rbbcc 0.5.0 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7b09e8de1a9fb9b045fc7cd7b00bb6cd54e2af818c8c66caed5b82370f4db612
-  data.tar.gz: 02b6c61e958a72b7d69a892dfa856823d12078393327138c523653bfc3110779
+  metadata.gz: 4bfc5d3f19fd4dbfa744a6380055103b5c45a0a72d956ced238154472ae4d7b5
+  data.tar.gz: 160c2a313f7181c6a9dab665c265fe2760d743ecbcab4797cc25e920e00d7f11
 SHA512:
-  metadata.gz: 2fefae013cd7a13666ae61fe19284fae49fdad67ac30692e13ab445be71b9ce788177e261e0ac884bc15e491dce2e8895dd374c623256c2dec3dab3158dc583e
-  data.tar.gz: d879de7d56899578ae483d85d9fd073cca4d84fcc5adaa465e86dacb152585c395cbdb2e563b69612577abfae07c2f500acdecd4a515c0c8f833ff586afe7158
+  metadata.gz: 9e2f72abd18698c9dca81342474a38e10a2e65d88e4acc7d0bbb3d924d9019d7204639f407a14418664d49ef4eb0666729fda06e3a06f2066dd0c8bfa0cf6701
+  data.tar.gz: e651213860bacc705b8b3f8c51c962aba9f5f1d67cb041eab850eee64b1c8ab6d7fe71a6bd630cddc224bea2af465323c3b4ef728995d124c954f194e9cd6714

data/.semaphore/semaphore.yml

@@ -10,10 +10,12 @@ blocks:
       jobs:
         - name: ruby test
           matrix:
+            - env_var: RUBY_VERSION
+              values: [ "2.6.5", "2.6.6", "2.7.1" ]
             - env_var: LIBBCC_VERSION
               values: [ "0.12.0", "0.11.0", "0.10.0" ]
           commands:
             - sem-version c 7
-            - sem-version ruby 2.6.5
+            - sem-version ruby $RUBY_VERSION
             - checkout
             - ./semaphore.sh

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    rbbcc (0.5.0)
+    rbbcc (0.6.0)
 
 GEM
   remote: https://rubygems.org/
@@ -25,4 +25,4 @@ DEPENDENCIES
   rbbcc!
 
 BUNDLED WITH
-   2.1.0
+   2.1.4

data/examples/tools/bashreadline.rb

@@ -0,0 +1,83 @@
+#!/usr/bin/env ruby
+#
+# bashreadline  Print entered bash commands from all running shells.
+#               For Linux, uses BCC, eBPF. Embedded C.
+#
+# USAGE: bashreadline [-s SHARED]
+# This works by tracing the readline() function using a uretprobe (uprobes).
+# When you failed to run the script directly with error:
+# `Exception: could not determine address of symbol b'readline'`,
+# you may need specify the location of libreadline.so library
+# with `-s` option.
+#
+# Original bashreadline.py:
+# Copyright 2016 Netflix, Inc.
+# Licensed under the Apache License, Version 2.0 (the "License")
+# And Ruby version follows.
+#
+# 28-Jan-2016    Brendan Gregg   Created bashreadline.py.
+# 12-Feb-2016    Allan McAleavy migrated to BPF_PERF_OUTPUT
+# 05-Jun-2020    Uchio Kondo     Ported bashreadline.rb
+
+require 'rbbcc'
+require 'optparse'
+include RbBCC
+
+args = {}
+opts = OptionParser.new
+opts.on("-s", "--shared=LIBREADLINE_PATH"){|v| args[:shared] = v }
+opts.parse!(ARGV)
+
+name = args[:shared] || "/bin/bash"
+
+# load BPF program
+bpf_text = <<BPF
+#include <uapi/linux/ptrace.h>
+#include <linux/sched.h>
+
+struct str_t {
+    u64 pid;
+    char str[80];
+};
+
+BPF_PERF_OUTPUT(events);
+
+int printret(struct pt_regs *ctx) {
+    struct str_t data  = {};
+    char comm[TASK_COMM_LEN] = {};
+    u32 pid;
+    if (!PT_REGS_RC(ctx))
+        return 0;
+    pid = bpf_get_current_pid_tgid();
+    data.pid = pid;
+    bpf_probe_read(&data.str, sizeof(data.str), (void *)PT_REGS_RC(ctx));
+
+    bpf_get_current_comm(&comm, sizeof(comm));
+    if (comm[0] == 'b' && comm[1] == 'a' && comm[2] == 's' && comm[3] == 'h' && comm[4] == 0 ) {
+        events.perf_submit(ctx,&data,sizeof(data));
+    }
+
+
+    return 0;
+};
+BPF
+
+b = BCC.new(text: bpf_text)
+b.attach_uretprobe(name: name, sym: "readline", fn_name: "printret")
+
+# header
+puts("%-9s %-6s %s" % ["TIME", "PID", "COMMAND"])
+
+b["events"].open_perf_buffer do |cpu, data, size|
+  event = b["events"].event(data)
+  puts("%-9s %-6d %s" % [
+         Time.now.strftime("%H:%M:%S"),
+         event.pid,
+         event.str
+       ])
+end
+
+trap(:INT) { puts; exit }
+loop do
+  b.perf_buffer_poll
+end

data/lib/rbbcc/bcc.rb

@@ -219,10 +219,16 @@ module RbBCC
         end
 
         # Util.debug text
+        cflags_p = if cflags.empty?
+                     nil
+                   else
+                     cflags.pack('p*')
+                   end
+
         @module = Clib.bpf_module_create_c_from_string(
           text,
           debug,
-          cflags.pack('p*'),
+          cflags_p,
           cflags.size,
           allow_rlimit
         )

data/lib/rbbcc/version.rb

@@ -1,3 +1,3 @@
 module RbBCC
-  VERSION = "0.5.0"
+  VERSION = "0.6.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rbbcc
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.6.0
 platform: ruby
 authors:
 - Uchio Kondo
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-06-05 00:00:00.000000000 Z
+date: 2020-07-17 00:00:00.000000000 Z
 dependencies: []
 description: BCC port for MRI. See https://github.com/iovisor/bcc
 email:
@@ -69,6 +69,7 @@ files:
 - examples/networking/http_filter/http-parse-simple.rb
 - examples/ruby_usdt.rb
 - examples/sbrk_trace.rb
+- examples/tools/bashreadline.rb
 - examples/tools/execsnoop.rb
 - examples/tools/runqlat.rb
 - examples/urandomread-explicit.rb
@@ -109,7 +110,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: BCC port for MRI