Retrieving current stack pointer from /proc/pid/stat

Question

I'm executing a basic C program using gdb. I have a break point at the start of main(). After running the code, gdb breaks at main() as expected. Now if I examine the stack pointer register (rsp), i'm seeing

0x7fffffffe170: 0x00000000. 

When I retrieve the same information using cat /proc/17232/stat | cut -d" " -f29/proc (where 17232 is pid for this process), I'm seeing:

140737488347112 (which in hex is: 0x7fffffffdfe8). 

How come we see a different value of current stack pointer from gdb. And also, why gdb is showing contents of rsp as NULL (0x00000000)?

Thanks.

Answer 1

Printing the rsp register (on 64b cpus) from /proc

(gdb) info register rsp
rsp            0x7fffffffe480   0x7fffffffe480 

gives indeed a different value compared to the one from /proc

me@linux:~$ cat /proc/22219/stat | cut -d" " -f29 | perl -e 'print(sprintf("%x\n",<>));'
7fffffffe338

since gdb has to force an interruption in the program at the beginning of the main function in order to take over the execution, and a minimal set of data (return address, some registers backup) is saved onto the stack. gdb then, uses its own stack not to overflow the program one, and makes the necessary adjustment operations when you request to view the registers, or work on the stack data - and does not show the internal gdb cooking. However /proc shows the real data, unchanged.

The "real" rsp from /proc is actually slightly less than the gdb one, since on x86 cpus the stack grows downward.

As for the null value, it didn't happen during my tests

(gdb) x 0x7fffffffe480
0x7fffffffe480: 0xffffe578