Fixed issue #216 "canardMemFree must provide size" (#233)

serges147 · web-flow · commit 1b318b3a51e2 · 2024-11-18T15:41:15.000+02:00
- Extended `CanardTxQueueItem` with extra `allocated_size` field to
remember original size allocated for the item (and its embedded
payload).
- Extended `CanardRxTransfer` with extra `allocated_size` field to
report to the client original size allocated for the payload buffer
(which is normally equal to session `extent`).
diff --git a/README.md b/README.md
@@ -71,9 +71,10 @@ static void* memAllocate(CanardInstance* const canard, const size_t amount)
     return o1heapAllocate(my_allocator, amount);
 }
 
-static void memFree(CanardInstance* const canard, void* const pointer)
+static void memFree(CanardInstance* const canard, void* const pointer, const size_t amount)
 {
     (void) canard;
+    (void) amount;
     o1heapFree(my_allocator, pointer);
 }
 ```
diff --git a/libcanard/canard.c b/libcanard/canard.c
@@ -303,9 +303,12 @@ CANARD_PRIVATE TxItem* txAllocateQueueItem(CanardInstance* const   ins,
 {
     CANARD_ASSERT(ins != NULL);
     CANARD_ASSERT(payload_size > 0U);
-    TxItem* const out = (TxItem*) ins->memory_allocate(ins, (sizeof(TxItem) - CANARD_MTU_MAX) + payload_size);
+    const size_t  tx_item_size = (sizeof(TxItem) - CANARD_MTU_MAX) + payload_size;
+    TxItem* const out          = (TxItem*) ins->memory_allocate(ins, tx_item_size);
     if (out != NULL)
     {
+        out->base.allocated_size = tx_item_size;
+
         out->base.base.up    = NULL;
         out->base.base.lr[0] = NULL;
         out->base.base.lr[1] = NULL;
@@ -532,7 +535,7 @@ CANARD_PRIVATE int32_t txPushMultiFrame(CanardTxQueue* const    que,
             while (head != NULL)
             {
                 CanardTxQueueItem* const next = head->next_in_transfer;
-                ins->memory_free(ins, head);
+                ins->memory_free(ins, head, head->allocated_size);
                 head = next;
             }
         }
@@ -729,11 +732,13 @@ CANARD_PRIVATE int8_t rxSessionWritePayload(CanardInstance* const          ins,
     return out;
 }
 
-CANARD_PRIVATE void rxSessionRestart(CanardInstance* const ins, CanardInternalRxSession* const rxs)
+CANARD_PRIVATE void rxSessionRestart(CanardInstance* const          ins,
+                                     CanardInternalRxSession* const rxs,
+                                     const size_t                   allocated_size)
 {
     CANARD_ASSERT(ins != NULL);
     CANARD_ASSERT(rxs != NULL);
-    ins->memory_free(ins, rxs->payload);  // May be NULL, which is OK.
+    ins->memory_free(ins, rxs->payload, allocated_size);  // May be NULL, which is OK.
     rxs->total_payload_size = 0U;
     rxs->payload_size       = 0U;
     rxs->payload            = NULL;
@@ -773,7 +778,7 @@ CANARD_PRIVATE int8_t rxSessionAcceptFrame(CanardInstance* const          ins,
     if (out < 0)
     {
         CANARD_ASSERT(-CANARD_ERROR_OUT_OF_MEMORY == out);
-        rxSessionRestart(ins, rxs);  // Out-of-memory.
+        rxSessionRestart(ins, rxs, extent);  // Out-of-memory.
     }
     else if (frame->end_of_transfer)
     {
@@ -785,6 +790,7 @@ CANARD_PRIVATE int8_t rxSessionAcceptFrame(CanardInstance* const          ins,
             out_transfer->timestamp_usec = rxs->transfer_timestamp_usec;
             out_transfer->payload_size   = rxs->payload_size;
             out_transfer->payload        = rxs->payload;
+            out_transfer->allocated_size = (rxs->payload != NULL) ? extent : 0U;
 
             // Cut off the CRC from the payload if it's there -- we don't want to expose it to the user.
             CANARD_ASSERT(rxs->total_payload_size >= rxs->payload_size);
@@ -797,7 +803,7 @@ CANARD_PRIVATE int8_t rxSessionAcceptFrame(CanardInstance* const          ins,
 
             rxs->payload = NULL;  // Ownership passed over to the application, nullify to prevent freeing.
         }
-        rxSessionRestart(ins, rxs);  // Successful completion.
+        rxSessionRestart(ins, rxs, extent);  // Successful completion.
     }
     else
     {
@@ -978,6 +984,7 @@ CANARD_PRIVATE int8_t rxAcceptFrame(CanardInstance* const       ins,
             out_transfer->timestamp_usec = frame->timestamp_usec;
             out_transfer->payload_size   = payload_size;
             out_transfer->payload        = payload;
+            out_transfer->allocated_size = payload_size;
             // Clang-Tidy raises an error recommending the use of memcpy_s() instead.
             // We ignore it because the safe functions are poorly supported; reliance on them may limit the portability.
             (void) memcpy(payload, frame->payload, payload_size);  // NOLINT
@@ -1236,8 +1243,11 @@ int8_t canardRxUnsubscribe(CanardInstance* const    ins,
             out = 1;
             for (size_t i = 0; i < RX_SESSIONS_PER_SUBSCRIPTION; i++)
             {
-                ins->memory_free(ins, (sub->sessions[i] != NULL) ? sub->sessions[i]->payload : NULL);
-                ins->memory_free(ins, sub->sessions[i]);
+                if (sub->sessions[i] != NULL)
+                {
+                    ins->memory_free(ins, sub->sessions[i]->payload, sub->extent);
+                }
+                ins->memory_free(ins, sub->sessions[i], sizeof(*sub->sessions[i]));
                 sub->sessions[i] = NULL;
             }
         }
diff --git a/libcanard/canard.h b/libcanard/canard.h
@@ -285,6 +285,10 @@ struct CanardTxQueueItem
     /// Frames whose transmission deadline is in the past shall be dropped.
     CanardMicrosecond tx_deadline_usec;
 
+    /// Amount of memory allocated for the whole this item, including the payload frame.
+    /// In use to deallocate the item by passing this value to the memory manager (`memFree`).
+    size_t allocated_size;
+
     /// The actual CAN frame data.
     CanardFrame frame;
 };
@@ -332,10 +336,19 @@ typedef struct CanardRxTransfer
     /// The time system may be arbitrary as long as the clock is monotonic (steady).
     CanardMicrosecond timestamp_usec;
 
+    /// Size of the payload data in bytes.
+    /// The value is always less than or equal to the extent specified in the subscription.
     /// If the payload is empty (payload_size = 0), the payload pointer may be NULL.
-    /// The application is required to deallocate the payload buffer after the transfer is processed.
     size_t payload_size;
-    void*  payload;
+
+    /// The application is required to deallocate the payload buffer after the transfer is processed.
+    /// Allocated buffer size (`allocated_size`, not `payload_size`) should be used to deallocate the buffer.
+    void* payload;
+
+    /// Size of the allocated payload buffer in bytes.
+    /// Normally equal to the extent specified in the subscription, but could be less (equal to `payload_size`)
+    /// in case of single frame transfer, or even zero if the payload pointer is NULL.
+    size_t allocated_size;
 } CanardRxTransfer;
 
 /// A pointer to the memory allocation function. The semantics are similar to malloc():
@@ -349,11 +362,12 @@ typedef struct CanardRxTransfer
 typedef void* (*CanardMemoryAllocate)(CanardInstance* ins, size_t amount);
 
 /// The counterpart of the above -- this function is invoked to return previously allocated memory to the allocator.
-/// The semantics are similar to free():
+/// The semantics are similar to free(), but with additional `amount` parameter:
 ///     - The pointer was previously returned by the allocation function.
 ///     - The pointer may be NULL, in which case the function shall have no effect.
 ///     - The execution time should be constant (O(1)).
-typedef void (*CanardMemoryFree)(CanardInstance* ins, void* pointer);
+///     - The amount is the same as it was during allocation.
+typedef void (*CanardMemoryFree)(CanardInstance* ins, void* pointer, size_t amount);
 
 /// This is the core structure that keeps all of the states and allocated resources of the library instance.
 struct CanardInstance
diff --git a/tests/exposed.hpp b/tests/exposed.hpp
@@ -107,7 +107,7 @@ auto rxSessionWritePayload(CanardInstance* const ins,
                            const std::size_t     payload_size,
                            const void* const     payload) -> std::int8_t;
 
-void rxSessionRestart(CanardInstance* const ins, RxSession* const rxs);
+void rxSessionRestart(CanardInstance* const ins, RxSession* const rxs, const std::size_t allocated_size);
 
 auto rxSessionUpdate(CanardInstance* const     ins,
                      RxSession* const          rxs,
diff --git a/tests/helpers.hpp b/tests/helpers.hpp
@@ -103,7 +103,7 @@ class TestAllocator
         return p;
     }
 
-    void deallocate(void* const user_pointer)
+    void deallocate(void* const user_pointer, const std::size_t amount)
     {
         if (user_pointer != nullptr)
         {
@@ -114,7 +114,12 @@ class TestAllocator
                 throw std::logic_error("Attempted to deallocate memory that was never allocated; ptr=" +
                                        std::to_string(reinterpret_cast<std::uint64_t>(user_pointer)));
             }
-            const auto [p, amount] = *it;
+            const auto [p, expected_amount] = *it;
+            if (amount != expected_amount)
+            {
+                throw std::logic_error("Attempted to deallocate wrong size memory at ptr=" +
+                                       std::to_string(reinterpret_cast<std::uint64_t>(user_pointer)));
+            }
             if ((0 != std::memcmp(p - canary_.size(), canary_.begin(), canary_.size())) ||
                 (0 != std::memcmp(p + amount, canary_.begin(), canary_.size())))
             {
@@ -240,10 +245,10 @@ class Instance
         return p->allocator_.allocate(amount);
     }
 
-    static void trampolineDeallocate(CanardInstance* const ins, void* const pointer)
+    static void trampolineDeallocate(CanardInstance* const ins, void* const pointer, const std::size_t amount)
     {
         auto* p = reinterpret_cast<Instance*>(ins->user_reference);
-        p->allocator_.deallocate(pointer);
+        p->allocator_.deallocate(pointer, amount);
     }
 
     CanardInstance canard_ = canardInit(&Instance::trampolineAllocate, &Instance::trampolineDeallocate);
diff --git a/tests/test_private_rx.cpp b/tests/test_private_rx.cpp
@@ -229,7 +229,7 @@ TEST_CASE("rxSessionWritePayload")
     REQUIRE(rxs.payload[9] == 9);
 
     // Restart frees the buffer. The transfer-ID will be incremented, too.
-    rxSessionRestart(&ins.getInstance(), &rxs);
+    rxSessionRestart(&ins.getInstance(), &rxs, 10);
     REQUIRE(ins.getAllocator().getNumAllocatedFragments() == 0);
     REQUIRE(ins.getAllocator().getTotalAllocatedAmount() == 0);
     REQUIRE(rxs.payload_size == 0);
@@ -242,7 +242,7 @@ TEST_CASE("rxSessionWritePayload")
     rxs.calculated_crc = 0x1234U;
     rxs.transfer_id    = 23;
     rxs.toggle         = false;
-    rxSessionRestart(&ins.getInstance(), &rxs);
+    rxSessionRestart(&ins.getInstance(), &rxs, 10);
     REQUIRE(ins.getAllocator().getNumAllocatedFragments() == 0);
     REQUIRE(ins.getAllocator().getTotalAllocatedAmount() == 0);
     REQUIRE(rxs.payload_size == 0);
@@ -255,7 +255,7 @@ TEST_CASE("rxSessionWritePayload")
     rxs.calculated_crc = 0x1234U;
     rxs.transfer_id    = 31;
     rxs.toggle         = false;
-    rxSessionRestart(&ins.getInstance(), &rxs);
+    rxSessionRestart(&ins.getInstance(), &rxs, 10);
     REQUIRE(ins.getAllocator().getNumAllocatedFragments() == 0);
     REQUIRE(ins.getAllocator().getTotalAllocatedAmount() == 0);
     REQUIRE(rxs.payload_size == 0);
@@ -340,10 +340,11 @@ TEST_CASE("rxSessionUpdate")
     REQUIRE(transfer.metadata.remote_node_id == 55);
     REQUIRE(transfer.metadata.transfer_id == 11);
     REQUIRE(transfer.payload_size == 3);
+    REQUIRE(transfer.allocated_size == 16);
     REQUIRE(0 == std::memcmp(transfer.payload, "\x01\x01\x01", 3));
     REQUIRE(ins.getAllocator().getNumAllocatedFragments() == 1);
     REQUIRE(ins.getAllocator().getTotalAllocatedAmount() == 16);
-    ins.getAllocator().deallocate(transfer.payload);
+    ins.getAllocator().deallocate(transfer.payload, transfer.allocated_size);
 
     // Valid next transfer, wrong transport.
     frame.timestamp_usec = 10'000'100;
@@ -376,10 +377,11 @@ TEST_CASE("rxSessionUpdate")
     REQUIRE(transfer.metadata.remote_node_id == 55);
     REQUIRE(transfer.metadata.transfer_id == 12);
     REQUIRE(transfer.payload_size == 3);
+    REQUIRE(transfer.allocated_size == 16);
     REQUIRE(0 == std::memcmp(transfer.payload, "\x03\x03\x03", 3));
     REQUIRE(ins.getAllocator().getNumAllocatedFragments() == 1);
     REQUIRE(ins.getAllocator().getTotalAllocatedAmount() == 16);
-    ins.getAllocator().deallocate(transfer.payload);
+    ins.getAllocator().deallocate(transfer.payload, transfer.allocated_size);
 
     // Same TID.
     frame.timestamp_usec = 10'000'200;
@@ -413,10 +415,11 @@ TEST_CASE("rxSessionUpdate")
     REQUIRE(transfer.metadata.remote_node_id == 55);
     REQUIRE(transfer.metadata.transfer_id == 12);
     REQUIRE(transfer.payload_size == 3);
+    REQUIRE(transfer.allocated_size == 16);
     REQUIRE(0 == std::memcmp(transfer.payload, "\x05\x05\x05", 3));
     REQUIRE(ins.getAllocator().getNumAllocatedFragments() == 1);
     REQUIRE(ins.getAllocator().getTotalAllocatedAmount() == 16);
-    ins.getAllocator().deallocate(transfer.payload);
+    ins.getAllocator().deallocate(transfer.payload, transfer.allocated_size);
 
     // Restart due to TID timeout, switch iface.
     frame.timestamp_usec = 20'000'000;
@@ -437,10 +440,11 @@ TEST_CASE("rxSessionUpdate")
     REQUIRE(transfer.metadata.remote_node_id == 55);
     REQUIRE(transfer.metadata.transfer_id == 11);
     REQUIRE(transfer.payload_size == 3);
+    REQUIRE(transfer.allocated_size == 16);
     REQUIRE(0 == std::memcmp(transfer.payload, "\x05\x05\x05", 3));
     REQUIRE(ins.getAllocator().getNumAllocatedFragments() == 1);
     REQUIRE(ins.getAllocator().getTotalAllocatedAmount() == 16);
-    ins.getAllocator().deallocate(transfer.payload);
+    ins.getAllocator().deallocate(transfer.payload, transfer.allocated_size);
 
     // Multi-frame, first.
     frame.timestamp_usec  = 20'000'100;
@@ -515,10 +519,11 @@ TEST_CASE("rxSessionUpdate")
     REQUIRE(transfer.metadata.remote_node_id == 55);
     REQUIRE(transfer.metadata.transfer_id == 13);
     REQUIRE(transfer.payload_size == 16);
+    REQUIRE(transfer.allocated_size == 16);
     REQUIRE(0 == std::memcmp(transfer.payload, "\x06\x06\x06\x06\x06\x06\x06\x07\x07\x07\x07\x07\x07\x07\x09\x09", 16));
     REQUIRE(ins.getAllocator().getNumAllocatedFragments() == 1);
     REQUIRE(ins.getAllocator().getTotalAllocatedAmount() == 16);
-    ins.getAllocator().deallocate(transfer.payload);
+    ins.getAllocator().deallocate(transfer.payload, transfer.allocated_size);
 
     // TID timeout does not occur until SOT; see https://github.com/OpenCyphal/libcanard/issues/212.
     frame.timestamp_usec    = 30'000'000;
@@ -616,10 +621,11 @@ TEST_CASE("rxSessionUpdate")
     REQUIRE(transfer.metadata.remote_node_id == 55);
     REQUIRE(transfer.metadata.transfer_id == 10);
     REQUIRE(transfer.payload_size == 10);
+    REQUIRE(transfer.allocated_size == 16);
     REQUIRE(0 == std::memcmp(transfer.payload, "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0D\x0D\x0D", 10));
     REQUIRE(ins.getAllocator().getNumAllocatedFragments() == 1);
     REQUIRE(ins.getAllocator().getTotalAllocatedAmount() == 16);
-    ins.getAllocator().deallocate(transfer.payload);
+    ins.getAllocator().deallocate(transfer.payload, transfer.allocated_size);
 
     // CRC SPLIT -- first frame.
     frame.timestamp_usec    = 30'000'000;
@@ -663,10 +669,11 @@ TEST_CASE("rxSessionUpdate")
     REQUIRE(transfer.metadata.remote_node_id == 55);
     REQUIRE(transfer.metadata.transfer_id == 0);
     REQUIRE(transfer.payload_size == 7);  // ONE CRC BYTE BACKTRACKED!
+    REQUIRE(transfer.allocated_size == 16);
     REQUIRE(0 == std::memcmp(transfer.payload, "\x0E\x0E\x0E\x0E\x0E\x0E\x0E", 7));
     REQUIRE(ins.getAllocator().getNumAllocatedFragments() == 1);
     REQUIRE(ins.getAllocator().getTotalAllocatedAmount() == 16);
-    ins.getAllocator().deallocate(transfer.payload);
+    ins.getAllocator().deallocate(transfer.payload, transfer.allocated_size);
 
     // BAD CRC -- first frame.
     frame.timestamp_usec    = 30'001'000;
diff --git a/tests/test_public_roundtrip.cpp b/tests/test_public_roundtrip.cpp
@@ -191,9 +191,10 @@ TEST_CASE("RoundtripSimple")
                     else
                     {
                         REQUIRE(transfer.payload_size == 0U);
+                        REQUIRE(transfer.allocated_size == 0U);
                     }
 
-                    ins_rx.getAllocator().deallocate(transfer.payload);
+                    ins_rx.getAllocator().deallocate(transfer.payload, transfer.allocated_size);
                     std::free(ref_payload);  // NOLINT
                 }
                 else
@@ -212,7 +213,7 @@ TEST_CASE("RoundtripSimple")
 
             {
                 const std::lock_guard locker(lock);
-                ins_tx.getAllocator().deallocate(ti);
+                ins_tx.getAllocator().deallocate(ti, (ti != nullptr) ? ti->allocated_size : 0);
             }
 
             if (std::chrono::steady_clock::now() > deadline)
diff --git a/tests/test_public_rx.cpp b/tests/test_public_rx.cpp
diff --git a/tests/test_public_tx.cpp b/tests/test_public_tx.cpp
diff --git a/tests/test_self.cpp b/tests/test_self.cpp

Original file line number	Diff line number	Diff line change
`@@ -71,9 +71,10 @@ static void* memAllocate(CanardInstance* const canard, const size_t amount)`
`71`	`71`	`return o1heapAllocate(my_allocator, amount);`
`72`	`72`	`}`
`73`	`73`
`74`		`-static void memFree(CanardInstance* const canard, void* const pointer)`
	`74`	`+static void memFree(CanardInstance* const canard, void* const pointer, const size_t amount)`
`75`	`75`	`{`
`76`	`76`	`(void) canard;`
	`77`	`+ (void) amount;`
`77`	`78`	`o1heapFree(my_allocator, pointer);`
`78`	`79`	`}`
`79`	`80`	```
Original file line number	Diff line number	Diff line change
`@@ -303,9 +303,12 @@ CANARD_PRIVATE TxItem* txAllocateQueueItem(CanardInstance* const ins,`
`303`	`303`	`{`
`304`	`304`	`CANARD_ASSERT(ins != NULL);`
`305`	`305`	`CANARD_ASSERT(payload_size > 0U);`
`306`		`- TxItem* const out = (TxItem*) ins->memory_allocate(ins, (sizeof(TxItem) - CANARD_MTU_MAX) + payload_size);`
	`306`	`+ const size_t tx_item_size = (sizeof(TxItem) - CANARD_MTU_MAX) + payload_size;`
	`307`	`+ TxItem* const out = (TxItem*) ins->memory_allocate(ins, tx_item_size);`
`307`	`308`	`if (out != NULL)`
`308`	`309`	`{`
	`310`	`+ out->base.allocated_size = tx_item_size;`
	`311`	`+`
`309`	`312`	`out->base.base.up = NULL;`
`310`	`313`	`out->base.base.lr[0] = NULL;`
`311`	`314`	`out->base.base.lr[1] = NULL;`
`@@ -532,7 +535,7 @@ CANARD_PRIVATE int32_t txPushMultiFrame(CanardTxQueue* const que,`
`532`	`535`	`while (head != NULL)`
`533`	`536`	`{`
`534`	`537`	`CanardTxQueueItem* const next = head->next_in_transfer;`
`535`		`- ins->memory_free(ins, head);`
	`538`	`+ ins->memory_free(ins, head, head->allocated_size);`
`536`	`539`	`head = next;`
`537`	`540`	`}`
`538`	`541`	`}`
`@@ -729,11 +732,13 @@ CANARD_PRIVATE int8_t rxSessionWritePayload(CanardInstance* const ins,`
`729`	`732`	`return out;`
`730`	`733`	`}`
`731`	`734`
`732`		`-CANARD_PRIVATE void rxSessionRestart(CanardInstance* const ins, CanardInternalRxSession* const rxs)`
	`735`	`+CANARD_PRIVATE void rxSessionRestart(CanardInstance* const ins,`
	`736`	`+ CanardInternalRxSession* const rxs,`
	`737`	`+ const size_t allocated_size)`
`733`	`738`	`{`
`734`	`739`	`CANARD_ASSERT(ins != NULL);`
`735`	`740`	`CANARD_ASSERT(rxs != NULL);`
`736`		`- ins->memory_free(ins, rxs->payload); // May be NULL, which is OK.`
	`741`	`+ ins->memory_free(ins, rxs->payload, allocated_size); // May be NULL, which is OK.`
`737`	`742`	`rxs->total_payload_size = 0U;`
`738`	`743`	`rxs->payload_size = 0U;`
`739`	`744`	`rxs->payload = NULL;`
`@@ -773,7 +778,7 @@ CANARD_PRIVATE int8_t rxSessionAcceptFrame(CanardInstance* const ins,`
`773`	`778`	`if (out < 0)`
`774`	`779`	`{`
`775`	`780`	`CANARD_ASSERT(-CANARD_ERROR_OUT_OF_MEMORY == out);`
`776`		`- rxSessionRestart(ins, rxs); // Out-of-memory.`
	`781`	`+ rxSessionRestart(ins, rxs, extent); // Out-of-memory.`
`777`	`782`	`}`
`778`	`783`	`else if (frame->end_of_transfer)`
`779`	`784`	`{`
`@@ -785,6 +790,7 @@ CANARD_PRIVATE int8_t rxSessionAcceptFrame(CanardInstance* const ins,`
`785`	`790`	`out_transfer->timestamp_usec = rxs->transfer_timestamp_usec;`
`786`	`791`	`out_transfer->payload_size = rxs->payload_size;`
`787`	`792`	`out_transfer->payload = rxs->payload;`
	`793`	`+ out_transfer->allocated_size = (rxs->payload != NULL) ? extent : 0U;`
`788`	`794`
`789`	`795`	`// Cut off the CRC from the payload if it's there -- we don't want to expose it to the user.`
`790`	`796`	`CANARD_ASSERT(rxs->total_payload_size >= rxs->payload_size);`
`@@ -797,7 +803,7 @@ CANARD_PRIVATE int8_t rxSessionAcceptFrame(CanardInstance* const ins,`
`797`	`803`
`798`	`804`	`rxs->payload = NULL; // Ownership passed over to the application, nullify to prevent freeing.`
`799`	`805`	`}`
`800`		`- rxSessionRestart(ins, rxs); // Successful completion.`
	`806`	`+ rxSessionRestart(ins, rxs, extent); // Successful completion.`
`801`	`807`	`}`
`802`	`808`	`else`
`803`	`809`	`{`
`@@ -978,6 +984,7 @@ CANARD_PRIVATE int8_t rxAcceptFrame(CanardInstance* const ins,`
`978`	`984`	`out_transfer->timestamp_usec = frame->timestamp_usec;`
`979`	`985`	`out_transfer->payload_size = payload_size;`
`980`	`986`	`out_transfer->payload = payload;`
	`987`	`+ out_transfer->allocated_size = payload_size;`
`981`	`988`	`// Clang-Tidy raises an error recommending the use of memcpy_s() instead.`
`982`	`989`	`// We ignore it because the safe functions are poorly supported; reliance on them may limit the portability.`
`983`	`990`	`(void) memcpy(payload, frame->payload, payload_size); // NOLINT`
`@@ -1236,8 +1243,11 @@ int8_t canardRxUnsubscribe(CanardInstance* const ins,`
`1236`	`1243`	`out = 1;`
`1237`	`1244`	`for (size_t i = 0; i < RX_SESSIONS_PER_SUBSCRIPTION; i++)`
`1238`	`1245`	`{`
`1239`		`- ins->memory_free(ins, (sub->sessions[i] != NULL) ? sub->sessions[i]->payload : NULL);`
`1240`		`- ins->memory_free(ins, sub->sessions[i]);`
	`1246`	`+ if (sub->sessions[i] != NULL)`
	`1247`	`+ {`
	`1248`	`+ ins->memory_free(ins, sub->sessions[i]->payload, sub->extent);`
	`1249`	`+ }`
	`1250`	`+ ins->memory_free(ins, sub->sessions[i], sizeof(*sub->sessions[i]));`
`1241`	`1251`	`sub->sessions[i] = NULL;`
`1242`	`1252`	`}`
`1243`	`1253`	`}`
Original file line number	Diff line number	Diff line change
`@@ -103,7 +103,7 @@ class TestAllocator`
`103`	`103`	`return p;`
`104`	`104`	`}`
`105`	`105`
`106`		`- void deallocate(void* const user_pointer)`
	`106`	`+ void deallocate(void* const user_pointer, const std::size_t amount)`
`107`	`107`	`{`
`108`	`108`	`if (user_pointer != nullptr)`
`109`	`109`	`{`
`@@ -114,7 +114,12 @@ class TestAllocator`
`114`	`114`	`throw std::logic_error("Attempted to deallocate memory that was never allocated; ptr=" +`
`115`	`115`	`std::to_string(reinterpret_cast<std::uint64_t>(user_pointer)));`
`116`	`116`	`}`
`117`		`- const auto [p, amount] = *it;`
	`117`	`+ const auto [p, expected_amount] = *it;`
	`118`	`+ if (amount != expected_amount)`
	`119`	`+ {`
	`120`	`+ throw std::logic_error("Attempted to deallocate wrong size memory at ptr=" +`
	`121`	`+ std::to_string(reinterpret_cast<std::uint64_t>(user_pointer)));`
	`122`	`+ }`
`118`	`123`	`if ((0 != std::memcmp(p - canary_.size(), canary_.begin(), canary_.size())) \|\|`
`119`	`124`	`(0 != std::memcmp(p + amount, canary_.begin(), canary_.size())))`
`120`	`125`	`{`
`@@ -240,10 +245,10 @@ class Instance`
`240`	`245`	`return p->allocator_.allocate(amount);`
`241`	`246`	`}`
`242`	`247`
`243`		`- static void trampolineDeallocate(CanardInstance* const ins, void* const pointer)`
	`248`	`+ static void trampolineDeallocate(CanardInstance* const ins, void* const pointer, const std::size_t amount)`
`244`	`249`	`{`
`245`	`250`	`auto* p = reinterpret_cast<Instance*>(ins->user_reference);`
`246`		`- p->allocator_.deallocate(pointer);`
	`251`	`+ p->allocator_.deallocate(pointer, amount);`
`247`	`252`	`}`
`248`	`253`
`249`	`254`	`CanardInstance canard_ = canardInit(&Instance::trampolineAllocate, &Instance::trampolineDeallocate);`
Original file line number	Diff line number	Diff line change
`@@ -191,9 +191,10 @@ TEST_CASE("RoundtripSimple")`
`191`	`191`	`else`
`192`	`192`	`{`
`193`	`193`	`REQUIRE(transfer.payload_size == 0U);`
	`194`	`+ REQUIRE(transfer.allocated_size == 0U);`
`194`	`195`	`}`
`195`	`196`
`196`		`- ins_rx.getAllocator().deallocate(transfer.payload);`
	`197`	`+ ins_rx.getAllocator().deallocate(transfer.payload, transfer.allocated_size);`
`197`	`198`	`std::free(ref_payload); // NOLINT`
`198`	`199`	`}`
`199`	`200`	`else`
`@@ -212,7 +213,7 @@ TEST_CASE("RoundtripSimple")`
`212`	`213`
`213`	`214`	`{`
`214`	`215`	`const std::lock_guard locker(lock);`
`215`		`- ins_tx.getAllocator().deallocate(ti);`
	`216`	`+ ins_tx.getAllocator().deallocate(ti, (ti != nullptr) ? ti->allocated_size : 0);`
`216`	`217`	`}`
`217`	`218`
`218`	`219`	`if (std::chrono::steady_clock::now() > deadline)`