Show HN: bpfquery – experimenting with compiling SQL to bpf(trace)

&gt; --I ran ctags across the linux kernel source code, pulled out all the signatures and then reference the signature when compiling the query, so you don&#x27;t have to do a bunch of casts in the query.<p>note you don&#x27;t need the casts if you use kfuncs instead, which also let you reference arguments by name (from <a href="https:&#x2F;&#x2F;github.com&#x2F;bpftrace&#x2F;bpftrace&#x2F;blob&#x2F;master&#x2F;man&#x2F;adoc&#x2F;bpftrace.adoc">https:&#x2F;&#x2F;github.com&#x2F;bpftrace&#x2F;bpftrace&#x2F;blob&#x2F;master&#x2F;man&#x2F;adoc&#x2F;bp...</a> ):<p><pre><code> kfunc:tcp_connect { if (args-&gt;sk-&gt;__sk_common.skc_daddr == (uint32)pton(&quot;127.0.0.1&quot;)) ... } </code></pre> With that said, kfuncs don&#x27;t work (yet?) on aarch64, so this is great for me -- I&#x27;ll definitely give it a try next time I need it.<p>(EDIT: formatting)

This seems like it will be awesome, kind of like WMI but ridiculously more capable. Don&#x27;t be discouraged that it didn&#x27;t catch on it&#x27;s first time on HN!<p>I&#x27;m on Firefox Mobile on Android and the first time I visited the page the 3rd&#x2F;data section just kept refreshing continuously rather than showing results (maybe showed results the first load, but then refreshes of just rows with a dash?). On the second visit to the page the 2nd&#x2F;C translation section failed to load.

RIL about how the ebpf verifier attempts to prevent infinite loops given rule ordering and rewriting transformations.<p>There are many open query planners; maybe most are hardly reusable.<p>There&#x27;s a wasm-bpf; and also duckdb-wasm, sqlite in WASM with replication and synchronization, datasette-lite, JupyterLite<p>wasm-bpf: <a href="https:&#x2F;&#x2F;github.com&#x2F;eunomia-bpf&#x2F;wasm-bpf#how-it-works">https:&#x2F;&#x2F;github.com&#x2F;eunomia-bpf&#x2F;wasm-bpf#how-it-works</a><p>Does this make databases faster or more efficient? Is there process or query isolation?