I get a crash happening in this function when trying to reboot the game, even with all DINPUT functions disabled. (only port attached)
breakpoint happens here: ohci_read_ed(ohci, cur, &ed)
error: 0xC0000005: Access violation reading location 0x23ffffff.
my guess is the descriptor has an error in it somewhere but i could be wrong..
the descriptors jackun included look a bit jumbled and a mixed. Particularly Device Descriptor/Config Descriptor.
maybe this is just an inherent bug of qemu? it still does it even with the latest version.
I will try using this info to fix the descriptor
http://lkml.indiana.edu/hypermail/linux/...00843.html
EDIT:
Fixed above error by moving all USBinit/USBshutdown calls into USBopen/USBclose. Strange this was in there. Probably new instance of ohci being created without closing last one.
I've updated the binary at the original link. https://drive.google.com/file/d/0B4lfqq0...sp=sharing
Also readme is included.
I will check GT3 when i get a chance.
breakpoint happens here: ohci_read_ed(ohci, cur, &ed)
error: 0xC0000005: Access violation reading location 0x23ffffff.
Code:
/* Service an endpoint list. Returns nonzero if active TD were found. */
static int ohci_service_ed_list(OHCIState *ohci, uint32_t head, int completion)
{
struct ohci_ed ed;
uint32_t next_ed;
uint32_t cur;
int active;
active = 0;
if (head == 0)
return 0;
for (cur = head; cur; cur = next_ed) {
if (!ohci_read_ed(ohci, cur, &ed)) {
fprintf(stderr, "usb-ohci: ED read error at %x\n", cur);
return 0;
}
next_ed = ed.next & OHCI_DPTR_MASK;
if ((ed.head & OHCI_ED_H) || (ed.flags & OHCI_ED_K)) {
uint32_t addr;
/* Cancel pending packets for ED that have been paused. */
addr = ed.head & OHCI_DPTR_MASK;
if (ohci->async_td && addr == ohci->async_td) {
usb_cancel_packet(&ohci->usb_packet);
ohci->async_td = 0;
}
continue;
}
while ((ed.head & OHCI_DPTR_MASK) != ed.tail) {
#ifdef DEBUG_PACKET
DPRINTF("ED @ 0x%.8x fa=%u en=%u d=%u s=%u k=%u f=%u mps=%u "
"h=%u c=%u\n head=0x%.8x tailp=0x%.8x next=0x%.8x\n", cur,
OHCI_BM(ed.flags, ED_FA), OHCI_BM(ed.flags, ED_EN),
OHCI_BM(ed.flags, ED_D), (ed.flags & OHCI_ED_S)!= 0,
(ed.flags & OHCI_ED_K) != 0, (ed.flags & OHCI_ED_F) != 0,
OHCI_BM(ed.flags, ED_MPS), (ed.head & OHCI_ED_H) != 0,
(ed.head & OHCI_ED_C) != 0, ed.head & OHCI_DPTR_MASK,
ed.tail & OHCI_DPTR_MASK, ed.next & OHCI_DPTR_MASK);
#endif
active = 1;
if ((ed.flags & OHCI_ED_F) == 0) {
if (ohci_service_td(ohci, &ed))
break;
} else {
/* Handle isochronous endpoints */
if (ohci_service_iso_td(ohci, &ed, completion))
break;
}
}
ohci_put_ed(ohci, cur, &ed);
}
return active;
}
my guess is the descriptor has an error in it somewhere but i could be wrong..
the descriptors jackun included look a bit jumbled and a mixed. Particularly Device Descriptor/Config Descriptor.
maybe this is just an inherent bug of qemu? it still does it even with the latest version.
I will try using this info to fix the descriptor
http://lkml.indiana.edu/hypermail/linux/...00843.html
EDIT:
Fixed above error by moving all USBinit/USBshutdown calls into USBopen/USBclose. Strange this was in there. Probably new instance of ohci being created without closing last one.
I've updated the binary at the original link. https://drive.google.com/file/d/0B4lfqq0...sp=sharing
Also readme is included.
I will check GT3 when i get a chance.