From 521f8eac3e687349cbd3a9b95a62fbdbcc32b0d5 Mon Sep 17 00:00:00 2001
From: James R <justsomejames2@gmail.com>
Date: Fri, 14 Jan 2022 22:36:49 -0800
Subject: [PATCH 1/4] Fix overflow in precipitation sector search

---
 src/p_mobj.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/p_mobj.c b/src/p_mobj.c
index f3d326862..fcf0a8e9e 100644
--- a/src/p_mobj.c
+++ b/src/p_mobj.c
@@ -10536,7 +10536,8 @@ void P_PrecipitationEffects(void)
 		volume = 255; // Sky above? We get it full blast.
 	else
 	{
-		fixed_t x, y, yl, yh, xl, xh;
+		/* GCC is optimizing away y >= yl, FUCK YOU */
+		volatile fixed_t x, y, yl, yh, xl, xh;
 		fixed_t closedist, newdist;
 
 		// Essentially check in a 1024 unit radius of the player for an outdoor area.
@@ -10545,8 +10546,8 @@ void P_PrecipitationEffects(void)
 		xl = players[g_localplayers[0]].mo->x - 1024*FRACUNIT;
 		xh = players[g_localplayers[0]].mo->x + 1024*FRACUNIT;
 		closedist = 2048*FRACUNIT;
-		for (y = yl; y <= yh; y += FRACUNIT*64)
-			for (x = xl; x <= xh; x += FRACUNIT*64)
+		for (y = yl; y >= yl && y <= yh; y += FRACUNIT*64)
+			for (x = xl; x >= xl && x <= xh; x += FRACUNIT*64)
 			{
 				if (R_PointInSubsector(x, y)->sector->ceilingpic == skyflatnum) // Found the outdoors!
 				{
@@ -13316,4 +13317,4 @@ fixed_t P_GetMobjZMovement(mobj_t *mo)
 	speed = FixedHypot(mo->momx, mo->momy);
 
 	return P_ReturnThrustY(mo, slope->zangle, P_ReturnThrustX(mo, angDiff, speed));
-}
\ No newline at end of file
+}

From 3eac1fed0f44a8285a9f6b82a12e86997bbb0d34 Mon Sep 17 00:00:00 2001
From: toaster <rollerorbital@gmail.com>
Date: Sun, 16 Jan 2022 20:57:56 +0000
Subject: [PATCH 2/4] Rewrote the fix to: - be comprehensive (still allow rain
 to be heard against the topleft corner, not just the bottomright corner) -
 not use volatile (now uses INT64) - not perform this pointinsubsector search
 if the map has no rain/thunder (yes I tested EHZ with this check dummied out
 so this bug won't crop up again later)

---
 src/p_mobj.c | 44 ++++++++++++++++++++++++++++++++------------
 1 file changed, 32 insertions(+), 12 deletions(-)

diff --git a/src/p_mobj.c b/src/p_mobj.c
index fcf0a8e9e..1d8b2f3ee 100644
--- a/src/p_mobj.c
+++ b/src/p_mobj.c
@@ -10488,6 +10488,8 @@ void P_PrecipitationEffects(void)
 	boolean effects_lightning = (precipprops[curWeather].effects & PRECIPFX_LIGHTNING);
 	boolean lightningStrike = false;
 
+	boolean sounds_rain = (rainsfx != sfx_None && (!leveltime || leveltime % rainfreq == 1));
+
 	// No thunder except every other tic.
 	if (!(leveltime & 1))
 	{
@@ -10532,30 +10534,48 @@ void P_PrecipitationEffects(void)
 	if (sound_disabled)
 		return; // Sound off? D'aw, no fun.
 
+	if (!sounds_rain && !sounds_thunder)
+		return; // no need to calculate volume at ALL
+
 	if (players[g_localplayers[0]].mo->subsector->sector->ceilingpic == skyflatnum)
 		volume = 255; // Sky above? We get it full blast.
 	else
 	{
-		/* GCC is optimizing away y >= yl, FUCK YOU */
-		volatile fixed_t x, y, yl, yh, xl, xh;
+		INT64 x, y, yl, yh, xl, xh;
 		fixed_t closedist, newdist;
 
 		// Essentially check in a 1024 unit radius of the player for an outdoor area.
-		yl = players[g_localplayers[0]].mo->y - 1024*FRACUNIT;
-		yh = players[g_localplayers[0]].mo->y + 1024*FRACUNIT;
-		xl = players[g_localplayers[0]].mo->x - 1024*FRACUNIT;
-		xh = players[g_localplayers[0]].mo->x + 1024*FRACUNIT;
-		closedist = 2048*FRACUNIT;
-		for (y = yl; y >= yl && y <= yh; y += FRACUNIT*64)
-			for (x = xl; x >= xl && x <= xh; x += FRACUNIT*64)
+#define RADIUSSTEP (64*FRACUNIT)
+#define SEARCHRADIUS (16*RADIUSSTEP)
+		yl = yh = players[g_localplayers[0]].mo->y;
+		yl -= SEARCHRADIUS;
+		while (yl < INT32_MIN)
+			yl += RADIUSSTEP;
+		yh += SEARCHRADIUS;
+		while (yh > INT32_MAX)
+			yh -= RADIUSSTEP;
+
+		xl = xh = players[g_localplayers[0]].mo->x;
+		xl -= SEARCHRADIUS;
+		while (xl < INT32_MIN)
+			xl += RADIUSSTEP;
+		xh += SEARCHRADIUS;
+		while (xh > INT32_MAX)
+			xh -= RADIUSSTEP;
+
+		closedist = SEARCHRADIUS*2;
+#undef SEARCHRADIUS
+		for (y = yl; y <= yh; y += RADIUSSTEP)
+			for (x = xl; x <= xh; x += RADIUSSTEP)
 			{
-				if (R_PointInSubsector(x, y)->sector->ceilingpic == skyflatnum) // Found the outdoors!
+				if (R_PointInSubsector((fixed_t)x, (fixed_t)y)->sector->ceilingpic == skyflatnum) // Found the outdoors!
 				{
-					newdist = S_CalculateSoundDistance(players[g_localplayers[0]].mo->x, players[g_localplayers[0]].mo->y, 0, x, y, 0);
+					newdist = S_CalculateSoundDistance(players[g_localplayers[0]].mo->x, players[g_localplayers[0]].mo->y, 0, (fixed_t)x, (fixed_t)y, 0);
 					if (newdist < closedist)
 						closedist = newdist;
 				}
 			}
+#undef RADIUSSTEP
 
 		volume = 255 - (closedist>>(FRACBITS+2));
 	}
@@ -10565,7 +10585,7 @@ void P_PrecipitationEffects(void)
 	else if (volume > 255)
 		volume = 255;
 
-	if (rainsfx != sfx_None && (!leveltime || leveltime % rainfreq == 1))
+	if (sounds_rain)
 		S_StartSoundAtVolume(players[g_localplayers[0]].mo, rainsfx, volume);
 
 	if (!sounds_thunder)

From ef6ee928acbc762b8dbf863c0cf377e8952c7d8e Mon Sep 17 00:00:00 2001
From: toaster <rollerorbital@gmail.com>
Date: Sun, 16 Jan 2022 22:02:11 +0000
Subject: [PATCH 3/4] After I experienced a few consistent crashes for invalid
 subsector references in P_BounceMove/P_SlideMove, add a few extra checks for
 whether the mobj is removed.

---
 src/p_map.c  | 9 ++++++++-
 src/p_mobj.c | 5 +++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/p_map.c b/src/p_map.c
index 8fb58cd0a..fb79b6677 100644
--- a/src/p_map.c
+++ b/src/p_map.c
@@ -3732,7 +3732,7 @@ stairstep:
 			tmymove = 0;
 		}
 		if (!P_TryMove(mo, newx, newy, true)) {
-			if (success)
+			if (success || 	P_MobjWasRemoved(mo))
 				return; // Good enough!!
 			else
 				goto retry;
@@ -3856,6 +3856,9 @@ void P_BounceMove(mobj_t *mo)
 	INT32 hitcount;
 	fixed_t mmomx = 0, mmomy = 0;
 
+	if (P_MobjWasRemoved(mo))
+		return;
+
 	if (mo->player)
 	{
 		P_BouncePlayerMove(mo);
@@ -3979,7 +3982,11 @@ bounceback:
 	mo->momy = tmymove;
 
 	if (!P_TryMove(mo, mo->x + tmxmove, mo->y + tmymove, true))
+	{
+		if (P_MobjWasRemoved(mo))
+			return;
 		goto retry;
+	}
 }
 
 //
diff --git a/src/p_mobj.c b/src/p_mobj.c
index f3d326862..b93c8d8d3 100644
--- a/src/p_mobj.c
+++ b/src/p_mobj.c
@@ -1694,6 +1694,8 @@ void P_XYMovement(mobj_t *mo)
 				else
 				{
 					P_BounceMove(mo);
+					if (P_MobjWasRemoved(mo))
+						return;
 					xmove = ymove = 0;
 					S_StartSound(mo, mo->info->activesound);
 
@@ -1843,6 +1845,9 @@ void P_SceneryXYMovement(mobj_t *mo)
 	if (!P_SceneryTryMove(mo, mo->x + mo->momx, mo->y + mo->momy))
 		P_BounceMove(mo);
 
+	if (P_MobjWasRemoved(mo))
+		return;
+
 	if ((!(mo->eflags & MFE_VERTICALFLIP) && mo->z > mo->floorz) || (mo->eflags & MFE_VERTICALFLIP && mo->z+mo->height < mo->ceilingz))
 		return; // no friction when airborne
 

From 867b0516e6ddc48d71f760d29d95cb1dc0d14a94 Mon Sep 17 00:00:00 2001
From: toaster <rollerorbital@gmail.com>
Date: Sun, 16 Jan 2022 23:53:14 +0000
Subject: [PATCH 4/4] Terrain pointers were not getting properly relinked on
 netsave load, now they are. Thanks Sal for taking a moment out of your day to
 rubber duck with me

---
 src/p_saveg.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/p_saveg.c b/src/p_saveg.c
index 7710ee0de..6aff9a33f 100644
--- a/src/p_saveg.c
+++ b/src/p_saveg.c
@@ -4119,6 +4119,15 @@ static void P_RelinkPointers(void)
 			if (!(mobj->itnext = P_FindNewPosition(temp)))
 				CONS_Debug(DBG_GAMELOGIC, "itnext not found on %d\n", mobj->type);
 		}
+		if (mobj->terrain)
+		{
+			temp = (UINT32)(size_t)mobj->terrain;
+			mobj->terrain = K_GetTerrainByIndex(temp);
+			if (mobj->terrain == NULL)
+			{
+				CONS_Debug(DBG_GAMELOGIC, "terrain not found on %d\n", mobj->type);
+			}
+		}
 		if (mobj->player)
 		{
 			if ( mobj->player->awayviewmobj)