Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PM_TraceModel may return uninitialized trace #3283

Open
a1batross opened this issue Jun 26, 2022 · 4 comments
Open

PM_TraceModel may return uninitialized trace #3283

a1batross opened this issue Jun 26, 2022 · 4 comments
Labels
Fix proposed

Comments

@a1batross
Copy link

Related issue: FWGS/xash3d-fwgs#885

In short, on some maps compiled with ZHLT it's possible that TraceModel may return uninitialized trace values, which then used in ladder code: https://github.com/ValveSoftware/halflife/blob/master/pm_shared/pm_shared.c#L2092

Following the execution, these uninitialized values may get interpreted as NaN, poisoning other float variables down to player's velocity: https://github.com/ValveSoftware/halflife/blob/master/pm_shared/pm_shared.c#L2173

Further execution gets to another trace function, this time PM_PlayerTrace: https://github.com/ValveSoftware/halflife/blob/master/pm_shared/pm_shared.c#L830 which then causes an infinite loop in engine's PM_HullPointContents.

The fix is simple: PM_TraceModel should initialize trace_t early, like this:

static inline void PM_InitTrace( trace_t *trace, const vec3_t end )
{
	memset( trace, 0, sizeof( *trace ));
	VectorCopy( end, trace->endpos );
	trace->allsolid = true;
	trace->fraction = 1.0f;
}

static float GAME_EXPORT pfnTraceModel( physent_t *pe, float *start, float *end, trace_t *trace )
{
	// variable declarations...
	PM_InitTrace( trace, end );
	...
}

This way result data will be interpreted as "didn't hit anything, stuck in solid", thus fraction = 1.0, allsolid = true and endpos as end point. On game code side, this can be fixed similarly, just initializing trace structure before any call to TraceModel.

Relevant fix in xash3d-fwgs source: FWGS/xash3d-fwgs@c076f4f and FWGS/xash3d-fwgs@85895c5

Thanks to @FreeSlave for finding a way to reproduce this bug and Unkle Mike for correct trace struct initialization.
@tschumann
Copy link

tschumann commented Jun 28, 2022 via email

@a1batross
Copy link
Author

@tschumann yes!

You may copy the PM_InitTrace function from the example above and call it before PM_TraceModel, assuming that it may not return an initialized trace.

SamVanheer added a commit to twhl-community/halflife-updated that referenced this issue Jul 12, 2022
@SamVanheer
Fix PM_TraceModel possibly returning uninitialized trace
f2f5ecc 
Resolves ValveSoftware/halflife#3283
FreeSlave added a commit to FreeSlave/halflife-featureful that referenced this issue Jul 21, 2022
@FreeSlave
Fix trace initialization in PM_TraceModel usage. Related issue: Valve…
78ed75e 
…Software/halflife#3283
@FreeSlave FreeSlave mentioned this issue Jul 21, 2022
Merged
nekonomicon pushed a commit to FWGS/hlsdk-portable that referenced this issue Jul 21, 2022
@FreeSlave
Fix trace initialization in PM_TraceModel usage. Related issue: Valve…
4e7d641 
…Software/halflife#3283 (#287)
@tschumann
Copy link

tschumann commented Oct 11, 2022 via email

@a1batross
Copy link
Author

@tschumann I don't remember now but at least this bug shouldn't happen with original compilers.

hammermaps added a commit to sohl-modders/Updated-SOHL-1.2 that referenced this issue Apr 25, 2023
@hammermaps
Fix PM_TraceModel possibly returning uninitialized trace
95a11f0 
Resolves ValveSoftware/halflife#3283
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Fix proposed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@a1batross @tschumann @kisak-valve