This page contains simple SystemTap scripts which can help a beginner to get familiar with SystemTap usage and its language constructs

fork.stp

global proc_counter

probe begin {
        print ("Started monitoring creation of new processes....Press ^C to terminate\n")
        printf ("%-25s %-10s %-s\n", "Process Name", "Process ID", "Clone Flags")
}

probe kernel.function("do_fork") {
        proc_counter++
        printf("%-25s %-10d 0x%-x\n", execname(), pid(), $clone_flags)
}

probe end {
        printf ("\n%d processes forked during the observed period\n", proc_counter)
}

fork-nd.stp (dwarfless probing - w/o debuginfo)

global proc_counter

probe begin {
        print ("Started monitoring creation of new processes....Press ^C to terminate\n")
        printf ("%-25s %-10s %-s\n", "Process Name", "Process ID", "Clone Flags")
}

probe kprobe.function("do_fork") {
        proc_counter++
        printf("%-25s %-10d 0x%-x\n", execname(), pid(), ulong_arg(1))
}

probe end {
        printf ("\n%d processes forked during the observed period\n", proc_counter)
}

Probes kprobe.* were introduced in SystemTap 0.9.7 to indicate dwarfless probing. If you have older release, then use probes kernel.*.