This code just crash INSIDE the malloc() ? It's basically the same as HPB-Bot addpath code so it shouldn't have any problem
Code:
void WaypointAddPath(edict_t *pEntity, short int add_index, short int path_index, float fDistance)
{
int i;
if (add_index == path_index)
return; // Deny creation of paths from any waypoint to itself
if (IsConnectedWithWaypoint(add_index, path_index))
return; // Don't allow paths get connected twice
// ALERT(at_console, "Path added from %d to %d\n", add_index, path_index);
PATH *p = paths[add_index];
PATH *prev = NULL;
// Check for free space in the connection indices
while (p != NULL)
{
for (i = 0; i < MAX_PATH_INDEX; i++)
{
if (p->index[i] == -1)
{
p->index[i] = path_index;
p->distance[i] = fDistance;
p->connectflag[i] = 0;
p->vecConnectVel[i] = g_vecZero;
p->distance[i] = 0;
return;
}
}
prev = p; // save the previous node in linked list
p = p->next; // go to next node in linked list
}
// There wasn't any free space
p = (PATH *)malloc(sizeof(PATH)); // JUST CRASH HERE !
for (i = 0; i < MAX_PATH_INDEX; i++)
{
p->index[i] = -1;
p->connectflag[i] = 0;
p->vecConnectVel[i] = g_vecZero;
p->distance[i] = 0;
}
p->index[0] = path_index;
p->distance[0] = fDistance;
p->next = NULL;
if (prev != NULL)
prev->next = p; // link new node into existing list
if (paths[add_index] == NULL)
paths[add_index] = p; // save head point if necessary
}
Another weird thing: It only crashes at the fy_iceworld2 map, never crash at other maps
the call stack is something like this:
Quote:
malloc_*** (can't remember, maybe it's ***_malloc)
malloc_***
malloc
WaypointAddPath
WaypointLoad
DispatchSpawn
(some HLDS's here)
|