Pass external callchain entry to get_perf_callchain

[kernel-patches-daemon-bpf]

Pull request for series with
subject: Pass external callchain entry to get_perf_callchain
version: 5
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1021316

[kernel-patches-daemon-bpf]

Upstream branch: f8c67d8
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1021316
version: 5

[kernel-patches-review-bot]

commit 7c4b90d7813c12316e209f9634a97f3013925faa
Author: Tao Chen <chen.dylane@linux.dev>

perf: Refactor get_perf_callchain

This patch refactors get_perf_callchain() by extracting the
initialization and callchain collection logic into separate functions
to provide more flexible stack-sampling APIs for BPF.

> diff --git a/include/linux/perf_event.h b/include/linux/perf_event.h
> index fd1d91017..edd3058e4 100644
> --- a/include/linux/perf_event.h
> +++ b/include/linux/perf_event.h
> @@ -67,6 +67,7 @@ struct perf_callchain_entry_ctx {
>  	u32				nr;
>  	short				contexts;
>  	bool				contexts_maxed;
> +	bool				add_mark;
>  };

[ ... ]

> diff --git a/kernel/events/callchain.c b/kernel/events/callchain.c
> index 808c0d7a3..fb1f26be2 100644
> --- a/kernel/events/callchain.c
> +++ b/kernel/events/callchain.c

[ ... ]

> +void __get_perf_callchain_user(struct perf_callchain_entry_ctx *ctx, struct pt_regs *regs)
> +{
> +	int start_entry_idx;
> +
> +	if (!user_mode(regs)) {
> +		if (current->flags & (PF_KTHREAD | PF_USER_WORKER))
> +			return;
> +		regs = task_pt_regs(current);
> +	}
> +
> +	if (ctx->add_mark)
> +		perf_callchain_store_context(ctx, PERF_CONTEXT_USER);
> +
> +	start_entry_idx = ctx->nr;
                          ^^^^^^^^
> +	perf_callchain_user(ctx, regs);
> +	fixup_uretprobe_trampoline_entries(ctx->entry, start_entry_idx);
> +}

Can this break uprobe trampoline fixups? The original code used
entry->nr for start_entry_idx, but the refactored version uses ctx->nr.

These two counters track different things:
- entry->nr counts ALL entries (incremented by both
  perf_callchain_store_context() and perf_callchain_store())
- ctx->nr only counts regular callchain entries (incremented only by
  perf_callchain_store(), not by perf_callchain_store_context())

When add_mark is true, perf_callchain_store_context() increments
entry->nr but not ctx->nr, causing them to become out of sync.

For example, if kernel callchain collection runs first with add_mark
set:

  Initial: ctx->nr = entry->nr = 0

  In __get_perf_callchain_kernel():
    perf_callchain_store_context() stores PERF_CONTEXT_KERNEL marker
      -> entry->nr becomes 1, ctx->nr still 0
    perf_callchain_kernel() stores N kernel frames
      -> entry->nr becomes 1+N, ctx->nr becomes N

  In __get_perf_callchain_user():
    perf_callchain_store_context() stores PERF_CONTEXT_USER marker
      -> entry->nr becomes 2+N, ctx->nr still N
    start_entry_idx = ctx->nr assigns N (should be 2+N)
    fixup_uretprobe_trampoline_entries() scans from wrong index

This causes fixup_uretprobe_trampoline_entries() to scan kernel
callchain entries instead of user callchain entries, missing the
uretprobe trampolines that need to be fixed up.

Should this use ctx->entry->nr instead of ctx->nr?

---

AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md

In-Reply-To-Subject: perf: Refactor get_perf_callchain
CI run summary: https://github.com/kernel-patches/bpf/actions/runs/19211481431

[kernel-patches-daemon-bpf]

Forwarding comment 3508522226 via email
In-Reply-To: 20251109163559.4102849-2-chen.dylane@linux.dev
Patch: https://patchwork.kernel.org/project/netdevbpf/patch/20251109163559.4102849-2-chen.dylane@linux.dev/