eBPF has become a prominent tool to easily and quickly monitor processes. However, I was not able to find how would one compute the impact of the probe itself on the performance. I'm sure if I hook every syscall and push some information in a map, there must be some impact, nothing is free, but how would I properly compute this added latency?
The only solution I have thought is to run the same programs several times with both the probes active and not, and check the system execution time difference, but this seems to me like it would be influenced by various factors which could add a lot of variance and therefore not give very solid results.