Fix segfault when removing mobjs while iterating thinglist (!2293) · Merge requests · STJr / SRB2 · GitLab

Snippets Groups Projects

Merged Hanicef requested to merge Hanicef/SRB2Classic:fix-segfault-remove-thinglist into next 1 year ago

All threads resolved!

If P_RemoveMobj is called on an entry that is currently being iterated through sector.thinglist(), the game segfaults due to it not checking if the value has been deallocated already. This is fixed by simply verifying if the object has been deallocated, and returns an error if it has.

This Lua script can be used to trigger the segfault:

COM_AddCommand("clearmobjs", function (player)
	for sector in sectors.iterate do
		for mobj in sector.thinglist() do
			if not mobj.player then
				P_RemoveMobj(mobj)
			end
		end
	end
end)

Note that you need to compile the game with DEBUGMODE=1 in order to trigger this bug consistently!

Activity

Zwip-Zwap Zapony @Zwip-Zwap_Zapony started a thread on an old version of the diff 1 year ago

Resolved 1 year ago by Hanicef
Last reply by Zwip-Zwap Zapony 1 year ago

Hanicef resolved all threads 1 year ago

resolved all threads

Hanicef added 1 commit 1 year ago

added 1 commit

21b8acf7 - Change P_MobjWasRemoved to P_RemoveMobj in the error message (thanks Zwip-Zwap Zapony)

Compare with previous version

sphere added label 1 year ago

added Bug label

sphere merged 1 year ago

merged

sphere mentioned in commit 1 year ago

mentioned in commit 0c59a46d

Please register or sign in to reply