starred/shadPS4
1
0
Fork 0
mirror of https://github.com/shadps4-emu/shadPS4.git synced 2026-04-26 00:05:58 +03:00
Code Issues 120 Projects Releases 10 Packages Wiki Activity

[PR #3857] [MERGED] cpu_patches: Patch stack canary accesses #3765

New issue
Closed
opened 2026-02-27 22:04:54 +03:00 by kerem · 0 comments
kerem commented 2026-02-27 22:04:54 +03:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/shadps4-emu/shadPS4/pull/3857
Author: @StevenMiller123
Created: 12/6/2025
Status: Merged
Merged: 12/7/2025
Merged by: @squidbus

Base: mainHead: rdr2-test

📝 Commits (5)

  • ac82d2c Patch stack checks done using fs:[0x28]
  • d788310 Merge branch 'shadps4-emu:main' into rdr2-test
  • bd6a565 Missing include
  • abf7256 Disable patches for Apple
  • 74ecd69 Oops

📊 Changes

1 file changed (+90 additions, -55 deletions)

View changed files

📝 src/core/cpu_patches.cpp (+90 -55)

📄 Description

Some compilers emit direct reads to the stack canary (fs:[0x28]) instead of using the stack check guard provided by libkernel. This is usually done by storing the canary to a register with a mov instruction at the start of the function, then checking that register against the canary at the end of the function with a xor instruction.

In this PR, I've added code patches to handle mov and xor instructions using fs:[0x28], stubbing the returned canary value with 0. Additionally, I've updated our code to support having multiple patches per instruction, since mov instructions also need Tcb access patches.

This PR brings Red Dead Redemption 2 to menus for Windows users. It now crashes when trying to go ingame, just like how Linux behaves.
image

This is my first time working with our cpu patches, let me know if I need to change anything. Additionally, if there is a better hardcoded value I should use for the stack canary, please let me know.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/shadps4-emu/shadPS4/pull/3857 **Author:** [@StevenMiller123](https://github.com/StevenMiller123) **Created:** 12/6/2025 **Status:** ✅ Merged **Merged:** 12/7/2025 **Merged by:** [@squidbus](https://github.com/squidbus) **Base:** `main` ← **Head:** `rdr2-test` --- ### 📝 Commits (5) - [`ac82d2c`](https://github.com/shadps4-emu/shadPS4/commit/ac82d2cca7b6667c3a207a68caa0fe136fef393a) Patch stack checks done using fs:[0x28] - [`d788310`](https://github.com/shadps4-emu/shadPS4/commit/d7883108a348c4943b55e3807a699b676cc9fb57) Merge branch 'shadps4-emu:main' into rdr2-test - [`bd6a565`](https://github.com/shadps4-emu/shadPS4/commit/bd6a5651661f02b71e1a7891cdbc1f7503ca800a) Missing include - [`abf7256`](https://github.com/shadps4-emu/shadPS4/commit/abf72565e7a963701c7e45681dd0e267364a1f79) Disable patches for Apple - [`74ecd69`](https://github.com/shadps4-emu/shadPS4/commit/74ecd692a6b9907d339e35f70a9b65ba8469ae31) Oops ### 📊 Changes **1 file changed** (+90 additions, -55 deletions) <details> <summary>View changed files</summary> 📝 `src/core/cpu_patches.cpp` (+90 -55) </details> ### 📄 Description Some compilers emit direct reads to the stack canary (fs:[0x28]) instead of using the stack check guard provided by libkernel. This is usually done by storing the canary to a register with a `mov` instruction at the start of the function, then checking that register against the canary at the end of the function with a `xor` instruction. In this PR, I've added code patches to handle mov and xor instructions using fs:[0x28], stubbing the returned canary value with 0. Additionally, I've updated our code to support having multiple patches per instruction, since mov instructions also need Tcb access patches. This PR brings Red Dead Redemption 2 to menus for Windows users. It now crashes when trying to go ingame, just like how Linux behaves. <img width="1335" height="786" alt="image" src="https://github.com/user-attachments/assets/6b1c3a74-8176-464b-83e8-375abd90a730" /> This is my first time working with our cpu patches, let me know if I need to change anything. Additionally, if there is a better hardcoded value I should use for the stack canary, please let me know. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
kerem 2026-02-27 22:04:54 +03:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
trophies_and_saves
user_and_settings
0.15.1branch_part6
Pre-release-shadPS4-2026-04-25-47f5cc14376c9d7694fc5728ed4ea98609ffe119
v.0.15.0
Pre-release-shadPS4-2026-02-26-19d2027105679d751328357d7c85cd83a84c9758
v.0.14.0
v.0.13.0
v.0.12.5
v.0.12.0
v.0.11.0
v.0.10.0
v.0.9.0
v.0.8.0
v.0.7.0
v.0.6.0
v.0.5.0
v.0.4.0
v.0.3.0
v.0.2.0
0.1.0
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels   
Bloodborne

   
bug

   
contributor wanted

   
documentation

   
enhancement

   
frontend

   
good first issue

   
help wanted

   
linux

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
release

   
verification progress
No labels
Bloodborne
bug
contributor wanted
documentation
enhancement
frontend
good first issue
help wanted
linux
pull-request
question
release
verification progress
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/shadPS4#3765
No description provided.