Fixed bug 5195 - Replugging in "mixed" controller types crashes on macOS

RustyM

This is related to Bug 5034, but crashes under a somewhat different condition.

In the latest tip (changeset 13914) or with the SDL 2.0.12 source + David?s 5034 patch, unplugging and then replugging in certain controller types on macOS will crash. A mix of new controllers like Switch Pro, PS4 and Xbox One all work without issue. But if a controller without a rumble function, like many SNES retro USB gamepads, is mixed with a PS4 or Switch Pro controller it will crash.

File: joystick/darwin/SDL_sysjoystick.c
Function: static recDevice *FreeDevice(recDevice *removeDevice)
On line 159: while (device->pNext != removeDevice) {
Causes: Thread 1: EXC_BAD_ACCESS (code=1, address=0x188)

This can be reproduced in testgamecontroller" by starting the test program with both a ?retro? controller plugged in and a ?modern rumble? controller (Switch Pro/PS4). This may crash on launch, but it depends on which controller ends up as device 0. If it doesn?t crash, unplug the ?modern rumble? controller and plug it back in.

Some of the "retro" controllers I?ve seen this crash with:
- iBuffalo SNES Controller
- 8Bitdo SN30 Gamepad (in MacOS mode)
- Retrolink NES Controller
- HuiJia SNES Controller Adaptor

The issue appears macOS specific. Seen on 10.12.6 and 10.14.6. Not seen on Windows 10.

The while loop in FreeDevice() assumes that every device is not NULL.

    recDevice *device = gpDeviceList;
    while (device->pNext != removeDevice) {
        device = device->pNext;
    }
    device->pNext = pDeviceNext;

So maybe we should check for NULL here? Or instead prevent adding NULL devices to the list in the first place? Checking device for NULL before entering the loop appears to work.

    recDevice *device = gpDeviceList;
    if (!device) {
        while (device->pNext != removeDevice) {
            device = device->pNext;
        }
    }
    device->pNext = pDeviceNext;
This commit is contained in:
Sam Lantinga 2021-01-14 15:03:11 -08:00
parent d54b125a86
commit bdc6e4ffc5

View File

@ -155,11 +155,14 @@ FreeDevice(recDevice *removeDevice)
if (gpDeviceList == removeDevice) {
gpDeviceList = pDeviceNext;
} else if (gpDeviceList) {
recDevice *device = gpDeviceList;
while (device->pNext != removeDevice) {
device = device->pNext;
}
recDevice *device;
for (device = gpDeviceList; device; device = device->pNext) {
if (device->pNext == removeDevice) {
device->pNext = pDeviceNext;
break;
}
}
}
removeDevice->pNext = NULL;