stapbpf
[
OPTIONS
]
MODULE
The stapbpf program is the BPF back-end of the Systemtap tool. It expects a bpf-elf file produced by the front-end stap tool, when run with --runtime=bpf.
Splitting the systemtap tool into a front-end and a back-end allows a user to compile a systemtap script on a development machine that has the debugging information needed to compile the script and then transfer the resulting shared object to a production machine that doesn't have any development tools or debugging information installed.
Please refer to stappaths(7) for the version number, or run
$ rpm -q systemtap # (for Fedora/RHEL)
$ apt-get -v systemtap # (for Ubuntu)
$ stap --runtime=bpf -p4 -e 'probe begin { printf("Hello World!\n"); exit() }'
stap_28784.bo
Run stapbpf with the pathname to the module as an argument.
$ stapbpf ./stap_28784.bo
Hello World!
If the -p4 option is omitted, stap will invoke stapbpf automatically.
begin end kernel.* process.* timer.* perf.* procfs.*
In general, probes based on the kprobes, uprobes, tracepoint and perf infrastructures are supported. See stapprobes(3stap) for more information on the probe points and which tracing infrastructures they are based on.
for loops, foreach loops and while loops are usable only in begin and end probes. try statements are not supported.
There is limited support for string operations. String variables and literals are limited to 64 characters, except for printf format strings, which are limited to 256 characters.
A subset of the statistical aggregate functionality is available, with support only for the @count(), @sum(), @avg() extractor functions.
The name of the bpf-elf file produced by the front-end stap tool should not be changed.