Show HN: xstack – Passive eBPF Linux stack profiling without tracepoints

2 tanelpoder 0 8/14/2025, 10:03:18 PM tanelpoder.com ↗

Here's the latest eBPF performance tool of mine - xstack. It's a minimal tool, just 165 lines of eBPF C and under 500 lines of userland C code (including all comments and boilerplate!). It uses the libbpf and (Rust) BlazeSym libraries though (which are a lot of code).

The point (and difference) of this tool is that it can sample both the kernel and userspace stack traces of all threads in your system.

Traditionally, the "bpf_get_stack()" helper can not read userspace stack traces of other tasks in Linux, but since Linux 5.18 we can combine sleepable eBPF task iterator programs with a new "bpf_copy_from_user_task()" helper to read whatever we want from the userspace memory of any other process.

That includes stack areas - so currently whenever the target executable was compiled with frame pointers enabled, you can easily do passive-sampling stack profiling - without slowing the other processes down - at all!

Despite the Linux kernel 5.18 requirement, it actually works on RHEL 9.5+ (and clones) too. RedHat apparently ported the entire eBPF 6.8 subsystem to their RHEL 9.5+ 5.14 kernels. Feedback and testing results appreciated.

OneSignal (YC S11) Is Hiring Engineers (onesignal.com)

Axle (YC S22) is hiring product engineers (ycombinator.com)

Mbodi AI (YC X25) Is Hiring a Founding Research Engineer (Robotics) (ycombinator.com)

ReadMe (YC W15) Is Hiring a Developer Experience PM (readme.com)

Weave (YC W25) is hiring a founding AI engineer (ycombinator.com)

Depot (YC W23) Is Hiring a Community and Events Manager (Remote) (ycombinator.com)

CoLoop (YC S21) Is Hiring AI Engineers in London

Trellis (YC W24) Is Hiring: Automate Prior Auth in Healthcare (ycombinator.com)

Type (YC W23) is hiring a founding engineer to build an AI-native doc editor (ycombinator.com)

Foundry (YC F24) is hiring staff-level product engineers (ycombinator.com)

GoGoGrandparent (YC S16) Is Hiring Back End and Full-Stack Engineers

Kyber (YC W23) is hiring enterprise account executives (ycombinator.com)

Converge (YC S23) well-capitalized New York startup seeks product developers (runconverge.com)

Great Question (YC W21) Is Hiring a VP of Engineering (Remote) (ycombinator.com)

Coverage Cat (YC S22) Is Hiring a Senior, Staff, or Principal Engineer (coveragecat.com)

Kaizen (YC X25) is hiring engineers to build browser agents that work (kaizenautomation.com)

Infracost (YC W21) hiring first PM to shift $600B cloud spend to proactive (ycombinator.com)

Sei (YC W22) Is Hiring a Full Stack Engineer in Chennai, India (ycombinator.com)

Artie (YC S23) Is Hiring Founding AEs (ycombinator.com)

Cedana (YC S23) Is Hiring a Systems Engineer (ycombinator.com)

CodeCrafters (YC S22) is hiring first Marketing Person (ycombinator.com)

PAX Markets (YC W25) is hiring a founding principal hardware (RTL) engineer (ycombinator.com)

Sendblue (YC S23) is hiring senior engineers (ycombinator.com)

Thunder Compute (YC S24) Is Hiring a C++ Systems Engineer (ycombinator.com)

Optery (YC W22) Is Hiring in Engineering, Legal, Sales, Marketing (U.S., Latam) (optery.com)

QuestDB (YC S20) Is Hiring a Technical Content Lead (questdb.com)

Depot (YC W23) Is Hiring a Technical Content Writer (Remote) (ycombinator.com)

Firebender (YC W24) Is Hiring (ycombinator.com)

Better Auth (YC X25) Is Hiring (ycombinator.com)

Kapa.ai (YC S23) is hiring a software engineers (EU remote) (ycombinator.com)

Spice Data (YC S19) Is Hiring a Product Associate (New Grad) (ycombinator.com)

Show HN: xstack – Passive eBPF Linux stack profiling without tracepoints

Comments (0)