• State Resolved
  • Locked Locked
  • Replies 4 replies
  • Subscribers 52 subscribers
  • Views 625 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC2640: Memory leak problem in clucose.c file with ble_sdk_2_02_02_25

young june kim
Intellectual 710 points
Part Number: CC2640

I discover memory leak problem  GlucoseSensor_processServiceEvt() function at clucose.c

Heap Memroy is allocated  pData->pVal in GlucoseSensor_serviceCB() fuction.

Memroy free  in GlucoseSensor_processServiceEvt() function

But It is only  memory free in GLUCOSE_CTL_PNT_CMD.

but other case don't free memory

(etc, GLUCOSE_MEAS_NTF_ENABLED,GLUCOSE_MEAS_NTF_DISABLED,GLUCOSE_CONTEXT_NTF_ENABLED.....)

I fixed GlucoseSensor_processServiceEvt() function.

=====================================================================

static void GlucoseSensor_processServiceEvt(uint8_t event, uint8_t* valueP, uint8_t len)
{
  switch (event)
  {
    // Control point command.
    case GLUCOSE_CTL_PNT_CMD:
      {
        glucoseCtlPntMsg_t msg;
       
        msg.len = len;
       
        memcpy(msg.data, valueP, len);
       
        // Free valueP
      //  ICall_free(valueP);
       
        // Process the control point command.
        GlucoseSensor_processCtlPntMsg(&msg);
      }
      break;
     
    default:
      // Do nothing.
      break;
  }

ICall_free(valueP);
}

=======================================================

Br

yjkim

  • 0
    Intellectual 710 points

    At ICall_malloc, the argument is set to size.
    If the argument is 0, the return value is not NULL, but the malloc address is returned.


    I have more fixed s/w.
    If data length is '0', don't allocate heap memory at GlucoseSensor_serviceCB() .
    ================================================

    static void GlucoseSensor_serviceCB(uint8_t event, uint8_t* valueP, uint8_t len)
{
    glucoseServEvt_t *pData;
    
    if ((pData = (glucoseServEvt_t *)ICall_malloc(sizeof(glucoseServEvt_t))))
    {
        if(len)
        {
            if ((pData->pVal = (uint8_t *)ICall_malloc(len)))                
                memcpy(pData->pVal, valueP, len);
        }
        else
        {
            pData->pVal=NULL;
        }
        pData->len = len;
        
        GlucoseSensor_enqueueMsg(GLUCOSE_SERVICE_EVT, event, (uint8_t *)pData);
    } 
}

  • 0
    TI__Guru 56590 points
    Hello Young,
    Thanks for pointing this out. I will review your proposed changes.
    Did you run the example, profile the heap and observe memory leak occur or did you only review the code?
  • 0 in reply to young june kim
    TI__Guru 56590 points
    Hello Young,
    I have reviewed your second fix with regards to malloc(0).

    Even tough the length (len) is 0 it needs to be allocated (pData->pVal = (uint8_t *)ICall_malloc(len)) if it will be freed anyway in GlucoseSensor_processServiceEvt (ICall_free(valueP);) If it is not allocated (malloc) and then freed the heap will become corrupt. Even tough the size is 0 is it allocated with headers, but without payload and can bee freed.
  • 0 in reply to Eirik V
    Intellectual 710 points
    Hi
    I apply only second fix.
    I apply Origanl souce code in GlucoseSensor_processServiceEvt (ICall_free(valueP) that is freed GLUCOSE_CTL_PNT_CMD .
    thaks .