probe::kprocess.create
名称
probe::kprocess.create — Fires whenever a new process or thread is successfully created
Synopsis
kprocess.create
Values
new_tid
- The TID of the newly created task
new_pid
- The PID of the newly created process
Context
Parent of the created process.
Description
Fires whenever a new process is successfully created, either as a result of fork (or one of its syscall variants), or a new kernel thread.