This page contains simple SystemTap scripts which can help a beginner to get familiar with SystemTap usage and its language constructs
fork.stp
global proc_counter probe begin { print ("Started monitoring creation of new processes....Press ^C to terminate\n") printf ("%-25s %-10s %-s\n", "Process Name", "Process ID", "Clone Flags") } probe kernel.function("do_fork") { proc_counter++ printf("%-25s %-10d 0x%-x\n", execname(), pid(), $clone_flags) } probe end { printf ("\n%d processes forked during the observed period\n", proc_counter) }
fork-nd.stp (dwarfless probing - w/o debuginfo)
global proc_counter probe begin { print ("Started monitoring creation of new processes....Press ^C to terminate\n") printf ("%-25s %-10s %-s\n", "Process Name", "Process ID", "Clone Flags") } probe kprobe.function("do_fork") { proc_counter++ printf("%-25s %-10d 0x%-x\n", execname(), pid(), ulong_arg(1)) } probe end { printf ("\n%d processes forked during the observed period\n", proc_counter) }
Probes kprobe.* were introduced in SystemTap 0.9.7 to indicate dwarfless probing. If you have older release, then use probes kernel.*.