Untitled

[Patch]

; Info: Completely disable Skyrim's memory allocator and use regular C malloc. That means memory blocks will not exist anymore
;       and game will not crash at some arbitrary limit. Theoretically it should also be faster (especially loading screens)
;       and eliminate most ILS or freezing issues.
; IMPORTANT!!: You NEED custom plugin loader to run this so CrashFixPlugin.dll gets loaded before the game initializes!
;              Here is the link to "SKSE Plugin Preloader": http://www.nexusmods.com/skyrim/mods/75795/?
; When this is enabled then Safety Load and SSME/SKSE memory patch are not needed, but they don't cause any trouble if you do have them.
UseOSAllocators=1

; Info: Crash happens unknown constructor (TESObjectLAND::unk_24 object), movaps instruction is used
;       but heap allocate did not allocate this object to have 16 align. Crash happens more frequently
;       with high Ugrids because more cells are loaded and greater chance to misalign.
; Solution: Could align only this object or align all objects. Trying with all to see what happens since
;       same error could be elsewhere as well and I think I have seen it elsewhere.
; Result: Fixes these type of crashes. Some people report longer loading times and higher memory usage with this enabled!
; Update: Disabled by default since it's incompatible with some ENB settings, higher memory usage and longer loading times.
;         It's safe and probably good to enable if you are ok with those downsides.
AlignHeapAllocate=1

; Info: Game crashes when strcmp is passed NULL char*
; Address: D573A8
; Cause: Most frequently happens in TthkbClipGenerator::activate (0xBF2FB3),
;        tracked issue to skeleton was deleted in another thread while
;        this function is attempting to use it. Have seen in other places
;        too.
; Solution: Unknown. This doesn't really fix it for BF2FB3 because it just pops up in foot IK.
;        If patched in foot IK it pops up in hand IK, the problem is larger than just this.
;        Still enabled because it may fix crashes in other places too this is a very common function.
;        There's really no reason not to have it since the game would crash certainly with this off.
; Enable one. NoTry may be slightly faster but catches less crashes.
StrCmp=1
;StrCmpNoTry=1

; Info: Game crashes when strlen is used on NULL char*
; Address: 46EDF0
; Cause: NiNode names are compared, one of the NiNode's name is NULL.
; Code:
;	NiNode ** v72 = NiNode::children.data - this is iterated until count
;	NiNode * v69 = ...
;	const char * v56 = v69->name;
;	if ( v56 )
;	{
;	const char * v57 = v72[v49]->name; // <- v57 name is not checked for NULL for some reason ?
;	_strnicmp(v56, v57, strlen(v57)); <- strlen on NULL, also result is not even used anywhere!
;	}
; Solution: Unknown, temporarily bypass whole strcmp since it's unused.
; Result: Seems to have stopped the crash for me.
StrLen=1

; Info: Unknown, reported as loading save game.
; Address: 8B437C - vtable seems to be 0 or wrong pointer is used.
; Solution: Skip since this is the last part of the function and already has a check anyway
UnkUniqueId=1

; Info: Unknown, reported as loading save game. Possibly related to rendering. First
;       argument is gNiDX9Renderer->unk_650 which is a pointer.
; Address: CEC5EC - null pointer is passed as second argument to function, this function does not expect it
; Solution: Bypass using argument if it's null. Maybe doesn't fix.
Render650=1

; Info: Unknown, no info was provided. // char __thiscall TESObjectREFR::unk_4D4EB0(TESObjectREFR *this)
; Address: 4D4EB9 - vtable of base form is 0
; Solution: Bypass and pretend that base form is 0 since the function does this check itself already
UnkObjRef4D4EB0=1

; Info: Game is saving location's seen data to save game. The data is NULL.
; Address: 4C6031
; Cause: Game doesn't check for null pointer
; Code:
; TESObjectCELL * v3 = ...
; v5 = BaseExtraList::GetSeenData_40D980(&v3->extraData);
; result = (void *)(*((int (__thiscall **)(_DWORD, _DWORD))*v5 + 1))(v5, v2); // <-- v5 can be null! but not checked
; v5 is IntSeenData, size is known.
; Solution: Only solution seems to be temporarily creating an empty IntSeenData and writing this to stream instead.
NullSeenData=1

; Info: BSFixedString::Set is called with NULL argument.
; Address: A51285
; Solution: Ignore call when NULL argument. Not really a solution :P probably better than crashing though.
StringRefSetNull=1

; Info: This crash happens because StrLen crash was prevented.
; Address: 46EE1D
; Solution: Skip over it.
; Result: See StrLen.
SkipStrLenCrash=1

; Info: This crash happens because unknown reasons during loading. Something to do with behavior graph.
;       One of the more common crashes I get.
; Address: C27A8F
; Solution: Don't know, trying to let game think the value is 0 and see what happens.
; Result: Haven't had this crash since.
bhvGraphUpdateLoad=1

; Info: Crash happens during loading, no idea. Might be related to rendering.
; Address: D822D8
; Solution: Tried patch something but it probably doesn't work.
Unk11=1

; Info: Incompatible skeleton, but could be something else too.
; Address: 46ECF5 - NiNode children access
; Solution: No solution from here, but since it's going to crash anyway we could at least
;           warn user about possible incompatible skeleton and let them fix it. Shows messagebox
MissingNode=1

; Info: Crash, it's function array and index goes out of bounds which causes it to call invalid address.
; Address: 6F3A31
; Solution: Check index before calling.
; Result: Haven't had this crash since.
IndexError1=1

; Info: Crash happens in "MovementPlannerAgentWarp" function, unknown what it does. LookupFormById returns
;       NULL and game does not check or expect this to happen.
; Address: 76E358
; Solution: Game has a check for if returned isn't actor it sets 0 as value, we will do same if NULL is returned.
MovementPlannerAgentWarp=1

; Info: Crash happens in DDB0A0, seems to be used in some havok animated object's vtables.
;       Normally these crashes are fixed by aligning allocated memory with 16 bytes. But
;       this one isn't because it can be used on static memory locations which aren't using
;       Skyrim's allocator at all, this means that memory isn't guaranteed to be 16 byte aligned.
; Address: DDB0B2
; Solution: Use movups instruction instead of movaps.
UnallocatedMovaps=1

; Info: Weird crash with NULL ptr in TESWorldSpace::GetCellByCoordMask_4375D0, don't know why it happens.
; Address: 437604
; Solution: return 0 if this crash would happen.
; Result: Haven't had this crash since, but it's rare anyway so it could be coincidence.
CellNullCrash=1

; Info: Crash when trying to do: v14 = MagicItem::unk_406C70(a3)->properties.projectile;
;       This 406C70 function is something like "GetMainMagicEffect". Sometimes though it may return
;       NULL and in 90% of places the game expects this and checks for NULL result, this patch will
;       fix the remaining locations.
; Address: 7E39EC, 657677, 6577D5, 65FEEC, 8127CF
; Solution: Check for NULL and skip (depends on location) if it is.
GetMainMagicEffect=1

; Info: Crash when game searches node "NPC COM [COM ]" on actor but the node was not found. This is unexpected
;       for game because it uses the result without checking for NULL. This whole thing has something to do
;       with mounting. The function that does this whole thing is present in "StopMountCameraHandler" and
;       "MountInteraction" vtable. Also it seems that this has something to do with updating position.
; More info: Was reported that this could happen if non-humanoid tries to mount a horse. This is a rather specific
;            error with a mod. Instead we will show error message to user when this happens so they can
;            fix or uninstall that mod.
; Address: 6E7F85
; Solution: Check for NULL and if it is NULL then use base node of actor instead of this. It's fine because
;           we only take X and Y position from it.
; Solution2: Show error message and crash after.
MountNodeCrash=0
MountNodeWarn=1

; Info: Crash when game is trying to setup foot IK but there's a problem. Real cause is unknown but for me.
;       So we will display a message box when this crash happens. Seems related to the
;       StrCmp crash in BF2FB3, maybe. Try reducing the amount of installed animations.
; Address: BFECC1
; Solution: No solution from here, display warning with helpful tips.
IKCrashWarn=1

; Info: Crash happens when rendering and saving. I think this is when it renders the save game image.
; if ( v8 ) // <- not null
; {
;  if ( v8 )
;    v9 = *(v8 + 8); // <- *(v8 + 8) is null
;  else
;    v9 = 0;
;  v10 = *(v9 + 140) * *(a2 + 4) // <- crash because null
;    + *(v9 + 136) * *a2
;    + *(v9 + 144) * *(a2 + 8);
;  v21 = v10 - *(*(v8 + 8) + 148) * a3;
; }
; Address: CB051A
; Solution: We will skip this if block when *(v8 + 8) is null, as if v8 was null.
RenderSave=1

; Info: Crash was reported as casting spell. Only happens sometimes. Happens in movement controller.
;       Seems like vtable is NULL.
; Address: 76636B
; Solution: This happens in a for loop and it happens in if clause. We can skip if this crash would happen.
MoveControllerCast=1

; Info: Crash when saving game and trying to render (possibly save game image again?). It's trying to get
;       vtable of NULL pointer which will crash.
;   if ((*a2 + 76)(a2, a1)) // a2 is null
;   {
;     *(0x1BA9344) = a1;
;     *(0x1BA9340) = a2;
;   }
;   else
;   {
;     *(0x1BA9340) = 0;
;     *(0x1BA9344) = 0;
;   }
; Address: CAF9F7
; Solution: Skip function call and set return value to false so we don't have to use the NULL value.
SaveRenderCrash=1

; Info: Crash when game tries to get loaded node but it is set to NULL. Only ever seen this on two people.
;       It is most likely actually related to corrupted mesh being unable to be loaded and game does not expect it.
;       NiNode * node = a->GetLoadedStateNiNode();
;       v2 = node->(*(vtable+0x14))(); // <- node is NULL
;       if(v2) { *((int*)(v2 + 212)) = 0; } // <- we can skip this part since it has a check anyway
; Address: 4C119E
; Solution: Real solution would be to find the broken mesh and remove it. So lets notify user instead of ignoring this part.
; Enable one of the following, ignore problem and try to continue or show message box with object reference form ID and form Type.
NullLoadedNodeIgnore=0
NullLoadedNodeNotify=1

; Info: Crash in GarbageCollector::Add when actor argument's base form is NULL. Game does not check this, when in
;       some other places it does check for this possibility.
; Address: 690A69
NullActorBaseForm=1

; Info: Crash when modifying actor value but the pointer is bad, possibly due to actor being invalid. This happens often
;       when script engine is lagged and spells want to modify actor values a lot.
; Address: 6E07C6
AVSetCrash=1

; Info: If your scripts use more than 65535 different strings then the save game will be corrupt and not possible to load.
;       This fixes it by changing the save file format slightly if string count is higher than 65520. That means if you
;       have this option enabled and your save game would have become corrupt it changes format instead and vanilla game
;       or save game tools will not be able to open it! Opposite is true as well, if the count goes below 65520 after
;       and you save again then the format reverts to vanilla.
; TLDR: Fix for https://forums.nexusmods.com/index.php?/topic/3924850-corrupt-saves-strcount-0xffff-ctd-on-load/
; Address: Around 30 different parts of code had to be patched.
StringCount32=1

; Info: Warn if SKSE memory patch is not active. This checks if default heap size is 256 or less and warns if you try to
;       click New, Continue or Load in main menu. Still lets you play the game, just shows a warning.
WarnSKSEMemoryPatch=1

; Info: If AlignHeapAllocate is disabled by user then fix that one movaps crash manually. There's no downside to having this enabled.
; Address: 4BD832
FixMovApsManuallyIfAlignedAllocateIsDisabled=1

; Info: Overwrite array allocator directly when UseOSAllocators is set to 1. Don't understand the code enough yet to
;       say if it's safe or not. At this point it's just here for testing.
OverwriteArrayAllocator=0