View Issue Details

IDProjectCategoryView StatusLast Update
0005409The Dark ModCodingpublic16.11.2020 16:56
Reporterstgatilov Assigned Tostgatilov  
Status resolvedResolutionfixed 
Product VersionTDM 2.08 
Target VersionTDM 2.09Fixed in VersionTDM 2.09 
Summary0005409: Unbinding entity B in C->B->A bind hierarchy broken
DescriptionIt seems that bindMaster hierarchy and teamMaster/teamChain groups can be out of sync.
As the result of such data corruption, game shutdown is likely to crash, because entity tries to access its already deleted bindMaster on destruction.
Steps To ReproduceUnfortunately, it is currently reproduced only on the first beta version of William Steele 7:
1) Skip cutscene.
2) notarget/noclip.
3) spawn atdm:playertools_lockpick_triangle; spawn atdm:playertools_lockpick_snake
4) pick up the lockpicks (or you can bet your equipment not very far from your cell).
5) find the forge control (should be near 328 1632 55) room and unlock it.
6) set speed 4 for the forge, disable noclip, get out of the room (should get a bang).
7) now finish game by quickloading or quitting ---> crash.

Most likely it can be reproduced by doing the following:
1) bind A to B
2) bind B to C
3) unbind B from C
4) perhaps you also need entity B to go earlier than A in global sequence.
5) crash on game shutdown
Additional InformationOriginally discussed here:
Also in WS7 beta:
TagsNo tags attached.


related to 0005414 assignedstgatilov Remove "g_entityBindNew 0" old code 




14.11.2020 14:35

administrator   ~0012936

I have reimplemented the teams/binds system in svn rev 8980.
The old code can be enabled by setting cvar "g_entityBindNew 0" (non-archived).

Looking through the code, it seems that the teamChain linked list should traverse through the whole tree of bound elements in PRE-ORDER traversal order: (just there can be any number of sons, not always two)
This was clearly the intent of the authors, but it was not properly maintained on entity unbinding.
The QuitTeam method was the culprit: such method must not exist at all.

With the new implementation, this invariant is strongly maintained.
Only two methods which can change the structure of bind tree and team linked list are:
In debug build, both of them check the invariant before and after modification (calling the ValidateBindTeam method).

As a side effect, I have broken movers with nonempty "team" spawnarg.
For now such cases cause immediate Error, since I think/hope they do not exist.

Issue History

Date Modified Username Field Change
14.11.2020 13:01 stgatilov New Issue
14.11.2020 13:01 stgatilov Status new => assigned
14.11.2020 13:01 stgatilov Assigned To => stgatilov
14.11.2020 13:26 stgatilov Steps to Reproduce Updated View Revisions
14.11.2020 13:30 stgatilov Steps to Reproduce Updated View Revisions
14.11.2020 13:38 stgatilov Steps to Reproduce Updated View Revisions
14.11.2020 14:35 stgatilov Note Added: 0012936
14.11.2020 14:36 stgatilov Status assigned => resolved
14.11.2020 14:36 stgatilov Resolution open => fixed
14.11.2020 14:36 stgatilov Fixed in Version => TDM 2.09
16.11.2020 16:56 stgatilov Relationship added related to 0005414