rbspy VS bcc

We used rbspy to generate the flamegraph:

You could use rbspy to profile the EventMachine process as it's doing the workload, and try to see there where most of the time is being spent.

Not sure what your issue is and you got some of this info from strace, but FYI rbspy can also help profile where a running Ruby process is spending its time: https://rbspy.github.io/. I think it's a little more helpful than strace in that it should bring it back to Ruby code rather than just showing the raw syscalls.

Even the most general profiler tool will show you each statement's accumulated time. These are called statistical profilers and give you a panoramic view of what the test is doing. An example of such a profiler is rbspy:

As a result, you need to craft a specific routine for each interpreter runtime (in some cases, each version of that runtime) to obtain symbol information. Educated eyes might have already noticed, it's not an easy undertaking considering the sheer amount of interpreted languages out there. For example, a very well known Ruby profiler, rbspy, generates code for reading internal structs of the Ruby runtime for each version.

For production, it depends on what the process is built with. There are possibly better tracing tools than just strace. For example Java has JMX, Go has pprof. There's also things like rbspy for Ruby.

I was a bit surprised to find out that the tool used to generate the flamegraph for Ruby (rbspy [1]) is written in Rust. lol

[1] https://github.com/rbspy/rbspy

Maybe https://github.com/rbspy/rbspy would allow you to profile the running ruby process handling web sockets?

c function is not very helpful to find the performance problem, so we dug deeper.

But wait, there's more! Enter the BCC toolkit and library, your trusty sidekick in simplifying the arcane art of writing eBPF applications. With BCC by your side, you'll be wielding eBPF like a seasoned pro in no time.

Nice - I normally use [bash-readline](https://github.com/iovisor/bcc/blob/master/tools/bashreadlin...) when coworking/co-inhabiting a server or training someone.

One of the big wins is not so much “build and run your own stuff” but there are very nice low-cost (in terms of compute) performance utilities built on eBPF

https://github.com/iovisor/bcc

There are so many utilities in that list; there’s a diagram midway down the readme which tries to help show their uses. bcc-tools should be available in any distro.

Also, Brendan Gregg does a ton of performance stuff that is worth knowing about if you check out his other work. Not eBPF only. Flame graphs are useful.

Reference: https://github.com/iovisor/bcc/blob/master/libbpf-tools/memleak.c

In this article, we'll build a basic version of an HTTPS sniffer, inspired by bcc-sslsniff.py, but we'll use Rust and Aya. We're going to demonstrate the capabilities of uprobes by employing uprobe and uretprobe along with familiar maps like PerCpuArray, HashMap, and PerEventArray. This will be a straightforward example to help us explore how uprobes function.

As xpd program I am using the BCC example xdp_redirect_map.py in skb mode as my NIC does not support native mode, attaching the program to veth2 and a dummy function to veth3

https://github.com/iovisor/bcc/blob/master/docs/reference_gu...