Chapter 5. bpftrace
bpftrace is an open source tracer built on BPF and BCC. Like BCC, bpftrace ships with many performance tools and supporting documentation. However, it also provides a high-level programming language that allows you to create powerful one-liners and short tools. For example, summarizing the vfs_read() return value (bytes or error value) as a histogram using bpftrace one-liner:
# bpftrace -e 'kretprobe:vfs_read { @bytes = hist(retval); }' Attaching 1 probe... ^C @bytes: (..., 0) 223 |@@@@@@@@@@@@@ | [0] 110 |@@@@@@ | [1] 581 |@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | [2, 4) 23 |@ | [4, 8) 9 | | [8, 16) 844 |@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@| [16, 32) 44 |@@ | [32, 64) 67 |@@@@ | ...Get BPF Performance Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
