Sync with a:FR (#75)
* AFR sync * AFR sync: CBMC * AFR sync: CBMC: remove .bak files * AFR sync: CBMC: more cleanup * Corrected CBMC proofs * Corrected CBMC patches * Corrected CBMC patches-1 * Corrected CBMC patches-2 * remove .bak files (3) Co-authored-by: Yuhui Zheng <10982575+yuhui-zheng@users.noreply.github.com>pull/76/head
parent
6557291e54
commit
cb7edd2323
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,64 @@
|
||||
/*
|
||||
* dump_packets.c
|
||||
* Used in the PC/Win project to dump Ethernet packets, along with some description.
|
||||
*/
|
||||
|
||||
#ifndef DUMP_PACKETS_H
|
||||
|
||||
|
||||
#define DUMP_PACKETS_H
|
||||
|
||||
#ifndef dumpMAX_DUMP_ENTRIES
|
||||
#define dumpMAX_DUMP_ENTRIES 16
|
||||
#endif
|
||||
|
||||
#define flag_ICMP4 0x00000001UL
|
||||
#define flag_ICMP6 0x00000002UL
|
||||
#define flag_UDP 0x00000004UL
|
||||
#define flag_TCP 0x00000008UL
|
||||
#define flag_DNS 0x00000010UL
|
||||
#define flag_REPLY 0x00000020UL
|
||||
#define flag_REQUEST 0x00000040UL
|
||||
#define flag_SYN 0x00000080UL
|
||||
#define flag_FIN 0x00000100UL
|
||||
#define flag_RST 0x00000200UL
|
||||
#define flag_ACK 0x00000400UL
|
||||
#define flag_IN 0x00000800UL
|
||||
#define flag_OUT 0x00001000UL
|
||||
#define flag_FRAME_ARP 0x00002000UL
|
||||
#define flag_ARP 0x00004000UL
|
||||
#define flag_UNKNOWN 0x00008000UL
|
||||
#define flag_FRAME_4 0x00010000UL
|
||||
#define flag_FRAME_6 0x00020000UL
|
||||
#define flag_Unknown_FRAME 0x00040000UL
|
||||
|
||||
typedef struct xDumpEntry
|
||||
{
|
||||
uint32_t ulMask;
|
||||
size_t uxMax;
|
||||
size_t uxCount;
|
||||
} DumpEntry_t;
|
||||
|
||||
typedef struct xDumpEntries
|
||||
{
|
||||
size_t uxEntryCount;
|
||||
DumpEntry_t xEntries[ dumpMAX_DUMP_ENTRIES ];
|
||||
} DumpEntries_t;
|
||||
|
||||
/*
|
||||
|
||||
*/
|
||||
|
||||
#if( ipconfigUSE_DUMP_PACKETS != 0 )
|
||||
|
||||
extern void dump_packet_init( const char *pcFileName, DumpEntries_t *pxEntries );
|
||||
#define iptraceDUMP_INIT( pcFileName, pxEntries ) \
|
||||
dump_packet_init( pcFileName, pxEntries )
|
||||
|
||||
extern void dump_packet( const uint8_t *pucBuffer, size_t uxLength, BaseType_t xIncoming );
|
||||
#define iptraceDUMP_PACKET( pucBuffer, uxLength, xIncoming ) \
|
||||
dump_packet( pucBuffer, uxLength, xIncoming )
|
||||
|
||||
#endif
|
||||
|
||||
#endif
|
@ -0,0 +1,52 @@
|
||||
/*
|
||||
* tcp_mem_stats.h
|
||||
*/
|
||||
|
||||
|
||||
#ifndef TCP_MEM_STATS_H
|
||||
|
||||
#define TCP_MEM_STATS_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
typedef enum xTCP_MEMORY
|
||||
{
|
||||
tcpSOCKET_TCP,
|
||||
tcpSOCKET_UDP,
|
||||
tcpSOCKET_SET,
|
||||
tcpSEMAPHORE,
|
||||
tcpRX_STREAM_BUFFER,
|
||||
tcpTX_STREAM_BUFFER,
|
||||
tcpNETWORK_BUFFER,
|
||||
} TCP_MEMORY_t;
|
||||
|
||||
#if( ipconfigUSE_TCP_MEM_STATS != 0 )
|
||||
|
||||
void vTCPMemStatCreate( TCP_MEMORY_t xMemType, void *pxObject, size_t uxSize );
|
||||
|
||||
void vTCPMemStatDelete( void *pxObject );
|
||||
|
||||
void vTCPMemStatClose( void );
|
||||
|
||||
#define iptraceMEM_STATS_CREATE( xMemType, pxObject, uxSize ) \
|
||||
vTCPMemStatCreate( xMemType, pxObject, uxSize )
|
||||
|
||||
#define iptraceMEM_STATS_DELETE( pxObject ) \
|
||||
vTCPMemStatDelete( pxObject )
|
||||
|
||||
#define iptraceMEM_STATS_CLOSE() \
|
||||
vTCPMemStatClose()
|
||||
#else
|
||||
|
||||
/* The header file 'IPTraceMacroDefaults.h' will define the default empty macro's. */
|
||||
|
||||
#endif /* ipconfigUSE_TCP_MEM_STATS != 0 */
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
#endif /* TCP_MEM_STATS_H */
|
||||
|
@ -0,0 +1,141 @@
|
||||
#include "FreeRTOS.h"
|
||||
#include "queue.h"
|
||||
#include "queue_datastructure.h"
|
||||
|
||||
#ifndef CBMC_OBJECT_BITS
|
||||
#define CBMC_OBJECT_BITS 7
|
||||
#endif
|
||||
|
||||
#ifndef CBMC_OBJECT_MAX_SIZE
|
||||
#define CBMC_OBJECT_MAX_SIZE (UINT32_MAX>>(CBMC_OBJECT_BITS+1))
|
||||
#endif
|
||||
|
||||
/* Using prvCopyDataToQueue together with prvNotifyQueueSetContainer
|
||||
leads to a problem space explosion. Therefore, we use this stub
|
||||
and a sepearted proof on prvCopyDataToQueue to deal with it.
|
||||
As prvNotifyQueueSetContainer is disabled if configUSE_QUEUE_SETS != 1,
|
||||
in other cases the original implementation should be used. */
|
||||
#if( configUSE_QUEUE_SETS == 1 )
|
||||
BaseType_t prvCopyDataToQueue( Queue_t * const pxQueue, const void *pvItemToQueue, const BaseType_t xPosition )
|
||||
{
|
||||
if(pxQueue->uxItemSize > ( UBaseType_t ) 0)
|
||||
{
|
||||
__CPROVER_assert(__CPROVER_r_ok(pvItemToQueue, ( size_t ) pxQueue->uxItemSize), "pvItemToQueue region must be readable");
|
||||
if(xPosition == queueSEND_TO_BACK){
|
||||
__CPROVER_assert(__CPROVER_w_ok(( void * ) pxQueue->pcWriteTo, ( size_t ) pxQueue->uxItemSize), "pxQueue->pcWriteTo region must be writable");
|
||||
}else{
|
||||
__CPROVER_assert(__CPROVER_w_ok(( void * ) pxQueue->u.xQueue.pcReadFrom, ( size_t ) pxQueue->uxItemSize), "pxQueue->u.xQueue.pcReadFrom region must be writable");
|
||||
}
|
||||
return pdFALSE;
|
||||
}else
|
||||
{
|
||||
return nondet_BaseType_t();
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* xQueueCreateSet is compiled out if configUSE_QUEUE_SETS != 1.*/
|
||||
#if( configUSE_QUEUE_SETS == 1 )
|
||||
QueueSetHandle_t xUnconstrainedQueueSet()
|
||||
{
|
||||
UBaseType_t uxEventQueueLength = 2;
|
||||
QueueSetHandle_t xSet = xQueueCreateSet(uxEventQueueLength);
|
||||
if( xSet )
|
||||
{
|
||||
xSet->cTxLock = nondet_int8_t();
|
||||
xSet->cRxLock = nondet_int8_t();
|
||||
xSet->uxMessagesWaiting = nondet_UBaseType_t();
|
||||
xSet->xTasksWaitingToReceive.uxNumberOfItems = nondet_UBaseType_t();
|
||||
/* This is an invariant checked with a couple of asserts in the code base.
|
||||
If it is false from the beginning, the CBMC proofs are not able to succeed*/
|
||||
__CPROVER_assume(xSet->uxMessagesWaiting < xSet->uxLength);
|
||||
xSet->xTasksWaitingToSend.uxNumberOfItems = nondet_UBaseType_t();
|
||||
}
|
||||
return xSet;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Create a mostly unconstrained Queue but bound the max item size.
|
||||
This is required for performance reasons in CBMC at the moment. */
|
||||
QueueHandle_t xUnconstrainedQueueBoundedItemSize( UBaseType_t uxItemSizeBound ) {
|
||||
UBaseType_t uxQueueLength;
|
||||
UBaseType_t uxItemSize;
|
||||
uint8_t ucQueueType;
|
||||
__CPROVER_assume(uxQueueLength > 0);
|
||||
__CPROVER_assume(uxItemSize < uxItemSizeBound);
|
||||
|
||||
// QueueGenericCreate method does not check for multiplication overflow
|
||||
size_t uxQueueStorageSize;
|
||||
__CPROVER_assume(uxQueueStorageSize < CBMC_OBJECT_MAX_SIZE);
|
||||
__CPROVER_assume(uxItemSize < uxQueueStorageSize/uxQueueLength);
|
||||
|
||||
QueueHandle_t xQueue =
|
||||
xQueueGenericCreate(uxQueueLength, uxItemSize, ucQueueType);
|
||||
if(xQueue){
|
||||
xQueue->cTxLock = nondet_int8_t();
|
||||
xQueue->cRxLock = nondet_int8_t();
|
||||
xQueue->uxMessagesWaiting = nondet_UBaseType_t();
|
||||
/* This is an invariant checked with a couple of asserts in the code base.
|
||||
If it is false from the beginning, the CBMC proofs are not able to succeed*/
|
||||
__CPROVER_assume(xQueue->uxMessagesWaiting < xQueue->uxLength);
|
||||
xQueue->xTasksWaitingToReceive.uxNumberOfItems = nondet_UBaseType_t();
|
||||
xQueue->xTasksWaitingToSend.uxNumberOfItems = nondet_UBaseType_t();
|
||||
#if( configUSE_QUEUE_SETS == 1)
|
||||
xQueueAddToSet(xQueue, xUnconstrainedQueueSet());
|
||||
#endif
|
||||
}
|
||||
return xQueue;
|
||||
}
|
||||
|
||||
/* Create a mostly unconstrained Queue */
|
||||
QueueHandle_t xUnconstrainedQueue( void ) {
|
||||
UBaseType_t uxQueueLength;
|
||||
UBaseType_t uxItemSize;
|
||||
uint8_t ucQueueType;
|
||||
|
||||
__CPROVER_assume(uxQueueLength > 0);
|
||||
|
||||
// QueueGenericCreate method does not check for multiplication overflow
|
||||
size_t uxQueueStorageSize;
|
||||
__CPROVER_assume(uxQueueStorageSize < CBMC_OBJECT_MAX_SIZE);
|
||||
__CPROVER_assume(uxItemSize < uxQueueStorageSize/uxQueueLength);
|
||||
|
||||
QueueHandle_t xQueue =
|
||||
xQueueGenericCreate(uxQueueLength, uxItemSize, ucQueueType);
|
||||
|
||||
if(xQueue){
|
||||
xQueue->cTxLock = nondet_int8_t();
|
||||
xQueue->cRxLock = nondet_int8_t();
|
||||
xQueue->uxMessagesWaiting = nondet_UBaseType_t();
|
||||
/* This is an invariant checked with a couple of asserts in the code base.
|
||||
If it is false from the beginning, the CBMC proofs are not able to succeed*/
|
||||
__CPROVER_assume(xQueue->uxMessagesWaiting < xQueue->uxLength);
|
||||
xQueue->xTasksWaitingToReceive.uxNumberOfItems = nondet_UBaseType_t();
|
||||
xQueue->xTasksWaitingToSend.uxNumberOfItems = nondet_UBaseType_t();
|
||||
#if( configUSE_QUEUE_SETS == 1)
|
||||
xQueueAddToSet(xQueue, xUnconstrainedQueueSet());
|
||||
#endif
|
||||
}
|
||||
return xQueue;
|
||||
}
|
||||
|
||||
/* Create a mostly unconstrained Mutex */
|
||||
QueueHandle_t xUnconstrainedMutex( void ) {
|
||||
uint8_t ucQueueType;
|
||||
QueueHandle_t xQueue =
|
||||
xQueueCreateMutex(ucQueueType);
|
||||
if(xQueue){
|
||||
xQueue->cTxLock = nondet_int8_t();
|
||||
xQueue->cRxLock = nondet_int8_t();
|
||||
xQueue->uxMessagesWaiting = nondet_UBaseType_t();
|
||||
/* This is an invariant checked with a couple of asserts in the code base.
|
||||
If it is false from the beginning, the CBMC proofs are not able to succeed*/
|
||||
__CPROVER_assume(xQueue->uxMessagesWaiting < xQueue->uxLength);
|
||||
xQueue->xTasksWaitingToReceive.uxNumberOfItems = nondet_UBaseType_t();
|
||||
xQueue->xTasksWaitingToSend.uxNumberOfItems = nondet_UBaseType_t();
|
||||
#if( configUSE_QUEUE_SETS == 1)
|
||||
xQueueAddToSet(xQueue, xUnconstrainedQueueSet());
|
||||
#endif
|
||||
}
|
||||
return xQueue;
|
||||
}
|
@ -1,121 +0,0 @@
|
||||
From 884e69144abac08d203bbf8257c6b4a96a2a91ea Mon Sep 17 00:00:00 2001
|
||||
From: "Mark R. Tuttle" <mrtuttle@amazon.com>
|
||||
Date: Mon, 21 Oct 2019 14:17:50 -0400
|
||||
Subject: [PATCH] Remove static storage class from entry points
|
||||
|
||||
Many of the entry points we wish to test are marked as being static.
|
||||
This commit removes the static keyword from all entry points that we
|
||||
test.
|
||||
|
||||
Patch revised on October 21, 2019.
|
||||
---
|
||||
.../freertos_plus_tcp/source/FreeRTOS_DHCP.c | 6 +++---
|
||||
.../standard/freertos_plus_tcp/source/FreeRTOS_DNS.c | 12 ++++++------
|
||||
.../freertos_plus_tcp/source/FreeRTOS_TCP_WIN.c | 2 +-
|
||||
3 files changed, 10 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
|
||||
index c4f79e8e7..d8089a5e7 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
|
||||
@@ -198,7 +198,7 @@ static void prvSendDHCPDiscover( void );
|
||||
/*
|
||||
* Interpret message received on the DHCP socket.
|
||||
*/
|
||||
-static BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType );
|
||||
+BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType );
|
||||
|
||||
/*
|
||||
* Generate a DHCP request packet, and send it on the DHCP socket.
|
||||
@@ -234,7 +234,7 @@ static void prvCreateDHCPSocket( void );
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
/* The next DHCP transaction Id to be used. */
|
||||
-static DHCPData_t xDHCPData;
|
||||
+DHCPData_t xDHCPData;
|
||||
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
@@ -607,7 +607,7 @@ static void prvInitialiseDHCP( void )
|
||||
}
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
-static BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType )
|
||||
+BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType )
|
||||
{
|
||||
uint8_t *pucUDPPayload, *pucLastByte;
|
||||
struct freertos_sockaddr xClient;
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
|
||||
index e511ca324..d6f335304 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
|
||||
@@ -116,7 +116,7 @@ static size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
|
||||
/*
|
||||
* Simple routine that jumps over the NAME field of a resource record.
|
||||
*/
|
||||
-static uint8_t * prvSkipNameField( uint8_t *pucByte,
|
||||
+uint8_t * prvSkipNameField( uint8_t *pucByte,
|
||||
size_t uxSourceLen );
|
||||
|
||||
/*
|
||||
@@ -124,7 +124,7 @@ static uint8_t * prvSkipNameField( uint8_t *pucByte,
|
||||
* The parameter 'xExpected' indicates whether the identifier in the reply
|
||||
* was expected, and thus if the DNS cache may be updated with the reply.
|
||||
*/
|
||||
-static uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
+uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
size_t uxBufferLength,
|
||||
BaseType_t xExpected );
|
||||
|
||||
@@ -152,7 +152,7 @@ static uint32_t prvGetHostByName( const char *pcHostName,
|
||||
|
||||
|
||||
#if( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
|
||||
- static uint8_t * prvReadNameField( uint8_t *pucByte,
|
||||
+ uint8_t * prvReadNameField( uint8_t *pucByte,
|
||||
size_t uxSourceLen,
|
||||
char *pcName,
|
||||
size_t uxLen );
|
||||
@@ -765,7 +765,7 @@ static const DNSMessage_t xDefaultPartDNSHeader =
|
||||
|
||||
#if( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
|
||||
|
||||
- static uint8_t * prvReadNameField( uint8_t *pucByte,
|
||||
+ uint8_t * prvReadNameField( uint8_t *pucByte,
|
||||
size_t uxSourceLen,
|
||||
char *pcName,
|
||||
size_t uxDestLen )
|
||||
@@ -843,7 +843,7 @@ static const DNSMessage_t xDefaultPartDNSHeader =
|
||||
#endif /* ipconfigUSE_DNS_CACHE || ipconfigDNS_USE_CALLBACKS */
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
-static uint8_t * prvSkipNameField( uint8_t *pucByte,
|
||||
+uint8_t * prvSkipNameField( uint8_t *pucByte,
|
||||
size_t uxSourceLen )
|
||||
{
|
||||
size_t uxChunkLength;
|
||||
@@ -949,7 +949,7 @@ DNSMessage_t *pxDNSMessageHeader;
|
||||
#endif /* ipconfigUSE_NBNS */
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
-static uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
+uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
size_t uxBufferLength,
|
||||
BaseType_t xExpected )
|
||||
{
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
|
||||
index 1f5a845fa..1a69807c0 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
|
||||
@@ -206,7 +206,7 @@ extern void vListInsertGeneric( List_t * const pxList, ListItem_t * const pxNewL
|
||||
|
||||
/* List of free TCP segments. */
|
||||
#if( ipconfigUSE_TCP_WIN == 1 )
|
||||
- static List_t xSegmentList;
|
||||
+ List_t xSegmentList;
|
||||
#endif
|
||||
|
||||
/* Logging verbosity level. */
|
||||
--
|
||||
2.20.1 (Apple Git-117)
|
||||
|
@ -1,68 +0,0 @@
|
||||
From 18ca738652bd0ce0a1345cb3dcd7ffacbc196bfa Mon Sep 17 00:00:00 2001
|
||||
From: "Mark R. Tuttle" <mrtuttle@amazon.com>
|
||||
Date: Wed, 30 Oct 2019 09:38:56 -0400
|
||||
Subject: [PATCH] Remove static attributes from functions implementing
|
||||
prvCheckOptions for CBMC proofs.
|
||||
|
||||
---
|
||||
.../freertos_plus_tcp/source/FreeRTOS_TCP_IP.c | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
|
||||
index 4378e28de..2cd072d24 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
|
||||
@@ -225,20 +225,20 @@ static BaseType_t prvTCPPrepareConnect( FreeRTOS_Socket_t *pxSocket );
|
||||
/*
|
||||
* Parse the TCP option(s) received, if present.
|
||||
*/
|
||||
-static void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, NetworkBufferDescriptor_t *pxNetworkBuffer );
|
||||
+void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, NetworkBufferDescriptor_t *pxNetworkBuffer );
|
||||
|
||||
/*
|
||||
* Identify and deal with a single TCP header option, advancing the pointer to
|
||||
* the header. This function returns pdTRUE or pdFALSE depending on whether the
|
||||
* caller should continue to parse more header options or break the loop.
|
||||
*/
|
||||
-static BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const ppucPtr, const unsigned char ** const ppucLast, FreeRTOS_Socket_t ** const ppxSocket, TCPWindow_t ** const ppxTCPWindow);
|
||||
+BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const ppucPtr, const unsigned char ** const ppucLast, FreeRTOS_Socket_t ** const ppxSocket, TCPWindow_t ** const ppxTCPWindow);
|
||||
|
||||
/*
|
||||
* Skip past TCP header options when doing Selective ACK, until there are no
|
||||
* more options left.
|
||||
*/
|
||||
-static void prvSkipPastRemainingOptions( const unsigned char ** const ppucPtr, FreeRTOS_Socket_t ** const ppxSocket, unsigned char * const ppucLen );
|
||||
+void prvSkipPastRemainingOptions( const unsigned char ** const ppucPtr, FreeRTOS_Socket_t ** const ppxSocket, unsigned char * const ppucLen );
|
||||
|
||||
/*
|
||||
* Set the initial properties in the options fields, like the preferred
|
||||
@@ -1157,7 +1157,7 @@ uint32_t ulInitialSequenceNumber = 0;
|
||||
* that: ((pxTCPHeader->ucTCPOffset & 0xf0) > 0x50), meaning that the TP header
|
||||
* is longer than the usual 20 (5 x 4) bytes.
|
||||
*/
|
||||
-static void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, NetworkBufferDescriptor_t *pxNetworkBuffer )
|
||||
+void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, NetworkBufferDescriptor_t *pxNetworkBuffer )
|
||||
{
|
||||
TCPPacket_t * pxTCPPacket;
|
||||
TCPHeader_t * pxTCPHeader;
|
||||
@@ -1191,7 +1191,7 @@ BaseType_t xShouldContinueLoop;
|
||||
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
-static BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const ppucPtr, const unsigned char ** const ppucLast, FreeRTOS_Socket_t ** const ppxSocket, TCPWindow_t ** const ppxTCPWindow)
|
||||
+BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const ppucPtr, const unsigned char ** const ppucLast, FreeRTOS_Socket_t ** const ppxSocket, TCPWindow_t ** const ppxTCPWindow)
|
||||
{
|
||||
UBaseType_t uxNewMSS;
|
||||
UBaseType_t xRemainingOptionsBytes = ( *ppucLast ) - ( *ppucPtr );
|
||||
@@ -1319,7 +1319,7 @@ static BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const pp
|
||||
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
-static void prvSkipPastRemainingOptions( const unsigned char ** const ppucPtr, FreeRTOS_Socket_t ** const ppxSocket, unsigned char * const pucLen )
|
||||
+void prvSkipPastRemainingOptions( const unsigned char ** const ppucPtr, FreeRTOS_Socket_t ** const ppxSocket, unsigned char * const pucLen )
|
||||
{
|
||||
uint32_t ulFirst = ulChar2u32( ( *ppucPtr ) );
|
||||
uint32_t ulLast = ulChar2u32( ( *ppucPtr ) + 4 );
|
||||
--
|
||||
2.20.1 (Apple Git-117)
|
||||
|
@ -0,0 +1,64 @@
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
|
||||
index 04b0487..d6e74a9 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
|
||||
@@ -156,7 +156,11 @@ struct xDHCPMessage_IPv4
|
||||
typedef struct xDHCPMessage_IPv4 DHCPMessage_IPv4_t;
|
||||
|
||||
/* The UDP socket used for all incoming and outgoing DHCP traffic. */
|
||||
+#ifdef CBMC
|
||||
+Socket_t xDHCPSocket;
|
||||
+#else
|
||||
static Socket_t xDHCPSocket;
|
||||
+#endif
|
||||
|
||||
#if( ipconfigDHCP_FALL_BACK_AUTO_IP != 0 )
|
||||
/* Define the Link Layer IP address: 169.254.x.x */
|
||||
@@ -179,7 +183,11 @@ static void prvSendDHCPDiscover( void );
|
||||
/*
|
||||
* Interpret message received on the DHCP socket.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType );
|
||||
+#else
|
||||
static BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType );
|
||||
+#endif
|
||||
|
||||
/*
|
||||
* Generate a DHCP request packet, and send it on the DHCP socket.
|
||||
@@ -204,7 +212,11 @@ static uint8_t *prvCreatePartDHCPMessage( struct freertos_sockaddr *pxAddress,
|
||||
/*
|
||||
* Create the DHCP socket, if it has not been created already.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+void prvCreateDHCPSocket( void );
|
||||
+#else
|
||||
static void prvCreateDHCPSocket( void );
|
||||
+#endif
|
||||
|
||||
/*
|
||||
* Close the DHCP socket.
|
||||
@@ -223,7 +235,11 @@ static void prvCloseDHCPSocket( void );
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
/* Hold information in between steps in the DHCP state machine. */
|
||||
+#ifdef CBMC
|
||||
+DHCPData_t xDHCPData;
|
||||
+#else
|
||||
static DHCPData_t xDHCPData;
|
||||
+#endif
|
||||
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
@@ -623,7 +639,11 @@ static void prvInitialiseDHCP( void )
|
||||
}
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
+#ifdef CBMC
|
||||
+BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType )
|
||||
+#else
|
||||
static BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType )
|
||||
+#endif
|
||||
{
|
||||
uint8_t *pucUDPPayload;
|
||||
int32_t lBytes;
|
@ -0,0 +1,100 @@
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
|
||||
index 480d50b..5557253 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
|
||||
@@ -114,7 +114,11 @@ static Socket_t prvCreateDNSSocket( void );
|
||||
/*
|
||||
* Create the DNS message in the zero copy buffer passed in the first parameter.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
|
||||
+#else
|
||||
static size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
|
||||
+#endif
|
||||
const char *pcHostName,
|
||||
TickType_t uxIdentifier );
|
||||
|
||||
@@ -122,7 +126,11 @@ static size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
|
||||
* Simple routine that jumps over the NAME field of a resource record.
|
||||
* It returns the number of bytes read.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+size_t prvSkipNameField( const uint8_t *pucByte,
|
||||
+#else
|
||||
static size_t prvSkipNameField( const uint8_t *pucByte,
|
||||
+#endif
|
||||
size_t uxLength );
|
||||
|
||||
/*
|
||||
@@ -130,7 +138,11 @@ static size_t prvSkipNameField( const uint8_t *pucByte,
|
||||
* The parameter 'xExpected' indicates whether the identifier in the reply
|
||||
* was expected, and thus if the DNS cache may be updated with the reply.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
+#else
|
||||
static uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
+#endif
|
||||
size_t uxBufferLength,
|
||||
BaseType_t xExpected );
|
||||
|
||||
@@ -184,7 +196,11 @@ static uint32_t prvGetHostByName( const char *pcHostName,
|
||||
|
||||
|
||||
#if( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
|
||||
+#ifdef CBMC
|
||||
+ size_t prvReadNameField( const uint8_t *pucByte,
|
||||
+#else
|
||||
static size_t prvReadNameField( const uint8_t *pucByte,
|
||||
+#endif
|
||||
size_t uxRemainingBytes,
|
||||
char *pcName,
|
||||
size_t uxDestLen );
|
||||
@@ -758,7 +774,11 @@ TickType_t uxWriteTimeOut_ticks = ipconfigDNS_SEND_BLOCK_TIME_TICKS;
|
||||
}
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
+#ifdef CBMC
|
||||
+size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
|
||||
+#else
|
||||
static size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
|
||||
+#endif
|
||||
const char *pcHostName,
|
||||
TickType_t uxIdentifier )
|
||||
{
|
||||
@@ -838,7 +858,11 @@ static const DNSMessage_t xDefaultPartDNSHeader =
|
||||
|
||||
#if( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
|
||||
|
||||
+#ifdef CBMC
|
||||
+ size_t prvReadNameField( const uint8_t *pucByte,
|
||||
+#else
|
||||
static size_t prvReadNameField( const uint8_t *pucByte,
|
||||
+#endif
|
||||
size_t uxRemainingBytes,
|
||||
char *pcName,
|
||||
size_t uxDestLen )
|
||||
@@ -932,7 +956,11 @@ static const DNSMessage_t xDefaultPartDNSHeader =
|
||||
#endif /* ipconfigUSE_DNS_CACHE || ipconfigDNS_USE_CALLBACKS */
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
+#ifdef CBMC
|
||||
+size_t prvSkipNameField( const uint8_t *pucByte,
|
||||
+#else
|
||||
static size_t prvSkipNameField( const uint8_t *pucByte,
|
||||
+#endif
|
||||
size_t uxLength )
|
||||
{
|
||||
size_t uxChunkLength;
|
||||
@@ -1050,7 +1078,11 @@ size_t uxPayloadSize;
|
||||
#endif /* ipconfigUSE_NBNS */
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
+#ifdef CBMC
|
||||
+uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
+#else
|
||||
static uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
+#endif
|
||||
size_t uxBufferLength,
|
||||
BaseType_t xExpected )
|
||||
{
|
@ -0,0 +1,87 @@
|
||||
From afc01793c4531cfbe9f92e7ca2ce9364983d987e Mon Sep 17 00:00:00 2001
|
||||
From: Mark R Tuttle <mrtuttle@amazon.com>
|
||||
Date: Tue, 12 May 2020 15:57:56 +0000
|
||||
Subject: [PATCH] modified lib
|
||||
|
||||
---
|
||||
.../freertos_plus_tcp/source/FreeRTOS_TCP_IP.c | 24 ++++++++++++++++++++++
|
||||
1 file changed, 24 insertions(+)
|
||||
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
|
||||
index dc58621..963b576 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
|
||||
@@ -198,14 +198,22 @@ static BaseType_t prvTCPPrepareConnect( FreeRTOS_Socket_t *pxSocket );
|
||||
/*
|
||||
* Parse the TCP option(s) received, if present.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, const NetworkBufferDescriptor_t *pxNetworkBuffer );
|
||||
+#else
|
||||
static void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, const NetworkBufferDescriptor_t *pxNetworkBuffer );
|
||||
+#endif
|
||||
|
||||
/*
|
||||
* Identify and deal with a single TCP header option, advancing the pointer to
|
||||
* the header. This function returns pdTRUE or pdFALSE depending on whether the
|
||||
* caller should continue to parse more header options or break the loop.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
|
||||
+#else
|
||||
static size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
|
||||
+#endif
|
||||
size_t uxTotalLength,
|
||||
FreeRTOS_Socket_t * const pxSocket,
|
||||
BaseType_t xHasSYNFlag );
|
||||
@@ -214,7 +222,11 @@ static size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
|
||||
* Skip past TCP header options when doing Selective ACK, until there are no
|
||||
* more options left.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+void prvReadSackOption( const uint8_t * const pucPtr,
|
||||
+#else
|
||||
static void prvReadSackOption( const uint8_t * const pucPtr,
|
||||
+#endif
|
||||
size_t uxIndex,
|
||||
FreeRTOS_Socket_t * const pxSocket );
|
||||
|
||||
@@ -1137,7 +1149,11 @@ uint32_t ulInitialSequenceNumber = 0;
|
||||
* that: ((pxTCPHeader->ucTCPOffset & 0xf0) > 0x50), meaning that the TP header
|
||||
* is longer than the usual 20 (5 x 4) bytes.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, const NetworkBufferDescriptor_t *pxNetworkBuffer )
|
||||
+#else
|
||||
static void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, const NetworkBufferDescriptor_t *pxNetworkBuffer )
|
||||
+#endif
|
||||
{
|
||||
size_t uxTCPHeaderOffset = ipSIZE_OF_ETH_HEADER + xIPHeaderSize( pxNetworkBuffer );
|
||||
const ProtocolHeaders_t *pxProtocolHeaders = ipPOINTER_CAST( ProtocolHeaders_t *,
|
||||
@@ -1201,7 +1217,11 @@ uint8_t ucLength;
|
||||
}
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
+#ifdef CBMC
|
||||
+size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
|
||||
+#else
|
||||
static size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
|
||||
+#endif
|
||||
size_t uxTotalLength,
|
||||
FreeRTOS_Socket_t * const pxSocket,
|
||||
BaseType_t xHasSYNFlag )
|
||||
@@ -1346,7 +1366,11 @@ TCPWindow_t *pxTCPWindow = &( pxSocket->u.xTCP.xTCPWindow );
|
||||
}
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
+#ifdef CBMC
|
||||
+void prvReadSackOption( const uint8_t * const pucPtr,
|
||||
+#else
|
||||
static void prvReadSackOption( const uint8_t * const pucPtr,
|
||||
+#endif
|
||||
size_t uxIndex,
|
||||
FreeRTOS_Socket_t * const pxSocket )
|
||||
{
|
||||
--
|
||||
2.7.4
|
||||
|
@ -0,0 +1,17 @@
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
|
||||
index 0078ab313..b0cccbad8 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
|
||||
@@ -192,8 +192,12 @@ extern void vListInsertGeneric( List_t * const pxList, ListItem_t * const pxNewL
|
||||
|
||||
/* List of free TCP segments. */
|
||||
#if( ipconfigUSE_TCP_WIN == 1 )
|
||||
+#ifdef CBMC
|
||||
+ List_t xSegmentList;
|
||||
+#else
|
||||
static List_t xSegmentList;
|
||||
#endif
|
||||
+#endif
|
||||
|
||||
/* Logging verbosity level. */
|
||||
BaseType_t xTCPWindowLoggingLevel = 0;
|
@ -0,0 +1,16 @@
|
||||
{ "expected-missing-functions":
|
||||
[
|
||||
"vPortEnterCritical",
|
||||
"vPortExitCritical",
|
||||
"vSocketBind",
|
||||
"vSocketClose",
|
||||
"vTaskSetTimeOutState",
|
||||
"xTaskGetTickCount",
|
||||
"xTaskGetCurrentTaskHandle",
|
||||
"xQueueGenericSend",
|
||||
"xApplicationGetRandomNumber",
|
||||
"vLoggingPrintf"
|
||||
],
|
||||
"proof-name": "DHCPProcess",
|
||||
"proof-root": "tools/cbmc/proofs"
|
||||
}
|
@ -1,29 +1,33 @@
|
||||
{
|
||||
"ENTRY": "DNSgetHostByName",
|
||||
|
||||
################################################################
|
||||
# This configuration sets callback to 0. It also sets MAX_HOSTNAME_LEN to 10 and MAX_REQ_SIZE to 50 for performance issues.
|
||||
# This configuration sets callback to 0.
|
||||
# It also sets MAX_HOSTNAME_LEN to 10 to bound strcmp.
|
||||
# According to the specification MAX_HOST_NAME is upto 255.
|
||||
|
||||
"callback": 0,
|
||||
"MAX_HOSTNAME_LEN": 10,
|
||||
"MAX_REQ_SIZE": 50,
|
||||
"HOSTNAME_UNWIND": "__eval {MAX_HOSTNAME_LEN} + 1",
|
||||
|
||||
"CBMCFLAGS":
|
||||
[
|
||||
"--unwind 1",
|
||||
"--unwindset prvProcessDNSCache.0:5,prvGetHostByName.0:{HOSTNAME_UNWIND},prvCreateDNSMessage.0:{HOSTNAME_UNWIND},prvCreateDNSMessage.1:{HOSTNAME_UNWIND},strlen.0:{HOSTNAME_UNWIND},__builtin___strcpy_chk.0:{HOSTNAME_UNWIND},strcmp.0:{HOSTNAME_UNWIND},strcpy.0:{HOSTNAME_UNWIND}",
|
||||
"--nondet-static"
|
||||
],
|
||||
|
||||
"OBJS":
|
||||
[
|
||||
"$(ENTRY)_harness.goto",
|
||||
"$(FREERTOS)/../FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.goto",
|
||||
"$(FREERTOS)/Source/tasks.goto"
|
||||
"$(FREERTOS)/../FreeRTOS-Plus/Test/CBMC/stubs/cbmc.goto",
|
||||
"$(FREERTOS)/../FreeRTOS-Plus/Test/CBMC/stubs/freertos_api.goto",
|
||||
"$(FREERTOS)/../FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.goto"
|
||||
],
|
||||
|
||||
"DEF":
|
||||
[
|
||||
"ipconfigDNS_USE_CALLBACKS={callback}",
|
||||
"MAX_HOSTNAME_LEN={MAX_HOSTNAME_LEN}",
|
||||
"MAX_REQ_SIZE={MAX_REQ_SIZE}"
|
||||
],
|
||||
"OPT" : "-m32"
|
||||
"MAX_HOSTNAME_LEN={MAX_HOSTNAME_LEN}"
|
||||
]
|
||||
}
|
||||
|
@ -0,0 +1,9 @@
|
||||
{ "expected-missing-functions":
|
||||
[
|
||||
"vLoggingPrintf",
|
||||
"xApplicationGetRandomNumber",
|
||||
"xTaskGetTickCount"
|
||||
],
|
||||
"proof-name": "DNSgetHostByName",
|
||||
"proof-root": "tools/cbmc/proofs"
|
||||
}
|
@ -0,0 +1,13 @@
|
||||
{ "expected-missing-functions":
|
||||
[
|
||||
"vLoggingPrintf",
|
||||
"xApplicationGetRandomNumber",
|
||||
"vListInsertEnd",
|
||||
"vTaskSetTimeOutState",
|
||||
"vTaskSuspendAll",
|
||||
"xTaskGetTickCount",
|
||||
"xTaskResumeAll"
|
||||
],
|
||||
"proof-name": "DNSgetHostByName_a",
|
||||
"proof-root": "tools/cbmc/proofs"
|
||||
}
|
@ -0,0 +1,12 @@
|
||||
#include "cbmc.h"
|
||||
|
||||
/****************************************************************
|
||||
* Model a malloc that can fail (CBMC malloc does not fail) and
|
||||
* check that CBMC can model an object of the requested size.
|
||||
****************************************************************/
|
||||
|
||||
void * safeMalloc( size_t size )
|
||||
{
|
||||
__CPROVER_assert( size < CBMC_MAX_OBJECT_SIZE, "safeMalloc size too big" );
|
||||
return nondet_bool() ? NULL : malloc( size );
|
||||
}
|
@ -0,0 +1,379 @@
|
||||
/* Standard includes. */
|
||||
#include <stdint.h>
|
||||
#include <stdio.h>
|
||||
|
||||
/* FreeRTOS includes. */
|
||||
#include "FreeRTOS.h"
|
||||
#include "task.h"
|
||||
#include "queue.h"
|
||||
#include "semphr.h"
|
||||
|
||||
/* FreeRTOS+TCP includes. */
|
||||
#include "FreeRTOS_UDP_IP.h"
|
||||
#include "FreeRTOS_IP.h"
|
||||
#include "FreeRTOS_Sockets.h"
|
||||
#include "FreeRTOS_IP_Private.h"
|
||||
#include "FreeRTOS_DNS.h"
|
||||
#include "NetworkBufferManagement.h"
|
||||
|
||||
#include "cbmc.h"
|
||||
|
||||
/****************************************************************
|
||||
* This is a collection of abstractions of methods in the FreeRTOS TCP
|
||||
* API. The abstractions simply perform minimal validation of
|
||||
* function arguments, and return unconstrained values of the
|
||||
* appropriate type.
|
||||
****************************************************************/
|
||||
|
||||
/****************************************************************
|
||||
* Abstract FreeRTOS_socket.
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/API/socket.html
|
||||
*
|
||||
* We stub out this function to do nothing but allocate space for a
|
||||
* socket containing unconstrained data or return an error.
|
||||
****************************************************************/
|
||||
|
||||
Socket_t FreeRTOS_socket( BaseType_t xDomain,
|
||||
BaseType_t xType,
|
||||
BaseType_t xProtocol )
|
||||
{
|
||||
return nondet_bool() ?
|
||||
FREERTOS_INVALID_SOCKET : malloc( sizeof( Socket_t ) );
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
* Abstract FreeRTOS_setsockopt.
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/API/setsockopt.html
|
||||
****************************************************************/
|
||||
|
||||
BaseType_t FreeRTOS_setsockopt( Socket_t xSocket,
|
||||
int32_t lLevel,
|
||||
int32_t lOptionName,
|
||||
const void * pvOptionValue,
|
||||
size_t uxOptionLength )
|
||||
{
|
||||
__CPROVER_assert( xSocket != NULL,
|
||||
"FreeRTOS precondition: xSocket != NULL" );
|
||||
__CPROVER_assert( pvOptionValue != NULL,
|
||||
"FreeRTOS precondition: pvOptionValue != NULL" );
|
||||
return nondet_BaseType();
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
* Abstract FreeRTOS_closesocket.
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/API/close.html
|
||||
****************************************************************/
|
||||
|
||||
BaseType_t FreeRTOS_closesocket( Socket_t xSocket )
|
||||
{
|
||||
__CPROVER_assert( xSocket != NULL,
|
||||
"FreeRTOS precondition: xSocket != NULL" );
|
||||
return nondet_BaseType();
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
* Abstract FreeRTOS_bind.
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/API/bind.html
|
||||
****************************************************************/
|
||||
|
||||
BaseType_t FreeRTOS_bind( Socket_t xSocket,
|
||||
struct freertos_sockaddr * pxAddress,
|
||||
socklen_t xAddressLength )
|
||||
{
|
||||
__CPROVER_assert( xSocket != NULL,
|
||||
"FreeRTOS precondition: xSocket != NULL" );
|
||||
__CPROVER_assert( pxAddress != NULL,
|
||||
"FreeRTOS precondition: pxAddress != NULL" );
|
||||
return nondet_BaseType();
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
* Abstract FreeRTOS_inet_addr.
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/API/inet_addr.html
|
||||
****************************************************************/
|
||||
|
||||
uint32_t FreeRTOS_inet_addr( const char * pcIPAddress )
|
||||
{
|
||||
__CPROVER_assert( pcIPAddress != NULL,
|
||||
"FreeRTOS precondition: pcIPAddress != NULL" );
|
||||
return nondet_uint32();
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
* Abstract FreeRTOS_recvfrom.
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/API/recvfrom.html
|
||||
*
|
||||
* We stub out this function to do nothing but allocate a buffer of
|
||||
* unconstrained size containing unconstrained data and return the
|
||||
* size (or return the size 0 if the allocation fails).
|
||||
****************************************************************/
|
||||
|
||||
int32_t FreeRTOS_recvfrom( Socket_t xSocket,
|
||||
void * pvBuffer,
|
||||
size_t uxBufferLength,
|
||||
BaseType_t xFlags,
|
||||
struct freertos_sockaddr * pxSourceAddress,
|
||||
socklen_t * pxSourceAddressLength )
|
||||
|
||||
{
|
||||
/****************************************************************
|
||||
* "If the zero copy calling semantics are used (the ulFlasg
|
||||
* parameter does not have the FREERTOS_ZERO_COPY bit set) then
|
||||
* pvBuffer does not point to a buffer and xBufferLength is not
|
||||
* used." This is from the documentation.
|
||||
****************************************************************/
|
||||
__CPROVER_assert( xFlags & FREERTOS_ZERO_COPY, "I can only do ZERO_COPY" );
|
||||
|
||||
__CPROVER_assert( pvBuffer != NULL,
|
||||
"FreeRTOS precondition: pvBuffer != NULL" );
|
||||
|
||||
/****************************************************************
|
||||
* TODO: We need to check this out.
|
||||
*
|
||||
* The code calls recvfrom with these parameters NULL, it is not
|
||||
* clear from the documentation that this is allowed.
|
||||
****************************************************************/
|
||||
#if 0
|
||||
__CPROVER_assert( pxSourceAddress != NULL,
|
||||
"FreeRTOS precondition: pxSourceAddress != NULL" );
|
||||
__CPROVER_assert( pxSourceAddressLength != NULL,
|
||||
"FreeRTOS precondition: pxSourceAddress != NULL" );
|
||||
#endif
|
||||
|
||||
size_t payload_size;
|
||||
__CPROVER_assume( payload_size + sizeof( UDPPacket_t )
|
||||
< CBMC_MAX_OBJECT_SIZE );
|
||||
|
||||
/****************************************************************
|
||||
* TODO: We need to make this lower bound explicit in the Makefile.json
|
||||
*
|
||||
* DNSMessage_t is a typedef in FreeRTOS_DNS.c
|
||||
* sizeof(DNSMessage_t) = 6 * sizeof(uint16_t)
|
||||
****************************************************************/
|
||||
__CPROVER_assume( payload_size >= 6 * sizeof( uint16_t ) );
|
||||
|
||||
#ifdef CBMC_FREERTOS_RECVFROM_BUFFER_BOUND
|
||||
__CPROVER_assume( payload_size <= CBMC_FREERTOS_RECVFROM_BUFFER_BOUND );
|
||||
#endif
|
||||
|
||||
uint32_t buffer_size = payload_size + sizeof( UDPPacket_t );
|
||||
uint8_t *buffer = safeMalloc( buffer_size );
|
||||
|
||||
if ( buffer == NULL ) {
|
||||
buffer_size = 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
buffer = buffer + sizeof( UDPPacket_t );
|
||||
buffer_size = buffer_size - sizeof( UDPPacket_t );
|
||||
}
|
||||
|
||||
*( ( uint8_t ** ) pvBuffer ) = buffer;
|
||||
return buffer_size;
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
* Abstract FreeRTOS_recvfrom.
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/API/sendto.html
|
||||
****************************************************************/
|
||||
|
||||
int32_t FreeRTOS_sendto( Socket_t xSocket,
|
||||
const void * pvBuffer,
|
||||
size_t uxTotalDataLength,
|
||||
BaseType_t xFlags,
|
||||
const struct freertos_sockaddr * pxDestinationAddress,
|
||||
socklen_t xDestinationAddressLength )
|
||||
{
|
||||
__CPROVER_assert( xSocket != NULL,
|
||||
"FreeRTOS precondition: xSocket != NULL" );
|
||||
__CPROVER_assert( pvBuffer != NULL,
|
||||
"FreeRTOS precondition: pvBuffer != NULL" );
|
||||
__CPROVER_assert( pxDestinationAddress != NULL,
|
||||
"FreeRTOS precondition: pxDestinationAddress != NULL" );
|
||||
return nondet_int32();
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
* Abstract FreeRTOS_GetUDPPayloadBuffer
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_UDP/API/FreeRTOS_GetUDPPayloadBuffer.html
|
||||
*
|
||||
* We stub out this function to do nothing but allocate a buffer of
|
||||
* unconstrained size containing unconstrained data and return a
|
||||
* pointer to the buffer (or NULL).
|
||||
****************************************************************/
|
||||
|
||||
void * FreeRTOS_GetUDPPayloadBuffer( size_t xRequestedSizeBytes,
|
||||
TickType_t xBlockTimeTicks )
|
||||
{
|
||||
size_t size;
|
||||
|
||||
__CPROVER_assume( size < CBMC_MAX_OBJECT_SIZE );
|
||||
__CPROVER_assume( size >= sizeof( UDPPacket_t ) );
|
||||
|
||||
uint8_t *buffer = safeMalloc( size );
|
||||
return buffer == NULL ? buffer : buffer + sizeof( UDPPacket_t );
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
* Abstract FreeRTOS_GetUDPPayloadBuffer
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/API/FreeRTOS_ReleaseUDPPayloadBuffer.html
|
||||
****************************************************************/
|
||||
|
||||
void FreeRTOS_ReleaseUDPPayloadBuffer( void * pvBuffer )
|
||||
{
|
||||
__CPROVER_assert( pvBuffer != NULL,
|
||||
"FreeRTOS precondition: pvBuffer != NULL" );
|
||||
__CPROVER_assert( __CPROVER_POINTER_OFFSET( pvBuffer )
|
||||
== sizeof( UDPPacket_t ),
|
||||
"FreeRTOS precondition: pvBuffer offset" );
|
||||
|
||||
free( pvBuffer - sizeof( UDPPacket_t ) );
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
* Abstract pxGetNetworkBufferWithDescriptor.
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/API/pxGetNetworkBufferWithDescriptor.html
|
||||
*
|
||||
* The real allocator take buffers off a list.
|
||||
****************************************************************/
|
||||
|
||||
uint32_t GetNetworkBuffer_failure_count;
|
||||
|
||||
NetworkBufferDescriptor_t * pxGetNetworkBufferWithDescriptor( size_t xRequestedSizeBytes,
|
||||
TickType_t xBlockTimeTicks )
|
||||
{
|
||||
__CPROVER_assert(
|
||||
xRequestedSizeBytes + ipBUFFER_PADDING < CBMC_MAX_OBJECT_SIZE,
|
||||
"pxGetNetworkBufferWithDescriptor: request too big" );
|
||||
|
||||
/*
|
||||
* The semantics of this function is to wait until a buffer with
|
||||
* at least the requested number of bytes becomes available. If a
|
||||
* timeout occurs before the buffer is available, then return a
|
||||
* NULL pointer.
|
||||
*/
|
||||
|
||||
NetworkBufferDescriptor_t * desc = safeMalloc( sizeof( *desc ) );
|
||||
|
||||
#ifdef CBMC_GETNETWORKBUFFER_FAILURE_BOUND
|
||||
/*
|
||||
* This interprets the failure bound as being one greater than the
|
||||
* actual number of times GetNetworkBuffer should be allowed to
|
||||
* fail.
|
||||
*
|
||||
* This makes it possible to use the same bound for loop unrolling
|
||||
* which must be one greater than the actual number of times the
|
||||
* loop should be unwound.
|
||||
*
|
||||
* NOTE: Using this bound with --nondet-static requires setting
|
||||
* (or assuming) GetNetworkBuffer_failure_count to a value (like 0)
|
||||
* in the proof harness that won't induce an integer overflow.
|
||||
*/
|
||||
GetNetworkBuffer_failure_count++;
|
||||
__CPROVER_assume(
|
||||
IMPLIES(
|
||||
GetNetworkBuffer_failure_count >= CBMC_GETNETWORKBUFFER_FAILURE_BOUND,
|
||||
desc != NULL ) );
|
||||
#endif
|
||||
|
||||
if( desc != NULL )
|
||||
{
|
||||
/*
|
||||
* We may want to experiment with allocating space other than
|
||||
* (more than) the exact amount of space requested.
|
||||
*/
|
||||
|
||||
size_t size = xRequestedSizeBytes;
|
||||
__CPROVER_assume( size < CBMC_MAX_OBJECT_SIZE );
|
||||
|
||||
desc->pucEthernetBuffer = safeMalloc( size );
|
||||
desc->xDataLength = desc->pucEthernetBuffer == NULL ? 0 : size;
|
||||
|
||||
#ifdef CBMC_REQUIRE_NETWORKBUFFER_ETHERNETBUFFER_NONNULL
|
||||
/* This may be implied by the semantics of the function. */
|
||||
__CPROVER_assume( desc->pucEthernetBuffer != NULL );
|
||||
#endif
|
||||
|
||||
/* Allow method to fail again next time */
|
||||
GetNetworkBuffer_failure_count = 0;
|
||||
}
|
||||
|
||||
return desc;
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
* Abstract pxGetNetworkBufferWithDescriptor.
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/API/vReleaseNetworkBufferAndDescriptor.html
|
||||
****************************************************************/
|
||||
|
||||
void vReleaseNetworkBufferAndDescriptor( NetworkBufferDescriptor_t * const pxNetworkBuffer )
|
||||
{
|
||||
__CPROVER_assert( pxNetworkBuffer != NULL,
|
||||
"Precondition: pxNetworkBuffer != NULL" );
|
||||
|
||||
if( pxNetworkBuffer->pucEthernetBuffer != NULL )
|
||||
{
|
||||
free( pxNetworkBuffer->pucEthernetBuffer );
|
||||
}
|
||||
|
||||
free( pxNetworkBuffer );
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
* Abstract FreeRTOS_GetAddressConfiguration
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/API/FreeRTOS_GetAddressConfiguration.html
|
||||
****************************************************************/
|
||||
|
||||
void FreeRTOS_GetAddressConfiguration( uint32_t * pulIPAddress,
|
||||
uint32_t * pulNetMask,
|
||||
uint32_t * pulGatewayAddress,
|
||||
uint32_t * pulDNSServerAddress )
|
||||
{
|
||||
if( pulIPAddress != NULL )
|
||||
{
|
||||
*pulIPAddress = nondet_unint32();
|
||||
}
|
||||
|
||||
if( pulNetMask != NULL )
|
||||
{
|
||||
*pulNetMask = nondet_unint32();
|
||||
}
|
||||
|
||||
if( pulGatewayAddress != NULL )
|
||||
{
|
||||
*pulGatewayAddress = nondet_unint32();
|
||||
}
|
||||
|
||||
if( pulDNSServerAddress != NULL )
|
||||
{
|
||||
*pulDNSServerAddress = nondet_unint32();
|
||||
}
|
||||
}
|
||||
|
||||
/****************************************************************/
|
||||
|
||||
/****************************************************************
|
||||
* This is a collection of methods that are defined by the user
|
||||
* application but are invoked by the FreeRTOS API.
|
||||
****************************************************************/
|
||||
|
||||
/****************************************************************
|
||||
* Abstract FreeRTOS_GetAddressConfiguration
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/API/vApplicationIPNetworkEventHook.html
|
||||
****************************************************************/
|
||||
|
||||
void vApplicationIPNetworkEventHook( eIPCallbackEvent_t eNetworkEvent )
|
||||
{
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
* Abstract pcApplicationHostnameHook
|
||||
* https://www.freertos.org/FreeRTOS-Plus/FreeRTOS_Plus_TCP/TCP_IP_Configuration.html
|
||||
****************************************************************/
|
||||
|
||||
const char * pcApplicationHostnameHook( void )
|
||||
{
|
||||
return "hostname";
|
||||
}
|
||||
|
||||
/****************************************************************/
|
@ -1,121 +0,0 @@
|
||||
From 884e69144abac08d203bbf8257c6b4a96a2a91ea Mon Sep 17 00:00:00 2001
|
||||
From: "Mark R. Tuttle" <mrtuttle@amazon.com>
|
||||
Date: Mon, 21 Oct 2019 14:17:50 -0400
|
||||
Subject: [PATCH] Remove static storage class from entry points
|
||||
|
||||
Many of the entry points we wish to test are marked as being static.
|
||||
This commit removes the static keyword from all entry points that we
|
||||
test.
|
||||
|
||||
Patch revised on October 21, 2019.
|
||||
---
|
||||
.../freertos_plus_tcp/source/FreeRTOS_DHCP.c | 6 +++---
|
||||
.../standard/freertos_plus_tcp/source/FreeRTOS_DNS.c | 12 ++++++------
|
||||
.../freertos_plus_tcp/source/FreeRTOS_TCP_WIN.c | 2 +-
|
||||
3 files changed, 10 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
|
||||
index c4f79e8e7..d8089a5e7 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
|
||||
@@ -198,7 +198,7 @@ static void prvSendDHCPDiscover( void );
|
||||
/*
|
||||
* Interpret message received on the DHCP socket.
|
||||
*/
|
||||
-static BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType );
|
||||
+BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType );
|
||||
|
||||
/*
|
||||
* Generate a DHCP request packet, and send it on the DHCP socket.
|
||||
@@ -234,7 +234,7 @@ static void prvCreateDHCPSocket( void );
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
/* The next DHCP transaction Id to be used. */
|
||||
-static DHCPData_t xDHCPData;
|
||||
+DHCPData_t xDHCPData;
|
||||
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
@@ -607,7 +607,7 @@ static void prvInitialiseDHCP( void )
|
||||
}
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
-static BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType )
|
||||
+BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType )
|
||||
{
|
||||
uint8_t *pucUDPPayload, *pucLastByte;
|
||||
struct freertos_sockaddr xClient;
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
|
||||
index e511ca324..d6f335304 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
|
||||
@@ -116,7 +116,7 @@ static size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
|
||||
/*
|
||||
* Simple routine that jumps over the NAME field of a resource record.
|
||||
*/
|
||||
-static uint8_t * prvSkipNameField( uint8_t *pucByte,
|
||||
+uint8_t * prvSkipNameField( uint8_t *pucByte,
|
||||
size_t uxSourceLen );
|
||||
|
||||
/*
|
||||
@@ -124,7 +124,7 @@ static uint8_t * prvSkipNameField( uint8_t *pucByte,
|
||||
* The parameter 'xExpected' indicates whether the identifier in the reply
|
||||
* was expected, and thus if the DNS cache may be updated with the reply.
|
||||
*/
|
||||
-static uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
+uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
size_t uxBufferLength,
|
||||
BaseType_t xExpected );
|
||||
|
||||
@@ -152,7 +152,7 @@ static uint32_t prvGetHostByName( const char *pcHostName,
|
||||
|
||||
|
||||
#if( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
|
||||
- static uint8_t * prvReadNameField( uint8_t *pucByte,
|
||||
+ uint8_t * prvReadNameField( uint8_t *pucByte,
|
||||
size_t uxSourceLen,
|
||||
char *pcName,
|
||||
size_t uxLen );
|
||||
@@ -765,7 +765,7 @@ static const DNSMessage_t xDefaultPartDNSHeader =
|
||||
|
||||
#if( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
|
||||
|
||||
- static uint8_t * prvReadNameField( uint8_t *pucByte,
|
||||
+ uint8_t * prvReadNameField( uint8_t *pucByte,
|
||||
size_t uxSourceLen,
|
||||
char *pcName,
|
||||
size_t uxDestLen )
|
||||
@@ -843,7 +843,7 @@ static const DNSMessage_t xDefaultPartDNSHeader =
|
||||
#endif /* ipconfigUSE_DNS_CACHE || ipconfigDNS_USE_CALLBACKS */
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
-static uint8_t * prvSkipNameField( uint8_t *pucByte,
|
||||
+uint8_t * prvSkipNameField( uint8_t *pucByte,
|
||||
size_t uxSourceLen )
|
||||
{
|
||||
size_t uxChunkLength;
|
||||
@@ -949,7 +949,7 @@ DNSMessage_t *pxDNSMessageHeader;
|
||||
#endif /* ipconfigUSE_NBNS */
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
-static uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
+uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
size_t uxBufferLength,
|
||||
BaseType_t xExpected )
|
||||
{
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
|
||||
index 1f5a845fa..1a69807c0 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
|
||||
@@ -206,7 +206,7 @@ extern void vListInsertGeneric( List_t * const pxList, ListItem_t * const pxNewL
|
||||
|
||||
/* List of free TCP segments. */
|
||||
#if( ipconfigUSE_TCP_WIN == 1 )
|
||||
- static List_t xSegmentList;
|
||||
+ List_t xSegmentList;
|
||||
#endif
|
||||
|
||||
/* Logging verbosity level. */
|
||||
--
|
||||
2.20.1 (Apple Git-117)
|
||||
|
@ -1,68 +0,0 @@
|
||||
From 18ca738652bd0ce0a1345cb3dcd7ffacbc196bfa Mon Sep 17 00:00:00 2001
|
||||
From: "Mark R. Tuttle" <mrtuttle@amazon.com>
|
||||
Date: Wed, 30 Oct 2019 09:38:56 -0400
|
||||
Subject: [PATCH] Remove static attributes from functions implementing
|
||||
prvCheckOptions for CBMC proofs.
|
||||
|
||||
---
|
||||
.../freertos_plus_tcp/source/FreeRTOS_TCP_IP.c | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
|
||||
index 4378e28de..2cd072d24 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
|
||||
@@ -225,20 +225,20 @@ static BaseType_t prvTCPPrepareConnect( FreeRTOS_Socket_t *pxSocket );
|
||||
/*
|
||||
* Parse the TCP option(s) received, if present.
|
||||
*/
|
||||
-static void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, NetworkBufferDescriptor_t *pxNetworkBuffer );
|
||||
+void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, NetworkBufferDescriptor_t *pxNetworkBuffer );
|
||||
|
||||
/*
|
||||
* Identify and deal with a single TCP header option, advancing the pointer to
|
||||
* the header. This function returns pdTRUE or pdFALSE depending on whether the
|
||||
* caller should continue to parse more header options or break the loop.
|
||||
*/
|
||||
-static BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const ppucPtr, const unsigned char ** const ppucLast, FreeRTOS_Socket_t ** const ppxSocket, TCPWindow_t ** const ppxTCPWindow);
|
||||
+BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const ppucPtr, const unsigned char ** const ppucLast, FreeRTOS_Socket_t ** const ppxSocket, TCPWindow_t ** const ppxTCPWindow);
|
||||
|
||||
/*
|
||||
* Skip past TCP header options when doing Selective ACK, until there are no
|
||||
* more options left.
|
||||
*/
|
||||
-static void prvSkipPastRemainingOptions( const unsigned char ** const ppucPtr, FreeRTOS_Socket_t ** const ppxSocket, unsigned char * const ppucLen );
|
||||
+void prvSkipPastRemainingOptions( const unsigned char ** const ppucPtr, FreeRTOS_Socket_t ** const ppxSocket, unsigned char * const ppucLen );
|
||||
|
||||
/*
|
||||
* Set the initial properties in the options fields, like the preferred
|
||||
@@ -1157,7 +1157,7 @@ uint32_t ulInitialSequenceNumber = 0;
|
||||
* that: ((pxTCPHeader->ucTCPOffset & 0xf0) > 0x50), meaning that the TP header
|
||||
* is longer than the usual 20 (5 x 4) bytes.
|
||||
*/
|
||||
-static void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, NetworkBufferDescriptor_t *pxNetworkBuffer )
|
||||
+void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, NetworkBufferDescriptor_t *pxNetworkBuffer )
|
||||
{
|
||||
TCPPacket_t * pxTCPPacket;
|
||||
TCPHeader_t * pxTCPHeader;
|
||||
@@ -1191,7 +1191,7 @@ BaseType_t xShouldContinueLoop;
|
||||
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
-static BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const ppucPtr, const unsigned char ** const ppucLast, FreeRTOS_Socket_t ** const ppxSocket, TCPWindow_t ** const ppxTCPWindow)
|
||||
+BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const ppucPtr, const unsigned char ** const ppucLast, FreeRTOS_Socket_t ** const ppxSocket, TCPWindow_t ** const ppxTCPWindow)
|
||||
{
|
||||
UBaseType_t uxNewMSS;
|
||||
UBaseType_t xRemainingOptionsBytes = ( *ppucLast ) - ( *ppucPtr );
|
||||
@@ -1319,7 +1319,7 @@ static BaseType_t prvSingleStepTCPHeaderOptions( const unsigned char ** const pp
|
||||
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
-static void prvSkipPastRemainingOptions( const unsigned char ** const ppucPtr, FreeRTOS_Socket_t ** const ppxSocket, unsigned char * const pucLen )
|
||||
+void prvSkipPastRemainingOptions( const unsigned char ** const ppucPtr, FreeRTOS_Socket_t ** const ppxSocket, unsigned char * const pucLen )
|
||||
{
|
||||
uint32_t ulFirst = ulChar2u32( ( *ppucPtr ) );
|
||||
uint32_t ulLast = ulChar2u32( ( *ppucPtr ) + 4 );
|
||||
--
|
||||
2.20.1 (Apple Git-117)
|
||||
|
@ -0,0 +1,64 @@
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
|
||||
index 04b0487..d6e74a9 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DHCP.c
|
||||
@@ -156,7 +156,11 @@ struct xDHCPMessage_IPv4
|
||||
typedef struct xDHCPMessage_IPv4 DHCPMessage_IPv4_t;
|
||||
|
||||
/* The UDP socket used for all incoming and outgoing DHCP traffic. */
|
||||
+#ifdef CBMC
|
||||
+Socket_t xDHCPSocket;
|
||||
+#else
|
||||
static Socket_t xDHCPSocket;
|
||||
+#endif
|
||||
|
||||
#if( ipconfigDHCP_FALL_BACK_AUTO_IP != 0 )
|
||||
/* Define the Link Layer IP address: 169.254.x.x */
|
||||
@@ -179,7 +183,11 @@ static void prvSendDHCPDiscover( void );
|
||||
/*
|
||||
* Interpret message received on the DHCP socket.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType );
|
||||
+#else
|
||||
static BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType );
|
||||
+#endif
|
||||
|
||||
/*
|
||||
* Generate a DHCP request packet, and send it on the DHCP socket.
|
||||
@@ -204,7 +212,11 @@ static uint8_t *prvCreatePartDHCPMessage( struct freertos_sockaddr *pxAddress,
|
||||
/*
|
||||
* Create the DHCP socket, if it has not been created already.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+void prvCreateDHCPSocket( void );
|
||||
+#else
|
||||
static void prvCreateDHCPSocket( void );
|
||||
+#endif
|
||||
|
||||
/*
|
||||
* Close the DHCP socket.
|
||||
@@ -223,7 +235,11 @@ static void prvCloseDHCPSocket( void );
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
/* Hold information in between steps in the DHCP state machine. */
|
||||
+#ifdef CBMC
|
||||
+DHCPData_t xDHCPData;
|
||||
+#else
|
||||
static DHCPData_t xDHCPData;
|
||||
+#endif
|
||||
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
@@ -623,7 +639,11 @@ static void prvInitialiseDHCP( void )
|
||||
}
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
+#ifdef CBMC
|
||||
+BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType )
|
||||
+#else
|
||||
static BaseType_t prvProcessDHCPReplies( BaseType_t xExpectedMessageType )
|
||||
+#endif
|
||||
{
|
||||
uint8_t *pucUDPPayload;
|
||||
int32_t lBytes;
|
@ -0,0 +1,100 @@
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
|
||||
index 480d50b..5557253 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_DNS.c
|
||||
@@ -114,7 +114,11 @@ static Socket_t prvCreateDNSSocket( void );
|
||||
/*
|
||||
* Create the DNS message in the zero copy buffer passed in the first parameter.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
|
||||
+#else
|
||||
static size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
|
||||
+#endif
|
||||
const char *pcHostName,
|
||||
TickType_t uxIdentifier );
|
||||
|
||||
@@ -122,7 +126,11 @@ static size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
|
||||
* Simple routine that jumps over the NAME field of a resource record.
|
||||
* It returns the number of bytes read.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+size_t prvSkipNameField( const uint8_t *pucByte,
|
||||
+#else
|
||||
static size_t prvSkipNameField( const uint8_t *pucByte,
|
||||
+#endif
|
||||
size_t uxLength );
|
||||
|
||||
/*
|
||||
@@ -130,7 +138,11 @@ static size_t prvSkipNameField( const uint8_t *pucByte,
|
||||
* The parameter 'xExpected' indicates whether the identifier in the reply
|
||||
* was expected, and thus if the DNS cache may be updated with the reply.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
+#else
|
||||
static uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
+#endif
|
||||
size_t uxBufferLength,
|
||||
BaseType_t xExpected );
|
||||
|
||||
@@ -184,7 +196,11 @@ static uint32_t prvGetHostByName( const char *pcHostName,
|
||||
|
||||
|
||||
#if( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
|
||||
+#ifdef CBMC
|
||||
+ size_t prvReadNameField( const uint8_t *pucByte,
|
||||
+#else
|
||||
static size_t prvReadNameField( const uint8_t *pucByte,
|
||||
+#endif
|
||||
size_t uxRemainingBytes,
|
||||
char *pcName,
|
||||
size_t uxDestLen );
|
||||
@@ -758,7 +774,11 @@ TickType_t uxWriteTimeOut_ticks = ipconfigDNS_SEND_BLOCK_TIME_TICKS;
|
||||
}
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
+#ifdef CBMC
|
||||
+size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
|
||||
+#else
|
||||
static size_t prvCreateDNSMessage( uint8_t *pucUDPPayloadBuffer,
|
||||
+#endif
|
||||
const char *pcHostName,
|
||||
TickType_t uxIdentifier )
|
||||
{
|
||||
@@ -838,7 +858,11 @@ static const DNSMessage_t xDefaultPartDNSHeader =
|
||||
|
||||
#if( ipconfigUSE_DNS_CACHE == 1 ) || ( ipconfigDNS_USE_CALLBACKS == 1 )
|
||||
|
||||
+#ifdef CBMC
|
||||
+ size_t prvReadNameField( const uint8_t *pucByte,
|
||||
+#else
|
||||
static size_t prvReadNameField( const uint8_t *pucByte,
|
||||
+#endif
|
||||
size_t uxRemainingBytes,
|
||||
char *pcName,
|
||||
size_t uxDestLen )
|
||||
@@ -932,7 +956,11 @@ static const DNSMessage_t xDefaultPartDNSHeader =
|
||||
#endif /* ipconfigUSE_DNS_CACHE || ipconfigDNS_USE_CALLBACKS */
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
+#ifdef CBMC
|
||||
+size_t prvSkipNameField( const uint8_t *pucByte,
|
||||
+#else
|
||||
static size_t prvSkipNameField( const uint8_t *pucByte,
|
||||
+#endif
|
||||
size_t uxLength )
|
||||
{
|
||||
size_t uxChunkLength;
|
||||
@@ -1050,7 +1078,11 @@ size_t uxPayloadSize;
|
||||
#endif /* ipconfigUSE_NBNS */
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
+#ifdef CBMC
|
||||
+uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
+#else
|
||||
static uint32_t prvParseDNSReply( uint8_t *pucUDPPayloadBuffer,
|
||||
+#endif
|
||||
size_t uxBufferLength,
|
||||
BaseType_t xExpected )
|
||||
{
|
@ -0,0 +1,87 @@
|
||||
From afc01793c4531cfbe9f92e7ca2ce9364983d987e Mon Sep 17 00:00:00 2001
|
||||
From: Mark R Tuttle <mrtuttle@amazon.com>
|
||||
Date: Tue, 12 May 2020 15:57:56 +0000
|
||||
Subject: [PATCH] modified lib
|
||||
|
||||
---
|
||||
.../freertos_plus_tcp/source/FreeRTOS_TCP_IP.c | 24 ++++++++++++++++++++++
|
||||
1 file changed, 24 insertions(+)
|
||||
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
|
||||
index dc58621..963b576 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_IP.c
|
||||
@@ -198,14 +198,22 @@ static BaseType_t prvTCPPrepareConnect( FreeRTOS_Socket_t *pxSocket );
|
||||
/*
|
||||
* Parse the TCP option(s) received, if present.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, const NetworkBufferDescriptor_t *pxNetworkBuffer );
|
||||
+#else
|
||||
static void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, const NetworkBufferDescriptor_t *pxNetworkBuffer );
|
||||
+#endif
|
||||
|
||||
/*
|
||||
* Identify and deal with a single TCP header option, advancing the pointer to
|
||||
* the header. This function returns pdTRUE or pdFALSE depending on whether the
|
||||
* caller should continue to parse more header options or break the loop.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
|
||||
+#else
|
||||
static size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
|
||||
+#endif
|
||||
size_t uxTotalLength,
|
||||
FreeRTOS_Socket_t * const pxSocket,
|
||||
BaseType_t xHasSYNFlag );
|
||||
@@ -214,7 +222,11 @@ static size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
|
||||
* Skip past TCP header options when doing Selective ACK, until there are no
|
||||
* more options left.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+void prvReadSackOption( const uint8_t * const pucPtr,
|
||||
+#else
|
||||
static void prvReadSackOption( const uint8_t * const pucPtr,
|
||||
+#endif
|
||||
size_t uxIndex,
|
||||
FreeRTOS_Socket_t * const pxSocket );
|
||||
|
||||
@@ -1137,7 +1149,11 @@ uint32_t ulInitialSequenceNumber = 0;
|
||||
* that: ((pxTCPHeader->ucTCPOffset & 0xf0) > 0x50), meaning that the TP header
|
||||
* is longer than the usual 20 (5 x 4) bytes.
|
||||
*/
|
||||
+#ifdef CBMC
|
||||
+void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, const NetworkBufferDescriptor_t *pxNetworkBuffer )
|
||||
+#else
|
||||
static void prvCheckOptions( FreeRTOS_Socket_t *pxSocket, const NetworkBufferDescriptor_t *pxNetworkBuffer )
|
||||
+#endif
|
||||
{
|
||||
size_t uxTCPHeaderOffset = ipSIZE_OF_ETH_HEADER + xIPHeaderSize( pxNetworkBuffer );
|
||||
const ProtocolHeaders_t *pxProtocolHeaders = ipPOINTER_CAST( ProtocolHeaders_t *,
|
||||
@@ -1201,7 +1217,11 @@ uint8_t ucLength;
|
||||
}
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
+#ifdef CBMC
|
||||
+size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
|
||||
+#else
|
||||
static size_t prvSingleStepTCPHeaderOptions( const uint8_t * const pucPtr,
|
||||
+#endif
|
||||
size_t uxTotalLength,
|
||||
FreeRTOS_Socket_t * const pxSocket,
|
||||
BaseType_t xHasSYNFlag )
|
||||
@@ -1346,7 +1366,11 @@ TCPWindow_t *pxTCPWindow = &( pxSocket->u.xTCP.xTCPWindow );
|
||||
}
|
||||
/*-----------------------------------------------------------*/
|
||||
|
||||
+#ifdef CBMC
|
||||
+void prvReadSackOption( const uint8_t * const pucPtr,
|
||||
+#else
|
||||
static void prvReadSackOption( const uint8_t * const pucPtr,
|
||||
+#endif
|
||||
size_t uxIndex,
|
||||
FreeRTOS_Socket_t * const pxSocket )
|
||||
{
|
||||
--
|
||||
2.7.4
|
||||
|
@ -0,0 +1,17 @@
|
||||
diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
|
||||
index 0078ab313..b0cccbad8 100644
|
||||
--- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
|
||||
+++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/FreeRTOS_TCP_WIN.c
|
||||
@@ -192,8 +192,12 @@ extern void vListInsertGeneric( List_t * const pxList, ListItem_t * const pxNewL
|
||||
|
||||
/* List of free TCP segments. */
|
||||
#if( ipconfigUSE_TCP_WIN == 1 )
|
||||
+#ifdef CBMC
|
||||
+ List_t xSegmentList;
|
||||
+#else
|
||||
static List_t xSegmentList;
|
||||
#endif
|
||||
+#endif
|
||||
|
||||
/* Logging verbosity level. */
|
||||
BaseType_t xTCPWindowLoggingLevel = 0;
|
Loading…
Reference in New Issue