Ameba: Mismatching allocation and deallocation #4853
Conversation
|
/morph test |
|
cc @Archcady |
| @@ -75,7 +75,7 @@ static rtw_result_t scan_result_handler( rtw_scan_handler_result_t* malloced_sca | |||
| ap.channel = record->channel; | |||
| WiFiAccessPoint *accesspoint = new WiFiAccessPoint(ap); | |||
| memcpy(&scan_handler->ap_details[scan_handler->ap_num], accesspoint, sizeof(WiFiAccessPoint)); | |||
| delete[] accesspoint; | |||
| delete accesspoint; | |||
| } | |||
| scan_handler->ap_num++; | |||
There was a problem hiding this comment.
There was a problem hiding this comment.
Hi @0xc0170 I think in this part we use allocation is to borrow the data structure of this class so we might use this scan_handler->ap_details[] somewhere else as a pointer to an instance of WiFiAccessPoint.
line 80 scan_handler->ap_num__; seems like being placed here on purpose, scan_handler->ap_details[scan_handler->ap_num] has reserved its place for accesspoint data, so if the condition above is false, the space is left zero and ap_num++ to start process next accesspoint data.
Thanks.
There was a problem hiding this comment.
@Archcady Better use placement new then. The behavior of the program is undefined (from the C++ standard standpoint) if a non POD object is initialized with memcpy.
You can replace:
WiFiAccessPoint *accesspoint = new WiFiAccessPoint(ap);
memcpy(&scan_handler->ap_details[scan_handler->ap_num], accesspoint, sizeof(WiFiAccessPoint));
delete accesspoint;by
new(&scan_handler->ap_details[scan_handler->ap_num]) WiFiAccessPoint(ap);There was a problem hiding this comment.
Thanks @pan- , BTW do I need to call destructor explicitly here? I'm not familiar with placement new in C++.
There was a problem hiding this comment.
@Archcady Placement new does not allocate memory from the heap. It use the address supplied in the placement param to construct the object.
In this specific case, the object will be constructed at the address &scan_handler->ap_details[scan_handler->ap_num]. You'll have to call directly the destructor when the ap_details memory block goes away or the delete[] operator if ap_details have been allocated with new[] (which I doubt since the data structure is defined locally).
Result: SUCCESSYour command has finished executing! Here's what you wrote!
OutputAll builds and test passed! |
|
@Archcady Will you send separate PR to address the allocation discussed here? To know how to proceed with this fix. I would keep this open until all concerns are addressed, and then this can be closed? |
|
@janjongboom Closing as this has been superseded by #4863. |
Not sure if this is actually a problem when running, but syntactically it's not correct.