mtasa-blue icon indicating copy to clipboard operation
mtasa-blue copied to clipboard
verified publisher icon multitheftauto

setElementHealth in onClientPedDamage can cause crash

Open ArranTuna opened this issue 7 years ago • 7 comments

Describe the bug setElementHealth inside onClientPedDamage can cause crash.

To Reproduce

function handleDamage(attacker,weapon,bodypart,loss)
    setElementHealth(source,1)
end
addEventHandler("onClientPedDamage",root,handleDamage)

Expected behavior No crash.

MTA Client (please complete the following information): v1.5.5-release-13192

Additional context client_1.5.5-release-13192.0.000_gtasa_00332b2a_5_QPrMb_0100007F_55F3_178_4564C_20180722_2146.dmp

From https://bugs.mtasa.com/view.php?id=8926

ArranTuna avatar Sep 16 '18 14:09 ArranTuna

it also happen for player, for peds crash is caused in "RpAnimBlendClumpGetFirstAssociation" function because ped on damage is recreated - see CClientPed::ReCreateModel possible solutions:

  1. v2 = *(_DWORD **)(&a1->object.type + *(_DWORD *)(0xFB18C562 - (loc_45BA91 + 1))); - crash here ( in RpAnimBlendClumpGetFirstAssociation ), add additional check for nullptr because from what i see
  2. fix recreateModel, probably something is missing, is being added after for example one frame
  3. simplest: make setElementHealth in damage don't recreate model, or make setElementHealth not work in ped damage ( but i assume it can break something )

why do we recreate ped?

function handleDamage(attacker,weapon,bodypart,loss)
    setElementHealth(source,1)
end
addEventHandler("onClientPedDamage",root,handleDamage)
addEventHandler("onClientPlayerDamage", root, handleDamage)

CrosRoad95 avatar May 20 '23 06:05 CrosRoad95

Cant reproduce in 1.6. Probably fixed?

TracerDS avatar Jul 24 '23 15:07 TracerDS

Still crashed for me.

All I did was runcode that code then shot a ped and instantly crashed.

Version = 1.6-release-21890.0.000 Time = Mon Jul 24 16:40:59 2023 Module = C:\ProgramData\MTA San Andreas All\1.6\GTA San Andreas\gta_sa.exe Code = 0xC0000005 Offset = 0x00332B2A

EAX=00000000 EBX=00000000 ECX=00000034 EDX=047ED0DC ESI=118906F4 EDI=00000005 EBP=76937F70 ESP=0177FD5C EIP=00732B2A FLG=00210246 CS=0023 DS=002B SS=002B ES=002B FS=0053 GS=002B

ArranTuna avatar Jul 24 '23 15:07 ArranTuna

I cant reproduce it on 21892 ;/

TracerDS avatar Jul 24 '23 15:07 TracerDS

Still crashing on 1.6! I can confirm. same error. Also crashing on other events like onClientPlayerWeaponFire. I noticed if i kill peds slower it takes longer to crash but if i use minigun for example when i hit the ped it crashes instantly.

I need this function and im trying to do a code not tusing it but nothing works... and with setElementHealth it works but always crashes....

sirrjohn avatar Feb 23 '24 06:02 sirrjohn

Can be reproduced in server r22470 and client r22476.

TracerDS avatar May 31 '24 15:05 TracerDS

Crash can be fixed, but it won't fix the final problem. Crash will no longer occur, but the ped will die after the second hit, probably because for GTA it is already dead and the damage event is no longer triggered.

We should stop recreating the ped when we want to revive it, because it causes a lot of problems because the ped is literally being deleted and created again. Setting the right tasks really isn't enough to revive ped?

FileEX avatar Aug 15 '24 17:08 FileEX