On Wed, 24 Sep 2025 17:04:16 +0900 Masami Hiramatsu (Google) <[email protected]> wrote:
> > After testing, it was found that the stack could not be obtained because > > user_mode(regs) returned 1. > > Referring to the arch_ftrace_fill_perf_regs function in your email > > (https://lore.kernel.org/all/173518997908.391279.15910334347345106424.stgit@devnote2/), > > > > I made the following modification: by setting the value of pstate, the > > stack can now be obtained successfully. > > > > diff --git a/arch/arm64/include/asm/ftrace.h > > b/arch/arm64/include/asm/ftrace.h > > index 058a99aa44bd..f2814175e958 100644 > > --- a/arch/arm64/include/asm/ftrace.h > > +++ b/arch/arm64/include/asm/ftrace.h > > @@ -159,11 +159,13 @@ ftrace_partial_regs(const struct ftrace_regs *fregs, > > struct pt_regs *regs) > > { > > struct __arch_ftrace_regs *afregs = arch_ftrace_regs(fregs); > > > > memcpy(regs->regs, afregs->regs, sizeof(afregs->regs)); > > regs->sp = afregs->sp; > > regs->pc = afregs->pc; > > regs->regs[29] = afregs->fp; > > regs->regs[30] = afregs->lr; > > + regs->pstate = PSR_MODE_EL1h; > > Good catch! Should I submit this patch, or will you carry out a more complete fix? > > By the way, during my testing, I also noticed that when executing > > bpf_get_stackid via kprobes or tracepoints, > > the command bpftrace -e 'kprobe:bpf_get_stackid > > {printf("bpf_get_stackid\n");}' produces no output. > > I think this is because the bpf_get_stackid is a kind of recursive > event from kprobes. Kprobe handler can not be reentered. > > > However, it does output something when bpf_get_stackid is invoked via > > uprobes. > > This phenomenon also occurs on the x86 architecture, could this be a bug as > > well? > > Maybe if bpf_get_stackid() is kicked from uprobes, it is not recursive > call from kprobes, so it works. > > So it is expected behavior, not a bug. Sorry for confusion. > > > Thank you, Thank you very much for your explanation.
