5.3. SystemTap
SystemTap is a useful instrumentation platform for probing running processes and kernel activity on the Linux system. To execute a probe:
- Write SystemTap scripts that specify which system events (for example, virtual file system reads, packet transmissions) should trigger specified actions (for example, print, parse, or otherwise manipulate data).
- SystemTap translates the script into a C program, which it compiles into a kernel module.
- SystemTap loads the kernel module to perform the actual probe.
SystemTap scripts are useful for monitoring system operation and diagnosing system issues with minimal intrusion into the normal operation of the system. You can quickly instrument running system test hypotheses without having to recompile and re-install instrumented code. To compile a SystemTap script that probes kernel-space, SystemTap uses information from three different kernel information packages:
- kernel-variant-devel-version
- kernel-variant-debuginfo-version
- kernel-debuginfo-common-arch-version
Note
The kernel information package in Red Hat Enterprise Linux 6 is now named kernel-debuginfo-common-arch-version. It was originally kernel-debuginfo-common-version in Red Hat Enterprise Linux 5.
These kernel information packages must match the kernel to be probed. In addition, to compile SystemTap scripts for multiple kernels, the kernel information packages of each kernel must also be installed.
