add default in switch instead of using the the END state directly
that is checked before entering the switch. Coverity correctly
reports this as dead code.
fix printf format string on 32bit arches like ARMv7
FAILED: lib/src/phy/ue/CMakeFiles/srsran_ue.dir/ue_sync.c.o
/usr/bin/gcc -DASSERTS_ENABLED -DENABLE_TIMEPROF -DENABLE_TTCN3 -DHAVE_BACKWARD -DHAVE_MBEDTLS -DHAVE_PCSC -I/usr/include/PCSC -I/usr/include/SoapySDR -Ilib/include -I../lib/include -Wno-unused-but-set-variable -Wall -Wno-comment -Wno-write-strings -Wno-unused-result -Wformat -Wmissing-field-initializers -Wtype-limits -std=c99 -fno-strict-aliasing -D_GNU_SOURCE -O3 -fno-trapping-math -fno-math-errno -DBUILD_TYPE_RELEASE -DIS_ARM -DHAVE_NEON -mfloat-abi=hard -mfpu=neon -fvisibility=hidden -fdiagnostics-color=always -Werror --param large-function-growth=1600 -O3 -DNDEBUG -fPIC -MD -MT lib/src/phy/ue/CMakeFiles/srsran_ue.dir/ue_sync.c.o -MF lib/src/phy/ue/CMakeFiles/srsran_ue.dir/ue_sync.c.o.d -o lib/src/phy/ue/CMakeFiles/srsran_ue.dir/ue_sync.c.o -c ../lib/src/phy/ue/ue_sync.c
In file included from ../lib/include/srsran/srsran.h:31,
from ../lib/src/phy/ue/ue_sync.c:13:
../lib/src/phy/ue/ue_sync.c: In function ‘srsran_ue_sync_set_tti_from_timestamp’:
../lib/include/srsran/phy/utils/debug.h:59:23: error: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 3 has type ‘uint64_t’ {aka ‘long long unsigned int’} [-Werror=format=]
fprintf(stdout, "[DEBUG]: " _fmt "\n", ##__VA_ARGS__); \
^~~~~~~~~~~
../lib/src/phy/ue/ue_sync.c:1044:3: note: in expansion of macro ‘DEBUG’
DEBUG("rx time with 3gpp base in ms %lu\n", time_3gpp_msecs);
^~~~~
../lib/src/phy/ue/ue_sync.c:1044:41: note: format string is defined here
DEBUG("rx time with 3gpp base in ms %lu\n", time_3gpp_msecs);
~~^
%llu
cc1: all warnings being treated as errors
CID 369560 Missing unlock, in dft_fftw.c
CID 363710 Logically dead code, in resampler.c
CID 55097 Result is not floating point, in chest_test_dl.c
CID 351020 Result is not floating point, in chest_nbiot_test_dl.c
Fix several Coverity issues
This commit adrresses the following code issues found by Coverity:
CID 339785 Division by zero, in fading_channel_test.c
CID 355272 Division by zero, in awgn_channel_test.c
CID 355277 NULL ptr dereference, in awgn_channel_test.c
CID 359663 NULL ptr dereference, in delay_channel_test.c
CID 369544 NULL ptr dereference, in chest_dl_nbiot.c
CID 373326 Resource Leak, in dft_fftw.c
CID 373329 Resource Leak, in dft_fftw.c
CID 372878 Division by zero, in sliv_test.c
CID 372871 Division by zero, in dmrs_pdcch.c
CID 370622 Negative loop bound, in csr_rs.c
CID 370624 Negative loop bound, in csr_rs.c
CID 370626 Negative loop bound, in csr_rs.c
CID's 369568, 369594 NULL ptr dereference, in ch_awgn.c
CID 369540 Logically dead code, in refsignal_dl.c
CID 369608 Logically dead code, in refsignal_ul.c
CIDs 366291, 366296, 366297 Out-of-bounds access, in zc_sequence.c
CID 372209 Division by zero, in cqi.c
CID 370992 Uninitialized pointer read, in pdcch_test.c
CID 373334 Integer overflow, in ue_sync.h
CID 370993, 370995 Undefined division, in pdcch_test.c
CID 370994 Undefined division, in ssb_decode_test.c
CIDs 353368 353364 353365 359673 353366 353367
Explicit null dereferenced, in psss_file_test.c
CID 371865 Unchecked return value, in rf_uhd_imp.cc
CID 363810 Undefined division, in ldpc_rm_chain_test.c
CID 372209, 372211, 372213, 372216 Undefined modulo, in cqi.c
CID 339834 Array compared against 0, in chest_dl.c
CID 369589 Out of bounds access, in dmrs_pucch.c
CID 371681 Out of bounds access, in ue_sync_nr_test.c
CIDs 370761, 370825 Copy-paste error, in ssb.c
CID 369599 out of bounds read, in dmrs_pdcch_test.c
CID 363795 out of bounds read, in ldpc_dec_c_avx2_flood.c
CID 363805 out of bounds read, in ldpc_dec_c_avx2long_flood.c
CID 363821 out of bounds read, in ldpc_dec_c_flood.c
until the correct gain settings are documented and potential
mis-configuration are handled. It seems that the default
Tx/rx gains values are not working with this function.
* Make filename const in filesink
* Sine generation returns the next phase
* Avoid malloc/free in radio class
* Implement Tx gain in ZMQ
* Initial ratio RT gain test
* UHD: use timed Tx gain commands to align changes to subframes
* Minor improvement in test_radio_rt_gain
* Fix compilation
* Check RF gain thread id before joining
* Remove redundant zero initialization.
Co-authored-by: Fabian Eckermann <fabian@srs.io>
* Fix a race condition when accessing the NR PHY cfg by the RRC and phy workers.
Rework how the phy cfg is handled, now workers have their own copy that gets updated after a reconfig moving it out of the state class.
* Default initialize sf_len member in sf_worker for consistency.
* Asynchronous NR PHY configuration
* Fix compilation
* Corrected method override and fix unitialised value
* Added carrier equal comparison to avoid aligment byte padding comparison
Co-authored-by: faluco <borja.ferrer@softwareradiosystems.com>
This was done to avoid integrity issues, when the UE's RRC erroneously sent
measurement reports while the re-establishment was already in progress.
As errously sending PDCP PDUs on DRBs can cause issues as well, this was
disabled too.
Move emergency handlers header file into the support folder.
Refactored signal handling:
- Remove the dependency with the running static variable in the header file.
- Move implementations down to cc files.
- Allow specifying a new signal handler that will be used to stop the applications.
- Move signal handling files to support.
since absolute freq point a members have been removed from the srslte_nr_carrier_t
struct (they are now actual frequencies) the abs_point_a values are now in
the RRC cell structs
this is to avoid invalid configs that later on cause segfaults, etc.
e.g.:
0 0x7f397adf64a3 (/lib/x86_64-linux-gnu/libc.so.6+0xbb4a3)
1 0x7f397cc8c6ce (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x796ce)
2 0x55b921d61707 in srsran_vec_cf_copy /mnt/data/jenkins/workspace/srslte_ogt_trial_builder_x86-ubuntu1804-asan/srsLTE/lib/src/phy/utils/vector.c:226
3 0x55b921d3b1d4 in ssb_demodulate /mnt/data/jenkins/workspace/srslte_ogt_trial_builder_x86-ubuntu1804-asan/srsLTE/lib/src/phy/sync/ssb.c:632
4 0x55b921d3d8ce in srsran_ssb_csi_measure /mnt/data/jenkins/workspace/srslte_ogt_trial_builder_x86-ubuntu1804-asan/srsLTE/lib/src/phy/sync/ssb.c:905
5 0x55b9215dc20f in srsue::nr::cc_worker::measure_csi() /mnt/data/jenkins/workspace/srslte_ogt_trial_builder_x86-ubuntu1804-asan/srsLTE/srsue/src/phy/nr/cc_worker.cc:373
6 0x55b9215dd216 in srsue::nr::cc_worker::work_dl() /mnt/data/jenkins/workspace/srslte_ogt_trial_builder_x86-ubuntu1804-asan/srsLTE/srsue/src/phy/nr/cc_worker.cc:483
7 0x55b9215f9c69 in srsue::nr::sf_worker::work_imp() /mnt/data/jenkins/workspace/srslte_ogt_trial_builder_x86-ubuntu1804-asan/srsLTE/srsue/src/phy/nr/sf_worker.cc:78
8 0x55b921c47cc6 in srsran::thread_pool::worker::run_thread() /mnt/data/jenkins/workspace/srslte_ogt_trial_builder_x86-ubuntu1804-asan/srsLTE/lib/src/common/thread_pool.cc:48
9 0x55b92152ea0b in srsran:🧵:thread_function_entry(void*) /mnt/data/jenkins/workspace/srslte_ogt_trial_builder_x86-ubuntu1804-asan/srsLTE/lib/include/srsran/common/threads.h:103
10 0x7f397c9fb6da in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76da)
11 0x7f397ae5c71e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x12171e)
under some circumstances it could happen that the RLC is configured
when SDUs are already being written to the queue. The resize
operation of the underlying container would fail in this case.
Make sure to empty the queue before doing the resize.
* Improve reliability of timestamp to tti conversion
Difftime is not reliable as it might use 32 bit calculation, depending on the system. This leads to wrong frame numbers and subframe indices.
I encountered this Issue when testing the pssch_ue exampel on my system and the conversion from timestamp to frame number and sf idx was wrong.
* Improve GNSS Sync
Added loop to check for GNSS alignment while syncing.
If the received GNSS signal is weak, synchronization errors might occur while syncing.
* decouple EUTRA and NR stack classes
* implement dummy X2 interface with control and data plane methods
* implement eNB time source interface that PHY calls
we've had a few runs in the CI where opening the specified RF device
failed but the eNB/UE still continued to run, just picking the next available
run. This led to false-positive tests.
The policy should be that whenever the user specified a RF device to
be openend, and this device fails, the whole process should fail and
the application should exit.
The auto-detection mode is still available but only if no device name
is specified at all.
the Msg3 UL grant requires the TTI in which the RAR has been received
to calcualte the correct timing. There was a race between PHY and Stack
thread.
This patch circumvents the issue by removing a PHY state member that only holds
the RAR Rx timing. In the new interface the RA proc passes the Rx TTI
to the PHY again when setting the UL grant so the PHY can calculate the
correct timing without any state.
* the old srsran_cell_cfg_t is only carried for SIB params
* the SIB scheduling, etc needs to be ported and integrated into NR data structures
* disbable SIB test for the moment
this patch fixes a bug discovered in a real network where the DL CQI of a
user degraded repidly in very short time. A relativly big RLC PDU that
was still sent with the good CQI in a big grant now needs to be split
across many tiny segments because the CQI degraded so much.
The retx couting for each transmitted segment caused the retx counter to
reach maxRetx quickly.
With this patch we do not increment the retx counter for each transmitted
PDU or segment of a PDU but instead only increment the counter when
a given SN is added to the retx queue. This can happen either:
a) if the SN is negativly acknowledged and was not already on the retx queue,
b) no new data is available for tx and a SN is selected for retx.
This is in accordance with TS 36.322 which handles retx counting in section
5.2.1 according to the above description.
With soapy 0.8.0, GCC 11.1.0 warns of mismatched array bounds
in some functions.
This commit aligns the bound and adds proper wrappers to
fix subsequent warnings.
test now can write the NR reconfig into a PCAP for easy
debugging with Wireshark
patch also adds a new test helper to write a RRC PDU
into a PCAP file (helper packs PDCP and RLC AM first)
the code hasn't been maintained for a while an likely needs to be
adapted for a real-world scenarios.
in order to avoid having to maintain two MAC/PHY interfaces we
remove the code from now.
move implementation to cc file to avoid
[build] /bin/ld: CMakeFiles/rrc_nr_asn1_test.dir/rrc_nr_test.cc.o: in function `asn1::rrc_nr::setup_release_c<asn1::rrc_nr::pdcch_serving_cell_cfg_s>::set_setup()':
[build] /home/anpu/src/srsLTE/lib/include/srsran/asn1/rrc_nr.h:2276: undefined reference to `asn1::rrc_nr::setup_release_c<asn1::rrc_nr::pdcch_serving_cell_cfg_s>::set(asn1::rrc_nr::setup_release_c<asn1::rrc_nr::pdcch_serving_cell_cfg_s>::types_opts::options)'
[build] clang: error: linker command failed with exit code 1 (use -v to see invocation)
the do_status is queried from the Tx code frequently. To reduce
chances to delay the execution because the RLC Rx side is currently
holding the mutex we can use an atomic.
the patch uses try-lock whenever a status PDU is tried
to be built. This makes sure that when the lock is currently
hold (e.g. by a thread processing rx PDUs) the generation
of the status PDUs is not taking too long and blocking the calling
thread. Instead the status PDU generation is deferred to the next
Tx opportunity.
It's a probabilistic approach that assumes that at some stage the
lock can in fact be acquired.
TSAN detected wrong use of the old deque-based internal queue. To avoid
unwanted/undetected mis-use the patch uses the thread-safe block_queue
data structure instead.
on highly loaded systems it can happen that the get_metrics() is called
twice within a few houndred milliseconds. Logging a warning in this
case isn't needed, so reduce to info.
on the other hand, 100ms might be to convervative. Patch also
lowers the smallest interval to 10ms
* Protect PHY SR signal management in a class
* Protect intra_freq_meas vector
* Protect cell and srate shared variables in thread-safe classes
* srsue,srsenb: include TSAN options header
* Protect ue_rnti_t and rnti scheduling windows behind thread-safe classes
* Protect access to state variable in sync_state
* Protect access to metrics configuration
* Protect access to is_pending_sr
* Protect access to UE prach worker
* Protect UE mux
* Avoid unlocking mutex twice
* Fix data races in RF/ZMQ
* Fix data races in intra_measure and PHY
* Fix minor data races in MAC
* Make TSAN default behaviour to not halt on error
* Fix blocking in intra cell measurement
* Address comments
Co-authored-by: Andre Puschmann <andre@softwareradiosystems.com>
Introduce a new macro to catch UHD exceptions and log them directly instead of storing an error string, similar to what errno does.
Remove usrp logging helpers that depend on the now removed member since all calls potentially log the error directly.
the EPS bearer manager was only informed when a single DRB
was removed but not when entering idle which requires to
remove all bearers.
This cause the service request to fail.
RFCI has detected this assert failing in the log_backend_test. I have not been able to reproduce this locally but my theory is the following one:
one of the unit tests does the following:
backend.start();
backend.stop();
the internal running_flag member could be set to true and then to false by the main thread before the worker thread calls do_work(). If this happens
the assert will be triggered, which is wrong and too conservative, so remove the assert.
this is a rather large commit that is hard to split because
it touches quite a few components.
It's a preparation patch for adding NR split bearers in the next
step.
We realized that managing RLC and PDCP bearers for both NR and LTE
in the same entity doesn't work. This is because we use the LCID
as a key for all accesses. With NR dual connectivity however we
can have the same LCID active at the same time for both LTE and NR
carriers.
The patch solves that by creating a dedicated NR instance for RLC/PDCP
in the stack. But then the question arises for UL traffic on, e.g. LCID 4
what PDCP instance the GW should use for pushing SDUs. It doesnt' know
that. And in fact it doesn't need to. It just needs to know EPS
bearer IDs. So the next change was to remove the knowledge of what
LCIDs are from the GW. Make is agnostic and only work on EPS bearer IDs.
The handling and mapping between EPS bearer IDs and LCIDs for LTE
or NR (mainly PDCP for pushing data) is done in the Stack because
it has access to both.
The NAS also has a EPS bearer map but only knows about default and
dedicated bearers. It doesn't know on which logical channels they
are transmitted.
this patch mainly modernizes the bearer creation to use smart pointers.
that allows to simplify the error handling.
ue_stack is changed to match new interface. This commit compiles
but doesn't work.
when a lost PDU is detected a warning will be logged. In theory
this could be info as well but a warning may help to detect issues
in tests. The same event causes multiple other warnings to be logged,
which is very spammy. The patch reduces the log level for
those messages to info.
the patch is a re-implementation of the customer-specific optimization
we did in order to reduce the time the RLC holds the Tx mutex when
processing an incoming status PDU.
The patch makes sure to never operate on a raw mutex but instead
uses the deadlock-avoiding RAII lock.
before processing incoming status PDUs we should be checking
if the ACK_SN falls within our current Tx window. If not the PDU
will be dropped.
Without the check we were incorrectly processing the status PDU
and because the sequence number wrap around wasn't working
correctly if ACK_SN is smaller than vt_a we were corrupting
our Tx window.
the test verifies that the ACK_SN of a status PDU falls inside the
rx_window of the receiver. If not, than the RLC state has been
corrupted and the status PDU is likely invalid.
we had it returning int but had a bug in using the return value properly,
i.e. handling when -1 was returned in RLC TM.
Thinking about it more, it doesn't make sense to have a negative return
value here anyway. Either the RLC can return a PDU or not. If it can't the
returned lenght is zero.
when a small grant is provided it might not be possible to fit a full status
PDU. This is currently detected while packing the PDU.
In order to avoid sending potentiall contradicting status info to the sending
entity, the fix makes sure to only transmit a small PDU acking what really
has been received so far.
This might not be optimal in terms for retx but will not corrupt any
state.
it turned out that a certain order of events can lead to
a RLC transmitter stalling because even though unacknowledged PDUs
are queued, none of them was actually considered for retx.
This can happen if a pollRetxTimer expires for a SN that, meanwhile,
has already been acknowledged. The positive lead to the deletion of
the SN from the Tx window.
The fix makes sure that when a retx for a unexisting SN is requested,
the sender will consider the next unacknowledged SN instead.