Tag
José Marchesi and the GCC-BPF team provided an update on BPF support in GCC 16, highlighting progress toward feature parity with LLVM and increasing pass rate of the kernel's BPF self-tests.
This article explores surprising uses of bytecode virtual machines, specifically eBPF in the Linux kernel and DWARF expressions for debug information in compiled binaries.
Gobee is a tool that transpiles a subset of Go into BPF C, allowing developers to write eBPF programs in Go instead of C. It generates typed Go bindings for userspace and uses clang's backend for compilation.
guardd is an open-source Linux endpoint detection tool that uses eBPF events and Isolation Forest to spot anomalous process/network behavior in 60-second windows, but struggles with browser-related false positives.
Frappe Cloud investigated recurring database freezes affecting thousands of hosted sites by using eBPF tracing to monitor disk I/O at the kernel level, discovering a suspicious query pattern that triggered the incidents.