void radioReceive(void)
{
int rval = recvfrom(sSockFd, &sReceiveMessage, sizeof(sReceiveMessage), 0, NULL, NULL);
assert(rval >= 0);
sReceiveFrame.mLength = rval - 1;
if (sAckWait)
{
if (isFrameTypeAck(sReceiveFrame.mPsdu))
{
uint8_t tx_sequence = getDsn(sTransmitFrame.mPsdu);
uint8_t rx_sequence = getDsn(sReceiveFrame.mPsdu);
if (tx_sequence == rx_sequence)
{
sState = kStateReceive;
sAckWait = false;
otPlatRadioTransmitDone(isFramePending(sReceiveFrame.mPsdu), kThreadError_None);
}
}
}
else
{
if (sReceiveFrame.mChannel == sReceiveMessage.mChannel)
{
radioProcessFrame();
}
}
}
void radioSendMessage(void)
{
sTransmitMessage.mChannel = sTransmitFrame.mChannel;
radioTransmit(&sTransmitMessage, &sTransmitFrame);
sAckWait = isAckRequested(sTransmitFrame.mPsdu);
if (!sAckWait)
{
sState = kStateReceive;
otPlatRadioTransmitDone(false, kThreadError_None);
}
}
void TestFuzz(uint32_t aSeconds)
{
// Set the radio capabilities to disable any Mac related timer dependencies
g_testPlatRadioCaps = (otRadioCaps)(kRadioCapsAckTimeout | kRadioCapsTransmitRetries);
// Set the platform function pointers
g_TransmitRadioPacket.mPsdu = g_TransmitPsdu;
g_testPlatRadioIsEnabled = testFuzzRadioIsEnabled;
g_testPlatRadioEnable = testFuzzRadioEnable;
g_testPlatRadioDisable = testFuzzRadioDisable;
g_testPlatRadioReceive = testFuzzRadioReceive;
g_testPlatRadioTransmit = testFuzzRadioTransmit;
g_testPlatRadioGetTransmitBuffer = testFuzztRadioGetTransmitBuffer;
// Initialize our timing variables
uint32_t tStart = otPlatAlarmGetNow();
uint32_t tEnd = tStart + (aSeconds * 1000);
otInstance *aInstance;
#ifdef _WIN32
uint32_t seed = (uint32_t)time(NULL);
srand(seed);
Log("Initialized seed = 0x%X", seed);
#endif
#ifdef OPENTHREAD_MULTIPLE_INSTANCE
size_t otInstanceBufferLength = 0;
uint8_t *otInstanceBuffer = NULL;
// Call to query the buffer size
(void)otInstanceInit(NULL, &otInstanceBufferLength);
// Call to allocate the buffer
otInstanceBuffer = (uint8_t *)malloc(otInstanceBufferLength);
VerifyOrQuit(otInstanceBuffer != NULL, "Failed to allocate otInstance");
memset(otInstanceBuffer, 0, otInstanceBufferLength);
// Initialize Openthread with the buffer
aInstance = otInstanceInit(otInstanceBuffer, &otInstanceBufferLength);
#else
aInstance = otInstanceInit();
#endif
VerifyOrQuit(aInstance != NULL, "Failed to initialize otInstance");
// Start the Thread network
otSetPanId(aInstance, (otPanId)0xFACE);
otInterfaceUp(aInstance);
otThreadStart(aInstance);
uint32_t countRecv = 0;
while (otPlatAlarmGetNow() < tEnd)
{
otProcessQueuedTasklets(aInstance);
if (g_testPlatAlarmSet && otPlatAlarmGetNow() >= g_testPlatAlarmNext)
{
g_testPlatAlarmSet = false;
otPlatAlarmFired(aInstance);
}
if (g_fRadioEnabled)
{
if (g_fTransmit)
{
g_fTransmit = false;
otPlatRadioTransmitDone(aInstance, &g_TransmitRadioPacket, true, kThreadError_None);
#ifdef DBG_FUZZ
Log("<== transmit");
#endif
}
if (g_RecvChannel != 0)
{
uint8_t fuzzRecvBuff[128];
RadioPacket fuzzPacket;
// Initialize the radio packet with a random length
memset(&fuzzPacket, 0, sizeof(fuzzPacket));
fuzzPacket.mPsdu = fuzzRecvBuff;
fuzzPacket.mChannel = g_RecvChannel;
fuzzPacket.mLength = (uint8_t)(otPlatRandomGet() % 127);
// Populate the length with random
for (uint8_t i = 0; i < fuzzPacket.mLength; i++)
{
fuzzRecvBuff[i] = (uint8_t)otPlatRandomGet();
}
// Clear the global flag
g_RecvChannel = 0;
// Indicate the receive complete
otPlatRadioReceiveDone(aInstance, &fuzzPacket, kThreadError_None);
countRecv++;
#ifdef DBG_FUZZ
Log("<== receive (%llu, %u bytes)", countRecv, fuzzPacket.mLength);
#endif
// Hack to get a receive poll immediately
otSetChannel(aInstance, 11);
}
}
}
Log("%u packets received", countRecv);
// Clean up the instance
otInstanceFinalize(aInstance);
#ifdef OPENTHREAD_MULTIPLE_INSTANCE
free(otInstanceBuffer);
#endif
}
