Crash after join on 1.7
Closed this issue · 2 comments
Describe the bug
I upgraded CIT's dev server to 1.7 and every time I join I crash right after the map loading bar:
Version = 1.7-untested-25546.0.000
Time = Wed Sep 10 16:54:20 2025
Module = C:\ProgramData\MTA San Andreas All\1.7\GTA San Andreas\gta_sa.exe
Code = 0xC0000005
Offset = 0x000D77A5
EAX=00000000 EBX=00000000 ECX=3F800000 EDX=00000000 ESI=00000000
EDI=00000007 EBP=762991A0 ESP=0177FD68 EIP=004D77A5 FLG=00210246
CS=0023 DS=002B SS=002B ES=002B FS=0053 GS=002B
Steps to reproduce
I can PM any dev who wants to test the password though it's also serial restricted so I would need their serial.
Version
1.7-untested-25543
and
1.7-untested-25546
Additional context
I also have 2 dump files.
client_1.7-untested-25408.0.000_gtasa_000cfcd6_5_CPxMb_F301A8C0_55F3_002_80686_20250820_1225.rsa.dmp
client_1.7-untested-25543.0.000_gtasa_000d77a5_5_CPxMb_B49E175E_55FD_00E_80686_20250910_1646.rsa.dmp
Relevant log output
Security Policy
- I have read and understood the Security Policy and this issue is not security related.
Codex says:
The crash occurs inside GTA’s ambience-track logic. In MTA’s client code, version 1.7 adds hooks that replace parts of CAEAmbienceTrackManager::UpdateAmbienceTrackAndVolume to start/stop radio playback. These hooks patch hard-coded offsets 0x4D7198 and 0x4D71E7 in gta_sa.exe
Because 1.7 changes the game’s layout, those offsets no longer point to the correct instructions, so the hook corrupts the function’s stack and a null this pointer is dereferenced later in the same routine at address 0x4D77A5, triggering the 0xC0000005 crash.