[PR #2872] [MERGED] Core: Memory Fixes #3044

New issue

Closed

opened 2026-02-27 22:02:14 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 22:02:14 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/shadps4-emu/shadPS4/pull/2872
Author: @StevenMiller123
Created: 5/2/2025
Status: ✅ Merged
Merged: 5/9/2025
Merged by: @squidbus

Base: main ← Head: memory-fixes-again

📝 Commits (10+)

3ce991f Fix VirtualQuery behavior on low addresses.
eb63db8 Fix VirtualQuery struct
725cfdc Default name to anon
66c4ded Place an upper bound on returns from SearchFree
3eb01e0 More anons
161a92f Clang
5c0f712 Fix name in sceKernelMapNamedDirectMemory
f960896 strncpy instead of strcpy
0dcd372 Fix name behavior
4f45b05 Error logging

📊 Changes

4 files changed (+179 additions, -76 deletions)

View changed files

📝 src/core/libraries/kernel/memory.cpp (+30 -24)
📝 src/core/libraries/kernel/memory.h (+8 -8)
📝 src/core/memory.cpp (+134 -43)
📝 src/core/memory.h (+7 -1)

📄 Description

This PR makes our memory code more robust, preventing a variety of exceptions and strange behavior I observed when using my recently shared memory stress test homebrew on shadPS4.

Fixes OrbisVirtualQueryInfo struct. My homebrew was reading garbage data with the BitFields and array in place. I've replaced the BitField class use with C-style bitfields, and the std::array with a primitive char array instead.
Proper low address handling in sceKernelVirtualQuery. Our previous code didn't check if the inputted address was below our vma map, which led to OOB memory accesses. My edge case error returns are based on hardware tests here.
Edge case handling for SearchFree. Our previous code encountered unpredictable behavior if the inputted address was too high, or if there were no free memory areas to map.
Changed default nameless memory mapping behavior. On real hardware, nameless mappings will have the name "anon" followed by the code address responsible for the memory call. For simplicity sake, I just used "anon" as the default name instead.
Fixes a variety of broken memory asserts, caused by a fundamental misunderstanding of how FindVMA and FindDmemArea behave.
Fixes a long unnoticed regression caused by #2080
Fixes an issue where MapMemory would assert when the area to map was only partially reserved.

With these fixes, my memory homebrew now executes all tests on shadPS4. Many of the returned results are still inaccurate, but these are due to deeper issues that I believe are out of scope for this PR.

Currently:

Regresses EA SPORTS™ UFC® (CUSA00264)
- The only reason this game works in main is due to a bug in our code. Fixing this bug broke the game, and attempting to properly fix the regression broke Windows support.
Improves Evolve (CUSA00432)
Improves Cars 3: Driven to Win (CUSA07027)
Improves Shadow of the Tomb Raider (CUSA10872)
Improves The Order: 1886 (CUSA00076)
Improves Final Fantasy XV (CUSA01633)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/shadps4-emu/shadPS4/pull/2872 **Author:** [@StevenMiller123](https://github.com/StevenMiller123) **Created:** 5/2/2025 **Status:** ✅ Merged **Merged:** 5/9/2025 **Merged by:** [@squidbus](https://github.com/squidbus) **Base:** `main` ← **Head:** `memory-fixes-again` --- ### 📝 Commits (10+) - [`3ce991f`](https://github.com/shadps4-emu/shadPS4/commit/3ce991f9d2a68d05d222b90871fdfe0436dfd28b) Fix VirtualQuery behavior on low addresses. - [`eb63db8`](https://github.com/shadps4-emu/shadPS4/commit/eb63db8b205821154b155e8002ba7a2815da9d00) Fix VirtualQuery struct - [`725cfdc`](https://github.com/shadps4-emu/shadPS4/commit/725cfdc72883e6b6b9d08bfddc4cfaf24433323a) Default name to anon - [`66c4ded`](https://github.com/shadps4-emu/shadPS4/commit/66c4dedbc8a425ef5e444038c739d494c202507d) Place an upper bound on returns from SearchFree - [`3eb01e0`](https://github.com/shadps4-emu/shadPS4/commit/3eb01e042d25a9cc1921b85be6990aa9188beeb5) More anons - [`161a92f`](https://github.com/shadps4-emu/shadPS4/commit/161a92f146388f3bc51a7ef4fa0232dd184cffc8) Clang - [`5c0f712`](https://github.com/shadps4-emu/shadPS4/commit/5c0f71266083d4a69c06a133b76264e65060d1da) Fix name in sceKernelMapNamedDirectMemory - [`f960896`](https://github.com/shadps4-emu/shadPS4/commit/f96089638eb4910fd0bd00410fb2f6f2845e3a4f) strncpy instead of strcpy - [`0dcd372`](https://github.com/shadps4-emu/shadPS4/commit/0dcd372d2d8795537173e331d419ba74eae33dd4) Fix name behavior - [`4f45b05`](https://github.com/shadps4-emu/shadPS4/commit/4f45b05eeedef08588fc20e19f3bdefd76f55e9e) Error logging ### 📊 Changes **4 files changed** (+179 additions, -76 deletions) <details> <summary>View changed files</summary> 📝 `src/core/libraries/kernel/memory.cpp` (+30 -24) 📝 `src/core/libraries/kernel/memory.h` (+8 -8) 📝 `src/core/memory.cpp` (+134 -43) 📝 `src/core/memory.h` (+7 -1) </details> ### 📄 Description This PR makes our memory code more robust, preventing a variety of exceptions and strange behavior I observed when using my recently shared memory stress test homebrew on shadPS4. - Fixes `OrbisVirtualQueryInfo` struct. My homebrew was reading garbage data with the BitFields and array in place. I've replaced the BitField class use with C-style bitfields, and the std::array with a primitive char array instead. - Proper low address handling in `sceKernelVirtualQuery`. Our previous code didn't check if the inputted address was below our vma map, which led to OOB memory accesses. My edge case error returns are based on hardware tests here. - Edge case handling for `SearchFree`. Our previous code encountered unpredictable behavior if the inputted address was too high, or if there were no free memory areas to map. - Changed default nameless memory mapping behavior. On real hardware, nameless mappings will have the name "anon" followed by the code address responsible for the memory call. For simplicity sake, I just used "anon" as the default name instead. - Fixes a variety of broken memory asserts, caused by a fundamental misunderstanding of how `FindVMA` and `FindDmemArea` behave. - Fixes a long unnoticed regression caused by #2080 - Fixes an issue where `MapMemory` would assert when the area to map was only partially reserved. With these fixes, my memory homebrew now executes all tests on shadPS4. Many of the returned results are still inaccurate, but these are due to deeper issues that I believe are out of scope for this PR. Currently: - Regresses EA SPORTS™ UFC® (CUSA00264) - The only reason this game works in main is due to a bug in our code. Fixing this bug broke the game, and attempting to properly fix the regression broke Windows support. - Improves Evolve (CUSA00432) - Improves Cars 3: Driven to Win (CUSA07027) - Improves Shadow of the Tomb Raider (CUSA10872) - Improves The Order: 1886 (CUSA00076) - Improves Final Fantasy XV (CUSA01633) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>