In this lightning talk, we would like to share our experiences regarding a couple of software engineering tools we wrote. Those are all based on syscall instrumentation, and they are daily used in an industrial environment:

1. PRoot is initially a user-mode implementation of some kernel features: chroot, mount --bind, binfmtmisc, ... Its original purpose is to build and to validate programs on systems that are supposed to be not compatible (distro, kernel, CPU, ...). PRoot does not require any privileges since it relies only on ptrace, processvm_[read|write]v, and seccomp-filter to observe and modify syscalls between programs and the kernel. With time, PRoot has become a generic Linux process instrumentation engine, used by the two following tools.

   -- http://proot.me, GPLv2+

2. CARE -- short for "Comprehensive Archiver for Reproducible Executions" -- creates automatically an archive that contains all the material required to re-execute the monitored programs in their original context (environment, files, expected kernel features, ...). CARE is typically useful to get reliable bug reports, demonstrations, academic experiences, tutorials, ...

   -- http://reproducible.io, GPLv2+

3. DepsTracker observes the execution of any processes in order to compute their mutual dependencies with respect to the file-system. It is currently used to re-generate highly parallel build-systems that are then dispatched by another tool on build-farms, in order to find the best performance by brute-forcing compiler internal configuration.

   -- not published publicly, GPLv2+