Identifying Build Requisites via System Call Tracing
Artemiy Maksimovich GRANAT,
Pavel Dmitrievich DUNAEV,
Artem Aleksandrovich SINKEVICH,
Inna Aleksandrovna BATRAEVA,
Dmitriy Yurievich PETROV https://doi.org/10.15514/ISPRAS-2024-36(5)-2
Abstract
In this work, we discuss methods for identifying build requisites, and describe their strengths and weaknesses. The buildography tool is presented that provides logging of the build process by tracking system calls. An estimate of the time spent on build process using the buildography tool is given.
About the Authors
Artemiy Maksimovich GRANAT
Institute for System Programming of the Russian Academy of Sciences,
Higher School of Economics
Russian Federation
Russian Federation
Senior Laboratory technician at Ivannikov Institute for System Programming of the Russian Academy of Sciences, 1st year Master’s student at Higher School of Economics. Research interests: compilers, operating systems, computer networks.
Pavel Dmitrievich DUNAEV
Institute for System Programming of the Russian Academy of Sciences
Russian Federation
Russian Federation
Postgraduate student at Ivannikov Institute for System Programming of the Russian Academy of Sciences. Research interests: compilers, operating systems, discrete mathematics.
Artem Aleksandrovich SINKEVICH
Institute for System Programming of the Russian Academy of Sciences,
Saratov State University
Russian Federation
Russian Federation
Senior Laboratory technician at Ivannikov Institute for System Programming of the Russian Academy of Sciences, 2nd year Master’s student at Saratov State University. Research interests: compilers, discrete mathematics, neural networks.
Inna Aleksandrovna BATRAEVA
Saratov State University
Russian Federation
Russian Federation
Cand. Sci. (Phys.-Math.), Associate Professor, Head of the Department of Programming Technologies. Research interests: discrete mathematics, automata theory, theory of formal languages and grammars, information systems in theoretical and applied linguistics.
Dmitriy Yurievich PETROV
Saratov State University,
Institute for Problems of Precision Mechanics and Control
Russian Federation
Russian Federation
Cand. Sci. (Tech.) in Engineering, Senior Researcher of the Laboratory of System Problems of Control and Automation in Mechanical Engineering; Associate Professor of the Department of System Analysis and Automatic, Saratov State University. Research interests: system analysis, model-based system engineering, functional and simulation modeling, avionics and automated control systems.
References
1. ГОСТ Р 71206-2024 «Защита информации. Разработка безопасного программного обеспечения. Безопасный компилятор языков C/C++. Общие требования». М., Российский институт стандартизации, 2024, 20 с.
2. Clang Static Analyzer, Available at: https://clang-analyzer.llvm.org/, accessed 28.04.2024.
3. Baloglu B. How to find and fix software vulnerabilities with coverity static analysis //2016 IEEE Cybersecurity Development (SecDev). – IEEE, 2016. – С. 153-153.
4. А.А. Белеванцев, А.О. Избышев, Д.М. Журихин. Организация контролируемой сборки в статическом анализаторе Svace. Системный администратор, выпуск 6-7 (176-177), 2017, стр. 135-139.
5. Build EAR, Available at: https://github.com/rizsotto/Bear, accessed 28.04.2024.
6. Compilation Database Generator, Available at: https://github.com/nickdiego/compiledb, accessed 28.04.2024.
7. Guo P. CDE: A tool for creating portable experimental software packages //Computing in Science & Engineering. – 2012. – Т. 14. – №. 4. – С. 32-35.
8. JSON Compilation Database Format Specification, Available at: https://clang.llvm.org/docs/JSONCompilationDatabase.html, accessed 28.04.2024.
9. Баев Р.В., Скворцов Л.В., Кудряшов Е.А., Бучацкий Р.А., Жуйков Р.А. Предотвращение уязвимостей, возникающих в результате оптимизации кода с неопределенным поведением. Труды ИСП РАН, том 33, вып. 4, 2021 г., стр. 195-210. DOI: 10.15514/ISPRAS–2021–33(4)–14./ Baev R.V., Skvortsov L.V., Kudryashov E.A., Buchatskiy R.A., Zhuykov R.A. Prevention of vulnerabilities arising from optimization of code with Undefined Behavior. Trudy ISP RAN/Proc. ISP RAS, vol. 33, issue 4, 2021. pp. 195-210 (in Russian). DOI: 10.15514/ISPRAS–2021–33(4)–14.
10. GCC, Available at: https://gcc.gnu.org/, accessed 28.04.2024.
11. Vangoor B. K. R., Tarasov V., Zadok E. To FUSE or not to FUSE: Performance of User-Space file systems //15th USENIX Conference on File and Storage Technologies (FAST 17). – 2017. – С. 59-72.
12. Love R. Kernel korner: Intro to inotify //Linux Journal. – 2005. – Т. 2005. – №. 139. – С. 8.
13. Keniston J. et al. Ptrace, utrace, uprobes: Lightweight, dynamic tracing of user apps //Proceedings of the 2007 Linux symposium. – 2007. – Т. 1. – С. 215-224.
14. Padala P. Playing with ptrace, Part I //Linux Journal. – 2002. – Т. 103. – №. 5.
15. Padala P. Playing with ptrace, part II //Linux J. – 2002. – Т. 104. – С. 4.
16. Ptrace Notes, Available at: https://shachaf.net/tmp/ptrace-notes.txt, accessed 28.04.2024.
Review
For citations:
GRANAT A.M., DUNAEV P.D., SINKEVICH A.A., BATRAEVA I.A., PETROV D.Yu. Identifying Build Requisites via System Call Tracing. Proceedings of the Institute for System Programming of the RAS (Proceedings of ISP RAS). 2024;36(5):17-30. (In Russ.) https://doi.org/10.15514/ISPRAS-2024-36(5)-2
Email this article 