View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0005409||The Dark Mod||Coding||public||14.11.2020 13:01||06.12.2020 13:01|
|Product Version||TDM 2.08|
|Target Version||TDM 2.09||Fixed in Version||TDM 2.09|
|Summary||0005409: Unbinding entity B in C->B->A bind hierarchy broken|
|Description||It seems that bindMaster hierarchy and teamMaster/teamChain groups can be out of sync.|
As the result of such data corruption, game shutdown is likely to crash, because entity tries to access its already deleted bindMaster on destruction.
|Steps To Reproduce||Unfortunately, it is currently reproduced only on the first beta version of William Steele 7:|
1) Skip cutscene.
3) spawn atdm:playertools_lockpick_triangle; spawn atdm:playertools_lockpick_snake
4) pick up the lockpicks (or you can bet your equipment not very far from your cell).
5) find the forge control (should be near 328 1632 55) room and unlock it.
6) set speed 4 for the forge, disable noclip, get out of the room (should get a bang).
7) now finish game by quickloading or quitting ---> crash.
Most likely it can be reproduced by doing the following:
1) bind A to B
2) bind B to C
3) unbind B from C
4) perhaps you also need entity B to go earlier than A in global sequence.
5) crash on game shutdown
|Additional Information||Originally discussed here:|
Also in WS7 beta:
|Tags||No tags attached.|
I have reimplemented the teams/binds system in svn rev 8980.
The old code can be enabled by setting cvar "g_entityBindNew 0" (non-archived).
Looking through the code, it seems that the teamChain linked list should traverse through the whole tree of bound elements in PRE-ORDER traversal order:
https://en.wikipedia.org/wiki/Tree_traversal#Pre-order_(NLR) (just there can be any number of sons, not always two)
This was clearly the intent of the authors, but it was not properly maintained on entity unbinding.
The QuitTeam method was the culprit: such method must not exist at all.
With the new implementation, this invariant is strongly maintained.
Only two methods which can change the structure of bind tree and team linked list are:
In debug build, both of them check the invariant before and after modification (calling the ValidateBindTeam method).
As a side effect, I have broken movers with nonempty "team" spawnarg.
For now such cases cause immediate Error, since I think/hope they do not exist.
Noticed that keys in StLucia FM were bound to legs of guards (instead of hips) =)
It turned out that the new code dropped bindJoint/bindBody information during binding.
idEntity::FinishBind called BreakBindToMaster, which cleared these two members.
But they are set BEFORE calling FinishBind.
So now I don't clear these members in BreakBindToMaster.
Instead, I explicitly clear them in idEntity::Unbind.
Committed in svn rev 9033.
|14.11.2020 13:01||stgatilov||New Issue|
|14.11.2020 13:01||stgatilov||Status||new => assigned|
|14.11.2020 13:01||stgatilov||Assigned To||=> stgatilov|
|14.11.2020 13:26||stgatilov||Steps to Reproduce Updated||View Revisions|
|14.11.2020 13:30||stgatilov||Steps to Reproduce Updated||View Revisions|
|14.11.2020 13:38||stgatilov||Steps to Reproduce Updated||View Revisions|
|14.11.2020 14:35||stgatilov||Note Added: 0012936|
|14.11.2020 14:36||stgatilov||Status||assigned => resolved|
|14.11.2020 14:36||stgatilov||Resolution||open => fixed|
|14.11.2020 14:36||stgatilov||Fixed in Version||=> TDM 2.09|
|16.11.2020 16:56||stgatilov||Relationship added||related to 0005414|
|06.12.2020 13:01||stgatilov||Note Added: 0013105|