From e0944aa24b9b41686c311f2f844b8101bc21e92b Mon Sep 17 00:00:00 2001
From: luis_pereira87 <lpereira@allbesmart.pt>
Date: Tue, 7 Dec 2021 11:40:24 +0000
Subject: [PATCH] Fix Msg4 segmentation fault when UE_id is invalid and reset
ul_failure when UE reconnects using C-RNTI
---
openair2/LAYER2/NR_MAC_COMMON/nr_mac_common.h | 13 +++++++++----
openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_RA.c | 6 ------
openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_ulsch.c | 14 ++++++++++++++
openair2/RRC/NR/L2_nr_interface.c | 14 ++++++++++++++
4 files changed, 37 insertions(+), 10 deletions(-)
diff --git a/openair2/LAYER2/NR_MAC_COMMON/nr_mac_common.h b/openair2/LAYER2/NR_MAC_COMMON/nr_mac_common.h
index ced29f066f1..8182e1c9308 100644
--- a/openair2/LAYER2/NR_MAC_COMMON/nr_mac_common.h
+++ b/openair2/LAYER2/NR_MAC_COMMON/nr_mac_common.h
@@ -192,8 +192,13 @@ uint8_t get_transformPrecoding(const NR_BWP_UplinkCommon_t *initialUplinkBWP,
uint8_t configuredGrant);
void nr_mac_gNB_rrc_ul_failure(const module_id_t Mod_instP,
- const int CC_idP,
- const frame_t frameP,
- const sub_frame_t subframeP,
- const rnti_t rntiP) ;
+ const int CC_idP,
+ const frame_t frameP,
+ const sub_frame_t subframeP,
+ const rnti_t rntiP);
+
+void nr_mac_gNB_rrc_ul_failure_reset(const module_id_t Mod_instP,
+ const frame_t frameP,
+ const sub_frame_t subframeP,
+ const rnti_t rntiP);
#endif
diff --git a/openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_RA.c b/openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_RA.c
index 9b489f06e68..25aeea70a6d 100644
--- a/openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_RA.c
+++ b/openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_RA.c
@@ -1412,12 +1412,6 @@ void nr_generate_Msg4(module_id_t module_idP, int CC_id, frame_t frameP, sub_fra
}
int UE_id = find_nr_UE_id(module_idP, ra->rnti);
- if (UE_id < 0) {
- mac_remove_nr_ue(module_idP, tc_rnti);
- nr_clear_ra_proc(module_idP, CC_id, frameP, ra);
- return;
- }
-
NR_UE_info_t *UE_info = &nr_mac->UE_info;
NR_UE_sched_ctrl_t *sched_ctrl = &UE_info->UE_sched_ctrl[UE_id];
diff --git a/openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_ulsch.c b/openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_ulsch.c
index d14cf09f999..0af77a6b3c9 100644
--- a/openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_ulsch.c
+++ b/openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_ulsch.c
@@ -822,6 +822,20 @@ void nr_rx_sdu(const module_id_t gnb_mod_idP,
ra->state = Msg4;
ra->Msg4_frame = (frameP + 2) % 1024;
ra->Msg4_slot = 1;
+
+ if (ra->msg3_dcch_dtch) {
+ // Check if the C-RNTI still exists in the network
+ int UE_id_C = find_nr_UE_id(gnb_mod_idP, ra->crnti);
+ if (UE_id_C < 0) {
+ mac_remove_nr_ue(gnb_mod_idP, ra->rnti);
+ nr_clear_ra_proc(gnb_mod_idP, CC_idP, frameP, ra);
+ return;
+ } else {
+ UE_info->UE_sched_ctrl[UE_id_C].pusch_consecutive_dtx_cnt = 0;
+ UE_info->UE_sched_ctrl[UE_id_C].ul_failure = 0;
+ nr_mac_gNB_rrc_ul_failure_reset(gnb_mod_idP, frameP, slotP, ra->crnti);
+ }
+ }
LOG_I(NR_MAC, "Scheduling RA-Msg4 for TC_RNTI 0x%04x (state %d, frame %d, slot %d)\n",
(ra->msg3_dcch_dtch?ra->crnti:ra->rnti), ra->state, ra->Msg4_frame, ra->Msg4_slot);
}
diff --git a/openair2/RRC/NR/L2_nr_interface.c b/openair2/RRC/NR/L2_nr_interface.c
index 9cef23a6c51..d781cb7e9bf 100644
--- a/openair2/RRC/NR/L2_nr_interface.c
+++ b/openair2/RRC/NR/L2_nr_interface.c
@@ -383,3 +383,17 @@ void nr_mac_gNB_rrc_ul_failure(const module_id_t Mod_instP,
LOG_D(RRC,"Frame %d, Subframe %d: UL failure: UE %x unknown \n",frameP,subframeP,rntiP);
}
}
+
+void nr_mac_gNB_rrc_ul_failure_reset(const module_id_t Mod_instP,
+ const frame_t frameP,
+ const sub_frame_t subframeP,
+ const rnti_t rntiP) {
+ struct rrc_gNB_ue_context_s *ue_context_p = NULL;
+ ue_context_p = rrc_gNB_get_ue_context(RC.nrrrc[Mod_instP], rntiP);
+ if (ue_context_p != NULL) {
+ LOG_W(RRC,"Frame %d, Subframe %d: UE %x UL failure reset, deactivating timer\n",frameP,subframeP,rntiP);
+ ue_context_p->ue_context.ul_failure_timer=0;
+ } else {
+ LOG_W(RRC,"Frame %d, Subframe %d: UL failure reset: UE %x unknown \n",frameP,subframeP,rntiP);
+ }
+}
--
GitLab