Hi, Quoting Paul Wise (2016-05-28 06:45:44) > I think it would be interesting to automatically track how each file > in a binary package was created and which files they were derived > from. Then we could automatically generate proper copyright files for > binary packages. That is a hard project so...
I was investigating this problem last year and as far as my research went, there is no tracing method in existence which reliably traces system calls in general, file system access or read/write operations while keeping track of the acting pid that is 100% reliable. The methods I found either were not transparent (and would thus break test suites) or suffered from race conditions where it was possible to register an operation but miss the pid the operation was carried out by or dropped operations if they occurred with a too-high frequency... Having such a reliable tracing method would give us the ability to reliably infer copyright information as well as generating structured build logs (knowing for each line in the build log the process (tree) that created it). Both of these would also tremendously help debugging problems. For example, for fixing reproducible build problems, I was often puzzled which program actually created a file that I was interested in for a source package that I am not familiar with. Unfortunately though, there seems to be no way to reliably trace process execution and read/write/open/close system calls without either sometimes missing information or breaking builds... cheers, josch
signature.asc
Description: signature
