In this lightning talk, we would like to share our experiences
regarding a couple of software engineering tools we wrote. Those are
all based on syscall instrumentation, and they are daily used in an
industrial environment:
PRoot is initially a user-mode implementation of some kernel
features: chroot, mount --bind, binfmtmisc, ... Its original
purpose is to build and to validate programs on systems that are
supposed to be not compatible (distro, kernel, CPU, ...). PRoot
does not require any privileges since it relies only on ptrace,
processvm_[read|write]v, and seccomp-filter to observe and modify
syscalls between programs and the kernel. With time, PRoot has
become a generic Linux process instrumentation engine, used by the
two following tools.
-- http://proot.me, GPLv2+
CARE -- short for "Comprehensive Archiver for Reproducible
Executions" -- creates automatically an archive that contains all
the material required to re-execute the monitored programs in their
original context (environment, files, expected kernel features,
...). CARE is typically useful to get reliable bug reports,
demonstrations, academic experiences, tutorials, ...
-- http://reproducible.io, GPLv2+
DepsTracker observes the execution of any processes in order to
compute their mutual dependencies with respect to the file-system.
It is currently used to re-generate highly parallel build-systems
that are then dispatched by another tool on build-farms, in order
to find the best performance by brute-forcing compiler internal
configuration.
-- not published publicly, GPLv2+