* Question on rcu_access_pointer, rcu_assign_pointer and locking.
@ 2013-06-13 17:24 Ben Greear
0 siblings, 0 replies; only message in thread
From: Ben Greear @ 2013-06-13 17:24 UTC (permalink / raw)
To: Linux Kernel Mailing List; +Cc: linux-wireless@vger.kernel.org
Hello!
I'm trying to better understand some code in net/mac80211/scan.c in order
to track down some memory leaks reported by kmemleak.
My question boils down to this. Assume we have code similar to this:
spin_lock_bh(&dev->bss_lock);
old = rcu_access_pointer(found->pub.beacon_ies);
rcu_assign_pointer(found->pub.beacon_ies, tmp->pub.beacon_ies);
if (old)
kfree_rcu((struct cfg80211_bss_ies *)old, rcu_head);
spin_unlock_bh(&dev->bss_lock);
Would it be possible to somehow leak what is assigned to found->pub.beacon_ies,
perhaps because two threads managed to go through this
code within a single RCU period?
I think that if the rcu_assign_pointer logic wasn't 'published'
before a second thread came through this logic it could cause
this leakage?
The actual code I'm curious about is in net/mac80211/scan.c, in
the cfg80211_bss_update method.
Thanks,
Ben
--
Ben Greear <greearb@candelatech.com>
Candela Technologies Inc http://www.candelatech.com
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2013-06-13 17:24 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-06-13 17:24 Question on rcu_access_pointer, rcu_assign_pointer and locking Ben Greear
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.