This code just crash INSIDE the malloc() ? It's basically the same as HPB-Bot addpath code so it shouldn't have any problem


void WaypointAddPath(edict_t *pEntity, short int add_index, short int path_index, float fDistance)
{
int i;

if (add_index == path_index)
return; // Deny creation of paths from any waypoint to itself

if (IsConnectedWithWaypoint(add_index, path_index))
return; // Don't allow paths get connected twice

// ALERT(at_console, "Path added from %d to %d\n", add_index, path_index);

PATH *p = paths[add_index];
PATH *prev = NULL;

// Check for free space in the connection indices
while (p != NULL)
{
for (i = 0; i < MAX_PATH_INDEX; i++)
{
if (p->index[i] == -1)
{
p->index[i] = path_index;
p->distance[i] = fDistance;
p->connectflag[i] = 0;
p->vecConnectVel[i] = g_vecZero;
p->distance[i] = 0;
return;
}
}

prev = p; // save the previous node in linked list
p = p->next; // go to next node in linked list
}

// There wasn't any free space
p = (PATH *)malloc(sizeof(PATH)); // JUST CRASH HERE !

for (i = 0; i < MAX_PATH_INDEX; i++)
{
p->index[i] = -1;
p->connectflag[i] = 0;
p->vecConnectVel[i] = g_vecZero;
p->distance[i] = 0;
}

p->index[0] = path_index;
p->distance[0] = fDistance;
p->next = NULL;

if (prev != NULL)
prev->next = p; // link new node into existing list

if (paths[add_index] == NULL)
paths[add_index] = p; // save head point if necessary
}


Another weird thing: It only crashes at the fy_iceworld2 map, never crash at other maps

the call stack is something like this:

malloc_*** (can't remember, maybe it's ***_malloc)
malloc_***
malloc
WaypointAddPath
WaypointLoad
DispatchSpawn
(some HLDS's here)

Just a quick look-over your code I see some pretty serious errors...

Always do a null pointer check on anything you allocate.
Always free any memory you allocate ( make sure the pointer is not null though ).

I don't know what MAX_PATH_INDEX is but you are trying to index an array with only one element.
If you look at your malloc line, you are allocating memory for one path object only. If you wan't to allocate several of them use this... malloc ( sizeof( type ) * elements );

This is typed in a hurry but try fixing those mistakes and see if the crash goes away.

Thanks for your reply. But the PATH is a struct which has something like this:

struct PATH
{
.....
int iIndex[MAX_PATH_INDEX];
};

so that's not a problem. Also this code doesn't crash AFTER the malloc() but just INSIDE it so it's kinda weird...

Shouldn't the paths variable be declared as "struct PATH" instead of just "PATH"? Unless you have made a "typedef struct PATH PATH" somewhere?

Also do a malloc(sizeof(struct PATH)) instead of malloc(sizeof(PATH)).

Because I think it's compiler dependant. Some compilers will take "PATH" as meaning "struct PATH" others as something like "struct PATH *".

I had also some weird malloc() erros sometimes and this always happened because I had bad memory access elsewhere in the program, not necessary where the malloc is used.

Good luck!

C needs the struct in front of path, C++ doesnt need that any more - you don't write class in front of classes, do you ?

you need to write struct before things decalred as structs and not typedef structs, so yes you probably need to write : malloc(sizeof(struct PATH)) instead. But if the compiler didn't give any warnings , I dunno.

@$3.1415rin is right, if your code is C++ no need of struct PATH, the code looked like regular C.
Well then I see no problem in this code.
If only this map makes malloc crash then either the wp file for this map is corrupted in some way and you allocate too much wp or mem in other portion of code; or its a pointer problem somewhere messing stuff and you'll have a hard time finding it :(
* Since it's all C++ you could consider replacing all malloc/free with new/delete and see if it helps.
* If you are using static arrays in some places it's possible one of your index somewhere goes out of bounds in this particular map and write stuff at bad places.
* Or disable the waypoint code altogether and see if mem allocations in other portion of code cause the same problem with the same map or not.

This is some ideas to try, hope this helps.

malloc() crashes are usually due to you allocating and then freeing memory, and then having your program write to that memory location. Like this...
char *p = (char *)malloc(1024);
free(p);
memcpy(p, "somedata"); // <--- VERY BAD!!!
botman

If you are into C++ coding, you should always use new and delete instead of malloc and free. The C++ conventions are safer, easier to work with, and designed to work correctly with classes.