Hi Andy, I get memory corruption caused by writing outside an malloc'ated memory bloc. I tracked the problem down to the recsize() function ( in hash.c ) computing a memory size that is not enough for subsequent initialization in resize() ( also in hash.c ). I think the problem lies in the fact that the TAB macro expect the HashRec object to be aligned in memory on the size of a naRef, which is 8 here. But the HashRec structure only contains pointers that are 4 bytes long. So here the address of a HashRec is a multiple of 4, and may be sometimes a multiple of 8 ( sizeof(naRef) ), but not always.
As recsize use a local variable that is not the one being initialized, the two variables may trigger different ROUNDUPOFF result here, and then the overwrite of an invalid memory position at line 116 of hash.c. In debug mode, the included memory debugger triggers an exception that stops the program. In release mode, the overwrite is silent but may corrupt memory allocation structure. I hope I was clear enough Regards, -Fred -- Frédéric Bouvier http://my.fotolia.com/frfoto/ Photo gallery http://fgsd.sourceforge.net/ FlightGear Scenery Designer ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Flightgear-devel mailing list Flightgear-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/flightgear-devel
