 |
|
Re: [Xbox-linux] Mad Catz Beat Pad not recognized in xpad ver 0.1.7
I've done some additional digging and where it fails below
usb_fill_int_urb(xpad->irq_in, udev, usb_rcvintpipe(udev, ep_irq_in->bEndpointAddress), xpad->idata, XPAD_PKT_LEN, xpad_irq_in, xpad, ep_irq_in->bInterval); I've added in some test code (diff below) just before it. The code bails if ep_irq_in is NULL (undefined): @@ -554,6 +556,13 @@ /* init input URB for USB INT transfer from device */ ep_irq_in = &intf->cur_altsetting->endpoint[0].desc; + + // Testing for valid input + if (!ep_irq_in) { + info("ep_irq_in undefined"); + goto fail2; + } + usb_fill_int_urb(xpad->irq_in, udev, usb_rcvintpipe(udev, ep_irq_in->bEndpointAddress), xpad->idata, XPAD_PKT_LEN, xpad_irq_in, As you can see in the dmesg output below: [ 104.270277] input: Mad Catz Beat Pad as /devices/pci0000:00/0000:00:1d.0/usb1/1-1/1-1:1.0/input/input10 [ 104.285890] input: Mad Catz Beat Pad as /devices/pci0000:00/0000:00:1d.0/usb1/1-1/1-1:1.1/input/input11 [ 104.298252] input: Mad Catz Beat Pad as /devices/pci0000:00/0000:00:1d.0/usb1/1-1/1-1:1.2/input/input12 [ 104.304010] /home/rgreening/xpad/xpad.c: ep_irq_in undefined [ 104.304558] xpad: probe of 1-1:1.3 failed with error -12 It appears that the call to "ep_irq_in = &intf->cur_altsetting->endpoint[0].desc;" is returning NULL is not caught by the code. Therefore it crashes. I guess there's some additional checking and logic that needs to occur there, though I am at a loss as to exactly what needs to be done. Suggestions? On Friday 07 March 2008 2:41:34 pm Roderick B. Greening wrote: > I have an unrecognized controller. It's a Mad Catz Beat Pad. > > I have modified the xpad.c (from version 0.1.7 in CVS) to attempt to > support this controller. No luck. I can get it to start and perform the > xpad_probe, at which point it picks up the inputs (3 of them) and then > promptly causes the kernel to OOPS with a NULL reference. > > Here's the diff of my change: > > --- xpad.c.orig 2008-03-06 17:09:03.000000000 -0330 > +++ xpad.c 2008-03-07 10:59:29.000000000 -0330 > @@ -104,6 +104,7 @@ > { 0x0738, 0x4540, "Mad Catz Beat Pad", GAMEPAD_XBOX_MAT }, > { 0x0738, 0x4556, "Mad Catz Lynx Wireless Controller", GAMEPAD_XBOX > }, { 0x0738, 0x4716, "Mad Catz Xbox 360 Controller", GAMEPAD_XBOX360 }, + > { 0x0738, 0x4740, "Mad Catz Beat Pad", GAMEPAD_XBOX_MAT }, { 0x0738, > 0x6040, "Mad Catz Beat Pad Pro", GAMEPAD_XBOX_MAT }, { 0x0c12, 0x8802, > "Zeroplus Xbox Controller", GAMEPAD_XBOX }, { 0x0c12, 0x8810, "Zeroplus > Xbox Controller", GAMEPAD_XBOX }, @@ -161,6 +162,7 @@ > { USB_DEVICE(0x045e, 0x028e) }, /* Xbox 360 Controller */ > { USB_DEVICE(0x045e, 0x0291) }, /* Xbox 360 Wireless Controller */ > { USB_DEVICE(0x045e, 0x0719) }, /* Xbox 360 Wireless PC Receiver */ > + { USB_DEVICE(0x0738, 0x4740) }, /* Mad Catz Beat Pad */ > { USB_DEVICE(0x1430, 0x4748) }, /* RedOctane Guitar Hero X-plorer > */ { } > }; > > > Here's the output of lsusb -vv -d 0x0738:0x4740 > > Bus 001 Device 002: ID 0738:4740 Mad Catz, Inc. > Device Descriptor: > bLength 18 > bDescriptorType 1 > bcdUSB 2.00 > bDeviceClass 255 Vendor Specific Class > bDeviceSubClass 255 Vendor Specific Subclass > bDeviceProtocol 255 Vendor Specific Protocol > bMaxPacketSize0 8 > idVendor 0x0738 Mad Catz, Inc. > idProduct 0x4740 > bcdDevice 31.20 > iManufacturer 1 Mad Catz, Inc. > iProduct 2 Beat Pad > iSerial 3 4C7CD68 > bNumConfigurations 1 > Configuration Descriptor: > bLength 9 > bDescriptorType 2 > wTotalLength 153 > bNumInterfaces 4 > bConfigurationValue 1 > iConfiguration 0 > bmAttributes 0xa0 > (Bus Powered) > Remote Wakeup > MaxPower 500mA > Interface Descriptor: > bLength 9 > bDescriptorType 4 > bInterfaceNumber 0 > bAlternateSetting 0 > bNumEndpoints 2 > bInterfaceClass 255 Vendor Specific Class > bInterfaceSubClass 93 > bInterfaceProtocol 1 > iInterface 0 > ** UNRECOGNIZED: 11 21 10 01 05 25 81 14 03 03 03 04 13 02 08 03 03 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x81 EP 1 IN > bmAttributes 3 > Transfer Type Interrupt > Synch Type None > Usage Type Data > wMaxPacketSize 0x0020 1x 32 bytes > bInterval 4 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x02 EP 2 OUT > bmAttributes 3 > Transfer Type Interrupt > Synch Type None > Usage Type Data > wMaxPacketSize 0x0020 1x 32 bytes > bInterval 8 > Interface Descriptor: > bLength 9 > bDescriptorType 4 > bInterfaceNumber 1 > bAlternateSetting 0 > bNumEndpoints 4 > bInterfaceClass 255 Vendor Specific Class > bInterfaceSubClass 93 > bInterfaceProtocol 3 > iInterface 0 > ** UNRECOGNIZED: 1b 21 00 01 01 01 83 40 01 04 20 16 85 00 00 00 00 > 00 00 16 05 00 00 00 00 00 00 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x83 EP 3 IN > bmAttributes 3 > Transfer Type Interrupt > Synch Type None > Usage Type Data > wMaxPacketSize 0x0020 1x 32 bytes > bInterval 2 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x04 EP 4 OUT > bmAttributes 3 > Transfer Type Interrupt > Synch Type None > Usage Type Data > wMaxPacketSize 0x0020 1x 32 bytes > bInterval 4 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x85 EP 5 IN > bmAttributes 3 > Transfer Type Interrupt > Synch Type None > Usage Type Data > wMaxPacketSize 0x0020 1x 32 bytes > bInterval 64 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x05 EP 5 OUT > bmAttributes 3 > Transfer Type Interrupt > Synch Type None > Usage Type Data > wMaxPacketSize 0x0020 1x 32 bytes > bInterval 16 > Interface Descriptor: > bLength 9 > bDescriptorType 4 > bInterfaceNumber 2 > bAlternateSetting 0 > bNumEndpoints 1 > bInterfaceClass 255 Vendor Specific Class > bInterfaceSubClass 93 > bInterfaceProtocol 2 > iInterface 0 > ** UNRECOGNIZED: 09 21 00 01 01 22 86 07 00 > Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x86 EP 6 IN > bmAttributes 3 > Transfer Type Interrupt > Synch Type None > Usage Type Data > wMaxPacketSize 0x0020 1x 32 bytes > bInterval 16 > Interface Descriptor: > bLength 9 > bDescriptorType 4 > bInterfaceNumber 3 > bAlternateSetting 0 > bNumEndpoints 0 > bInterfaceClass 255 Vendor Specific Class > bInterfaceSubClass 253 > bInterfaceProtocol 19 > iInterface 4 > ** UNRECOGNIZED: 06 41 00 01 01 03 > Device Status: 0x0002 > (Bus Powered) > Remote Wakeup Enabled > > If I modprobe the driver with the added info, it segfaults. > > Here is the output from /proc/bus/input/devices after I modprobe the > driver: > > I: Bus=0003 Vendor=0738 Product=4740 Version=3120 > N: Name="Mad Catz Beat Pad" > P: Phys=usb-0000:00:1d.0-1/input0 > S: Sysfs=/devices/pci0000:00/0000:00:1d.0/usb1/1-1/1-1:1.0/input/input10 > U: Uniq= > H: Handlers=event10 > B: EV=3 > B: KEY=81b0000 40000f 0 0 0 0 0 0 0 0 > > I: Bus=0003 Vendor=0738 Product=4740 Version=3120 > N: Name="Mad Catz Beat Pad" > P: Phys=usb-0000:00:1d.0-1/input0 > S: Sysfs=/devices/pci0000:00/0000:00:1d.0/usb1/1-1/1-1:1.1/input/input11 > U: Uniq= > H: Handlers=event11 > B: EV=3 > B: KEY=81b0000 40000f 0 0 0 0 0 0 0 0 > > I: Bus=0003 Vendor=0738 Product=4740 Version=3120 > N: Name="Mad Catz Beat Pad" > P: Phys=usb-0000:00:1d.0-1/input0 > S: Sysfs=/devices/pci0000:00/0000:00:1d.0/usb1/1-1/1-1:1.2/input/input12 > U: Uniq= > H: Handlers=event12 > B: EV=3 > B: KEY=81b0000 40000f 0 0 0 0 0 0 0 0 > > Here is the OOPS info from the fault: > > [ 1821.884921] input: Mad Catz Beat Pad > as /devices/pci0000:00/0000:00:1d.0/usb1/1-1/1-1:1.0/input/input10 > [ 1821.912849] input: Mad Catz Beat Pad > as /devices/pci0000:00/0000:00:1d.0/usb1/1-1/1-1:1.1/input/input11 > [ 1821.928805] input: Mad Catz Beat Pad > as /devices/pci0000:00/0000:00:1d.0/usb1/1-1/1-1:1.2/input/input12 > [ 1821.944820] BUG: unable to handle kernel NULL pointer dereference at > virtual address 00000006 > [ 1821.944827] printing eip: f8f60a5c *pde = 00000000 > [ 1821.944832] Oops: 0000 [#1] SMP > [ 1821.944836] Modules linked in: xpad snd_rtctimer binfmt_misc af_packet > pktcdvd i915 drm ppdev ipv6 acpi_cpufreq cpufreq_stats cpufreq_conservative > cpufreq_powersave cpufreq_userspace cpufreq_ondemand > freq_table container dock sbs sbshc iptable_filter ip_tables x_tables > aes_i586 dm_crypt dm_mod berry_charge parport_pc lp parport acerhk usbhid > hid arc4 ecb blkcipher joydev pcmcia snd_hda_intel snd_pc > m_oss snd_mixer_oss snd_pcm snd_page_alloc snd_hwdep battery snd_seq_dummy > iwl3945 ac iwlwifi_mac80211 cfg80211 snd_seq_oss sdhci video output > tifm_7xx1 snd_seq_midi snd_rawmidi mmc_core tifm_core yenta > _socket rsrc_nonstatic pcmcia_core snd_seq_midi_event snd_seq snd_timer > snd_seq_device button snd iTCO_wdt iTCO_vendor_support psmouse soundcore > serio_raw intel_agp agpgart acer_acpi led_class evdev pcs > pkr shpchp pci_hotplug wmi_acer ext3 jbd mbcache sg sr_mod cdrom sd_mod > pata_acpi ata_piix ata_generic libata scsi_mod ehci_hcd r8169 uhci_hcd > usbcore thermal processor fan fuse > [ 1821.944908] > [ 1821.944911] Pid: 23723, comm: modprobe Not tainted (2.6.24-11-generic > #1) [ 1821.944914] EIP: 0060:[<f8f60a5c>] EFLAGS: 00010286 CPU: 1 > [ 1821.944921] EIP is at xpad_probe+0x23c/0x4b0 [xpad] > [ 1821.944923] EAX: 00000000 EBX: ef67d214 ECX: f74f0080 EDX: 00000002 > [ 1821.944926] ESI: 00000016 EDI: f71ef000 EBP: f066d400 ESP: ea8adda8 > [ 1821.944928] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 > [ 1821.944932] Process modprobe (pid: 23723, ti=ea8ac000 task=eff49680 > task.ti=ea8ac000) > [ 1821.944934] Stack: ef67d214 00000041 f8f60fe3 f7d1ace4 f066d404 ef81761c > ef817600 01f625a4 > [ 1821.944941] ef67d200 f8f625a4 ef817600 f8f625a4 ef817600 f8f62480 > f066d400 f88a15a9 > [ 1821.944948] 00000000 ef81761c ef817694 00000000 ef81761c 00000000 > f8f624b4 f88ba500 > [ 1821.944954] Call Trace: > [ 1821.944970] [<f88a15a9>] usb_probe_interface+0xb9/0x140 [usbcore] > [ 1821.945007] [<c027ea28>] driver_probe_device+0x88/0x190 > [ 1821.945022] [<c027ec9e>] __driver_attach+0x9e/0xa0 > [ 1821.945032] [<c027de5b>] bus_for_each_dev+0x3b/0x60 > [ 1821.945044] [<c027e8a6>] driver_attach+0x16/0x20 > [ 1821.945048] [<c027ec00>] __driver_attach+0x0/0xa0 > [ 1821.945052] [<c027e1da>] bus_add_driver+0x8a/0x1e0 > [ 1821.945064] [<f88a10ee>] usb_register_driver+0x8e/0x110 [usbcore] > [ 1821.945096] [<f8a49018>] usb_xpad_init+0x18/0x39 [xpad] > [ 1821.945100] [<c0146547>] blocking_notifier_call_chain+0x17/0x20 > [ 1821.945110] [<c01516c6>] sys_init_module+0x126/0x19c0 > [ 1821.945151] [<c01053c2>] sysenter_past_esp+0x6b/0xa9 > [ 1821.945169] ======================= > [ 1821.945170] Code: 00 98 f0 0f ab 47 1c 83 c2 01 0f b7 84 12 ec 0e f6 f8 > 66 85 c0 79 ea 8b 54 24 18 8b 42 04 8b 54 24 20 8b 40 0c 8b 4a 0c 8b 55 00 > <0f> b6 70 06 0f b6 40 02 c1 e2 08 c1 e0 0f 09 c2 8b 44 24 20 81 > [ 1821.945204] EIP: [<f8f60a5c>] xpad_probe+0x23c/0x4b0 [xpad] SS:ESP > 0068:ea8adda8 > [ 1821.945211] ---[ end trace 4b99b6c629b69949 ]--- > > I have tried this on two different systems with two different kernels. This > system is Hardy Heron (latest development release from Ubuntu) running > kernel 2.6.24. I also tried it on my wifes system, which is Gutsy Gibbon > (7.10 Ubuntu) running kernel 2.6.22. Both exhibit the same problem. > > If I do not apply the patch, the controller is not picked up. Is there some > default thing I can test here? > > If only apply "{ 0x0738, 0x4740, "Mad Catz Beat Pad", GAMEPAD_XBOX_MAT },", > then it is still not picked up. > > Anything you can do to assist would be greatly appreciated. > > Also, it appears as though this driver is not updated into later kernels. > The default in 2.6.24 is version 0.0.6 where it should be 0.1.7 (seeing as > it's been 9 months since that version was released). Do you pass this along > to upstream kernel? > > I've attmpted to isolate exactly where in the code it fails. After some > further debugging, i'vediscovered that it succesfully gets input 10, 11 and > 12 (3 successive calls to xpad_probe), it then attmpts to get the next > input and fails (this is the fourth call to xpad_probe). > > It crashes here in the code: > > usb_fill_int_urb(xpad->irq_in, udev, > usb_rcvintpipe(udev, ep_irq_in->bEndpointAddress), > xpad->idata, XPAD_PKT_LEN, xpad_irq_in, > xpad, ep_irq_in->bInterval); > > I'm not sure I can offer any additional assistance, as I am not familiar > with the code nor the intent, only that for some reason this causes a NULL > reference and crashes the kernel, but only on the fourth iteration. Perhaps > one of the parameters to the call to usb_fill_int_urb is being passed a > NULL or some other invalid value causing usb_int_fill_urb to fail. > > I am willing to assist further in debugging, just let me know what to test. > > Cheers, > > Rod. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Xbox-linux-devel mailing list Xbox-linux-devel@list... https://lists.sourceforge.net/lists/listinfo/xbox-linux-devel Bookmark with:  Delicious
 Digg
 reddit
 Facebook
 StumbleUpon
Related Messages
opensubscriber is not affiliated with the authors of this message nor responsible for its content. |
All rights reserved.
Alternate link - Alternate link