these descriptors will point to (since only 32-bit addresses are supported by the syscall) and define a set to track free LDT entry indices.
Then whenever a thread initializes its TCB we can store it in a descriptor page: pop a free index from the set, calculate a page address based on that index, store the TCB pointer, and set up the LDT entry using the i386_set_ldt syscall.
Finally, we can store a selector pointing to that LDT entry in the FS register.
When the thread exits we call SetTcbBase(nullptr) which signals the code to clean up by freeing the LDT entry.

This completely eliminates the need to apply TCB access code patches on macOS.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/shadps4-emu/shadPS4/pull/703 **Author:** [@squidbus](https://github.com/squidbus) **Created:** 9/1/2024 **Status:** ✅ Merged **Merged:** 9/1/2024 **Merged by:** [@georgemoralis](https://github.com/georgemoralis) **Base:** `main` ← **Head:** `mac-tcb` --- ### 📝 Commits (1) - [`9e50479`](https://github.com/shadps4-emu/shadPS4/commit/9e5047947b2c2b8fef712cd3840a84908eca7a11) macos: Remove need for TLS patch by storing TCB pointer in FS. ### 📊 Changes **6 files changed** (+103 additions, -28 deletions) <details> <summary>View changed files</summary> 📝 `CMakeLists.txt` (+1 -1) 📝 `src/core/cpu_patches.cpp` (+5 -9) 📝 `src/core/libraries/kernel/thread_management.cpp` (+2 -0) 📝 `src/core/linker.cpp` (+2 -0) 📝 `src/core/tls.cpp` (+91 -18) 📝 `src/core/tls.h` (+2 -0) </details> ### 📄 Description On macOS we can actually store the TCB pointer at `fs:0x0` as expected by using local descriptor tables. * First we define a region in 32-bit address space to hold the pages these descriptors will point to (since only 32-bit addresses are supported by the syscall) and define a set to track free LDT entry indices. * Then whenever a thread initializes its TCB we can store it in a descriptor page: pop a free index from the set, calculate a page address based on that index, store the TCB pointer, and set up the LDT entry using the `i386_set_ldt` syscall. * Finally, we can store a selector pointing to that LDT entry in the FS register. * When the thread exits we call `SetTcbBase(nullptr)` which signals the code to clean up by freeing the LDT entry. This completely eliminates the need to apply TCB access code patches on macOS. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>