fix(headless): Fix use-after-free crash when replay ends in headless mode in debug build

[bobtista]

Summary

• Fix particle accumulation in headless replay by using ParticleSystemManager::update() instead of reset(). Using update() has slightly more CPU overhead than reset() but is semantically correct - particles finish their lifecycle naturally.

Test plan

• Run headless replay to completion (-replay test.rep -headless)
• Verify no crash, no particle accumulation slowdown

[greptile-apps]

Greptile Overview

Greptile Summary

Changed ParticleSystemManager::reset() to update() in headless mode to prevent particle accumulation while avoiding potential issues during shutdown.

Key changes:

• Replaced TheParticleSystemManager->reset() with update() in GameClient.cpp:790
• Simplified and updated comment to reflect the change
• update() only cleans up finished particle systems, while reset() deletes all systems immediately

Note: The PR description mentions setting DX8Wrapper_IsWindowed to false in headless mode, but this change is not present in the commits. The description also mentions "DrawModules hold raw pointers to particle systems," but commit 026e633 (Feb 1) already replaced raw pointers with ParticleSystemID for safe lookups, making the described use-after-free scenario unlikely with the current codebase.

The update() approach is semantically correct for headless mode - it allows particles to finish naturally rather than abruptly deleting them, which is cleaner even though both approaches would work safely with ID-based lookups.

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The change from reset() to update() is straightforward and semantically correct. The modification affects only headless replay mode, making it low-risk for normal gameplay. While the PR description mentions issues that may have been resolved in previous commits, the actual code change is sound and improves particle cleanup behavior.
• No files require special attention

Important Files Changed

Filename	Overview
GeneralsMD/Code/GameEngine/Source/GameClient/GameClient.cpp	Changed from ParticleSystemManager::reset() to update() for headless mode particle cleanup, simplified comment

[xezon]

Fast shutdown is a common way to exit apps, but it is not a good sign to do this to avoid problems here. Where is the problem exactly?

[bobtista]

Fast shutdown is a common way to exit apps, but it is not a good sign to do this to avoid problems here. Where is the problem exactly?

Did a bunch of testing and found the crash was:
The crash was caused by GameClient::updateHeadless() calling TheParticleSystemManager->reset() each frame during headless replay playback.

1. updateHeadless() calls TheParticleSystemManager->reset() every frame
2. reset() deletes ALL ParticleSystems immediately (memory filled with DEADBEEF)
3. DrawModules (W3DTruckDraw, W3DTankDraw, W3DTankTruckDraw) still hold raw pointers to those ParticleSystems (m_dustEffect, m_dirtEffect, m_powerslideEffect)
4. When replay ends and game shuts down, DrawModule destructors call tossEmitters()
5. tossEmitters() calls m_dustEffect->destroy() on already-freed memory
6. CRASH when ParticleSystem::destroy() tries to set m_isDestroyed = true at offset 0x338 on DEADBEEF

Pushed two fixes - first, we use update() instead of reset(), which leaves active particles intact.

Second, I was getting memory leak debug asserts even with ignoreAsserts enabled. It seems that:
During shutdown, TheGlobalData is destroyed before the memory leak report assertion fires. The ignoringAsserts() function checks TheGlobalData->m_headless and TheGlobalData->m_debugIgnoreAsserts, but both fail when TheGlobalData is null. Additionally, DX8Wrapper_IsWindowed defaults to true and is never changed in headless mode (DX8 is never initialized), so the !DX8Wrapper_IsWindowed check also fails.

The second fix is to set DX8Wrapper_IsWindowed = false at startup in headless mode. There is no DX8 window in headless mode, so the variable should reflect that. The existing !DX8Wrapper_IsWindowed check in ignoringAsserts() then handles the entire process lifetime, including shutdown.

[Mauller]

After the changes in #2235 to use and search for ParticleID's instead of holding pointers, is this valid anymore?
Checking since your comment talks about the altered draw modules that now use ID's to lookup their particle systems.

[xezon]

Is this change still relevant?

Edit: Looks like it still is relevant.

[xezon]

Style:

{
}

[xezon]

This looks like a change that could also have been separate of the particles change.

[bobtista]

Do you mean a separate PR?

[xezon]

Yes it looks to be a separate change, right?

[bobtista]

Ok I split it out

[xezon]

Please combine this comment with the previous comment. Provide a rationale why update is preferred over reset, other than the dangling pointers whch should no longer be problem after #2235

[xezon]

I suspect the downside of this update is that it will require more CPU processing than just resetting. But otherwise for logical correctness this seems like the better thing to do.

[greptile-apps]

_{1 file reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Comment says update() has "slightly more CPU overhead" but this depends on active particle count - with many particles, update() processes each one while reset() just bulk-deletes. Consider removing "slightly more CPU overhead" to avoid confusion.

_{Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!}

Prompt To Fix With AI

This is a comment left during a code review.
Path: GeneralsMD/Code/GameEngine/Source/GameClient/GameClient.cpp
Line: 786:789

Comment:
Comment says `update()` has "slightly more CPU overhead" but this depends on active particle count - with many particles, `update()` processes each one while `reset()` just bulk-deletes. Consider removing "slightly more CPU overhead" to avoid confusion.

<sub>Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!</sub>

How can I resolve this? If you propose a fix, please make it concise.