linux - Where would the CPU context interrupted by ptrace be, userspace stack or kernel stack? -

on linux x86_64, when use ptrace stop process, threads' cpu contexts saved, or process's cpu context saved?

is context on process's userspace stack or kernel stack? or somewhere else? or multiple copies?

for other situations (not ptrace), interrupted (including exception , syscall) cpu context saved, kernel stack, userspace stack or somewhere else?

is ptrace interrupt?

---

update

it seems that, ptrace's context pt_regs_x86_t, save determined programmers. kernel stores copy interrupted context?

yes, kernel store context thread not executing. context largely same whether thread being ptrace'd or not. difference in how/whether thread can scheduled anew -- if it's being ptraced, tracing process decide when can resumed.

the thread's user-space context stored on kernel stack (but it's important note there separate kernel stack area each thread). , same whether thread entered kernel executing system call, or suspended due interrupt -- , ultimately, 2 ways thread can suspended.

as discovered, when process ptrace'd, tracing program given access traced threads' registers in state had when threads last executed. accomplished copying saved registers traced thread's kernel stack.

finally, it's worth noting if @ linux kernel code, won't find concrete representation of process. process group of related threads share various parts of state: process id, address space, file descriptors, etc.