This repository was archived by the owner on Jul 16, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 18
eBPF tool in practice
Yi Li edited this page Jul 2, 2021
·
3 revisions
This wiki shows the real-world use case of eBPF:
eventfd is used in virtio for event notification between virtio driver (in guest) and virtio device (backend in host).
Using the bcc stackcount tool it is easy to know how many times kernel ‘eventfd*’ functions are called. Here is an example:
- On host, run the stackcount tool to trace ‘eventfd_*’ kernel function.
# /usr/share/bcc/tools/stackcount -P 'eventfd_*'
Tracing 12 functions for "eventfd_*"... Hit Ctrl-C to end. '
- Run ‘fio’ in a VM for 60 seconds. The virtual block device is a qcow2 file (virtio-blk-pci):
# fio -name=fio-4k -filename=/dev/vda1 -ioengine=libaio -runtime=60 -time_based=1 -direct=1 -bs=4k -iodepth=16 -numjobs=1 -rw=randread
- stackcount Output:
… ….
b'eventfd_write'
b'ksys_write'
b'__arm64_sys_write'
b'do_el0_svc'
b'el0_svc'
b'el0_sync_handler'
b'el0_sync'
b'__libc_write'
b'[unknown]'
b'[unknown]'
b'[unknown]'
b'[unknown]'
b'[unknown]'
b'g_main_context_dispatch'
b'[unknown]'
b'[unknown]'
b'[unknown]'
b'__libc_start_main'
b'[unknown]'
b'qemu-system-aar' [6445] <- --- Qemu process. This shows the call stack of eventfd_write()
549545 < ----- Sample number in one second
b'eventfd_poll'
b'__arm64_sys_ppoll'
b'do_el0_svc'
b'el0_svc'
b'el0_sync_handler'
b'el0_sync'
b'ppoll'
b'[unknown]'
b'[unknown]'
b'[unknown]'
b'[unknown]'
b'__libc_start_main'
b'[unknown]'
b'qemu-system-aar' [6445]
69035104