0

Iam trying to get the stack pointer of some thread using the /proc//stat, whenever i run the command,cat /proc/<pid>/stat | cut -d" " -f29 i end up getting zero, but when i run sudo cat /proc/<pid>/stack i do end up getting a value

[<0>] worker_thread+0xb7/0x390
[<0>] kthread+0x134/0x150
[<0>] ret_from_fork+0x1f/0x40

not sure this is happening, any ideas why the stack pointer keeps being zero, thanks.

Improve this question

1 Answer 1

Reset to default
2

The fields are intentionally zeroed out. Quote fs/proc/array.c:

/*
 * esp and eip are intentionally zeroed out.  There is no
 * non-racy way to read them without freezing the task.
 * Programs that need reliable values can use ptrace(2).
 *
 * The only exception is if the task is core dumping because
 * a program is not able to use ptrace(2) in that case. It is
 * safe because the task has stopped executing permanently.
 */

This zeroing out can be seen at line 489 in the same file from the current Linux 6.10-rc2:

vsize = eip = esp = 0;
Improve this answer
3
  • so is it saying that i cant use the /proc/<pid>/stat to constantly check the sp of a running process, because it is always going to be zero ?
    – Hodgson Tetteh
    Commented Jun 4 at 18:04
  • Yes, that is correct. As the quote states, a program can use ptrace(2) system call to obtain reliable values. GDB can also attach to a process (using -p as root) to debug it.
    – Vilinkameni
    Commented Jun 4 at 18:23
  • I updated the answer with the exact line preceding the comment, which zeroes out the three local variables.
    – Vilinkameni
    Commented Jun 4 at 18:31

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .