I'm using ptrace(2) and libunwind on Linux to sample user-level stacks from a running process, which works well. However, if I try to look at the kernel-level stack in /proc/<pid>/stack I always see the following:
[<0>] ptrace_stop+0x155/0x270
[<0>] get_signal+0x49e/0x730
[<0>] do_signal+0x34/0x6d0
[<0>] exit_to_usermode_loop+0x82/0xf0
[<0>] do_syscall_64+0x1a3/0x1b0
[<0>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[<0>] 0xffffffffffffffff
That is, the current kernel-level stack for the process is in ptrace_stop(), not whatever it was doing before (and what I am interested in).
Is there any way to avoid this and read the original kernel-level stack of a process stopped by ptrace(2)? I observe the same behaviour for processes attached to a debugger, e.g. gdb, so I assume the solution would be the same.
