citizenfx
Adhesive.dll crashes
What happened?
Hi.
I have written a duty-system, in which you can toggle being on or offduty.
The last 2 months, some players are getting crashes when going either on-duty or off-duty. I have tried debugging for the past decades, but now I am out of options.
This is the log, in the end:
[ 9084234] [b2944_GTAProce] MainThrd/ about to show notification
[ 9084234] [b2944_GTAProce] MainThrd/ not showing notification anymore
[ 9087594] [b2944_DumpServ] 72680/ Process crash captured. Crash dialog content:
[ 9087594] [b2944_DumpServ] 72680/ GTA5_b2944.exe!sub_1432B6B86 (0xd)
[ 9087594] [b2944_DumpServ] 72680/ An error at GTA5_b2944.exe!sub_1432B6B86 (0xd) caused FiveM to stop working. A crash report is being uploaded to the FiveM developers.
[ 9087594] [b2944_DumpServ] 72680/
[ 9087594] [b2944_DumpServ] 72680/ Legacy crash hash: four-gee-sierra
[ 9087594] [b2944_DumpServ] 72680/ Stack trace:
[ 9087594] [b2944_DumpServ] 72680/ GTA5_b2944.exe!sub_1432B6B86 (0xd)
[ 9087594] [b2944_DumpServ] 72680/ 0xcda973ee7fffffff
[ 9087594] [b2944_DumpServ] 72680/ adhesive.dll+27DC467
[ 9087594] [b2944_DumpServ] 72680/ 0x2d0dd4e0f28
[ 9087594] [b2944_DumpServ] 72680/ 0xf3
[ 9087594] [b2944_DumpServ] 72680/ 0x2d0dd4e0f28
[ 9087594] [b2944_DumpServ] 72680/ 0x42a60a1a
this is the code:
ESX = exports["es_extended"]:getSharedObject()
RegisterNetEvent('esx:playerLoaded')
AddEventHandler('esx:playerLoaded', function(xPlayer)
ESX.PlayerData = xPlayer
end)
RegisterNetEvent('esx:setJob')
AddEventHandler('esx:setJob', function(job)
ESX.PlayerData.job = job
end)
Config = Config or {}
Config.DutyPoints = {}
loadedPoints = false
Citizen.CreateThread(function()
while true do
Wait(1000)
if loadedPoints then
break
end
ESX.TriggerServerCallback('bg-management:getAllDutyPoints', function(dutyPoints)
for _, dutyPoint in pairs(dutyPoints) do
table.insert(Config.DutyPoints, {
job = dutyPoint.job,
offDutyJob = dutyPoint.off_duty,
coords = vector3(dutyPoint.duty_x, dutyPoint.duty_y, dutyPoint.duty_z)
})
end
loadedPoints = true
end)
end
end)
Citizen.CreateThread(function()
while true do
local wait = 1500
while not loadedPoints do
Wait(wait)
end
local playerPed = PlayerPedId()
local coords = GetEntityCoords(playerPed)
for _, duty in pairs(Config.DutyPoints) do
local distance = GetDistanceBetweenCoords(coords, duty.coords.x, duty.coords.y, duty.coords.z, true)
if distance > 15 then
goto continue
end
while ESX.PlayerData == nil do
Wait(1000)
end
if ESX.PlayerData.job.name == duty.job or ESX.PlayerData.job.name == duty.offDutyJob then
if distance < 5 then
DrawMarker(1, duty.coords.x, duty.coords.y, duty.coords.z, 0.0, 0.0, 0.0, 0.0, 180.0, 0.0, 1.5, 1.5, 1.1, 136, 8, 8, 43, false, true, 1, nil, nil, false)
if distance < 2 then
ESX.Game.Utils.DrawText3D({
x = duty.coords.x,
y = duty.coords.y,
z = duty.coords.z + 0.25
}, "[~g~E~w~] - Um In-/Außerdienst zu gehen", 1.2, 1)
if (IsControlJustReleased(1, 38)) then
ESX.TriggerServerCallback('bg-dutypoints:offDuty', function(offDuty)
print("about to show notification")
ESX.ShowNotification("Du bist nun " .. (offDuty and 'Ausserdienst' or 'im Dienst' .. "!"), 5000, 'info')
print("not showing notification anymore")
end, duty.job, duty.offDutyJob, duty.coords)
Wait(5543)
end
end
end
end
:: continue ::
end
Wait(0)
end
end)
As you can see, the prints go through, but at some point after that (~300ms later) the player crashes with the above message. I have no clue what adhesive has to do with that lol.
The same crash occurs when sending blips to players with a job. Can someone please point me out what this error message could mean? afaik adhesive.dll is something with the internal anti-cheat of fivem, so... idk.
Expected result
not crash when going off-duty.
Reproduction steps
- draw marker when nearby
- when pressing e, send request to server to swap job
- server swaps job (appends _offduty with the current grade)
- returns a response (ok, not ok)
- client gives a notification
on build 2802
Importancy
Crash
Area(s)
FiveM
Specific version(s)
2944
Additional information
I'm frustrated. My players are frustrated. I have no clue how to proceed.
Sure thing, here are some of many CfxCrashDump_2024_04_18_06_48_54.zip CfxCrashDump_2024_04_18_05_51_13.zip CfxCrashDump_2024_04_19_22_20_16.zip
I have to add ontop of that, it's not for every player. It's random, for selected players.
Crash is identical to https://github.com/citizenfx/fivem/issues/1919#issuecomment-1554770877 but w/ 2944. Are you doing anything special at the coordinates: -934.000000, 6670.00000, -27.0000000? Crash logs are a bit interesting since they are showing multiple exceptions due to a lack of a GTA script handler.
(Adhesive is likely showing up due to stack scanning as that script command is obfuscated).
So will there be no way to understand where exactly it comes from and instead be a trial-and-error thing?
Yeah, nice catch. I guess, something is happening there.
A script spawns cases nearby, which you can pick up when nearby and give you an item when you open them. (at that coordinates).
But crashes are not happening there. It's really just when either a blip is created or when you go 'off-duty'.
Unfortunately I am not allowed to redistribute the code, so I can't share the exact code here. But it's called 'kuz_diving' from KQ and is not obfuscated.
Why these coords, though? What is your assumption / what is your thought process? Could you please elaborate so I may either can provide more information around that or help
And also, the same behaviour was on build 2802 (I've tested it with my comm)
But crashes are not happening there. It's really just when either a blip is created or when you go 'off-duty'.
In the three provided dumps the game is crashing with calls to ADD_BLIP_FOR_COORD at -934.000000, 6670.00000, -27.0000000. In this case SEH is not capturing this null-deref (obfuscated nature of that code?).
Much earlier in your logs (almost near script initialization), we see a similar error:
__Lua_InvokeNative: execution failed: Error executing native 0x963d27a58df860ac at address FiveM_b2944_GTAProcess.exe+D73A93.
Which seems like you guys are doing something to cause the script thread state to be corrupt early on.
Holy shit. Spot on. In the config there is:
x = -934.0, y = 6670.0, z = -27.0,
I'm going to remove the script and see how we go.
What do you mean by GTA script handler, by the way? Is that something, I can implement? What is its responsibility?
How did you figure out the coordinates? I can't seem to find them in the crash dumps? Teach me please, so the next time I don't have to annoy you (guys).
I wouldn't expect removing that script to help much, unfortunately. From your logs things already look like they are in a weird state much earlier:
// One dump.
[ 1961594] [b2944_GTAProce] MainThrd/ __Lua_InvokeNative: execution failed: Error executing native 0x963d27a58df860ac at address FiveM_b2944_GTAProcess.exe+D73A93.
[ 1961594] [b2944_GTAProce] MainThrd/ ^1SCRIPT ERROR: Execution of native 963d27a58df860ac in script host failed: Error executing native 0x963d27a58df860ac at address FiveM_b2944_GTAProcess.exe+D73A93.^7
// Another
[ 4639297] [b2944_GTAProce] MainThrd/ ^3Warning: [entity] GetNetworkObject: no object by ID 199^7
[ 4639297] [b2944_GTAProce] MainThrd/ (FÜR PENG) RequestNamedPtfxAsset called with assetName: core
[ 4639297] [b2944_GTAProce] MainThrd/ __Lua_InvokeNative: execution failed: Error executing native 0xb80d8756b4668ab6 at address FiveM_b2944_GTAProcess.exe+D90D59.
[ 4639297] [b2944_GTAProce] MainThrd/ ^1SCRIPT ERROR: Execution of native b80d8756b4668ab6 in script host failed: Error executing native 0xb80d8756b4668ab6 at address FiveM_b2944_GTAProcess.exe+D90D59.^7
The issue at play being ADD_BLIP_FOR_COORD may not throw "SCRIPT ERRROR:" messages like 0x963d27a58df860ac and 0xb80d8756b4668ab6 will.
Crash is still occuring! Here is a new log. CfxCrashDump_2024_04_22_19_54_45.zip
Yes, I don't get why it throws an error. For once it'S RequestNamedPtfxAsset, although core is being loaded, it still fails the native execution. Hence the 'FÜR PENG', I've overriden the native to throw a print WHAT exactly is passed when the native fails. Can't figure out why.
Same with RequestModel (0x963d27a58df860ac )
A script handler is essentially a game class that helps script threads manage script resources (e.g., models, blips, etc) and do networking - something required by each resource. For some unknown reason your dump is showing an attempt to run code in a cleaned up resource (e.g., stopped; in the link above they are using onResourceStop) or some other state corruption is happening (more likely).
More information is required I think (e.g., Fulldump). Minidumps don't provide enough information and looking through the affected code-paths for race conditions and the sorts is a bit annoying.
How do I acquire such a full dump? Is there any reference you can give me? Sorry for the belated answer, I wasn't home due to my job requiring so.
And I'd kindly ask again, how did you manage to figure out the coordinates above? Do I have to load the dump in VS?
Edit: It's really just for some players. These errors are not occuring on my side, neither obfuscated nor locally (deobfuscated) Idk. I guess minidumps are all we got.
Only way to think of is now overriding the global so I can tell what parameter is passed. Not sure if that'd help out though.
How do I acquire such a full dump?
https://forum.cfx.re/t/enabling-and-uploading-full-client-dumps/1138940
