This family of probe points is used to probe the process activities. It contains the following probe points:
Fires whenever a new process is successfully created, either as a result of one of the fork syscall variants, or a new kernel thread.
a handle to the newly created process
pid of the newly created process
Fires immediately before a new process begins execution.
Fires whenever a process attempts to exec to a new program
the path to the new executable
Fires at the completion of an exec call
the error number resulting from the exec
a boolean indicating whether the exec was successful
Fires when a process terminates. This will always be followed by a process.release, though the latter may be delayed if the process waits in a zombie state.
the exit code of the process
Fires when a process is released from the kernel. This always follows a process.exit, though it may be delayed somewhat if the process waits in a zombie state.
a task handle to the process being released
pid of the process being released