Developer Productivity Engineering in the Complex Low-Level Systems World

Software systems powering OS kernels, basebands, bootloaders, firmware, IoT or automotive build the foundation of infrastructure that billions of people rely on every day. Developing and maintaining such systems is challenging as they usually consist of a very large number of source files, have multiple configurations, hundreds of modules and various custom build steps. Therefore, tools that help engineers navigate through the growing complexity of low-level systems are highly desirable.

In this talk we present various developer productivity engineering (DPE) techniques that we developed and used in the last few years to ensure high performance and effectiveness of engineers working on the system layer of the OS. The cornerstone of these techniques is our novel Code Aware Services (CAS) [1] toolchain which opens up new possibilities for DPE-related applications.

CAS is a set of tools for extracting information from the build process and the source code. This includes data such as how a particular software image is created or information on functions, types and dependencies across them. CAS makes this data easily accessible to external applications.

In the talk we will first present core components of CAS: low-overhead build tracer module, clang-based source code processor and Python libraries used for application development. Then, we will talk about selected DPE techniques and tools developed on top of CAS.

One DPE tool we will present is Build Awareness Service: a system which provides detailed information acquired during the full build of a product. We will demonstrate how this information could be used to improve various aspects of S/W Engineer’s job:

• better code search and IDE indexing enhancements
• using build-related data to automate various S/W related operations, e.g. generate custom Makefiles for partial/incremental builds or fine-grained static analysis, provide process visualization, build dependency analysis, execution time measurements etc

In our talk we will also demonstrate how the code information provided by CAS can help to write applications that operate mainly on source code. Some of the use cases in this domain include: interface extraction, support for structure aware fuzzing and automated test harness generation.

CAS was first introduced at the Linux Security Summit NA’22 [2], where we put the emphasis on how CAS supports security code review process and automation of vulnerability detection. In this talk we would like to focus on how CAS can be used in a more general S/W Engineering context at the scale of a very large product code base.

[1] https://github.com/samsung/CAS
[2] https://youtu.be/M7gl7MFU_Bc?t=648