[PR #2991] [MERGED] shader_recompiler: Patch SRT walker on segfault #3133

New issue

Closed

opened 2026-02-27 22:02:34 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 22:02:34 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/shadps4-emu/shadPS4/pull/2991
Author: @LNDF
Created: 5/26/2025
Status: ✅ Merged
Merged: 6/9/2025
Merged by: @georgemoralis

Base: main ← Head: walker-acces-violation

📝 Commits (5)

c1cca20 Patch srt walker access violations
01ce538 Fix range
d3f2aed clang-format lolz
20b9e8c Lower log from warning to debug
ffdbcb0 Merge branch 'shadps4-emu:main' into walker-acces-violation

📊 Changes

2 files changed (+64 additions, -0 deletions)

View changed files

📝 src/core/signals.h (+1 -0)
📝 src/shader_recompiler/ir/passes/flatten_extended_userdata_pass.cpp (+63 -0)

📄 Description

This PR introduces patching the SRT walker when an access violation happens. Access violation can happen because SRT wlker is not 100% accurate to the base shader (for example, arithmetic operations between base ReadConst/UserData are omited). This can lead to a situiation where the SRT waslker reads junk data or, when indirection happens, can even cause access violation. Additionaly, we omit ReadConst with non.immediate offset from the SRT walker, increesing the cnances of an access violation.

As far as I know, flatbuf is used in 3 instances.

To implement S_LOAD_DEORD (only as a fallback since #2819 ),
To get buffer size in shaders,
In the resource tracking pass to track sharps

The goal of this PR is to let the emulation continue if an access violation occurs on SRT walker, providing a fallback value (0). The idea is that most games that use this level of indirection that could lead to an access violation fall into the first case, meaning that we would only (maybe) get an artifact for a frame.

This lets Until Dawn go further.

Note that this doesn't aim to fix not being able to track resources flatbuf inaccuracies (case 3). This happens on Persona 3 (which is a UE game).

Note that this is my first time dynamic-patching instructions, so I might have done something horribly wrong :)

Draft because I would like to be tested first.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/shadps4-emu/shadPS4/pull/2991 **Author:** [@LNDF](https://github.com/LNDF) **Created:** 5/26/2025 **Status:** ✅ Merged **Merged:** 6/9/2025 **Merged by:** [@georgemoralis](https://github.com/georgemoralis) **Base:** `main` ← **Head:** `walker-acces-violation` --- ### 📝 Commits (5) - [`c1cca20`](https://github.com/shadps4-emu/shadPS4/commit/c1cca209b8f41e1d913875a22c6e18a576f2b6b9) Patch srt walker access violations - [`01ce538`](https://github.com/shadps4-emu/shadPS4/commit/01ce538cd6a35f8b4861b8860dcc2db70db17f81) Fix range - [`d3f2aed`](https://github.com/shadps4-emu/shadPS4/commit/d3f2aedb1ec8d3f0cbeeb3c1dae714b181a3e122) clang-format lolz - [`20b9e8c`](https://github.com/shadps4-emu/shadPS4/commit/20b9e8c45933aaed6f123de6f24dab02f6e9a898) Lower log from warning to debug - [`ffdbcb0`](https://github.com/shadps4-emu/shadPS4/commit/ffdbcb0a01d5b290a561b54bbf183299c4363a7a) Merge branch 'shadps4-emu:main' into walker-acces-violation ### 📊 Changes **2 files changed** (+64 additions, -0 deletions) <details> <summary>View changed files</summary> 📝 `src/core/signals.h` (+1 -0) 📝 `src/shader_recompiler/ir/passes/flatten_extended_userdata_pass.cpp` (+63 -0) </details> ### 📄 Description This PR introduces patching the SRT walker when an access violation happens. Access violation can happen because SRT wlker is not 100% accurate to the base shader (for example, arithmetic operations between base ReadConst/UserData are omited). This can lead to a situiation where the SRT waslker reads junk data or, when indirection happens, can even cause access violation. Additionaly, we omit ReadConst with non.immediate offset from the SRT walker, increesing the cnances of an access violation. As far as I know, flatbuf is used in 3 instances. 1. To implement S_LOAD_DEORD (only as a fallback since #2819 ), 1. To get buffer size in shaders, 1. In the resource tracking pass to track sharps The goal of this PR is to let the emulation continue if an access violation occurs on SRT walker, providing a fallback value (0). The idea is that most games that use this level of indirection that could lead to an access violation fall into the first case, meaning that we would only (maybe) get an artifact for a frame. This lets Until Dawn go further. Note that this doesn't aim to fix not being able to track resources flatbuf inaccuracies (case 3). This happens on Persona 3 (which is a UE game). Note that this is my first time dynamic-patching instructions, so I might have done something horribly wrong :) Draft because I would like to be tested first. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>