Pasting from the UDN:
Unsafe code in AbilitySystem can lead to crash when granting an ability inside OnAbilityEnded
We just ran into a crash. After investigation, it seems to be caused by the UAbilitySystemComponent::NotifyAbilityEnded() function, when trying to access the Spec pointer at the end of the function.
The code inside the function seems a bit unsafe :
(1) We grab the Spec pointer from inside the ability array (1)
(2) Then we trigger the OnAbilityEnded delegate which can cause any gameplay code the happen. In our case we where granting and ability, which invalidate the Spec pointer when abilities array is updated.
(3) After than the Spec pointer is still accessed which leads to a crash.
Jodon's Note: Copying the Spec is probably not a valid solution because we want to remove the ReplicatedInstances later on from the actual original Spec.
Note that this will only occur when writing custom native code. Instead of doing a nice full-fledged example, I'm sticking the code in a bad, but easy-to-repro spot. This isn't "good coding" but you can at least reproduce the issue this way:
Add this near the bottom of ULyraAbilitySystemComponent::InitAbilityActorInfo(AActor* InOwnerActor, AActor* InAvatarActor), right after TryActivateAbilitiesOnSpawn(); (but inside the if statement):
That will randomly remove/re-add abilities as you're completing them. The idea is that you want to cause reallocations of the ActivatableItems array while the Ability is ending to force a memory stomp.
With that code:
If it's still a bug, it will crash at some point (likely on access to invalid memory). If it's fixed it won't crash. Do it about 10 runs to be safe.
There's no existing public thread on this issue, so head over to Questions & Answers just mention UE-197731 in the post.