[Patch] ; Info: Completely disable Skyrim's memory allocator and use regular C malloc. That means memory blocks will not exist anymore ; and game will not crash at some arbitrary limit. Theoretically it should also be faster (especially loading screens) ; and eliminate most ILS or freezing issues. ; IMPORTANT!!: You NEED custom plugin loader to run this so CrashFixPlugin.dll gets loaded before the game initializes! ; Here is the link to "SKSE Plugin Preloader": http://www.nexusmods.com/skyrim/mods/75795/? ; When this is enabled then Safety Load and SSME/SKSE memory patch are not needed, but they don't cause any trouble if you do have them. UseOSAllocators=0 ; Info: Crash happens unknown constructor (TESObjectLAND::unk_24 object), movaps instruction is used ; but heap allocate did not allocate this object to have 16 align. Crash happens more frequently ; with high Ugrids because more cells are loaded and greater chance to misalign. ; Solution: Could align only this object or align all objects. Trying with all to see what happens since ; same error could be elsewhere as well and I think I have seen it elsewhere. ; Result: Fixes these type of crashes. Some people report longer loading times and higher memory usage with this enabled! ; Update: Disabled by default since it's incompatible with some ENB settings, higher memory usage and longer loading times. ; It's safe and probably good to enable if you are ok with those downsides. AlignHeapAllocate=0 ; Info: Game crashes when strcmp is passed NULL char* ; Address: D573A8 ; Cause: Most frequently happens in TthkbClipGenerator::activate (0xBF2FB3), ; tracked issue to skeleton was deleted in another thread while ; this function is attempting to use it. Have seen in other places ; too. ; Solution: Unknown. This doesn't really fix it for BF2FB3 because it just pops up in foot IK. ; If patched in foot IK it pops up in hand IK, the problem is larger than just this. ; Still enabled because it may fix crashes in other places too this is a very common function. ; There's really no reason not to have it since the game would crash certainly with this off. ; Enable one. NoTry may be slightly faster but catches less crashes. StrCmp=1 ;StrCmpNoTry=1 ; Info: Game crashes when strlen is used on NULL char* ; Address: 46EDF0 ; Cause: NiNode names are compared, one of the NiNode's name is NULL. ; Code: ; NiNode ** v72 = NiNode::children.data - this is iterated until count ; NiNode * v69 = ... ; const char * v56 = v69->name; ; if ( v56 ) ; { ; const char * v57 = v72[v49]->name; // <- v57 name is not checked for NULL for some reason ? ; _strnicmp(v56, v57, strlen(v57)); <- strlen on NULL, also result is not even used anywhere! ; } ; Solution: Unknown, temporarily bypass whole strcmp since it's unused. ; Result: Seems to have stopped the crash for me. StrLen=1 ; Info: Unknown, reported as loading save game. ; Address: 8B437C - vtable seems to be 0 or wrong pointer is used. ; Solution: Skip since this is the last part of the function and already has a check anyway UnkUniqueId=1 ; Info: Unknown, reported as loading save game. Possibly related to rendering. First ; argument is gNiDX9Renderer->unk_650 which is a pointer. ; Address: CEC5EC - null pointer is passed as second argument to function, this function does not expect it ; Solution: Bypass using argument if it's null. Maybe doesn't fix. Render650=1 ; Info: Unknown, no info was provided. // char __thiscall TESObjectREFR::unk_4D4EB0(TESObjectREFR *this) ; Address: 4D4EB9 - vtable of base form is 0 ; Solution: Bypass and pretend that base form is 0 since the function does this check itself already UnkObjRef4D4EB0=1 ; Info: Game is saving location's seen data to save game. The data is NULL. ; Address: 4C6031 ; Cause: Game doesn't check for null pointer ; Code: ; TESObjectCELL * v3 = ... ; v5 = BaseExtraList::GetSeenData_40D980(&v3->extraData); ; result = (void *)(*((int (__thiscall **)(_DWORD, _DWORD))*v5 + 1))(v5, v2); // <-- v5 can be null! but not checked ; v5 is IntSeenData, size is known. ; Solution: Only solution seems to be temporarily creating an empty IntSeenData and writing this to stream instead. NullSeenData=1 ; Info: BSFixedString::Set is called with NULL argument. ; Address: A51285 ; Solution: Ignore call when NULL argument. Not really a solution :P probably better than crashing though. StringRefSetNull=1 ; Info: This crash happens because StrLen crash was prevented. ; Address: 46EE1D ; Solution: Skip over it. ; Result: See StrLen. SkipStrLenCrash=1 ; Info: This crash happens because unknown reasons during loading. Something to do with behavior graph. ; One of the more common crashes I get. ; Address: C27A8F ; Solution: Don't know, trying to let game think the value is 0 and see what happens. ; Result: Haven't had this crash since. bhvGraphUpdateLoad=1 ; Info: Crash happens during loading, no idea. Might be related to rendering. ; Address: D822D8 ; Solution: Tried patch something but it probably doesn't work. Unk11=1 ; Info: Incompatible skeleton, but could be something else too. ; Address: 46ECF5 - NiNode children access ; Solution: No solution from here, but since it's going to crash anyway we could at least ; warn user about possible incompatible skeleton and let them fix it. Shows messagebox MissingNode=1 ; Info: Crash, it's function array and index goes out of bounds which causes it to call invalid address. ; Address: 6F3A31 ; Solution: Check index before calling. ; Result: Haven't had this crash since. IndexError1=1 ; Info: Crash happens in "MovementPlannerAgentWarp" function, unknown what it does. LookupFormById returns ; NULL and game does not check or expect this to happen. ; Address: 76E358 ; Solution: Game has a check for if returned isn't actor it sets 0 as value, we will do same if NULL is returned. MovementPlannerAgentWarp=1 ; Info: Crash happens in DDB0A0, seems to be used in some havok animated object's vtables. ; Normally these crashes are fixed by aligning allocated memory with 16 bytes. But ; this one isn't because it can be used on static memory locations which aren't using ; Skyrim's allocator at all, this means that memory isn't guaranteed to be 16 byte aligned. ; Address: DDB0B2 ; Solution: Use movups instruction instead of movaps. UnallocatedMovaps=1 ; Info: Weird crash with NULL ptr in TESWorldSpace::GetCellByCoordMask_4375D0, don't know why it happens. ; Address: 437604 ; Solution: return 0 if this crash would happen. ; Result: Haven't had this crash since, but it's rare anyway so it could be coincidence. CellNullCrash=1 ; Info: Crash when trying to do: v14 = MagicItem::unk_406C70(a3)->properties.projectile; ; This 406C70 function is something like "GetMainMagicEffect". Sometimes though it may return ; NULL and in 90% of places the game expects this and checks for NULL result, this patch will ; fix the remaining locations. ; Address: 7E39EC, 657677, 6577D5, 65FEEC, 8127CF ; Solution: Check for NULL and skip (depends on location) if it is. GetMainMagicEffect=1 ; Info: Crash when game searches node "NPC COM [COM ]" on actor but the node was not found. This is unexpected ; for game because it uses the result without checking for NULL. This whole thing has something to do ; with mounting. The function that does this whole thing is present in "StopMountCameraHandler" and ; "MountInteraction" vtable. Also it seems that this has something to do with updating position. ; More info: Was reported that this could happen if non-humanoid tries to mount a horse. This is a rather specific ; error with a mod. Instead we will show error message to user when this happens so they can ; fix or uninstall that mod. ; Address: 6E7F85 ; Solution: Check for NULL and if it is NULL then use base node of actor instead of this. It's fine because ; we only take X and Y position from it. ; Solution2: Show error message and crash after. MountNodeCrash=0 MountNodeWarn=1 ; Info: Crash when game is trying to setup foot IK but there's a problem. Real cause is unknown but for me. ; So we will display a message box when this crash happens. Seems related to the ; StrCmp crash in BF2FB3, maybe. Try reducing the amount of installed animations. ; Address: BFECC1 ; Solution: No solution from here, display warning with helpful tips. IKCrashWarn=1 ; Info: Crash happens when rendering and saving. I think this is when it renders the save game image. ; if ( v8 ) // <- not null ; { ; if ( v8 ) ; v9 = *(v8 + 8); // <- *(v8 + 8) is null ; else ; v9 = 0; ; v10 = *(v9 + 140) * *(a2 + 4) // <- crash because null ; + *(v9 + 136) * *a2 ; + *(v9 + 144) * *(a2 + 8); ; v21 = v10 - *(*(v8 + 8) + 148) * a3; ; } ; Address: CB051A ; Solution: We will skip this if block when *(v8 + 8) is null, as if v8 was null. RenderSave=1 ; Info: Crash was reported as casting spell. Only happens sometimes. Happens in movement controller. ; Seems like vtable is NULL. ; Address: 76636B ; Solution: This happens in a for loop and it happens in if clause. We can skip if this crash would happen. MoveControllerCast=1 ; Info: Crash when saving game and trying to render (possibly save game image again?). It's trying to get ; vtable of NULL pointer which will crash. ; if ((*a2 + 76)(a2, a1)) // a2 is null ; { ; *(0x1BA9344) = a1; ; *(0x1BA9340) = a2; ; } ; else ; { ; *(0x1BA9340) = 0; ; *(0x1BA9344) = 0; ; } ; Address: CAF9F7 ; Solution: Skip function call and set return value to false so we don't have to use the NULL value. SaveRenderCrash=1 ; Info: Crash when game tries to get loaded node but it is set to NULL. Only ever seen this on two people. ; It is most likely actually related to corrupted mesh being unable to be loaded and game does not expect it. ; NiNode * node = a->GetLoadedStateNiNode(); ; v2 = node->(*(vtable+0x14))(); // <- node is NULL ; if(v2) { *((int*)(v2 + 212)) = 0; } // <- we can skip this part since it has a check anyway ; Address: 4C119E ; Solution: Real solution would be to find the broken mesh and remove it. So lets notify user instead of ignoring this part. ; Enable one of the following, ignore problem and try to continue or show message box with object reference form ID and form Type. NullLoadedNodeIgnore=0 NullLoadedNodeNotify=1 ; Info: Crash in GarbageCollector::Add when actor argument's base form is NULL. Game does not check this, when in ; some other places it does check for this possibility. ; Address: 690A69 NullActorBaseForm=1 ; Info: Crash when modifying actor value but the pointer is bad, possibly due to actor being invalid. This happens often ; when script engine is lagged and spells want to modify actor values a lot. ; Address: 6E07C6 AVSetCrash=1 ; Info: If your scripts use more than 65535 different strings then the save game will be corrupt and not possible to load. ; This fixes it by changing the save file format slightly if string count is higher than 65520. That means if you ; have this option enabled and your save game would have become corrupt it changes format instead and vanilla game ; or save game tools will not be able to open it! Opposite is true as well, if the count goes below 65520 after ; and you save again then the format reverts to vanilla. ; TLDR: Fix for https://forums.nexusmods.com/index.php?/topic/3924850-corrupt-saves-strcount-0xffff-ctd-on-load/ ; Address: Around 30 different parts of code had to be patched. StringCount32=1 ; Info: Warn if SKSE memory patch is not active. This checks if default heap size is 256 or less and warns if you try to ; click New, Continue or Load in main menu. Still lets you play the game, just shows a warning. WarnSKSEMemoryPatch=1 ; Info: If AlignHeapAllocate is disabled by user then fix that one movaps crash manually. There's no downside to having this enabled. ; Address: 4BD832 FixMovApsManuallyIfAlignedAllocateIsDisabled=1 ; Info: Overwrite array allocator directly when UseOSAllocators is set to 1. Don't understand the code enough yet to ; say if it's safe or not. At this point it's just here for testing. OverwriteArrayAllocator=0