View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0006663The Dark ModSaving/Loadingpublic23.01.2026 23:5027.01.2026 21:05
ReporterSTiFU Assigned ToSTiFU  
PrioritynormalSeveritycrashReproducibilitysometimes
Status resolvedResolutionopen 
Product VersionTDM 2.10 
Target VersionTDM 2.14 
Summary0006663: Sometimes crash when drawing bow. Might be related to saving/loading and urinating AI
Descriptionhttps://forums.thedarkmod.com/index.php?/topic/21345-210-crashes-may-be-bow-frontend-acceleration-related/page/2/#findComment-485431

The crash happens because a bow attachment entity (likely the arrow) has already been killed and so we have a nullptr access violation.

There is a hapothesis that this could be due to reloading and the urinate animation of AI, potentially related to spawning and despawning the penis.

Amadeus created a testmap and manged to reproduce the crash:
"I uploaded the urinate test map in rev 17434 on the assets repo. You'll find it with all the other test maps: test/urinate_crash

yeah, I am able to easily recreate this bow crash with this test map. Once the ai are done with the urination animation, you can just scroll to the bow in your inventory and it will crash"
TagsNo tags attached.

Relationships

related to 0006670 new The script Interpreter must use unique entity identification 

Activities

STiFU

STiFU

27.01.2026 21:02

developer   ~0017155

The problem is understood. During the urinate animation, the entities atdm:penis_s and atdm:penis_urinating_s. There are three ways to destroy these entities afterwards:
1. The anim urinate script
2. The spawnarg "remove_delay" is handled from the code, if > 0
3. The spawnarg "remove_delay" is also handled from an attached script object "tdm_suicide"
The problem here is that tdm_suicide destroys the entity via its index. If the respective entity has already been destroyed, a completely different entity might occupy that index and the tdm_suicide script will destroy it.

As a quick fix, we decided to just remove the tdm_suicide script from the penis entity defs for now (Assets, Rev. 17448), but this type of double-free bug could accidentally be produced again in another form somewhere down the line, so we should look into fixing this for good for the next release. We need a unique form of entity identification, e.g., add idEntityPtr functionality to the script interpreter.

Issue History

Date Modified Username Field Change
23.01.2026 23:50 STiFU New Issue
24.01.2026 10:17 STiFU Status new => confirmed
27.01.2026 21:02 STiFU Assigned To => STiFU
27.01.2026 21:02 STiFU Status confirmed => resolved
27.01.2026 21:02 STiFU Note Added: 0017155
27.01.2026 21:05 STiFU Relationship added related to 0006670