src/g23m-gsm/sms/sms_for.c: bogus malloc removed The new error handling code that was not present in TCS211 blob version contains a malloc call that is bogus for 3 reasons: 1) The memory allocation in question is not needed in the first place; 2) libc malloc is used instead of one of the firmware's proper ways; 3) The memory allocation is made inside a function and then never freed, i.e., a memory leak. This bug was caught in gcc-built FreeCalypso fw projects (Citrine and Selenite) because our gcc environment does not allow any use of libc malloc (any reference to malloc produces a link failure), but this code from TCS3.2 is wrong even for Magnetite: if this code path is executed repeatedly over a long time, the many small allocations made by this malloc call without a subsequent free will eventually exhaust the malloc heap provided by the TMS470 environment, malloc will start returning NULL, and the bogus code will treat it as an error. Because the memory allocation in question is not needed at all, the fix entails simply removing it.

# This patch applies to the Init_Target() function in the init.obj module in
# main.lib; it is an example of how this code will need to be patched for
# running on our own future FreeCalypso hardware if we choose to use the same
# Spansion S71PL129NC0 flash+pSRAM MCP as used in the Pirelli DP-L10 and use
# the same memory timings as set by Pirelli's firmware.

[init.obj]

# value goes into nCS0, nCS1 and nCS3 config registers
.text 66 A4
# value goes into nCS2 config reg
.text 6C A4

# nop out the write into 0x02700000

.text 128 C0
.text 129 46