process_tail 0.0.4 → 0.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b004b93e9fbf8b7ac0ba96cf4f575fd9e3dc859b
-  data.tar.gz: 63c084db42e4d379f29bb2e246a9965b4b07c9dc
+  metadata.gz: 162ae595f4fb2f2ae422ebfe8a302eac30ae9646
+  data.tar.gz: 66d884803130a2e7a1f0852be873b308f0d914a3
 SHA512:
-  metadata.gz: fc6aeab101d948a5cf95867f8d7dea3b36d6a04a9c072970e0fd76286b556b31c590841a7e4794edec34cbc29f434368b2b2e8824cc8c24595b28fecc3743ae3
-  data.tar.gz: 22a7ae2f2c4e6b6c7b5d052be7c9655afa01398906a5fc41471d099630976acdf829e8987d38fd25995ced555a85299d19749034de1560c34650749e417e5b96
+  metadata.gz: 39872b3eb28cea4a41f3299633e7c497e5cd01526f7f4670679efeb54a13cf362f0b6597fc26b6ff7f449f7fafbe443822768b54b3a502f8724f13abd0f88ba2
+  data.tar.gz: ba405708d7b4627c94a3ce9265947db64c7293f78f02d2b2674a1a25cb700234a692d2a79689f68e3ed47a07fd12511a4568dac6ef667d2a09e7053d6dd8b79a

data/.gitignore

@@ -13,3 +13,5 @@
 *.a
 mkmf.log
 Vagrantfile
+Makefile
+extconf.h

data/README.md

@@ -5,12 +5,12 @@ https://github.com/hibariya/process_tail
 ## Description
 
 ProcessTail traces other process' write(2) system call and copy its buffer.
-So you can get other process outputs.
+So we can get other process outputs.
 
 ## Problems
 
-* Mac OSX and Windows are not supported at the moment
-* SEGV occures occasionally
+* SEGV occurs infrequently
+* Windows is not supported
 
 ## Installation
 
@@ -30,11 +30,15 @@ Or install it yourself as:
 
 ## Usage
 
+On Mac OSX, you'll have to use `sudo`.
+
 ### Get outputs as an IO object
 
 ```ruby
-ProcessTail.open pid, :stdout do |io|
-  puts "Recent stdout of #{pid}: #{io.gets}"
+ProcessTail.each pid do |tid, fd, str|
+  puts tid # pid or tid of this process (thread)
+  puts fd  # File descripter number
+  puts str # Output string
 end
 ```
 

data/bin/process_tail

@@ -4,12 +4,6 @@ require 'process_tail'
 
 $stdout.sync = true
 
-ProcessTail.open Integer(ARGV[0]), :all do |io|
-  begin
-    while c = io.getc
-      print c
-    end
-  rescue IOError
-    # NOP
-  end
+ProcessTail.each Integer(ARGV[0]) do |tid, fd, str|
+  print str if fd == 1 || fd == 2
 end

data/ext/process_tail/extconf.rb

@@ -1,17 +1,38 @@
 require 'mkmf'
 
-%w(string.h sys/ptrace.h sys/syscall.h sys/types.h sys/user.h sys/wait.h ruby.h ruby/thread.h).each do |h|
-  abort "missing #{h}" unless have_header(h)
-end
+objs = []
 
-%w(orig_rax rdi rdx rsi rdx).each do |m|
-  abort "missing #{m}" unless have_struct_member('struct user_regs_struct', m, 'sys/user.h')
-end
+-> {
+  return unless have_library('dtrace', 'dtrace_open', 'dtrace.h')
 
-%w(PTRACE_O_TRACESYSGOOD PTRACE_O_TRACEFORK PTRACE_O_TRACEVFORK PTRACE_O_TRACECLONE).each do |c|
-  abort "missing #{c}" unless have_const(c, 'sys/ptrace.h')
-end
+  have_header 'dtrace.h'
 
-abort 'missing __WALL' unless have_const('__WALL', 'sys/wait.h')
+  objs << 'pt_dtrace.o'
+}.()
 
+-> {
+  return unless %w(orig_rax rdi rdx rsi rdx).all? {|m|
+    have_struct_member('struct user_regs_struct', m, 'sys/user.h')
+  }
+
+  return unless %w(sys/syscall.h sys/types.h sys/user.h sys/wait.h).all? {|h|
+    have_header(h)
+  }
+
+  return unless have_const('__WALL', 'sys/wait.h')
+
+  return unless %w(PTRACE_O_TRACESYSGOOD PTRACE_O_TRACEFORK PTRACE_O_TRACEVFORK PTRACE_O_TRACECLONE).all? {|c|
+    have_const(c, 'sys/ptrace.h')
+  }
+
+  have_header 'sys/ptrace.h'
+
+  objs << 'pt_ptrace.o'
+}.()
+
+abort 'No available libraries' if objs.empty?
+
+$objs = %w(process_tail.o pt_tracee.o) + objs
+
+create_header
 create_makefile 'process_tail/process_tail'

data/ext/process_tail/process_tail.c

@@ -1,268 +1,126 @@
-#include <stdlib.h>
-#include <string.h>
-#include <sys/ptrace.h>
-#include <sys/syscall.h>
 #include <sys/types.h>
-#include <sys/user.h>
-#include <sys/wait.h>
 #include <ruby.h>
-#include <ruby/thread.h>
-
-typedef struct pt_tracee {
-  pid_t pid;
-  int activated;
-  int dead;
-  struct pt_tracee *next;
-} pt_tracee_t;
-
-typedef struct {
-  int *status;
-  pid_t pid;
-} pt_wait_args_t;
-
-typedef struct {
-  unsigned int fd;
-  pt_tracee_t *tracee;
-  VALUE *wait_queue;
-} pt_loop_args_t;
+#include "extconf.h"
+#include "process_tail.h"
+#include "pt_tracee.h"
+#ifdef HAVE_SYS_PTRACE_H
+#include "pt_ptrace.h"
+#endif
+#ifdef HAVE_DTRACE_H
+#include "pt_dtrace.h"
+#endif
 
 static void
-pt_tracee_initialize(pt_tracee_t *tracee)
-{
-  tracee->pid       = 0;
-  tracee->activated = 0;
-  tracee->dead      = 0;
-  tracee->next      = NULL;
-}
-
-static pt_tracee_t *
-pt_tracee_add(pt_tracee_t **headpp, pid_t pid)
+pt_process_tail_mark(pt_process_tail_t *ptp)
 {
-  pt_tracee_t *tracee = malloc(sizeof(pt_tracee_t));
-
-  if (tracee == NULL) {
-    exit(EXIT_FAILURE);
-  }
-
-  pt_tracee_initialize(tracee);
-  tracee->pid  = pid;
-  tracee->next = (struct pt_tracee *)*headpp;
-
-  (*headpp) = tracee;
-
-  return tracee;
+  rb_gc_mark(ptp->proc);
+  rb_gc_mark(ptp->trace_thread);
+  rb_gc_mark(ptp->wait_queue);
 }
 
-static pt_tracee_t *
-pt_tracee_find_or_add(pt_tracee_t **headpp, pid_t pid)
+static VALUE
+pt_process_tail_alloc(VALUE klass)
 {
-  pt_tracee_t *headp   = *headpp;
-  pt_tracee_t *current = headp;
-
-  while (current) {
-    if (current->pid == pid) {
-      return current;
-    }
+  pt_process_tail_t *ptp = ALLOC(pt_process_tail_t);
 
-    current = current->next;
-  }
-
-  return pt_tracee_add(headpp, pid);
+  return Data_Wrap_Struct(klass, pt_process_tail_mark, RUBY_DEFAULT_FREE, ptp);
 }
 
-static int
-pt_tracee_wipedoutq(pt_tracee_t *headp)
+static VALUE
+pt_process_tail_initialize(VALUE self, VALUE pidv, VALUE fdv)
 {
-  pt_tracee_t *current = headp;
+  pt_process_tail_t *ptp;
 
-  while (current) {
-    if (current->dead == 0) {
-      return 0;
-    }
-
-    current = current->next;
+  if (!rb_block_given_p()) {
+    rb_raise(rb_eArgError, "no block given");
   }
 
-  return 1;
-}
-
-static void
-pt_tracee_free(pt_tracee_t **headpp)
-{
-  pt_tracee_t *tracee = *headpp;
-
-  if (tracee) {
-    pt_tracee_free(&tracee->next);
+  Check_Type(pidv, T_FIXNUM);
+  Check_Type(fdv, T_FIXNUM);
 
-    free(tracee);
-    tracee = NULL;
-  }
-}
+  Data_Get_Struct(self, pt_process_tail_t, ptp);
 
-static void *
-pt_wait(void *argp)
-{
-  pt_wait_args_t *args = (pt_wait_args_t *)argp;
+  ptp->pid           = (pid_t)NUM2INT(pidv);
+  ptp->fd            = (unsigned int)NUM2INT(fdv);
+  ptp->proc          = rb_block_proc();
+  ptp->trace_thread  = (VALUE)NULL;
+  ptp->parent_thread = (VALUE)NULL;
+  ptp->wait_queue    = (VALUE)NULL;
+  ptp->tracee        = NULL;
 
-  args->pid = waitpid(-1, args->status, __WALL);
-
-  return NULL;
+  return Qnil;
 }
 
-static void
-pt_read_data(pid_t pid, long addr, char *string, int length)
+static VALUE
+pt_process_tail_pid_reader(VALUE self)
 {
-  int  i;
-  long data;
+  pt_process_tail_t *ptp;
 
-  for (i = 0; i < length; i += sizeof(long)) {
-    data = ptrace(PTRACE_PEEKDATA, pid, addr + i);
+  Data_Get_Struct(self, pt_process_tail_t, ptp);
 
-    memcpy(string + i, &data, sizeof(long));
-  }
-
-  string[length] = '\0';
-}
-
-static void
-pt_ptrace_syscall(pid_t pid, long signal)
-{
-  ptrace(PTRACE_SYSCALL, pid, 0, signal == SIGTRAP ? 0 : signal);
-
-  rb_thread_schedule();
+  return INT2NUM((int)ptp->pid);
 }
 
 static VALUE
-pt_loop(VALUE loop_args)
+pt_process_tail_fd_reader(VALUE self)
 {
-  pt_loop_args_t *args = (void *)loop_args;
-
-  char *string = NULL;
-  int syscall  = 0;
-  int status;
-  pid_t pid;
-  pt_tracee_t *tracee;
-  pt_wait_args_t pt_wait_args = {&status};
-
-  // NOTE: system call: orig_rax, arguments: rdi, rsi, rdx, r10, r8, r9
-  struct user_regs_struct regs;
-
-  while (1) {
-    rb_thread_call_without_gvl(pt_wait, &pt_wait_args, RUBY_UBF_PROCESS, NULL);
-
-    pid    = pt_wait_args.pid;
-    tracee = pt_tracee_find_or_add(&args->tracee, pid);
+  pt_process_tail_t *ptp;
 
-    if (tracee->activated == 0) {
-      tracee->activated = 1;
-      rb_funcall(*args->wait_queue, rb_intern("enq"), 1, INT2FIX((int)pid));
+  Data_Get_Struct(self, pt_process_tail_t, ptp);
 
-      ptrace(PTRACE_SETOPTIONS, pid, 0, PTRACE_O_TRACESYSGOOD | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK | PTRACE_O_TRACECLONE);
-      pt_ptrace_syscall(pid, 0);
-
-      continue;
-    }
-
-    if (WIFEXITED(status) || WIFSIGNALED(status)) {
-      tracee->dead = 1;
-
-      if (pt_tracee_wipedoutq(args->tracee)) {
-        return Qnil;
-      }
-
-      continue;
-    }
-
-    if (!(WIFSTOPPED(status) && WSTOPSIG(status) & 0x80)) {
-      pt_ptrace_syscall(pid, WSTOPSIG(status));
-
-      continue;
-    }
-
-    ptrace(PTRACE_GETREGS, pid, 0, &regs);
-
-    if (regs.orig_rax != SYS_write) {
-      pt_ptrace_syscall(pid, 0);
-
-      continue;
-    }
-
-    syscall = 1 - syscall;
-    if (syscall && (args->fd == 0 || regs.rdi == args->fd)) {
-      string = malloc(regs.rdx + sizeof(long));
-
-      if (string == NULL) {
-        exit(EXIT_FAILURE);
-      }
-
-      pt_read_data(pid, regs.rsi, string, regs.rdx);
-
-      rb_yield(rb_ary_new_from_args(3, rb_str_new_cstr(string), INT2FIX((int)pid), INT2FIX(args->fd)));
-
-      free(string);
-    }
-
-    pt_ptrace_syscall(pid, 0);
-  }
-
-  return Qnil;
+  return INT2NUM((int)ptp->fd);
 }
 
 static VALUE
-pt_attach(VALUE klass, VALUE pidv)
+pt_process_tail_trace_thread_reader(VALUE self)
 {
-  int pid = (pid_t)FIX2INT(pidv);
-
-  Check_Type(pidv, T_FIXNUM);
-
-  if (ptrace(PTRACE_ATTACH, pid, NULL, NULL) < 0) {
-    rb_sys_fail("PTRACE_ATTACH");
+  pt_process_tail_t *ptp;
 
-    return Qnil;
-  }
+  Data_Get_Struct(self, pt_process_tail_t, ptp);
 
-  return Qtrue;
+  return ptp->trace_thread;
 }
 
-static VALUE
-pt_detach(VALUE klass, VALUE pidv)
-{
-  Check_Type(pidv, T_FIXNUM);
-
-  ptrace(PTRACE_DETACH, (pid_t)FIX2INT(pidv), NULL, NULL);
+VALUE ProcessTail;
+VALUE ProcessTail_Tracer;
+VALUE ProcessTail_StopTracing;
+VALUE ProcessTail_TraceError;
 
-  return Qnil;
+void
+pt_lock_trace(void)
+{
+  rb_funcall(PT_TRACE_LOCK, rb_intern("lock"), 0);
 }
 
-static VALUE
-pt_finalize(VALUE traceev)
+void
+pt_unlock_trace(void)
 {
-  pt_tracee_t *tracee = (void *)traceev;
-
-  pt_tracee_free(&tracee);
-
-  return Qnil;
+  rb_funcall(PT_TRACE_LOCK, rb_intern("unlock"), 0);
 }
 
-static VALUE
-pt_trace(VALUE klass, VALUE fdv, VALUE wait_queue)
+void
+Init_process_tail(void)
 {
-  pt_tracee_t  *tracee = NULL;
-  pt_loop_args_t loop_args = {FIX2INT(fdv), tracee, &wait_queue};
+  ProcessTail = rb_define_module("ProcessTail");
 
-  Check_Type(fdv, T_FIXNUM);
+  ProcessTail_StopTracing = rb_define_class_under(ProcessTail, "StopTracing", rb_eStandardError);
+  ProcessTail_TraceError  = rb_define_class_under(ProcessTail, "TraceError",  rb_eStandardError);
 
-  rb_ensure(pt_loop, (VALUE)&loop_args, pt_finalize, (VALUE)tracee);
+  ProcessTail_Tracer = rb_define_class_under(ProcessTail, "Tracer", rb_cObject);
+  rb_define_const(ProcessTail_Tracer, "TRACE_LOCK", rb_class_new_instance(0, NULL, rb_path2class("Mutex")));
 
-  return Qnil;
-}
+  rb_define_alloc_func(ProcessTail_Tracer, pt_process_tail_alloc);
+  rb_define_private_method(ProcessTail_Tracer, "initialize", pt_process_tail_initialize, 2);
 
-void
-Init_process_tail()
-{
-  VALUE ProcessTail = rb_define_module("ProcessTail");
+  rb_define_method(ProcessTail_Tracer, "pid",          pt_process_tail_pid_reader,          0);
+  rb_define_method(ProcessTail_Tracer, "fd",           pt_process_tail_fd_reader,           0);
+  rb_define_method(ProcessTail_Tracer, "trace_thread", pt_process_tail_trace_thread_reader, 0);
+
+#ifdef HAVE_SYS_PTRACE_H
+  rb_define_private_method(ProcessTail_Tracer, "ptrace_attach",  pt_ptrace_attach, 0);
+#endif
 
-  rb_define_private_method(rb_singleton_class(ProcessTail), "attach",   pt_attach, 1);
-  rb_define_private_method(rb_singleton_class(ProcessTail), "do_trace", pt_trace,  2);
-  rb_define_private_method(rb_singleton_class(ProcessTail), "detach",   pt_detach, 1);
+#ifdef HAVE_DTRACE_H
+  rb_define_private_method(ProcessTail_Tracer, "dtrace_attach",  pt_dtrace_attach, 0);
+#endif
 }

data/ext/process_tail/process_tail.h

@@ -0,0 +1,31 @@
+#ifndef PROCESS_TAIL_H
+#define PROCESS_TAIL_H
+#include <sys/types.h>
+#include <ruby.h>
+#include "extconf.h"
+#include "pt_tracee.h"
+
+#define PT_TRACE_LOCK (rb_const_get(ProcessTail_Tracer, rb_intern("TRACE_LOCK")))
+
+extern VALUE ProcessTail;
+extern VALUE ProcessTail_Tracer;
+extern VALUE ProcessTail_StopTracing;
+extern VALUE ProcessTail_TraceError;
+
+typedef struct {
+  pid_t pid;
+  unsigned int fd;
+  VALUE proc;
+  VALUE trace_thread;
+  VALUE parent_thread;
+  VALUE wait_queue;
+  pt_tracee_t *tracee;
+  void *data;
+} pt_process_tail_t;
+
+void pt_lock_trace(void);
+void pt_unlock_trace(void);
+
+void Init_process_tail(void);
+
+#endif

data/ext/process_tail/pt_dtrace.c

@@ -0,0 +1,194 @@
+#include <stdio.h>
+#include <dtrace.h>
+#include <ruby.h>
+#include <ruby/thread.h>
+#include "process_tail.h"
+#include "pt_dtrace.h"
+
+static int
+probe_consumer(const dtrace_probedata_t *data, void *argp)
+{
+  pt_process_tail_t *pt;
+
+  dtrace_eprobedesc_t *edesc = data->dtpda_edesc;
+  dtrace_recdesc_t *rec;
+  caddr_t addr;
+
+  int i;
+  VALUE arg;
+  VALUE args = rb_ary_new_capa(3);
+
+  Data_Get_Struct((VALUE)argp, pt_process_tail_t, pt);
+
+  for (i = 0; i < edesc->dtepd_nrecs; i++) {
+    arg = 0;
+    rec =  &edesc->dtepd_rec[i];
+
+    if (rec->dtrd_size > 0) {
+      addr = data->dtpda_data + rec->dtrd_offset;
+
+      switch(rec->dtrd_action) {
+      case DTRACEACT_DIFEXPR:
+        switch(rec->dtrd_size) {
+          case 1:
+            arg = INT2NUM((int)(*((uint8_t *)addr)));
+            break;
+          case 2:
+            arg = INT2NUM((int)(*((uint16_t *)addr)));
+            break;
+          case 4:
+            arg = INT2NUM(*((int32_t *)addr));
+            break;
+          case 8:
+            arg = LL2NUM(*((int64_t *)addr));
+            break;
+          default:
+            arg = rb_str_new_cstr((char *)addr);
+        }
+
+        rb_ary_push(args, arg);
+        break;
+      default:
+        break;
+      }
+    }
+  }
+
+  rb_proc_call(pt->proc, args);
+
+  return (DTRACE_CONSUME_THIS);
+}
+
+static void *
+pt_dtrace_sleep(void *argp)
+{
+  dtrace_hdl_t *hdl = (dtrace_hdl_t *)argp;
+
+  dtrace_sleep(hdl);
+
+  return NULL;
+}
+
+static VALUE
+pt_loop(VALUE self)
+{
+  pt_process_tail_t *pt;
+  dtrace_hdl_t *hdl;
+
+  VALUE dscriptv = rb_funcall(self, rb_intern("generate_dscript"), 0);
+  dtrace_prog_t *program;
+  dtrace_proginfo_t *proginfo;
+
+  FILE *devnull = fopen("/dev/null", "w");
+  int activated = 0;
+  int done      = 0;
+
+  Data_Get_Struct(self, pt_process_tail_t, pt);
+
+  hdl = PT_DTRACE_HDL(pt);
+
+  dtrace_setopt(hdl, "stacksymbols", "enabled");
+  dtrace_setopt(hdl, "bufsize", "4m");
+  dtrace_setopt(hdl, "quiet", 0);
+
+  program = dtrace_program_strcompile(hdl, StringValueCStr(dscriptv), DTRACE_PROBESPEC_NAME, DTRACE_C_PSPEC, 0, NULL);
+
+  if (!program) {
+    rb_raise(ProcessTail_TraceError, "dtrace_program_strcompile: %s", dtrace_errmsg(hdl, dtrace_errno(hdl)));
+    return Qnil;
+  }
+
+  if (dtrace_program_exec(hdl, program, proginfo) < 0) {
+    rb_raise(ProcessTail_TraceError, "dtrace_program_exec: %s", dtrace_errmsg(hdl, dtrace_errno(hdl)));
+    return Qnil;
+  }
+
+  if (dtrace_go(hdl) < 0) {
+    rb_raise(ProcessTail_TraceError, "dtrace_go: %s", dtrace_errmsg(hdl, dtrace_errno(hdl)));
+    return Qnil;
+  }
+
+  do {
+    if (!done) {
+      if (!activated) {
+        rb_funcall(pt->wait_queue, rb_intern("enq"), 1, INT2NUM((int)pt->pid));
+
+        activated = 1;
+      }
+
+      rb_thread_call_without_gvl(pt_dtrace_sleep, hdl, RUBY_UBF_PROCESS, NULL);
+    }
+
+    if (done) {
+      if(dtrace_stop(hdl) == -1) {
+        rb_raise(ProcessTail_TraceError, "dtrace_stop: %s", dtrace_errmsg(hdl, dtrace_errno(hdl)));
+        return Qnil;
+      }
+    }
+
+    switch (dtrace_work(hdl, devnull, probe_consumer, NULL, (void *)self)) {
+    case DTRACE_WORKSTATUS_DONE:
+      done = 1;
+      break;
+    case DTRACE_WORKSTATUS_OKAY:
+      break;
+    default:
+      break;
+    }
+
+    rb_thread_schedule();
+  } while(!done);
+
+  return Qnil;
+}
+
+static VALUE
+pt_finalize(VALUE self)
+{
+  pt_process_tail_t *pt;
+
+  Data_Get_Struct(self, pt_process_tail_t, pt);
+
+  dtrace_close(PT_DTRACE_HDL(pt));
+
+  pt_unlock_trace();
+  rb_funcall(pt->parent_thread, rb_intern("raise"), 1, ProcessTail_StopTracing);
+
+  return Qnil;
+}
+
+static VALUE
+pt_loop_thread(void *self)
+{
+  pt_lock_trace();
+
+  rb_ensure(pt_loop, (VALUE)self, pt_finalize, (VALUE)self);
+
+  return Qnil;
+}
+
+VALUE
+pt_dtrace_attach(VALUE self)
+{
+  pt_process_tail_t *pt;
+
+  int error;
+  dtrace_hdl_t *hdl = dtrace_open(DTRACE_VERSION, 0, &error);
+
+  Data_Get_Struct(self, pt_process_tail_t, pt);
+
+  if (!hdl) {
+    rb_raise(ProcessTail_TraceError, "dtrace_open: %s", strerror(error));
+    return Qnil;
+  }
+
+  pt->tracee        = NULL; // NOT USED
+  pt->data          = (void *)hdl;
+  pt->wait_queue    = rb_class_new_instance(0, NULL, rb_path2class("Queue"));
+  pt->parent_thread = rb_thread_current();
+  pt->trace_thread  = rb_thread_create(pt_loop_thread, (void *)self);
+
+  rb_funcall(pt->wait_queue, rb_intern("deq"), 0);
+
+  return pt->trace_thread;
+}

data/ext/process_tail/pt_dtrace.h

@@ -0,0 +1,10 @@
+#ifndef PT_DTRACE_H
+#define PT_DTRACE_H
+
+#include <ruby.h>
+
+#define PT_DTRACE_HDL(pt) ((dtrace_hdl_t *)pt->data)
+
+VALUE pt_dtrace_attach(VALUE self);
+
+#endif

data/ext/process_tail/pt_ptrace.c

@@ -0,0 +1,234 @@
+#include <stdlib.h>
+#include <string.h>
+#include <dirent.h>
+#include <sys/ptrace.h>
+#include <sys/syscall.h>
+#include <sys/types.h>
+#include <sys/user.h>
+#include <sys/wait.h>
+#include <ruby.h>
+#include <ruby/thread.h>
+#include "process_tail.h"
+#include "pt_tracee.h"
+#include "pt_ptrace.h"
+
+typedef struct {
+  int *status;
+  pid_t pid;
+} pt_wait_args_t;
+
+static pt_tracee_t *
+pt_extract_tracee_list(pid_t pid)
+{
+  pt_tracee_t  *tracee = NULL;
+  char procdir[sizeof("/proc/%d/task") + sizeof(int) * 3];
+  DIR *dir;
+  struct dirent *entry;
+  pid_t tid;
+
+  sprintf(procdir, "/proc/%d/task", pid);
+  dir = opendir(procdir);
+
+  while ((entry = readdir(dir)) != NULL) {
+    if (entry->d_fileno == 0) {
+      continue;
+    }
+
+    tid = (pid_t)atoi(entry->d_name);
+
+    if (tid <= 0) {
+      continue;
+    }
+
+    tracee = pt_tracee_find_or_add(&tracee, tid);
+  }
+
+  closedir(dir);
+
+  return tracee;
+}
+
+static void *
+pt_wait(void *argv)
+{
+  pt_wait_args_t *args = (pt_wait_args_t *)argv;
+
+  args->pid = waitpid(-1, args->status, __WALL);
+
+  return NULL;
+}
+
+static void
+pt_read_data(pid_t pid, long addr, char *string, int length)
+{
+  int  i;
+  long data;
+
+  for (i = 0; i < length; i += sizeof(long)) {
+    data = ptrace(PTRACE_PEEKDATA, pid, addr + i);
+
+    memcpy(string + i, &data, sizeof(long));
+  }
+
+  string[length] = '\0';
+}
+
+static void
+pt_ptrace_syscall(pid_t pid, long signal)
+{
+  ptrace(PTRACE_SYSCALL, pid, 0, signal == SIGTRAP || signal == SIGSTOP ? 0 : signal);
+
+  rb_thread_schedule();
+}
+
+static int
+pt_ptrace_attach_multi(pt_tracee_t *tracee)
+{
+  do {
+    if (ptrace(PTRACE_ATTACH, tracee->pid, NULL, NULL) < 0) {
+      return 0;
+    }
+  } while ((tracee = tracee->next) != NULL);
+
+  return 1;
+}
+
+static VALUE
+pt_loop(VALUE self)
+{
+  pt_process_tail_t *pt;
+
+  pt_tracee_t *tracee;
+
+  pid_t pid;
+  int status;
+  pt_wait_args_t wait_args = {&status};
+
+  int syscall  = 0;
+  char *string = NULL;
+
+  struct user_regs_struct regs; // NOTE: system call: orig_rax, arguments: rdi, rsi, rdx, r10, r8, r9
+
+  Data_Get_Struct(self, pt_process_tail_t, pt);
+
+  if (!pt_ptrace_attach_multi(pt->tracee)) {
+    rb_raise(ProcessTail_TraceError, "PTRACE_ATTACH");
+
+    return Qnil;
+  }
+
+  while (1) {
+    rb_thread_call_without_gvl(pt_wait, &wait_args, RUBY_UBF_PROCESS, NULL);
+
+    pid    = wait_args.pid;
+    tracee = pt_tracee_find_or_add(&pt->tracee, pid);
+
+    if (tracee->activated == 0) {
+      tracee->activated = 1;
+      rb_funcall(pt->wait_queue, rb_intern("enq"), 1, INT2NUM((int)pid));
+
+      ptrace(PTRACE_SETOPTIONS, pid, 0,
+        PTRACE_O_TRACESYSGOOD | PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK | PTRACE_O_TRACECLONE
+      );
+
+      pt_ptrace_syscall(pid, 0);
+
+      continue;
+    }
+
+    if (WIFEXITED(status) || WIFSIGNALED(status)) {
+      tracee->dead = 1;
+
+      if (pt_tracee_wipedoutq(pt->tracee)) {
+        return Qnil;
+      }
+
+      continue;
+    }
+
+    if (!(WIFSTOPPED(status) && WSTOPSIG(status) & 0x80)) {
+      pt_ptrace_syscall(pid, WSTOPSIG(status));
+
+      continue;
+    }
+
+    ptrace(PTRACE_GETREGS, pid, 0, &regs);
+
+    if (regs.orig_rax != SYS_write) {
+      pt_ptrace_syscall(pid, 0);
+
+      continue;
+    }
+
+    syscall = 1 - syscall;
+    if (syscall && (pt->fd == 0 || regs.rdi == pt->fd)) {
+      string = malloc(regs.rdx + sizeof(long));
+
+      if (string == NULL) {
+        exit(EXIT_FAILURE);
+      }
+
+      pt_read_data(pid, regs.rsi, string, regs.rdx);
+
+      rb_proc_call(pt->proc, rb_ary_new_from_args(3, INT2NUM((int)pid), INT2NUM(regs.rdi), rb_str_new_cstr(string)));
+
+      free(string);
+    }
+
+    pt_ptrace_syscall(pid, 0);
+  }
+
+  return Qnil;
+}
+
+static VALUE
+pt_finalize(VALUE self)
+{
+  pt_process_tail_t *pt;
+  Data_Get_Struct(self, pt_process_tail_t, pt);
+
+  ptrace(PTRACE_DETACH, pt->pid, NULL, NULL);
+  pt_tracee_free(&pt->tracee);
+
+  pt_unlock_trace();
+  rb_funcall(pt->parent_thread, rb_intern("raise"), 1, ProcessTail_StopTracing);
+
+  return Qnil;
+}
+
+static VALUE
+pt_loop_thread(void *self)
+{
+  pt_lock_trace();
+
+  rb_ensure(pt_loop, (VALUE)self, pt_finalize, (VALUE)self);
+
+  return Qnil;
+}
+
+static void
+wait_queue_ntimes(VALUE wait_queue, int n)
+{
+  int i;
+
+  for (i = 0; i < n; i++) {
+    rb_funcall(wait_queue, rb_intern("deq"), 0);
+  }
+}
+
+VALUE
+pt_ptrace_attach(VALUE self)
+{
+  pt_process_tail_t *pt;
+
+  Data_Get_Struct(self, pt_process_tail_t, pt);
+
+  pt->tracee        = pt_extract_tracee_list(pt->pid);
+  pt->wait_queue    = rb_class_new_instance(0, NULL, rb_path2class("Queue"));
+  pt->parent_thread = rb_thread_current();
+  pt->trace_thread  = rb_thread_create(pt_loop_thread, (void *)self);
+
+  wait_queue_ntimes(pt->wait_queue, pt_tracee_length(pt->tracee));
+
+  return pt->trace_thread;
+}

data/ext/process_tail/pt_ptrace.h

@@ -0,0 +1,8 @@
+#ifndef PT_PTRACE_H
+#define PT_PTRACE_H
+
+#include <ruby.h>
+
+VALUE pt_ptrace_attach(VALUE self);
+
+#endif

data/ext/process_tail/pt_tracee.c

@@ -0,0 +1,95 @@
+#include <sys/types.h>
+#include <stdlib.h>
+#include "pt_tracee.h"
+
+void
+pt_tracee_initialize(pt_tracee_t *tracee)
+{
+  tracee->pid       = 0;
+  tracee->activated = 0;
+  tracee->dead      = 0;
+  tracee->next      = NULL;
+}
+
+pt_tracee_t *
+pt_tracee_add(pt_tracee_t **headpp, pid_t pid)
+{
+  pt_tracee_t *tracee = malloc(sizeof(pt_tracee_t));
+
+  if (tracee == NULL) {
+    exit(EXIT_FAILURE);
+  }
+
+  pt_tracee_initialize(tracee);
+  tracee->pid  = pid;
+  tracee->next = (struct pt_tracee *)*headpp;
+
+  (*headpp) = tracee;
+
+  return tracee;
+}
+
+pt_tracee_t *
+pt_tracee_find_or_add(pt_tracee_t **headpp, pid_t pid)
+{
+  pt_tracee_t *headp   = *headpp;
+  pt_tracee_t *current = headp;
+
+  while (current) {
+    if (current->pid == pid) {
+      return current;
+    }
+
+    current = current->next;
+  }
+
+  return pt_tracee_add(headpp, pid);
+}
+
+int
+pt_tracee_wipedoutq(pt_tracee_t *headp)
+{
+  pt_tracee_t *current = headp;
+
+  while (current) {
+    if (current->dead == 0) {
+      return 0;
+    }
+
+    current = current->next;
+  }
+
+  return 1;
+}
+
+void
+pt_tracee_free(pt_tracee_t **headpp)
+{
+  pt_tracee_t *tracee = *headpp;
+
+  if (tracee) {
+    pt_tracee_free(&tracee->next);
+
+    free(tracee);
+    tracee = NULL;
+  }
+}
+
+int
+pt_tracee_length(pt_tracee_t *tracee)
+{
+  pt_tracee_t *current;
+  int length = 0;
+
+  if (tracee == NULL) {
+    return length;
+  }
+
+  current = tracee;
+
+  do {
+    length++;
+  } while ((current = current->next) != NULL);
+
+  return length;
+}

data/ext/process_tail/pt_tracee.h

@@ -0,0 +1,20 @@
+#ifndef PT_TRACEE_H
+#define PT_TRACEE_H
+
+#include <sys/types.h>
+
+typedef struct pt_tracee {
+  pid_t pid;
+  int activated;
+  int dead;
+  struct pt_tracee *next;
+} pt_tracee_t;
+
+void pt_tracee_initialize(pt_tracee_t *tracee);
+pt_tracee_t *pt_tracee_add(pt_tracee_t **headpp, pid_t pid);
+pt_tracee_t *pt_tracee_find_or_add(pt_tracee_t **headpp, pid_t pid);
+int pt_tracee_wipedoutq(pt_tracee_t *headp);
+void pt_tracee_free(pt_tracee_t **headpp);
+int pt_tracee_length(pt_tracee_t *tracee);
+
+#endif

data/lib/process_tail.rb

@@ -1,87 +1,107 @@
-require 'thread'
 require 'process_tail/process_tail'
 require 'process_tail/version'
+require 'erb'
+require 'thread'
 
 module ProcessTail
-  TRACE_LOCK = Mutex.new # NOTE For now, ProcessTail can't trace multiple processes at the same time
-
-  class << self
-    def open(pid, fd = :stdout)
-      read_io, write_io = IO.pipe
-      trace_thread      = trace(pid, fd) {|str, *|
-        unless read_io.closed?
-          write_io.write str
-        else
-          trace_thread.kill
-        end
-      }
+  module ReadIOExtension
+    attr_accessor :process_tail_after_close
+
+    def close
+      super
+    ensure
+      if hook = process_tail_after_close
+        hook.call
+      end
+    end
+  end
 
-      wait_thread = fork_wait_thread(trace_thread, [read_io, write_io])
+  class Tracer
+    def attach
+      case
+      when respond_to?(:ptrace_attach, true)
+        ptrace_attach
+      when respond_to?(:dtrace_attach, true)
+        dtrace_attach
+      else
+        raise NotImplementedError
+      end
 
-      if block_given?
-        value = yield(read_io)
+      self
+    end
 
-        trace_thread.kill
-        wait_thread.join
+    def wait
+      trace_thread.join
 
-        value
-      else
-        read_io
-      end
+      self
+    rescue StopTracing
+      # NOP
     end
 
-    def trace(pid, fd = :stdout, &block)
-      TRACE_LOCK.synchronize {
-        trace_without_lock(pid, fd, &block)
-      }
+    def detach
+      trace_thread.kill if trace_thread.alive?
+
+      wait
     end
 
     private
 
-    def trace_without_lock(pid, fd, &block)
-      task_ids     = extract_task_ids(pid)
-      wait_queue   = Queue.new
-      trace_thread = Thread.fork {
-        begin
-          task_ids.each do |tid|
-            attach tid
-          end
-
-          do_trace extract_fd(fd), wait_queue, &block
-        ensure
-          task_ids.each do |tid|
-            detach tid
-          end
-        end
-      }
+    def generate_dscript
+      template = File.read(File.join(__dir__, 'process_tail/process_tail.d'))
 
-      wait_all_attach task_ids, wait_queue
+      ERB.new(template).result(binding)
+    end
+  end
 
-      trace_thread
+  class << self
+    def each(pid)
+      tracer = trace(pid, :all) {|tid, fd, str|
+        yield tid, fd, str
+      }
+
+      tracer.wait
+    rescue StopTracing
+      # NOP
+    ensure
+      tracer.detach
     end
 
-    def fork_wait_thread(trace_thread, pipe)
-      Thread.fork {
-        begin
-          trace_thread.join
-        ensure
-          pipe.each do |io|
-            io.close unless io.closed?
-          end
+    def open(pid, fd = :stdout)
+      read_io, write_io = IO.pipe
+
+      tracer = trace(pid, fd) {|tid, fd_num, str|
+        unless read_io.closed?
+          write_io.write str
+        else
+          write_io.close
+          process_tail.detach
         end
       }
-    end
 
-    def wait_all_attach(task_ids, waitq)
-      task_ids.size.times do
-        waitq.deq
+      read_io.extend ReadIOExtension
+      read_io.process_tail_after_close = -> {
+        write_io.close unless write_io.closed?
+        tracer.detach
+      }
+
+      block_given? ? yield(read_io) : read_io
+    rescue StopTracing
+      # NOP
+    ensure
+      if block_given?
+        [read_io, write_io].each do |io|
+          io.close unless io.closed?
+        end
       end
     end
 
-    def extract_task_ids(pid)
-      Dir.open("/proc/#{pid}/task") {|dir|
-        dir.entries.grep(/^\d+$/).map(&:to_i)
-      }
+    private
+
+    def trace(pid, fd, &block)
+      pt = Tracer.new(pid, extract_fd(fd), &block)
+      pt.attach
+
+      pt
     end
 
     def extract_fd(name)

data/lib/process_tail/process_tail.d

@@ -0,0 +1,77 @@
+inline int PID = <%= pid %>;
+inline int FD  = <%= fd %>;
+
+dtrace:::BEGIN
+{
+  processes[pid] = 0;
+  self->child    = 0;
+}
+
+syscall:::entry
+/processes[ppid] == -1 && self->child == 0/
+{
+  self->child = 1;
+}
+
+syscall:::entry
+/processes[ppid] > 0 && self->child == 0/
+{
+  this->vforking_tid = processes[ppid];
+  self->child        = (this->vforking_tid == tid) ? 0 : 1;
+}
+
+syscall:::entry
+/pid == PID || self->child/
+{
+  self->tracked = 1;
+  self->arg0 = arg0;
+  self->arg1 = arg1;
+  self->arg2 = arg2;
+}
+
+syscall::fork:entry
+/self->tracked/
+{
+ processes[pid] = -1;
+}
+
+syscall::vfork:entry
+/self->tracked/
+{
+ processes[pid] = tid;
+}
+
+syscall::exit:entry
+{
+ self->child    = 0;
+ processes[pid] = 0;
+}
+
+syscall::exit:entry
+/pid == PID/
+{
+  exit(0);
+}
+
+syscall:::entry
+/!((probefunc == "write" || probefunc == "write_nocancel") && (FD == 0 || self->arg0 == FD))/
+{
+  self->tracked = 0;
+  self->arg0 = 0;
+  self->arg1 = 0;
+  self->arg2 = 0;
+}
+
+syscall::write:return,
+syscall::write_nocancel:return
+/self->tracked/
+{
+  trace(pid);                                /* pid     */
+  trace(self->arg0);                         /* fd      */
+  trace(stringof(copyin(self->arg1, arg0))); /* content */
+
+  self->tracked = 0;
+  self->arg0 = 0;
+  self->arg1 = 0;
+  self->arg2 = 0;
+}

data/lib/process_tail/version.rb

@@ -1,3 +1,3 @@
 module ProcessTail
-  VERSION = '0.0.4'
+  VERSION = '0.0.5'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: process_tail
 version: !ruby/object:Gem::Version
-  version: 0.0.4
+  version: 0.0.5
 platform: ruby
 authors:
 - Hika Hibariya
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-02-15 00:00:00.000000000 Z
+date: 2015-02-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -84,7 +84,15 @@ files:
 - bin/process_tail
 - ext/process_tail/extconf.rb
 - ext/process_tail/process_tail.c
+- ext/process_tail/process_tail.h
+- ext/process_tail/pt_dtrace.c
+- ext/process_tail/pt_dtrace.h
+- ext/process_tail/pt_ptrace.c
+- ext/process_tail/pt_ptrace.h
+- ext/process_tail/pt_tracee.c
+- ext/process_tail/pt_tracee.h
 - lib/process_tail.rb
+- lib/process_tail/process_tail.d
 - lib/process_tail/version.rb
 - process_tail.gemspec
 - spec/process_tail_spec.rb