search

ampreeT / SourceCoop

Black Mesa cooperative plugin for SourceMod
GNU General Public License v3.0
182 stars 13 forks source link

Infinite loop in PhysDestroyObject #150

Open Alienmario opened 1 month ago

Alienmario commented 1 month ago

server_srv.so!PhysDestroyObject passing a CBaseEntity pointer into vphysics function RemoveAllPairsForObject sometimes causes an infinite loop. A workaround by @ReservedRegister suggests removing the call for the entity pointer, only leaving the call for IPhysicsObject. This may create a leak of sorts, however that should only last up to a level change.

https://crash.limetech.org/bjcuvmkeib52

0   engine_srv.so!Sys_Error_Internal(bool, char const*, char*) + 0x1b5
1   engine_srv.so!Sys_Error(char const*, ...) + 0x20
2   engine_srv.so!Host_Error(char const*, ...) + 0xde
3   engine_srv.so!WatchDogHandler() + 0x20
4   libtier0_srv.so!WatchDogHandler(int) + 0x35
5   linux-gate.so + 0xdb0
6   vphysics_srv.so!CObjectPairHash::RemoveAllPairsForObject(void*) + 0x20b
7   server_srv.so!PhysDestroyObject(IPhysicsObject*, CBaseEntity*) + 0x92
8   server_srv.so!CBaseEntity::VPhysicsDestroyObject() + 0x3a
9   server_srv.so!CBaseEntity::UpdateOnRemove() + 0xb6
10  server_srv.so!CXenGruntPod::UpdateOnRemove() + 0x3d
11  server_srv.so!UTIL_Remove(IServerNetworkable*) + 0x5a
12  server_srv.so!CBaseEntity::InputKill(inputdata_t&) + 0x46
13  server_srv.so!CBaseEntity::AcceptInput(char const*, CBaseEntity*, CBaseEntity*, variant_t, int) + 0x5ae
14  server_srv.so!CEventQueue::ServiceEvents() + 0x261
15  server_srv.so!ServiceEventQueue() + 0x37
16  server_srv.so!CServerGameDLL::GameFrame(bool) + 0x172
17  sourcemod.2.bms.so!__SourceHook_FHCls_IServerGameDLLGameFramefalse::Func(bool) [sourcemod.cpp:54 + 0x14]
18  engine_srv.so!CServerPlugin::GameFrame(bool) + 0x77
19  engine_srv.so!SV_Think(bool) + 0xcc
20  engine_srv.so!SV_Frame(bool) + 0xfe
21  engine_srv.so!_Host_RunFrame_Server(bool) + 0x71
22  engine_srv.so!_Host_RunFrame(float) + 0x2d1
23  engine_srv.so!CHostState::State_Run(float) + 0x11c
24  engine_srv.so!CHostState::FrameUpdate(float) + 0x186
25  engine_srv.so!HostState_Frame(float) + 0x2b
26  engine_srv.so!CEngine::Frame() + 0x552
27  engine_srv.so!CDedicatedServerAPI::RunFrame() + 0x33
28  dedicated_srv.so!RunServer() + 0x53
29  dedicated_srv.so!CDedicatedExports::RunServer() + 0x17
30  engine_srv.so!CModAppSystemGroup::Main() + 0xbe
31  engine_srv.so!CAppSystemGroup::Run() + 0x58
32  engine_srv.so!CDedicatedServerAPI::ModInit(ModInfo_t&) + 0x247
33  dedicated_srv.so!CDedicatedAppSystemGroup::Main() + 0xa5
34  dedicated_srv.so!CAppSystemGroup::Run() + 0x58
35  dedicated_srv.so!CSteamApplication::Main() + 0x37
36  dedicated_srv.so!CAppSystemGroup::Run() + 0x58
37  dedicated_srv.so!main + 0x1f8
38  dedicated_srv.so!DedicatedMain + 0x24
39  srcds_linux!main + 0x2b8
40  libc-2.31.so!__libc_start_main + 0xf5
41  srcds_linux + 0xbd5
42  srcds_linux + 0x780
43  srcds_linux + 0xcb0
44  srcds_linux + 0xd20