From 711bf23ee2f36fa3ba68033fac9909f3b4aec0ca Mon Sep 17 00:00:00 2001 From: Ismael Gomez Date: Tue, 11 Jul 2017 13:17:26 +0200 Subject: [PATCH] fixed segfault due to race condition in scrambling sequence pre-generation --- lib/include/srslte/phy/phch/pdsch.h | 3 ++- lib/include/srslte/phy/phch/pucch.h | 3 ++- lib/include/srslte/phy/phch/pusch.h | 3 ++- lib/src/phy/phch/pdsch.c | 24 +++++++++++++----------- lib/src/phy/phch/pucch.c | 8 +++++--- lib/src/phy/phch/pusch.c | 27 ++++++++++++++------------- 6 files changed, 38 insertions(+), 30 deletions(-) diff --git a/lib/include/srslte/phy/phch/pdsch.h b/lib/include/srslte/phy/phch/pdsch.h index 7730d2fa1..ad01c4ef8 100644 --- a/lib/include/srslte/phy/phch/pdsch.h +++ b/lib/include/srslte/phy/phch/pdsch.h @@ -48,7 +48,8 @@ #include "srslte/phy/phch/pdsch_cfg.h" typedef struct { - srslte_sequence_t seq[SRSLTE_NSUBFRAMES_X_FRAME]; + srslte_sequence_t seq[SRSLTE_NSUBFRAMES_X_FRAME]; + bool sequence_generated; } srslte_pdsch_user_t; /* PDSCH object */ diff --git a/lib/include/srslte/phy/phch/pucch.h b/lib/include/srslte/phy/phch/pucch.h index 3542dc53f..56d512418 100644 --- a/lib/include/srslte/phy/phch/pucch.h +++ b/lib/include/srslte/phy/phch/pucch.h @@ -80,7 +80,8 @@ typedef struct SRSLTE_API { } srslte_pucch_cfg_t; typedef struct { - srslte_sequence_t seq_f2[SRSLTE_NSUBFRAMES_X_FRAME]; + srslte_sequence_t seq_f2[SRSLTE_NSUBFRAMES_X_FRAME]; + bool sequence_generated; } srslte_pucch_user_t; /* PUCCH object */ diff --git a/lib/include/srslte/phy/phch/pusch.h b/lib/include/srslte/phy/phch/pusch.h index bf04a4781..e5ee43995 100644 --- a/lib/include/srslte/phy/phch/pusch.h +++ b/lib/include/srslte/phy/phch/pusch.h @@ -61,7 +61,8 @@ typedef struct { } srslte_pusch_hopping_cfg_t; typedef struct { - srslte_sequence_t seq[SRSLTE_NSUBFRAMES_X_FRAME]; + srslte_sequence_t seq[SRSLTE_NSUBFRAMES_X_FRAME]; + bool sequences_generated; } srslte_pusch_user_t; /* PUSCH object */ diff --git a/lib/src/phy/phch/pdsch.c b/lib/src/phy/phch/pdsch.c index 4da881531..63e7dbfa0 100644 --- a/lib/src/phy/phch/pdsch.c +++ b/lib/src/phy/phch/pdsch.c @@ -32,6 +32,7 @@ #include #include #include +#include #include "prb_dl.h" #include "srslte/phy/phch/pdsch.h" @@ -362,6 +363,7 @@ int srslte_pdsch_set_rnti(srslte_pdsch_t *q, uint16_t rnti) { return SRSLTE_ERROR; } } + q->users[rnti]->sequence_generated = true; } } return SRSLTE_SUCCESS; @@ -467,15 +469,15 @@ int srslte_pdsch_decode_multi(srslte_pdsch_t *q, srslte_demod_soft_demodulate_s(cfg->grant.mcs.mod, q->d, q->e, cfg->nbits.nof_re); /* descramble */ - if (!q->users[rnti]) { - srslte_sequence_t seq; + if (q->users[rnti] && q->users[rnti]->sequence_generated) { + srslte_scrambling_s_offset(&q->users[rnti]->seq[cfg->sf_idx], q->e, 0, cfg->nbits.nof_bits); + } else { + srslte_sequence_t seq; if (srslte_sequence_pdsch(&seq, rnti, 0, 2 * cfg->sf_idx, q->cell.id, cfg->nbits.nof_bits)) { - return SRSLTE_ERROR; + return SRSLTE_ERROR; } - srslte_scrambling_s_offset(&seq, q->e, 0, cfg->nbits.nof_bits); + srslte_scrambling_s_offset(&seq, q->e, 0, cfg->nbits.nof_bits); srslte_sequence_free(&seq); - } else { - srslte_scrambling_s_offset(&q->users[rnti]->seq[cfg->sf_idx], q->e, 0, cfg->nbits.nof_bits); } if (SRSLTE_VERBOSE_ISDEBUG()) { @@ -537,15 +539,15 @@ int srslte_pdsch_encode(srslte_pdsch_t *q, } /* scramble */ - if (!q->users[rnti]) { - srslte_sequence_t seq; + if (q->users[rnti] && q->users[rnti]->sequence_generated) { + srslte_scrambling_bytes(&q->users[rnti]->seq[cfg->sf_idx], (uint8_t*) q->e, cfg->nbits.nof_bits); + } else { + srslte_sequence_t seq; if (srslte_sequence_pdsch(&seq, rnti, 0, 2 * cfg->sf_idx, q->cell.id, cfg->nbits.nof_bits)) { - return SRSLTE_ERROR; + return SRSLTE_ERROR; } srslte_scrambling_bytes(&seq, (uint8_t*) q->e, cfg->nbits.nof_bits); srslte_sequence_free(&seq); - } else { - srslte_scrambling_bytes(&q->users[rnti]->seq[cfg->sf_idx], (uint8_t*) q->e, cfg->nbits.nof_bits); } srslte_mod_modulate_bytes(&q->mod[cfg->grant.mcs.mod], (uint8_t*) q->e, q->d, cfg->nbits.nof_bits); diff --git a/lib/src/phy/phch/pucch.c b/lib/src/phy/phch/pucch.c index c58f69871..6a889b89c 100644 --- a/lib/src/phy/phch/pucch.c +++ b/lib/src/phy/phch/pucch.c @@ -33,6 +33,7 @@ #include #include #include +#include #include "srslte/phy/ch_estimation/refsignal_ul.h" #include "srslte/phy/phch/pucch.h" @@ -489,7 +490,7 @@ void srslte_pucch_clear_rnti(srslte_pucch_t *q, uint16_t rnti) { int srslte_pucch_set_crnti(srslte_pucch_t *q, uint16_t rnti) { if (!q->users[rnti]) { - q->users[rnti] = malloc(sizeof(srslte_pucch_user_t)); + q->users[rnti] = calloc(1, sizeof(srslte_pucch_user_t)); if (q->users[rnti]) { for (uint32_t sf_idx=0;sf_idxusers[rnti]->sequence_generated = true; } } return SRSLTE_SUCCESS; @@ -591,7 +593,7 @@ static int uci_mod_bits(srslte_pucch_t *q, srslte_pucch_format_t format, uint8_t case SRSLTE_PUCCH_FORMAT_2: case SRSLTE_PUCCH_FORMAT_2A: case SRSLTE_PUCCH_FORMAT_2B: - if (q->users[rnti]) { + if (q->users[rnti] && q->users[rnti]->sequence_generated) { memcpy(q->bits_scram, bits, SRSLTE_PUCCH2_NOF_BITS*sizeof(uint8_t)); srslte_scrambling_b(&q->users[rnti]->seq_f2[sf_idx], q->bits_scram); srslte_mod_modulate(&q->mod, q->bits_scram, q->d, SRSLTE_PUCCH2_NOF_BITS); @@ -796,7 +798,7 @@ int srslte_pucch_decode(srslte_pucch_t* q, srslte_pucch_format_t format, case SRSLTE_PUCCH_FORMAT_2: case SRSLTE_PUCCH_FORMAT_2A: case SRSLTE_PUCCH_FORMAT_2B: - if (q->users[rnti]) { + if (q->users[rnti] && q->users[rnti]->sequence_generated) { pucch_encode_(q, format, n_pucch, sf_idx, rnti, NULL, ref, true); srslte_vec_prod_conj_ccc(q->z, ref, q->z_tmp, SRSLTE_PUCCH_MAX_SYMBOLS); for (int i=0;imax_re * srslte_mod_bits_x_symbol(SRSLTE_MOD_64QAM))) { return SRSLTE_ERROR; } - } + } + q->users[rnti]->sequences_generated = true; } } return SRSLTE_SUCCESS; @@ -444,15 +445,15 @@ int srslte_pusch_encode(srslte_pusch_t *q, srslte_pusch_cfg_t *cfg, srslte_softb return SRSLTE_ERROR; } - if (!q->users[rnti]) { - srslte_sequence_t seq; + if (q->users[rnti] && q->users[rnti]->sequences_generated) { + srslte_scrambling_bytes(&q->users[rnti]->seq[cfg->sf_idx], (uint8_t*) q->q, cfg->nbits.nof_bits); + } else { + srslte_sequence_t seq; if (srslte_sequence_pusch(&seq, rnti, 2 * cfg->sf_idx, q->cell.id, cfg->nbits.nof_bits)) { - return SRSLTE_ERROR; + return SRSLTE_ERROR; } - srslte_scrambling_bytes(&seq, (uint8_t*) q->q, cfg->nbits.nof_bits); + srslte_scrambling_bytes(&seq, (uint8_t*) q->q, cfg->nbits.nof_bits); srslte_sequence_free(&seq); - } else { - srslte_scrambling_bytes(&q->users[rnti]->seq[cfg->sf_idx], (uint8_t*) q->q, cfg->nbits.nof_bits); } // Correct UCI placeholder/repetition bits @@ -535,13 +536,13 @@ int srslte_pusch_decode(srslte_pusch_t *q, srslte_sequence_t *seq = NULL; // Create sequence if does not exist - if (!q->users[rnti]) { - seq = &q->tmp_seq; + if (q->users[rnti] && q->users[rnti]->sequences_generated) { + seq = &q->users[rnti]->seq[cfg->sf_idx]; + } else { + seq = &q->tmp_seq; if (srslte_sequence_pusch(seq, rnti, 2 * cfg->sf_idx, q->cell.id, cfg->nbits.nof_bits)) { - return SRSLTE_ERROR; + return SRSLTE_ERROR; } - } else { - seq = &q->users[rnti]->seq[cfg->sf_idx]; } // Decode RI/HARQ bits before descrambling @@ -553,7 +554,7 @@ int srslte_pusch_decode(srslte_pusch_t *q, // Descrambling srslte_scrambling_s_offset(seq, q->q, 0, cfg->nbits.nof_bits); - if (!q->users[rnti]) { + if (!(q->users[rnti] && q->users[rnti]->sequences_generated)) { srslte_sequence_free(seq); }