Why exported const value modified by another driver not updated in original driver

Why exported const value modified by another driver not updated in original driver

[Manavendra Nath Manav]

Hi,

I have declared a static const int variable in one driver and exported
that variable symbol. In another driver i am modifying that variable.
The other driver prints the modified value but the original driver
retains the original value. When both virtual and physical addresses
of the variable as seen by both drivers are same, how is this even
possible. Is it a kernel bug?

[root@localhost bug]# uname -a
Linux localhost.localdomain 3.5.3 #3 SMP Mon Sep 3 21:52:12 IST 2012
i686 i686 i386 GNU/Linux

================================
[root@localhost bug]# cat driver.c
#include <linux/module.h>

static const int value = 123;

int init_module()
{
	printk("Base driver (init): value                     = %d\n", value);
	printk("Base driver (init): virtual address of value  = %p\n", (void *)&value);
	printk("Base driver (init): physical address of value = %p\n", (void
*)__pa(&value));
	return 0;
}

void cleanup_module()
{
	printk("Base driver (exit): value                     = %d\n", value);
	printk("Base driver (exit): virtual address of value  = %p\n", (void *)&value);
	printk("Base driver (exit): physical address of value = %p\n", (void
*)__pa(&value));
}
EXPORT_SYMBOL(value);

==============================================
[root@localhost bug]# cat hacker.c
#include <linux/module.h>

extern int value;

int init_module()
{
	value = 987;
	printk("Hacker driver (init): value                     = %d\n", value);
	printk("Hacker Base driver (init): virtual address of value  = %p\n",
(void *)&value);
	printk("Hacker Base driver (init): physical address of value = %p\n",
(void *)__pa(&value));
	return 0;
}

void cleanup_module()
{
	printk("Hacker driver (exit): value                     = %d\n", value);
	printk("Hacker driver (exit): virtual address of value  = %p\n",
(void *)&value);
	printk("Hacker driver (exit): physical address of value = %p\n",
(void *)__pa(&value));
	return;
}

=========================================
[root@localhost bug]# insmod driver.ko
Base driver (init): value                     = 123
Base driver (init): virtual address of value  = f89d61c8
Base driver (init): physical address of value = 389d61c8

[root@localhost bug]# insmod hacker.ko
Hacker driver (init): value                     = 987
Hacker Base driver (init): virtual address of value  = f89d61c8
Hacker Base driver (init): physical address of value = 389d61c8

[root@localhost bug]# rmmod hacker.ko
Hacker driver (exit): value                     = 987
Hacker driver (exit): virtual address of value  = f89d61c8
Hacker driver (exit): physical address of value = 389d61c8

[root@localhost bug]# rmmod driver.ko
Base driver (exit): value                     = 123
Base driver (exit): virtual address of value  = f89d61c8
Base driver (exit): physical address of value = 389d61c8

[root@localhost bug]# cat /proc/kallsyms | grep value
f89f91c8 R value	[driver]
f89f9088 r __ksymtab_value	[driver]
f89f91cc r __kstrtab_value	[driver]

Interestingly, when i change the declaration of variable to "volatile"
in driver.c as "static const volatile int" then the driver.ko prints
modified value "987" during rmmod and the original value "123" is
lost. What is the difference between this and previous declaration?
Please forgive if you find this question silly?
--
Manavendra Nath Manav

Re: Why exported const value modified by another driver not updated in original driver

[Manavendra Nath Manav]

On Tue, Sep 4, 2012 at 3:00 PM, Manavendra Nath Manav
<mnm.kernel@gmail.com> wrote:
> Hi,
>
> I have declared a static const int variable in one driver and exported
> that variable symbol. In another driver i am modifying that variable.
> The other driver prints the modified value but the original driver
> retains the original value. When both virtual and physical addresses
> of the variable as seen by both drivers are same, how is this even
> possible. Is it a kernel bug?
>
> [root@localhost bug]# uname -a
> Linux localhost.localdomain 3.5.3 #3 SMP Mon Sep 3 21:52:12 IST 2012
> i686 i686 i386 GNU/Linux
>
> ================================
> [root@localhost bug]# cat driver.c
> #include <linux/module.h>
>
> static const int value = 123;
>
> int init_module()
> {
>         printk("Base driver (init): value                     = %d\n", value);
>         printk("Base driver (init): virtual address of value  = %p\n", (void *)&value);
>         printk("Base driver (init): physical address of value = %p\n", (void
> *)__pa(&value));
>         return 0;
> }
>
> void cleanup_module()
> {
>         printk("Base driver (exit): value                     = %d\n", value);
>         printk("Base driver (exit): virtual address of value  = %p\n", (void *)&value);
>         printk("Base driver (exit): physical address of value = %p\n", (void
> *)__pa(&value));
> }
> EXPORT_SYMBOL(value);
>
> ==============================================
> [root@localhost bug]# cat hacker.c
> #include <linux/module.h>
>
> extern int value;
>
> int init_module()
> {
>         value = 987;
>         printk("Hacker driver (init): value                     = %d\n", value);
>         printk("Hacker Base driver (init): virtual address of value  = %p\n",
> (void *)&value);
>         printk("Hacker Base driver (init): physical address of value = %p\n",
> (void *)__pa(&value));
>         return 0;
> }
>
> void cleanup_module()
> {
>         printk("Hacker driver (exit): value                     = %d\n", value);
>         printk("Hacker driver (exit): virtual address of value  = %p\n",
> (void *)&value);
>         printk("Hacker driver (exit): physical address of value = %p\n",
> (void *)__pa(&value));
>         return;
> }
>
> =========================================
> [root@localhost bug]# insmod driver.ko
> Base driver (init): value                     = 123
> Base driver (init): virtual address of value  = f89d61c8
> Base driver (init): physical address of value = 389d61c8
>
> [root@localhost bug]# insmod hacker.ko
> Hacker driver (init): value                     = 987
> Hacker Base driver (init): virtual address of value  = f89d61c8
> Hacker Base driver (init): physical address of value = 389d61c8
>
> [root@localhost bug]# rmmod hacker.ko
> Hacker driver (exit): value                     = 987
> Hacker driver (exit): virtual address of value  = f89d61c8
> Hacker driver (exit): physical address of value = 389d61c8
>
> [root@localhost bug]# rmmod driver.ko
> Base driver (exit): value                     = 123
> Base driver (exit): virtual address of value  = f89d61c8
> Base driver (exit): physical address of value = 389d61c8
>
> [root@localhost bug]# cat /proc/kallsyms | grep value
> f89f91c8 R value        [driver]
> f89f9088 r __ksymtab_value      [driver]
> f89f91cc r __kstrtab_value      [driver]
>
> Interestingly, when i change the declaration of variable to "volatile"
> in driver.c as "static const volatile int" then the driver.ko prints
> modified value "987" during rmmod and the original value "123" is
> lost. What is the difference between this and previous declaration?
> Please forgive if you find this question silly?
> --
> Manavendra Nath Manav

Is the above a genuine kernel bug, or i am missing something out here. Pls help.

Thanks,
Manavendra Nath Manav

Re: Why exported const value modified by another driver not updated in original driver

[Julian Andres Klode]

On Tue, Sep 04, 2012 at 03:58:20PM +0530, Manavendra Nath Manav wrote:
> On Tue, Sep 4, 2012 at 3:00 PM, Manavendra Nath Manav
> <mnm.kernel@gmail.com> wrote:
> > Hi,
> >
> > I have declared a static const int variable in one driver and exported
> > that variable symbol. In another driver i am modifying that variable.

No, you did not export it. It's static (and static is kind of the opposite
of extern). And then you try to assign a value to a non-static variable with
the same name, which might not even exist (as the other is static, this should
not even work in my opinion).

> > The other driver prints the modified value but the original driver
> > retains the original value. When both virtual and physical addresses
> > of the variable as seen by both drivers are same, how is this even
> > possible. Is it a kernel bug?

It only works because the compiler optimized the value = 123 away,
and replaced value with 123 in the first module everywhere, as it
is declared const and thus cannot be changed, so there's no reason
to read it from memory.

-- 
Julian Andres Klode  - Debian Developer, Ubuntu Member

See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.

Re: Why exported const value modified by another driver not updated in original driver

[Alan Cox]

On Tue, 4 Sep 2012 15:00:16 +0530
Manavendra Nath Manav <mnm.kernel@gmail.com> wrote:

> Hi,
> 
> I have declared a static const int variable in one driver and exported
> that variable symbol. In another driver i am modifying that variable.
> The other driver prints the modified value but the original driver
> retains the original value. When both virtual and physical addresses
> of the variable as seen by both drivers are same, how is this even
> possible. Is it a kernel bug?

It's const, why is it even a surprise. If you don't understand what is
going on then I suggest you disassemble the code. That will I think let
you understand what is going on.

Alan

Re: Why exported const value modified by another driver not updated in original driver

[Manavendra Nath Manav]

On Tue, Sep 4, 2012 at 4:09 PM, Julian Andres Klode <jak@jak-linux.org> wrote:
> On Tue, Sep 04, 2012 at 03:58:20PM +0530, Manavendra Nath Manav wrote:
>> On Tue, Sep 4, 2012 at 3:00 PM, Manavendra Nath Manav
>> <mnm.kernel@gmail.com> wrote:
>> > Hi,
>> >
>> > I have declared a static const int variable in one driver and exported
>> > that variable symbol. In another driver i am modifying that variable.
>
> No, you did not export it. It's static (and static is kind of the opposite
> of extern). And then you try to assign a value to a non-static variable with
> the same name, which might not even exist (as the other is static, this should
> not even work in my opinion).
>
>> > The other driver prints the modified value but the original driver
>> > retains the original value. When both virtual and physical addresses
>> > of the variable as seen by both drivers are same, how is this even
>> > possible. Is it a kernel bug?
>
> It only works because the compiler optimized the value = 123 away,
> and replaced value with 123 in the first module everywhere, as it
> is declared const and thus cannot be changed, so there's no reason
> to read it from memory.
>
> --
> Julian Andres Klode  - Debian Developer, Ubuntu Member
>
> See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.

Still I am not able to understand !! Why the output behaviour changes
when the declaration is made as "const volatile". I get the same
results as above when i remove "static" and retain "const".
-- 
Manavendra Nath Manav

Re: Why exported const value modified by another driver not updated in original driver

[Chinmay V S]

Hi Manavendra,

Couple of things are involved in above experiment.

1. const
The variable "value" is defined as
- "static const int" in driver.c.
- "extern int" in hacker.c (i.e. not const).

2. volatile
An object marked volatile is always fetched from memory and the
compiler does NOT try to optimise away this read from memory. This is
because volatile is an explicit indication to the compiler to fetch
the value from memory and not used older value cached in CPU-register.

Here is whats happening in regular case:

driver.ko init()
    - alloc RAM for "value"
    - load value of "value" into register
    - print "value"
      (123 in driver.ko context)
hacker.ko init()
    (no alloc RAM as it is extern. Allow assignment as its NOT const here).
    - load value of "value" into register
    - print "value"
      (987 in hacker.ko context)
hacker.ko exit()
    - print "value"
      (987 in hacker.ko context)
driver.ko exit()
    - print "value"
      (123 in hacker.ko context)


Here is whats happening in case volatile is used:

driver.ko init()
    - alloc RAM for "value"
    - load value of "value" into register
    - print "value"
     (123 in driver.ko context)
hacker.ko init()
    (no alloc RAM as it is extern. Allow assignment as its NOT const here).
    - load value of "value" into register
    - print "value"
      (987 in hacker.ko context)
hacker.ko exit()
    - print "value"
     (987 in hacker.ko context)
driver.ko exit()
    - fetch value of "value" from RAM.
      (as volatile forces an explicit read from memory)
    - print "value"
      (987 copied from hacker.ko context into driver.ko context)

As Alan mentioed above, it will be interesting to look into the
assembly code of your modules. Run objdump -S on your .ko modules and
search for .init.text and .exit.text in the assembly. Observing where
the compiler decides to place the object "value" should explain why
things work the way they do.

--
regards
CVS

Re: Why exported const value modified by another driver not updated in original driver

[Bernd Petrovitsch]

Hi!

On Die, 2012-09-04 at 15:00 +0530, Manavendra Nath Manav wrote:
[....]
> I have declared a static const int variable in one driver and exported
> that variable symbol.

Exporting a "static" variable makes conceptually no sense whatsoever -
either you want it exported (so you should remove the "static") or you
want it not exported - which is precisely the definition of "static".

> retains the original value. When both virtual and physical addresses
> of the variable as seen by both drivers are same, how is this even
> possible. Is it a kernel bug?

It's a bug in your drivers.
The C compiler sees an initialized "static const" variable. So the C
compiler knows that it is not accessible from other compilation units
(because it is "static") and the variable isn't changing within the
current compilation unit (because the variable as such is "const" and
their is no non-const pointer to it or similar).
Since this is the only compilation unit, it knows that no one will/can
change it's value.
So the C compiler happily replaces all references to the variable with
it's value - just as if you would have #define'd that value.

Obviously, later on it is exported and the variable actually exists and
you can change it in the other file. But since the value has been
replaced literally by "123" at compile (more precise: optimizer time),
you don't see a change in the printk()s.

> Interestingly, when i change the declaration of variable to "volatile"
> in driver.c as "static const volatile int" then the driver.ko prints
> modified value "987" during rmmod and the original value "123" is
> lost. What is the difference between this and previous declaration?

"volatile" tells the C compiler that a variable may change it's value
without explicit code.
A typical use case are hardware registers which are changed by the
underlying hardware.
In user space, variables may be modified by signal handlers (which can
occur at any time in a program - unless specifcally blocked).

So the optimizer must not accesses to "volatile" variables because they
may change their value at any time.

> Please forgive if you find this question silly?

That all is actually pure (K&R-)C and has nothing to do with the kernel.


> static const int value = 123;
[...]
> EXPORT_SYMBOL(value);

I wonder if we can modify EXPORT_SYMBOL() so that it compile-time-fails
for "static" variables.
And if we actually want that.

	Bernd
-- 
Bernd Petrovitsch                  Email : bernd@petrovitsch.priv.at
                     LUGA : http://www.luga.at

Re: Why exported const value modified by another driver not updated in original driver

[Dan Carpenter]

On Tue, Sep 04, 2012 at 03:58:20PM +0530, Manavendra Nath Manav wrote:
> Is the above a genuine kernel bug, or i am missing something out here. Pls help.
> 

When you declare something as const then the compiler assumes it
really is const and uses a literal instead of reading from memory.
I'm surprised the compiler doesn't print a warning message.

It has to do with compilers, nothing to do with kernels.

regards,
dan carpenter

Re: Why exported const value modified by another driver not updated in original driver

[Manavendra Nath Manav]

On Tue, Sep 4, 2012 at 5:55 PM, Dan Carpenter <dan.carpenter@oracle.com> wrote:
> On Tue, Sep 04, 2012 at 03:58:20PM +0530, Manavendra Nath Manav wrote:
>> Is the above a genuine kernel bug, or i am missing something out here. Pls help.
>>
>
> When you declare something as const then the compiler assumes it
> really is const and uses a literal instead of reading from memory.
> I'm surprised the compiler doesn't print a warning message.
>
> It has to do with compilers, nothing to do with kernels.
>
> regards,
> dan carpenter

Thanks All,
I understood the problem and current gcc behaviour after looking at
output of objdump of driver.ko file when the variable is declared as
"const" and in second case as "const volatile". The compiler optimises
by directly passing the value in first case and the address of
variable in second case. Thanks for all the help and clarification.

push   $0x7b         // 123 in decimal
push   $0x0

-- 
Manavendra Nath Manav