@(#)r3csrs.htm 1.5 - 04/07/04
1.3 Definitions, Acronyms and Abbreviations
2.5 Assumptions and Dependencies
3.1.1 Command Line Interpreter Subfunction
3.1.2 File Instrumentor Subfunction
3.2 External Interface Requirements
3.2.1 Command Line Description
Appendix A - Supported Trace Manager Subfunctions
Appendix B - Example of Instrumentation
Appendix C - Verification Cross-Reference
Table
1.0 Introduction
1.1 Purpose
This SRS states the requirements for the Recon Instrumentor for C/C++. It is intended as a guide for developers, testers, and maintainers of this software component.
The Recon3 Instrumentor for C/C++,
r3cinst, is part of the Recon3 tool set for
dynamic analysis of software [AR3] which is, in turn, a
major upgrade and extension of the Recon2 software
reconnaissance tool [Recon2].
The main benefit of r3cinst, when used with
the Recon3 tool set, is to facilitate the understanding or
debugging of C/C++ programs using techniques such as software
reconnaissance [SR95].
|
Decision Construct |
A statement or sequence of statements where a boolean or
multiple-choice branch is indicated in the Target
Program. For C/C++, this consists of |
|
Developer |
The individual or organization that is implementing
|
|
Instrumentation Statements |
Function calls to subprograms in the Trace Manager
interface. The calls are written to the Instrumented
Target Program by |
|
Instrumented Target Program |
The output file from |
|
Instrumentor |
The component of Recon3 that instruments source code for a specific language. |
|
Target Program |
The original program that serves as input to
|
|
Trace Analyzer |
The component of Recon3 that analyzes the output from the Trace Manager. |
|
Trace Event |
The execution of an Instrumentation Statement in the Instrumented Target Program by the Trace Manager. The Trace Manager collects data records generated by Trace Events and writes Trace Records to an output trace file. The Trace Analyzer analyzes this file to locate program features in the Target Program. |
|
Trace Manager |
The component of Recon3 that uses the Instrumented
Target Program produced by |
|
Trace Records |
An informational record output by the Trace Manager representing a Trace Event |
|
[AR3] |
"Architecture of Recon3" Norman Wilde, Laura White, Aaron Tarnosky |
|
[ANSI] |
"The Annotated ANSI C Standard" Annotated by H. Schildt. ISBN: 0-07-881952-0 Publisher: McGraw-Hill. |
|
[Recon2] |
Code and documents for the Recon2 system available at http://www.cs.uwf.edu/~wilde/recon. |
|
[SR95] |
"Software Reconnaissance: Mapping Program Features to Code", N. Wilde and M. Scully, Journal of Software Maintenance, Vol. 7, pp. 49-62, (1995). |
|
[TM SRS] |
"Recon3 C/C++ Trace Manager - SRS" |
This SRS follows the IEEE - STD - 830 - 1998 standard. Section
2 gives an overview of r3cinst and its functional
and other requirements. Section 3 describes the requirements more
specifically. Appendix A describes the Trace Manager
subfunction calls that are included in the instrumentation
statements. Appendix B gives an example of a Target
Program and an Instrumented Target Program.
Appendix C contains the Verification Cross-Reference Table
which maps each specific requirement to the system-level test
where it is verified.
Terms defined in section 1.3 will appear in emphasis, like this.
Program names, file names, and C/C++ language
constructs will appear in CODE format like
this.
[Brief explanations of the rationale for certain requirements are given in block quotes like this one.]
r3cinst is the Recon3 Instrumentor for C/C++.
It creates instrumented copies of C/C++ source files that are
used by the Trace Manager. It does this by reading
in a Target Program which is the C/C++ source code,
inserting instrumentation statements, and writing
the instrumented code to an output file,
the Instrumented Target Program.
Figure 1 shows how r3cinst will
work with other components of Recon3.
The user invokes r3cinst using a command
line interface. Each time it is invoked,
r3cinst instruments one C/C++ source file.
When the user has instrumented all (or a subset) of the C/C++
files making up his Target Program, he uses his C/C++
compiler to produce an executable from the Instrumented
Target and the Trace Manager interface. This new
executable is run with appropriate test data to exercise specific
features of the program. For each test case, the Trace
Manager creates a file of trace records detailing
program branch path execution based on the Instrumentation
Statements. These files are then input to the Trace
Analyzer for comparison and the results of the analysis
are output.
r3cinst using a command
line interface. The source filename for the
Target Program and the destination filename for the
Instrumented Target Program are input at the command line.
Switches are used to indicate what program features (entry points,
exit points, returns, and/or decisions) should be instrumented. The
level of verbosity, which controls the amount of informational
messages provided to the user during instrumentation, may also be
set with a command line switch.
r3cinst
- e switch is used,
r3cinst will insert instrumentation at the entry point
of any function, including main(). If the - r switch
is used, r3cinst will insert instrumentation whenever
it encounters an explicit or an implicit RETURN. If
the - x switch is set, r3cinst will insert
instrumentation whenever it encounters an EXIT statement.
If the - d switch is used, r3cinst will
insert instrumentation whenever it encounters a Decision
Construct. If a verbose level was entered at the command line,
a progress message will display when the corresponding instrumentation
level is processed.
The user is expected to be an experienced programmer.
He will be familiar particularly with how to compile
and run the Target Program.
2.4 General Constraints
To facilitate portability and maintainability
r3cinst will be implemented using standard
ANSI C [ANSI] to the greatest extent possible.
With respect to pre-ANSI C code, r3cinst
shall only be capable of instrumenting decisions.
The instrumentation statements introduced by
r3cinst consist of calls to the external subprograms
in the TraceManager and must conform to the syntax
specified in [TM SRS]. The subprogram calls supported by
r3cinst are detailed in Appendix A.
None.
3.0 Specific Requirement
3.1 Functional Requirements
r3cinst has two main functions:
r3cinst FUNCTIONAL
FLOW DIAGRAM
The Command Line Interpreter accepts command line entries and parses them to determine the source file, the destination file, and the instrumentation and verbosity levels desired by the user. It ensures that the source filename points to a valid Target Program. An output file is created for the Instrumented Target Program from the destination filename specified on the command line, or if a file of that name already exists, warns the user that the existing output file will be overwritten. It outputs usage instructions if the command line syntax is incorrect or file parameters are missing. The Command Line Interpreter also outputs error messages if a fatal error is encountered. The command line syntax is defined in section 3.2.1.
|
NAME |
SOURCE |
|
Verbose Switch -- Level of Verbosity |
Command Line Input |
|
Instrumentation Level |
Command Line Input |
|
Source Filename |
Command Line Input |
|
Destination Filename |
Command Line Input |
r3cinst shall [1] parse the command line arguments to
determine the VERBOSITY, INSTRUMENTATION LEVEL, TARGET NAME and
INSTRUMENTED TARGET NAME.
If a valid INSTRUMENTATION LEVEL is encountered, r3cinst
shall [2] set the corresponding EVENT MASK.
If the VERBOSE SWITCH with a LEVEL OF VERBOSITY is specified,
r3cinst shall [3] set the corresponding VERBOSITY LEVEL.
If an invalid switch is encountered, r3cinst shall
[4] terminate execution and output USAGE INSTRUCTIONS.
If the VERBOSE SWITCH contains an invalid LEVEL OF VERBOSITY,
r3cinst shall [5] terminate execution and output
USAGE INSTRUCTIONS.
If no switches are specified in the command line, r3cinst
shall [6] use the default settings for full instrumentation and
no verbosity.
If a SOURCE FILENAME and/or DESTINATION FILENAME is not specified,
r3cinst shall [7] terminate execution and output an
ERROR MESSAGE.
If the SOURCE FILENAME is the same as the DESTINATION FILENAME,
r3cinst shall [8] terminate execution and output
an ERROR MESSAGE.
If the SOURCE FILENAME or DESTINATION FILENAME points to a file that
cannot be opened, r3cinst shall [9] terminate execution
and output an ERROR MESSAGE.
If a relative path is specified in the SOURCE FILENAME,
r3cinst shall [10] output a WARNING.
If the file pointed to by the SOURCE FILENAME is successfully opened,
r3cinst shall [11] output TARGET NAME.
If the file pointed to by the DESTINATION FILENAME is successfully
opened, r3cinst shall [12] output INSTRUMENTED
TARGET NAME.
|
NAME |
DESTINATION |
|
Verbosity |
File Instrumentor |
|
Event Mask |
File Instrumentor |
|
Target Name |
File Instrumentor |
|
Instrumented Target Name |
File Instrumentor |
|
Error Message |
Standard Output |
|
Usage Instructions |
Standard Output |
|
Warning |
Standard Output |
3.1.2 File Instrumentor Subfunction
The File Instrumentor inserts instrumentation into the
Instrumented Target File when it encounters specific
types of statements and constructs and the appropriate flag has
been set from the command line arguments. These
Instrumentation Statements are calls to subprograms
within the Trace Manager interface and
must conform to the syntax defined in [TM SRS]. The Trace
Manager subfunctions supported by r3cinst
are detailed in Appendix B. Function entries are instrumented
at the first open brace in the function. Function returns
are instrumented at the keyword RETURN for
explicit RETURNs. Implicit RETURNs
are instrumented just before the last closing brace in a function.
Alternate RETURNs are distinguished by the
inclusion of line numbers in the instrumentation.
Function exits are instrumented at the keyword
EXIT.
In general, decisions are instrumented by inserting subprogram calls
appropriate to the value of the logical expression. For example, at
the TRUE branch of an IF statement, a call to R3TmiTrue
would be inserted. To cover the FALSE branch, a call to R3TmiFalse
would be inserted. In the case of a switch statement, a call to
R3TmiSwitch is inserted and the integer value of the case variable
is passed as one of the parameters.
r3cinst will insert instrumentation for the
following Decision Constructs:
FOR statement,WHILE statement,IF statement or an IF ELSE
construct, andSWITCH statement FOR or WHILE is not
instrumented. Experience using Recon2 indicated that both
branches of the loop decision are almost always executed
in every test case. Instrumenting these loops adds greatly
to the size of the trace of execution, but provides little
benefit to software reconnaissance.]
If a verbose level was specified at the command line, a progress message is sent to standard output when the corresponding instrumentation level is processed.
When r3cinst encounters statements that are
not specified in the requirements in para 3.1.1.2 and
para 3.1.2.2, it will copy them to the Instrumented
Target Program with as few changes as possible.
|
NAME |
SOURCE |
|
Verbosity |
Command Line Interpreter |
|
Event Mask |
Command Line Interpreter |
|
Target Name |
Command Line Interpreter |
|
Instrumented Target Name |
Command Line Interpreter |
r3cinst shall [1] write the prototypes for
the Trace Manager interface to the top of the INSTRUMENTED
TARGET PROGRAM.
When EVENT MASK is set to DECISION and an IF or IF ELSE decision
construct is encountered, r3cinst shall [2] write
DECISION INSTRUMENTATION to the INSTRUMENTED TARGET PROGRAM.
When EVENT MASK is set to DECISION and a WHILE decision
construct is encountered, r3cinst shall [3] write
DECISION INSTRUMENTATION to the INSTRUMENTED TARGET PROGRAM.
When EVENT MASK is set to DECISION and a FOR decision
construct is encountered, r3cinst shall [4] write
DECISION INSTRUMENTATION to the INSTRUMENTED TARGET PROGRAM.
When EVENT MASK is set to DECISION and a SWITCH decision
construct is encountered, r3cinst shall [5] write
DECISION INSTRUMENTATION to the INSTRUMENTED TARGET PROGRAM.
When EVENT MASK is set to ENTRY and a function entry is
encountered, r3cinst shall [6] write ENTRY
INSTRUMENTATION to the INSTRUMENTED TARGET PROGRAM.
When EVENT MASK is set to RETURN and an explicit return is
encountered, r3cinst shall [7] write RETURN
INSTRUMENTATION to the INSTRUMENTED TARGET PROGRAM.
When EVENT MASK is set to RETURN and an implicit return
is encountered, r3cinst shall [8] write RETURN
INSTRUMENTATION to the INSTRUMENTED TARGET PROGRAM.
When EVENT MASK is set to EXIT and an exit statement is
encountered, r3cinst shall [9] write EXIT
INSTRUMENTATION to the INSTRUMENTED TARGET PROGRAM.
r3cinst shall [10] output PROGRESS INDICATORS
to standard output according to the VERBOSITY specified.
|
NAME |
DESTINATION |
|
Decision Instrumentation |
Instrumented Target Program |
|
Entry Instrumentation |
Instrumented Target Program |
|
Exit Instrumentation |
Instrumented Target Program |
|
Progress Indicators |
Standard Output |
|
Return Instrumentation |
Instrumented Target Program |
3.2 External Interface Requirements
3.2.1 Command Line
To instrument a single source file, the user invokes
r3cinst [-derx][-v[level]]source
dest r3cinst using a command line of the
following form:
where source is the path
of the C/C++ source file to be instrumented, and
dest is the path for the instrumented copy of
the source file. The instrumentation flags 'd', 'e', 'r'
and 'x' may be present in any combination to indicate the
kinds of statements and constructs to be instrumented:
d - denotes decision instrumentation
e - denotes function entry instrumentation
r - denotes function return instrumentation
x - denotes function exit instrumentation
If no instrumentation flags are specified, the assumed default is '-derx'.
The -v flag specifies the "verbosity level" for warning and progress messages. Each level builds on the preceding level. The levels of verbosity are:
0 = OFF
1 = Functions
2 = Statements and Functions
3 = Tokens, Statements and Functions
4 = Debug Information plus Tokens, Statements and Functions
If no verbosity level is specified, the default is '0'.
If the command line does not provide valid source and
destination files, valid flags, and/or the proper number
of arguments, a "usage" message is printed and
r3cinst exits. The switches entered at the
command line may be in any order.
The Target Program source file is expected to
consist of one or more C/C++ functions.
r3cinst will only process Target
Programs that conform to the ANSI 92 C/C++
standard [ANSI]. Multiple statements on a line may not
be instrumented correctly.
C/C++ implementations differ considerably; most
compilers provide extensions that go beyond the language
standards. A priority for r3cinst is that it
should be usable for as many C/C++ programs as possible.
Thus, if r3cinst encounters statements
that it does not recognize, it will copy them to the
Instrumented Target Program with as few changes as
possible.
Error messages and warnings will be implemented according to the following general policy:
r3cinst encounters an error that will
probably impede it from producing a valid C/C++ program
equivalent to the Instrumented Target Program, it
will write a meaningful error message to standard output
and exit.r3cinst encounters an input that is
unrecognized, but that may not impede it from producing a
valid C/C++ program equivalent to the Instrumented
Target Program, it will write a warning to standard
output.r3cinst
See section (2.4).
3.5 Attributes
None.
3.6 Other Requirements
None.
Appendix A - Supported Trace Manager
Subprograms
For a complete list of the subfunctions contained in the
Trace Manager, see [TM SRS]. The Trace Manager subfunctions
supported by r3cinst are:
|
PROTOTYPES |
DESCRIPTION |
|
int R3TmiTrue (char *filename, int line); return (1); |
filename: name of the source file in which the Trace Event occurred. line: line number in the source file at which the Trace Event occurred. |
|
int R3TmiFalse(char *filename, int line); return (0); |
filename: name of the source file in which the Trace Event occurred. line: line number in the source file at which the Trace Event occurred. |
|
int R3TmiSwitch(char *filename, int line, int value); return (value); |
filename: name of the source file in which the Trace Event occurred. line: line number in the source file at which the Trace Event occurred. value: integer value of the switch decision |
|
void R3TmiEntry(char *filename, int line, char *function); |
filename: name of the source file in which the Trace Event occurred. line: line number in the source file at which the Trace Event occurred. function: name of the function in which the Trace Event occurred. |
|
void R3TmiReturn(char *filename, int line, char *function); |
filename: name of the source file in which the Trace Event occurred. line: line number in the source file at which the Trace Event occurred. function: name of the function in which the Trace Event occurred. |
Appendix B - Instrumentation Example
This is an example of the output from r3cinst. The original
source code for demo.c is the Target Program. The
Instrumented Target
Program is the output from r3cinst showing the
instrumentation for Entry, Return and Decision (IF)
Constructs.
Target Program:
#includevoid ENT1(int x); void ENT2(int x); int main() { int Y = 10; ENT1(Y); ENT2(Y); return 0; } /* Function ENT1 */ void ENT1 (int X) { float PI = 3.14; float Result; Result = PI * X; printf("Result: %f\n", Result); } /* Function ENT2 */ void ENT2(int X) { float TWO_PI = 6.28; float Result; if (X = 10) { Result = Two_PI * X; printf("Result: %f\n", Result); } }
Instrumented Target Program:
#include "r3.h" #include "r3tminf.h" #static char *R3I_path="/usr/cs/r3/demo.c" #includevoid ENT1 (int x); void ENT2 (int x); int main() {int R3I_entry = R3TmiEntry(R3I_path,7,"main"); int Y = 10; ENT1(Y); ENT2(Y); {R3TmiReturn(R3I_path,12,"main");return 0;} R3TmiReturn(R3I_path,13,"main");} /* function ENT1 */ void ENT1 (int X) {int R3I_entry = R3TmiEntry(R3I_path,18,"ENT1"); float PI = 3.14; float Result; Result = PI * X; printf ("Result: %f\n", Result); R3TmiReturn(R3I_path,24,"ENT1");} /* function ENT2 */ void ENT2 (int X) {int R3I_entry = R3TmiEntry(R3I_path,29,"ENT2"); float TWO_PI = 6.28; float Result; if ((X = 10)?R3TmiTrue(R3I_path,33):R3TmiFalse(R3I_path,33)) { Result = TWO_PI * X; printf ("Result: %f\n", Result); } R3TmiReturn(R3I_path,37,"ENT2");}
|
SHALL # |
REQUIREMENT |
TEST ID |
|
3.1.1.2[1] |
|
TEST ID[1] |
|
3.1.1.2[2] |
If a valid INSTRUMENTATION LEVEL is encountered,
|
TEST ID[2] |
|
3.1.1.2[3] |
If the VERBOSE SWITCH with a LEVEL OF VERBOSITY is
specified, |
TEST ID[3] |
|
3.1.1.2[4] |
If an invalid switch is encountered, |
TEST ID[4] |
|
3.1.1.2[5] |
If the VERBOSE SWITCH contains an invalid LEVEL OF
VERBOSITY, |
TEST ID[5] |
|
3.1.1.2[6] |
If no switches are specified in the command line,
|
TEST ID[6] |
|
3.1.1.2[7] |
If either a SOURCE FILENAME or DESTINATION FILENAME
is not specified, |
TEST ID[7] |
|
3.1.1.2[8] |
If the SOURCE FILENAME is the same as the
DESTINATION FILENAME, |
TEST ID[8] |
|
3.1.1.2[9] |
If the SOURCE FILENAME or DESTINATION FILENAME points
to a file that cannot be opened, |
TEST ID[9] |
|
3.1.1.2[10] |
If a relative path is specified in the SOURCE FILENAME,
|
TEST ID[10] |
|
3.1.1.2[11] |
If the file pointed to by the SOURCE FILENAME is
successfully opened, |
TEST ID[11] |
|
3.1.1.2[12] |
If the file pointed to by the DESTINATION FILENAME is
successfully opened, |
TEST ID[12] |
|
3.1.2.2[1] |
|
TEST ID[13] |
|
3.1.2.2[2] |
When EVENT MASK is set to DECISION and an IF or IF ELSE
decision construct is encountered, |
TEST ID[14] |
|
3.1.2.2[3] |
When EVENT MASK is set to DECISION and a WHILE decision
construct is encountered, |
TEST ID[15] |
|
3.1.2.2[4] |
When EVENT MASK is set to DECISION and a FOR decision
construct is encountered, |
TEST ID[16] |
|
3.1.2.2[5] |
When EVENT MASK is set to DECISION and a SWITCH decision
construct is encountered, |
TEST ID[17] |
|
3.1.2.2[6] |
When EVENT MASK is set to ENTRY and a function entry
is encountered, |
TEST ID[18] |
|
3.1.2.2[7] |
When EVENT MASK is set to RETURN and an explicit
return is encountered, |
TEST ID[19] |
|
3.1.2.2[8] |
When EVENT MASK is set to RETURN and an implicit
return is encountered, |
TEST ID[20] |
|
3.1.2.2[9] |
When EVENT MASK is set to EXIT and an exit statement
is encountered, |
TEST ID[21] |
|
3.1.2.2[10] |
r3cinst shall [10] output PROGRESS INDICATORS
to standard output according to the VERBOSITY
specified. |
TEST ID[22] |