rbbcc 0.4.2 → 0.6.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 403f2664a61a40bce19ee3ca85f9637822b2172fb8123e7758f49342e022725f
-  data.tar.gz: 81f005eeb8d5c53faedffe8b01874b952faff8d81cda3b5319bc3fdde0044d6d
+  metadata.gz: ca8253cb2fb2d8bd3824d294d54f13d5e34a9326d25244ce7ea4d4fddc202978
+  data.tar.gz: 71796d5a508760ed617347d2275f30e90fb9a8b9d68354aba884b33d4625cd3e
 SHA512:
-  metadata.gz: 1ea74e38ea3bf6668c6d17b2907e7fe08497c913eff17776b77194cbb2285a79b9259f6412564ae5ec16c4979a321abcdf299d7735f363c5304ce0f665465e09
-  data.tar.gz: 46e964f12ddce367941db82c6efd33dbcf0ad6c396b51e39c4ea0e2ebc26dd0568558ebc44794144104f0b30def56d5ebae7173a9fe78fa883e7579226a0f588
+  metadata.gz: b36369cea2736423e7722b8cf087460b3966d0f73b6b9579b98aba643e0c4f6eef3bcd0f0089d0f25da61df3b2b612165ad8d1d25911511138b4b228eb94a6e5
+  data.tar.gz: 6e8047c3928dd676218a88c618c8546ae20de8a499acd6d700df0d0a1f4363fbee26cb168fd1190de879f939a57fc4a43cfaa453cecf50c52c0ab105f080b04f

data/.semaphore/semaphore.yml

@@ -10,10 +10,12 @@ blocks:
       jobs:
         - name: ruby test
           matrix:
+            - env_var: RUBY_VERSION
+              values: [ "2.6.5", "2.6.6", "2.7.1" ]
             - env_var: LIBBCC_VERSION
               values: [ "0.12.0", "0.11.0", "0.10.0" ]
           commands:
             - sem-version c 7
-            - sem-version ruby 2.6.5
+            - sem-version ruby $RUBY_VERSION
             - checkout
             - ./semaphore.sh

data/Gemfile

@@ -2,3 +2,16 @@ source "https://rubygems.org"
 
 # Specify your gem's dependencies in rbbcc.gemspec
 gemspec
+
+gem "bundler", "~> 2.0"
+gem "rake", "~> 13.0"
+gem "pry", "~> 0.12"
+gem "minitest", ">= 5"
+
+group :omnibus_package do
+  gem "appbundler"
+end
+
+group :plugin_dev do
+  gem "rbbcc-hello", git: "https://github.com/udzura/rbbcc-hello.git"
+end

data/Gemfile.lock

@@ -1,28 +1,44 @@
+GIT
+  remote: https://github.com/udzura/rbbcc-hello.git
+  revision: 2e1af47d22e7cc92e970dc6c058e113cf00821db
+  specs:
+    rbbcc-hello (0.1.0)
+      rbbcc
+
 PATH
   remote: .
   specs:
-    rbbcc (0.4.2)
+    rbbcc (0.6.3)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    coderay (1.1.2)
-    method_source (0.9.2)
-    minitest (5.14.0)
-    pry (0.12.2)
-      coderay (~> 1.1.0)
-      method_source (~> 0.9.0)
+    appbundler (0.13.2)
+      mixlib-cli (>= 1.4, < 3.0)
+      mixlib-shellout (>= 2.0, < 4.0)
+    chef-utils (16.6.14)
+    coderay (1.1.3)
+    method_source (1.0.0)
+    minitest (5.14.2)
+    mixlib-cli (2.1.8)
+    mixlib-shellout (3.2.2)
+      chef-utils
+    pry (0.13.1)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
     rake (13.0.1)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
+  appbundler
   bundler (~> 2.0)
-  minitest
-  pry
+  minitest (>= 5)
+  pry (~> 0.12)
   rake (~> 13.0)
   rbbcc!
+  rbbcc-hello!
 
 BUNDLED WITH
-   2.1.0
+   2.1.4

data/docs/answers/14-strlen_count.rb

@@ -42,5 +42,5 @@ end
 puts("%10s %s" % ["COUNT", "STRING"])
 counts = b.get_table("counts")
 counts.items.sort_by{|k, v| v.to_bcc_value }.each do |k, v|
-  puts("%10d %s" % [v.to_bcc_value, k[0, k.size].unpack("Z*")[0]])
+  puts("%10d %s" % [v.to_bcc_value, k.to_bcc_value.c])
 end

data/examples/collectsyscall.rb

@@ -0,0 +1,155 @@
+#!/usr/bin/env ruby
+#
+# Example to use complecated structure in BPF Map key:
+# This program collects and shows raw syscall usage summary.
+#
+# Usage:
+#     bundle exec ruby examples/collectsyscall.rb
+#
+# Output example:
+#     Collecting syscalls...
+#     ^C
+#     PID=1098(maybe: gmain) --->
+#       inotify_add_watch      4    0.019 ms
+#       poll                   1    0.000 ms
+#
+#     PID=1114(maybe: dbus-daemon) --->
+#       stat                  12    0.021 ms
+#       openat                 3    0.015 ms
+#       getdents               2    0.013 ms
+#       recvmsg                2    0.006 ms
+#       sendmsg                1    0.008 ms
+#       close                  1    0.002 ms
+#       fstat                  1    0.002 ms
+#       epoll_wait             1    0.000 ms
+#
+#     PID=1175(maybe: memcached) --->
+#       epoll_wait             3 2012.455 ms
+#
+#     PID=1213(maybe: redis-server) --->
+#       read                  64    0.736 ms
+#       epoll_wait            32 3782.098 ms
+#       openat                32    1.149 ms
+#       getpid                32    0.074 ms
+#       close                 32    0.045 ms
+#     ....
+
+require 'rbbcc'
+include RbBCC
+
+$pid = nil
+
+if ARGV.size == 2 &&
+   ARGV[0] == '-p'
+  $pid = ARGV[1].to_i
+elsif ARGV[0] == '-h' ||
+      ARGV[0] == '--help'
+  $stderr.puts "Usage: #{$0} [-p PID]"
+  exit 1
+end
+
+SYSCALL_MAP = `ausyscall --dump`
+                .lines
+                .map{|l| l.chomp.split }
+                .each_with_object(Hash.new) {|(k, v), ha| ha[k.to_i] = v }
+
+# if no ausyscall(8) then shows number itself
+# it is included in auditd package (e.g. Ubuntu)
+def to_name(nr)
+  SYSCALL_MAP[nr] || nr.to_s
+end
+
+prog = <<BPF
+#include <uapi/linux/ptrace.h>
+
+struct key_t {
+  u32 pid;
+  u64 syscall_nr;
+};
+struct leaf_t{
+  u64 count;
+  u64 elapsed_ns;
+  u64 enter_ns;
+  char comm[16];
+};
+BPF_HASH(store, struct key_t, struct leaf_t);
+
+TRACEPOINT_PROBE(raw_syscalls, sys_enter) {
+    struct key_t key = {0};
+    struct leaf_t initial = {0}, *val_;
+
+    key.pid = bpf_get_current_pid_tgid();
+    key.syscall_nr = args->id;
+
+    DO_FILTER_BY_PID
+
+    val_ = store.lookup_or_try_init(&key, &initial);
+    if (val_) {
+      struct leaf_t val = *val_;
+      val.count++;
+      val.enter_ns = bpf_ktime_get_ns();
+      bpf_get_current_comm(&val.comm, sizeof(val.comm));
+      store.update(&key, &val);
+    }
+    return 0;
+}
+
+TRACEPOINT_PROBE(raw_syscalls, sys_exit) {
+    struct key_t key = {0};
+    struct leaf_t *val_;
+
+    key.pid = bpf_get_current_pid_tgid();
+    key.syscall_nr = args->id;
+
+    val_ = store.lookup(&key);
+    if (val_) {
+      struct leaf_t val = *val_;
+      u64 delta = bpf_ktime_get_ns() - val.enter_ns;
+      val.enter_ns = 0;
+      val.elapsed_ns += delta;
+      store.update(&key, &val);
+    }
+    return 0;
+}
+BPF
+
+if $pid
+  prog.sub!('DO_FILTER_BY_PID', <<~FILTER)
+    if (key.pid != #{$pid}) return 0;
+  FILTER
+else
+  prog.sub!('DO_FILTER_BY_PID', '')
+end
+
+b = BCC.new(text: prog)
+
+puts "Collecting syscalls..."
+begin
+  sleep(99999999)
+rescue Interrupt
+  puts
+end
+
+info_by_pids = {}
+comms = {}
+store = b.get_table("store")
+store.items.each do |k, v|
+  # require 'pry'; binding.pry
+  info_by_pids[k.pid] ||= {}
+  info_by_pids[k.pid][k.syscall_nr] = {
+    name: to_name(k.syscall_nr),
+    count: v.count,
+    elapsed_ms: v.elapsed_ns / 1000000.0
+  }
+  comms[k.pid] ||= v.comm
+end
+
+pids = info_by_pids.keys.sort
+pids.each do |pid|
+  puts "PID=#{pid}(maybe: #{comms[pid]}) --->"
+  i = info_by_pids[pid]
+  i.to_a.sort_by {|k, v| [-v[:count], -v[:elapsed_ms]] }.each do |nr, record|
+    puts "\t%<name>-20s %<count>3d %<elapsed_ms>8.3f ms" % record
+  end
+  puts
+end

data/examples/tools/bashreadline.rb

@@ -0,0 +1,83 @@
+#!/usr/bin/env ruby
+#
+# bashreadline  Print entered bash commands from all running shells.
+#               For Linux, uses BCC, eBPF. Embedded C.
+#
+# USAGE: bashreadline [-s SHARED]
+# This works by tracing the readline() function using a uretprobe (uprobes).
+# When you failed to run the script directly with error:
+# `Exception: could not determine address of symbol b'readline'`,
+# you may need specify the location of libreadline.so library
+# with `-s` option.
+#
+# Original bashreadline.py:
+# Copyright 2016 Netflix, Inc.
+# Licensed under the Apache License, Version 2.0 (the "License")
+# And Ruby version follows.
+#
+# 28-Jan-2016    Brendan Gregg   Created bashreadline.py.
+# 12-Feb-2016    Allan McAleavy migrated to BPF_PERF_OUTPUT
+# 05-Jun-2020    Uchio Kondo     Ported bashreadline.rb
+
+require 'rbbcc'
+require 'optparse'
+include RbBCC
+
+args = {}
+opts = OptionParser.new
+opts.on("-s", "--shared=LIBREADLINE_PATH"){|v| args[:shared] = v }
+opts.parse!(ARGV)
+
+name = args[:shared] || "/bin/bash"
+
+# load BPF program
+bpf_text = <<BPF
+#include <uapi/linux/ptrace.h>
+#include <linux/sched.h>
+
+struct str_t {
+    u64 pid;
+    char str[80];
+};
+
+BPF_PERF_OUTPUT(events);
+
+int printret(struct pt_regs *ctx) {
+    struct str_t data  = {};
+    char comm[TASK_COMM_LEN] = {};
+    u32 pid;
+    if (!PT_REGS_RC(ctx))
+        return 0;
+    pid = bpf_get_current_pid_tgid();
+    data.pid = pid;
+    bpf_probe_read(&data.str, sizeof(data.str), (void *)PT_REGS_RC(ctx));
+
+    bpf_get_current_comm(&comm, sizeof(comm));
+    if (comm[0] == 'b' && comm[1] == 'a' && comm[2] == 's' && comm[3] == 'h' && comm[4] == 0 ) {
+        events.perf_submit(ctx,&data,sizeof(data));
+    }
+
+
+    return 0;
+};
+BPF
+
+b = BCC.new(text: bpf_text)
+b.attach_uretprobe(name: name, sym: "readline", fn_name: "printret")
+
+# header
+puts("%-9s %-6s %s" % ["TIME", "PID", "COMMAND"])
+
+b["events"].open_perf_buffer do |cpu, data, size|
+  event = b["events"].event(data)
+  puts("%-9s %-6d %s" % [
+         Time.now.strftime("%H:%M:%S"),
+         event.pid,
+         event.str
+       ])
+end
+
+trap(:INT) { puts; exit }
+loop do
+  b.perf_buffer_poll
+end

data/exe/rbbcc

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+
+if ARGV[0] == '-v' || ARGV[0] == '--version'
+  require 'rbbcc/version'
+  print "RbBCC: version "
+  puts RbBCC::VERSION
+  print "Using "
+  puts RUBY_DESCRIPTION
+elsif ARGV[0] == '--invoke'
+  require 'rbbcc/invoker'
+  ARGV.shift
+  RbBCC::Invoker.new(ARGV).run
+else
+  binpath = File.readlink "/proc/self/exe"
+  exec binpath, *ARGV
+end

data/lib/rbbcc.rb

@@ -1,9 +1,10 @@
+module RbBCC
+  autoload :Plugin, 'rbbcc/plugin'
+end
+
 require "rbbcc/fiddle_ext"
 require "rbbcc/bcc"
 require "rbbcc/clib"
 require "rbbcc/usdt"
 require "rbbcc/symbol_cache"
 require "rbbcc/version"
-
-module RbBCC
-end

data/lib/rbbcc/bcc.rb

@@ -121,7 +121,6 @@ module RbBCC
 
       def decode_table_type(desc)
         return desc if desc.is_a?(String)
-
         anon = []
         fields = []
         # e.g. ["bpf_stacktrace", [["ip", "unsigned long long", [127]]], "struct_packed"]
@@ -153,11 +152,37 @@ module RbBCC
             raise("Failed to decode type #{field.inspect}")
           end
         end
+        c = nil
         if data_type == "union"
-          return Fiddle::Importer.union(fields)
+          c = Fiddle::Importer.union(fields)
         else
-          return Fiddle::Importer.struct(fields)
+          c = Fiddle::Importer.struct(fields)
+        end
+
+        fields.each do |field|
+          md = /^char\[(\d+)\] ([_a-zA-Z0-9]+)/.match(field)
+          if md
+            c.alias_method "__super_#{md[2]}", md[2]
+            c.define_method md[2] do
+              # Split the char[] in the place where the first \0 appears
+              raw = __send__("__super_#{md[2]}")
+              raw = raw[0...raw.index(0)] if raw.index(0)
+              raw.pack("c*")
+            end
+          end
         end
+
+        c.define_singleton_method :original_desc do
+          desc
+        end
+        c.define_singleton_method :fields do
+          fields
+        end
+        orig_name = c.inspect
+        c.define_singleton_method :inspect do
+          orig_name.sub /(?=>$)/, " original_desc=#{desc.inspect}" rescue super
+        end
+        c
       end
 
       def sym(addr, pid, show_module: false, show_offset: false, demangle: true)
@@ -218,12 +243,18 @@ module RbBCC
           text = code + text
         end
 
-        # Util.debug text
+
+        cflags_safe = if cflags.empty? or !cflags[-1].nil?
+                        cflags + [nil]
+                      else
+                        cflags
+                      end
+
         @module = Clib.bpf_module_create_c_from_string(
           text,
           debug,
-          cflags.pack('p*'),
-          cflags.size,
+          cflags_safe.pack("p*"),
+          cflags_safe.size,
           allow_rlimit
         )
       end

data/lib/rbbcc/clib.rb

@@ -25,7 +25,7 @@ module RbBCC
     end
 
     extend Fiddle::Importer
-    targets = %w(0.12.0 0.11.0 0.10.0)
+    targets = %w(0.17.0 0.16.0 0.15.0 0.14.0 0.13.0 0.12.0 0.11.0 0.10.0)
     if default_load = ENV['LIBBCC_VERSION']
       targets.unshift(default_load)
       targets.uniq!

data/lib/rbbcc/fiddle_ext.rb

@@ -2,8 +2,17 @@ require 'fiddle'
 require 'fiddle/import'
 
 class Fiddle::Pointer
-  def to_bcc_value
-    case self.size
+  def bcc_value
+    @bcc_value ||= _bcc_value
+  end
+  alias to_bcc_value bcc_value
+
+  def _bcc_value
+    if self.bcc_value_type.is_a?(Class)
+      return self.bcc_value_type.new(self)
+    end
+
+    case self.bcc_size
     when Fiddle::Importer.sizeof("int")
       self[0, self.size].unpack("i!").first
     when Fiddle::Importer.sizeof("long")
@@ -12,4 +21,27 @@ class Fiddle::Pointer
       self[0, self.size].unpack("Z*").first
     end
   end
+
+  def method_missing(name, *a)
+    fields = \
+      if self.respond_to?(:bcc_value_type) && \
+         self.bcc_value_type.respond_to?(:fields)
+        self.bcc_value_type.fields.map{|v| v.split.last.to_sym }
+      else
+        nil
+      end
+    return super unless fields
+
+    if fields.include?(name) && bcc_value.respond_to?(name)
+      bcc_value.send(name)
+    else
+      super
+    end
+  end
+
+  attr_accessor :bcc_value_type
+  attr_writer   :bcc_size
+  def bcc_size
+    @bcc_size || self.size
+  end
 end

data/lib/rbbcc/invoker.rb

@@ -0,0 +1,28 @@
+require 'rubygems'
+require 'rbbcc/plugin'
+
+module RbBCC
+  class Invoker
+    def initialize(args)
+      @command = args.shift
+      raise "Invalid option. Please specify script name" unless @command
+
+      args.shift if args[0] == '--'
+      @args = args
+    end
+
+    def run
+      plugins = Gem::Specification
+                  .find_all
+                  .select{|s| s.name =~ /^rbbcc-/ }
+                  .map(&:name)
+      plugins.each {|n| require n }
+
+      script = RbBCC::Plugin.find_script_name(@command)
+      raise Errno::ENOENT, "Script not found: #{@command}" unless script
+
+      binpath = File.readlink "/proc/self/exe"
+      Process.exec binpath, script, *@args
+    end
+  end
+end

data/lib/rbbcc/plugin.rb

@@ -0,0 +1,28 @@
+module RbBCC
+  module Plugin
+    ScriptLocation = Struct.new(:name, :location)
+
+    def self.scripts
+      @scripts ||= []
+    end
+
+    def self.find_script_name(name)
+      scripts.find{|s|
+        s.name == name || "#{s.name}.rb" == name
+      }&.location
+    end
+
+    def self.register!
+      caller_loc = caller[0].split(':')[0]
+      plugin_loc = File.expand_path("../../script", caller_loc)
+      unless File.directory?(plugin_loc)
+        raise "Cannot find a script directory #{plugin_loc}. Maybe an invalid project"
+      end
+
+      found = Dir.glob("#{plugin_loc}/*.rb")
+                .map{|path| ScriptLocation.new File.basename(path, '.rb'), path }
+      self.scripts.concat found
+      self.scripts
+    end
+  end
+end

data/lib/rbbcc/table.rb

@@ -50,12 +50,13 @@ module RbBCC
     def initialize(bpf, map_id, map_fd, keytype, leaftype, name: nil)
       @bpf, @map_id, @map_fd, @keysize, @leafsize = \
                                         bpf, map_id, map_fd, sizeof(keytype), sizeof(leaftype)
+      @keytype = keytype
       @leaftype = leaftype
       @ttype = Clib.bpf_table_type_id(self.bpf.module, self.map_id)
       @flags = Clib.bpf_table_flags_id(self.bpf.module, self.map_id)
       @name = name
     end
-    attr_reader :bpf, :map_id, :map_fd, :keysize, :leafsize, :leaftype, :ttype, :flags, :name
+    attr_reader :bpf, :map_id, :map_fd, :keysize, :keytype, :leafsize, :leaftype, :ttype, :flags, :name
 
     def next(key)
       next_key = Fiddle::Pointer.malloc(self.keysize)
@@ -86,6 +87,7 @@ module RbBCC
       if res < 0
         nil
       end
+      leaf.bcc_value_type = leaftype
       return leaf
     end
 
@@ -93,8 +95,9 @@ module RbBCC
       self[key] || raise(KeyError, "key not found")
     end
 
-    def []=(_key, leaf)
+    def []=(_key, _leaf)
       key = normalize_key(_key)
+      leaf = normalize_leaf(_leaf)
       res = Clib.bpf_update_elem(self.map_fd, key, leaf, 0)
       if res < 0
         raise SystemCallError.new("Could not update table", Fiddle.last_error)
@@ -186,11 +189,29 @@ module RbBCC
     def normalize_key(key)
       case key
       when Fiddle::Pointer
+        key.bcc_value_type = keytype
+        key.bcc_size = keysize
         key
       when Integer
-        byref(key, keysize)
+        ret = byref(key, keysize)
+        ret.bcc_value_type = keytype
+        ret
       else
-        raise KeyError, "#{key.inspect} must be integer or pointor"
+        raise ArgumentError, "#{key.inspect} must be integer or pointor"
+      end
+    end
+
+    def normalize_leaf(leaf)
+      case leaf
+      when Fiddle::Pointer
+        leaf.bcc_value_type = leaftype
+        leaf
+      when Integer
+        ret = byref(leaf, keysize)
+        ret.bcc_value_type = leaftype
+        ret
+      else
+        raise KeyError, "#{leaf.inspect} must be integer or pointor"
       end
     end
 
@@ -202,6 +223,7 @@ module RbBCC
                  end
       ptr = Fiddle::Pointer.malloc(size)
       ptr[0, size] = [value].pack(pack_fmt)
+      ptr.bcc_size = size
       ptr
     end
   end

data/lib/rbbcc/version.rb

@@ -1,3 +1,3 @@
 module RbBCC
-  VERSION = "0.4.2"
+  VERSION = "0.6.3"
 end

data/rbbcc.gemspec

@@ -7,6 +7,7 @@ Gem::Specification.new do |spec|
   spec.version       = RbBCC::VERSION
   spec.authors       = ["Uchio Kondo"]
   spec.email         = ["udzura@udzura.jp"]
+  spec.license       = "Apache-2.0"
 
   spec.summary       = %q{BCC port for MRI}
   spec.description   = %q{BCC port for MRI. See https://github.com/iovisor/bcc}
@@ -17,12 +18,7 @@ Gem::Specification.new do |spec|
   spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
-  #spec.bindir        = "exe"
-  #spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
-
-  spec.add_development_dependency "bundler", "~> 2.0"
-  spec.add_development_dependency "rake", "~> 13.0"
-  spec.add_development_dependency "pry"
-  spec.add_development_dependency "minitest"
 end

metadata

@@ -1,75 +1,20 @@
 --- !ruby/object:Gem::Specification
 name: rbbcc
 version: !ruby/object:Gem::Version
-  version: 0.4.2
+  version: 0.6.3
 platform: ruby
 authors:
 - Uchio Kondo
 autorequire: 
-bindir: bin
+bindir: exe
 cert_chain: []
-date: 2020-03-26 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.0'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '13.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '13.0'
-- !ruby/object:Gem::Dependency
-  name: pry
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: minitest
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
+date: 2020-11-20 00:00:00.000000000 Z
+dependencies: []
 description: BCC port for MRI. See https://github.com/iovisor/bcc
 email:
 - udzura@udzura.jp
-executables: []
+executables:
+- rbbcc
 extensions: []
 extra_rdoc_files: []
 files:
@@ -112,6 +57,7 @@ files:
 - examples/charty/Gemfile
 - examples/charty/Gemfile.lock
 - examples/charty/bitehist-unicode.rb
+- examples/collectsyscall.rb
 - examples/dddos.rb
 - examples/disksnoop.rb
 - examples/example.gif
@@ -125,12 +71,14 @@ files:
 - examples/networking/http_filter/http-parse-simple.rb
 - examples/ruby_usdt.rb
 - examples/sbrk_trace.rb
+- examples/tools/bashreadline.rb
 - examples/tools/execsnoop.rb
 - examples/tools/runqlat.rb
 - examples/urandomread-explicit.rb
 - examples/urandomread.rb
 - examples/usdt-test.rb
 - examples/usdt.rb
+- exe/rbbcc
 - lib/rbbcc.rb
 - lib/rbbcc/bcc.rb
 - lib/rbbcc/clib.rb
@@ -139,6 +87,8 @@ files:
 - lib/rbbcc/debug.rb
 - lib/rbbcc/disp_helper.rb
 - lib/rbbcc/fiddle_ext.rb
+- lib/rbbcc/invoker.rb
+- lib/rbbcc/plugin.rb
 - lib/rbbcc/symbol_cache.rb
 - lib/rbbcc/table.rb
 - lib/rbbcc/usdt.rb
@@ -147,7 +97,8 @@ files:
 - rbbcc.gemspec
 - semaphore.sh
 homepage: https://github.com/udzura/rbbcc
-licenses: []
+licenses:
+- Apache-2.0
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -164,7 +115,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: BCC port for MRI