This commit adds the .gemini/config.yaml file to configure the Gemini
code review tool. The configuration includes settings for review
severity, comment limits, and automated review triggers for pull
requests.
The packet verification script for Nexus test 1.1.7.1.4 failed
sporadically because Step 5 (ROUTER_1 multicast MLE Data Response)
was being searched starting from the cursor position after Step 4
(Leader's MLE Data Response and CoAP ACK).
Depending on the timing/non-determinism from entropy, ROUTER_1's
response could arrive before the Leader's packets, causing it to
be skipped when searching from the Step 4 cursor.
This change saves the cursor position after Step 3 and uses it as
the starting point for the Step 5 search, ensuring the packet is
found regardless of its order relative to the Step 4 packets.
This commit fixes an occasional failure in Nexus test 1.1.6.1.4
by introducing a controlled delay during the DUT attachment
process.
The test ensures the DUT picks a REED with better connectivity
as its parent. The failure was caused by a race condition where
the intended parent (router3) could upgrade from REED to active
router before the DUT completed its parent selection. This
resulted in the DUT attaching during the first Parent Request
(active routers only), rather than the second request (including
REEDs), which is required for specification compliance.
Changes:
- Added kParentSelectionTime constant (2000ms) to define the
expected parent selection window.
- Updated test_1_1_6_1_4.cpp to use AdvanceTime() with this
constant before allowing router3 to upgrade. This ensures
router3 remains a REED long enough for the DUT to send the
multicast Parent Request with the REED scan mask.
This commit adds Nexus test case 1.2.LP.5.3.4, which validates that a
Router (DUT) maintains a robust CSL connection with a Synchronized
Sleepy End Device (SSED) even when the SSED modifies its CSL Period.
The test verifies synchronization over multiple CSL period changes:
500ms -> 3300ms -> 400ms.
Changes:
- Added CSL period constants (500ms, 3300ms, 400ms) to shared utility
modules: tests/nexus/verify_utils.py (Python) and
tests/nexus/platform/nexus_utils.hpp (C++).
- Implemented tests/nexus/test_1_2_LP_5_3_4.cpp to execute the test
procedure, including topology formation, SSED attachment, and
triggering CSL period updates.
- Implemented tests/nexus/verify_1_2_LP_5_3_4.py to validate pcap
output, ensuring the DUT correctly buffers and relays ICMPv6 Echo
Requests and that SSED_1 does not send MAC Data Requests.
- Updated tests/nexus/CMakeLists.txt and tests/nexus/run_nexus_tests.sh
to integrate the new test into the build system and test runner.
This commit implements Nexus test 1.2.LP.5.3.3, which validates the
behavior when a Synchronized Sleepy End Device (SSED) becomes
unsynchronized.
The test verifies that:
- When a SSED is CSL synchronized, the parent (DUT) relays frames
using CSL transmission.
- When the SSED stops sending synchronization data polls and the CSL
connection times out, the parent falls back to indirect
transmission (buffering and waiting for a Data Request).
- Once the SSED resumes synchronization, the parent returns to using
CSL transmission.
Changes:
- Add test_1_2_LP_5_3_3.cpp to implement the test logic using the
Nexus simulation platform.
- Add verify_1_2_LP_5_3_3.py for automated packet verification,
ensuring frames are sent via CSL or indirect transmission as
appropriate.
- Register the new test in tests/nexus/CMakeLists.txt.
- Add the test to the default test list in
tests/nexus/run_nexus_tests.sh.
This commit updates the names of several message allocation methods in
`CoapBase` to `AllocateAndInit*()`. This change helps to clearly
differentiate these methods from the `NewPriorityMessage()` and
`NetMessage()` overloads, which only allocate a new `Message`.
In contrast, the `AllocateAndInit` methods allocate the message and
fully prepare it by initializing the CoAP header, appending the URI
path option, the payload marker, leaving it ready for the payload.
This change clarifies the design by explicitly indicating that these
methods perform extra setup work.
All calls to these methods throughout the codebase have been updated
to reflect the new names.
This commit introduces `DetermineRemainingDurationFrom(Time aNow)` to
the `Time` class. This method calculates the duration from a given
current time (`aNow`) to the `Time` instance, handling edge cases
where the target time is in the past by returning zero.
Several instances across the codebase (e.g., `Timer::Scheduler`,
`TcatAgent`, `Translator::Mapping`, `Srp::Server`) previously
duplicated this logic using manual checks and subtraction. They have
been updated to use this new centralized helper, improving
readability and reducing the likelihood of wrap-around or negative
duration bugs.
This commit adds Nexus test 1.2.LP.5.3.2 to validate that a Router
(DUT) can maintain a CSL connection with a Synchronized Sleepy End
Device (SSED) using various message types to trigger synchronization.
Changes:
- Implemented test_1_2_LP_5_3_2.cpp to simulate the topology of
Leader, Router (DUT), and SSED.
- Added descriptive constants (kMsPerSecond, kUsPerMs, kEchoId,
kCslWaitMultiplier) to test_1_2_LP_5_3_2.cpp to replace magic
numbers.
- Implemented verify_1_2_LP_5_3_2.py for pcap-based verification of
IEEE 802.15.4-2015 frames, CSL Information Elements, and timers.
- Updated test_1_2_LP_5_3_1.cpp to set CSL period and timeout
explicitly using stack APIs instead of the removed kAsSsed mode.
- Removed kAsSsed JoinMode from Nexus::Node in favor of explicit
CSL parameter configuration within test files.
- Added wpan.header_ie.csl.phase to verify_utils.py field mappings.
- Included the new test in CMakeLists.txt and run_nexus_tests.sh.
This commit refactors Nexus test 1.2.LP.5.3.1 to better align with
the specification and improves the robustness of the test logic and
verification script. It also removes the kAsSsed join mode to favor
explicit CSL configuration in tests.
Changes:
- Removed kAsSsed from Nexus::Node::JoinMode and Node::Join() to
encourage tests to manage CSL parameters explicitly.
- Updated test_1_2_LP_5_3_1.cpp to join as a regular SED first and
enable CSL after attachment. This matches the specification's
requirement to establish synchronization via Child Update Request.
- Introduced constants in test_1_2_LP_5_3_1.cpp for CSL period,
synchronization time, and other parameters to avoid magic numbers.
- Enhanced verify_1_2_LP_5_3_1.py with comprehensive checks for:
- MLE Child Update Request/Response exchange.
- IEEE 802.15.4-2015 frame versions.
- ICMPv6 Echo Request/Response forwarding through the Leader.
- Absence of MAC Data Requests after CSL synchronization.
- Fixed an issue in verify_1_2_LP_5_3_1.py where packet numbers
were not correctly handled in pkts.range().
This commit updates the object pool implementation to support dynamically
configured pool sizes without penalizing the memory footprint of
existing static usages.
A new `PoolBase` class is introduced to encapsulate the core linked-list
management logic (`Allocate()` and `Free()`), relying on a shared
`mFreeList`.
The existing `Pool` class is updated to inherit from `PoolBase`. It
retains its statically allocated `mPool` array, ensuring zero code-size
or RAM penalty for current users of fixed-size pools.
A new `ConfigPool` class is added, also inheriting from `PoolBase`.
This class allows a pool to be initialized at run-time with an
externally provided memory buffer (`mEntryArray`) and size
(`mNumEntries`). This enables future use cases where memory allocation
for pools can be provided dynamically by the system integrator.
This commit also includes unit tests for `ConfigPool` to verify its
allocation, deallocation, and initialization behavior.
This commit adds a new Nexus test case 1.2.LP.5.3.1 which validates
SSED attachment and CSL synchronization.
Changes:
- Added kAsSsed JoinMode to Nexus::Node platform to support joining
as a Synchronized Sleepy End Device with default CSL parameters.
- Implemented test_1_2_LP_5_3_1.cpp following the test specification
for SSED attachment.
- Implemented verify_1_2_LP_5_3_1.py to verify pcap output, ensuring
correct use of 802.15.4-2015 frames and CSL synchronization.
- Updated CMakeLists.txt and run_nexus_tests.sh to include the new
test in the Nexus test suite.
This commit implements CSL transmitter and receiver functionality in
the Nexus simulation platform. It enables the necessary OpenThread
configurations and provides the platform-level support for CSL.
It also implements the otPlatRadioGetNow platform API to provide a
high-resolution 64-bit microsecond time base, which is required for
accurate CSL timing and synchronization.
Changes:
- Added GetNowMicro64() to Nexus::Core to expose the raw 64-bit
microsecond timer.
- Implemented otPlatRadioGetNow() in nexus_radio.cpp.
- Enabled OPENTHREAD_CONFIG_MAC_CSL_RECEIVER_ENABLE and
OPENTHREAD_CONFIG_MAC_CSL_TRANSMITTER_ENABLE in Nexus config.
- Added otRadioContext to Nexus::Radio to track CSL parameters and
manage security material for radio operations.
- Implemented otPlatRadioEnableCsl, otPlatRadioResetCsl,
otPlatRadioUpdateCslSampleTime, and otPlatRadioGetCslAccuracy.
- Implemented otPlatRadioSetMacKey, otPlatRadioSetMacFrameCounter,
and otPlatRadioSetAlternateShortAddress to keep radio context
synchronized with OpenThread stack.
- Updated otPlatRadioSetExtendedAddress and otPlatRadioEnableCsl to
use AsCoreType for better readability and project conventions.
- Moved Radio member initializations to the initializer list in its
constructor.
- Refactored radio SFD processing: moved otMacFrameProcessTxSfd and
UpdateFcs from otPlatRadioTransmit (radio platform) to
Core::ProcessRadio (simulation engine), ensuring CSL IEs and
security headers are updated exactly when transmission starts.
- Enhanced Nexus::Core::ProcessRadio to support generating Enhanced
ACKs with CSL IEs for 802.15.4-2015 frames.
- Updated Nexus and fuzz build systems to include necessary Nexus
platform and utils headers/utilities.
This commit addresses a timeout issue reported by a fuzzer when
processing MAC frames with malformed Header IEs.
Specifically:
- In `FindPayloadIndex()`, added validation to ensure the returned
index does not exceed `kMaxPsduSize` (254). If the index exceeds
this value, it now returns `kInvalidIndex` (255). This prevents
callers from experiencing wrap-around issues when they cast the
result to `uint8_t`.
- In `GetHeaderIe()` and `GetThreadIe()`, changed the `index` and
`payloadIndex` variables from `uint8_t` to `uint16_t`. This
ensures that any increment during the loop does not wrap around,
which was a primary cause of the infinite loop.
- Updated the loop condition from `index <= payloadIndex` to
`index < payloadIndex`. Since `payloadIndex` points to the start
of the payload (the byte after the last Header IE), a strict
less-than comparison is correct and prevents the loop from
attempting to parse the payload itself as a Header IE.
These changes ensure robust parsing of IEEE 802.15.4 frames, even
when they contain unexpected or malformed Information Elements.
This commit adds lease and remaining lease information to the output
of `srp server host` and `srp server service` CLI commands.
The information includes:
- `lease`: The total lease time in seconds.
- `key-lease`: The total key lease time in seconds.
- `remaining lease`: The remaining lease time in seconds (with
millisecond precision).
- `remaining key-lease`: The remaining key lease time in seconds
(with millisecond precision).
A new utility method `OutputMsecDurationInSec()` is added to `Utils`
class to format durations in milliseconds as seconds with a
fractional part.
The SRP server host and service output parsers in
`tests/scripts/thread-cert/node.py`, `tests/toranj/cli/cli.py`, and
`tools/otci/otci/otci.py` are updated to correctly handle the new
fields for both active and deleted entries.
This commit addresses occasional failures in Nexus Test 1.1.9.2.9 by:
1. Increasing the wait time in Step 10 from 60s to 200s
(kAttachToRouterTime). This ensures Router 1 has enough time to
upgrade from a child to a router role after attaching to the new
partition formed by Router 2. The upgrade jitter can be up to 120s,
so the previous 60s wait was insufficient. An explicit check for the
Router role is also added.
2. Refactoring the verification script to handle out-of-order MLE
packets. Some steps involve a multicast response and a triggered
unicast request/response. The relative order of these packets is not
guaranteed in the simulation. Using save_index() and a new helper
function _verify_packet_in_group() allows searching for all required
packets from the same base index within a group while reducing code
duplication.
3. Improving the logic to advance the packet index after verifying a
group of out-of-order packets. The script now tracks the maximum
index found among all verified packets in a group to ensure no
packets are skipped in subsequent searches.
These changes make the test robust against timing variations and
jitter in the simulated environment.
This commit adds a new Nexus test `test_srp_lease` to verify the
behavior of the SRP server and client regarding lease expirations and
state updates. The test creates a network with an SRP server and
multiple client nodes that randomly perform various SRP operations
including registering, updating, unregistering, and removing services,
as well as abruptly disconnecting. The test then validates that the
SRP server correctly updates the host and service states, such as
marking them as deleted or fully removing them when their leases
expire or when explicitly requested by the clients.
This commit introduces an `Init()` method to the `Mac` class and
moves the invocation of `KeyManager::UpdateKeyMaterial()` from the
`Mac` constructor into this new method. `Mac::Init()` is then called
from `Instance::AfterInit()`, immediately after `KeyManager` is
initialized.
This ensures that `KeyManager` and other OpenThread core components
are fully constructed and properly initialized before attempting to
update the key material. The key material update interacts with
`SubMac` to configure the MAC keys. Performing this operation during
the `Mac` constructor phase can be problematic because the `KeyManager`
(under `OPENTHREAD_CONFIG_PLATFORM_KEY_REFERENCES_ENABLE`) may not be
fully initialized and ready yet.
This updates the TCAT CLI to use the configured 'vendor app URL' by default as the
TCAT Provisioning URL, instead of a dummy value. It also updates the max length of
this URL to the configured vendor app URL max length as agreed by JIRA BHC-769.
Also 2 related minor validation fixes in TCAT agent code.
Furthermore, the Get Provisioning URL TLV TCAT command is fixed to return status 'Unsupported'
in case the URL is not configured (null or zero-length), to comply to the spec.
This commit fixes a potential memory leak of the allocated `aHost`
object in `Server::CommitSrpUpdate()`.
Previously, when the granted key lease was zero (indicating a request
to remove the host), the code used `VerifyOrExit(existingHost != nullptr)`
before calling `aHost.Free()`. If `existingHost` was null (e.g., when
receiving a request to remove a non-existent host), the function
would exit early and skip freeing `aHost`, causing a memory leak.
This is updated to always call `aHost.Free()` when `grantedKeyLease`
is zero, ensuring the memory is freed regardless of whether
`existingHost` is null or not.
This commit updates `BorderAgent` to parse the provided extra vendor
TXT data (`otBorderAgentSetVendorTxtData()`) to check if the vendor
name (`vn`) and model (`mn`) keys are already present. If they are
absent, it would use and encode the values from `VendorInfo` into the
advertised TXT data. This harmonizes the use of `VendorInfo` values
across various modules, network diagnostics, and the `BorderAgent`
TXT data.
Note that this change only impacts the system when
`OPENTHREAD_CONFIG_BORDER_AGENT_MESHCOP_SERVICE_ENABLE` is enabled,
meaning the Border Agent itself directly manages the registration and
updating of the mDNS MeshCoP service.
The generated TXT data from `otBorderAgentGetMeshCoPServiceTxtData()`
remains unchanged. This API is intended for use cases where the
next-layer code manages the publishing of the mDNS MeshCoP service,
and as documented, the TXT data from this API does not include any
vendor-specific information.
This commit updates `test_border_agent` to validate the newly
added behavior.
This commit simplifies multicast address management within `Netif` by
merging the `ExternalMulticastAddress` class directly into the base
`MulticastAddress` class. The `otNetifMulticastAddress` structure is
updated to include `mAddressOrigin` and an opaque `mData` field.
The `mData` field is utilized to track the Multicast Listener
Registration (MLR) state when the `OPENTHREAD_CONFIG_MLR_ENABLE`
feature is enabled.
By consolidating these types, we eliminate the need for separate
internal and external multicast address iteration logic in
`MlrManager`, streamlining MLR subscription checks and updates.
Additionally, this provides a more unified way to track the origin of
multicast addresses natively.
This commit implements the otPlatAlarmMicro* platform APIs in the
Nexus simulation environment. It also transitions the simulation's
internal time base from millisecond to microsecond granularity to
ensure that both millisecond and microsecond alarms operate on a
consistent and shared time reference.
Changes include:
- Enabled OPENTHREAD_CONFIG_PLATFORM_USEC_TIMER_ENABLE in Nexus config.
- Updated Nexus::Core to use a 64-bit microsecond time base (mNow).
- Implemented otPlatAlarmMicroGetNow, otPlatAlarmMicroStartAt, and
otPlatAlarmMicroStop.
- Refactored Nexus::Node to support separate millisecond and
microsecond alarm instances (mAlarmMilli and mAlarmMicro).
- Updated radio timestamps and PCAP logging to use the new high-
resolution microsecond time base.
- Adjusted simulation time advancement and alarm triggering logic to
handle both alarm types correctly.
This commit enables channel-based filtering in Nexus simulation tests
by exporting node channel information and enhancing the pktverify
library to extract and use it.
Simulation Core:
- Export each node's PAN channel to the test JSON metadata in
nexus_core.cpp.
Pktverify Library:
- Update packet.py to extract channel information from 'wpan-tap' or
'wpan_tap' layers and normalize it into 'wpan.channel'.
- Update consts.py and layer_fields.py to support the new TAP layers
and their channel fields.
- Enhance NullField to be callable and iterable, and update Bytes
comparison to handle NullField, preventing script crashes when
accessing missing layers or fields.
Verification Utilities:
- Automatically load channel information from test JSON into
verification variables (e.g., {NODE_NAME}_CHANNEL).
Test Updates:
- Stabilize 1.1.9.2.14 by using channel-based filtering instead of
relying solely on RLOC16s.
- Update 1.1.9.2.17 and 1.1.9.2.8 to use the normalized
'wpan.channel' field instead of direct 'wpan_tap' access.
The MeshCoP::Timestamp class does not have a default constructor that
clears its members. When a Timestamp object is declared on the stack,
its members (seconds, ticks, and authoritative bit) contain garbage.
The SetSeconds() and SetTicks() methods only update their respective
fields and do not touch the authoritative bit. If the authoritative
bit happens to be set from stack garbage, the timestamp may be
incorrectly considered greater than another valid timestamp.
This caused intermittent failures in Nexus test 1.1.9.2.4 and others,
where a MGMT_ACTIVE_SET.req with an old timestamp was incorrectly
accepted by the Leader instead of being rejected.
This commit adds explicit Clear() calls to all MeshCoP::Timestamp
declarations in the affected Nexus tests to ensure they are properly
initialized.
This commit adds `MatchesKey()` method to `Dns::TxtEntry` class to
check if the entry's key matches a given key string using a
case-insensitive string comparison.
The new method properly handles the case where the entry's key is
`nullptr` (which can happen when the key is longer than the
recommended max length). It simplifies the TXT entry parsing logic in
`BorderAgent` and `Trel::PeerDiscoverer`.
The unit tests for `Dns::TxtEntry` are also updated to verify the new
method.
This commit updates the DNS name compression setting to be a
per-instance property rather than a global static variable.
The `otDnsSetNameCompressionEnabled()` and
`otDnsIsNameCompressionEnabled()` C APIs are updated to take an
`otInstance` pointer. Internally, the `Instance` class now uses the
`mDnsNameCompressionEnabled` member variable instead of the static
`sDnsNameCompressionEnabled`.
Additionally, this commit enforces that DNS name compression cannot
be disabled when the OpenThread mDNS module is active. The
`otDnsSetNameCompressionEnabled()` function now returns an `otError`
and will return `OT_ERROR_NOT_CAPABLE` if a user attempts to disable
compression while mDNS is enabled. When the mDNS module is enabled,
it automatically sets name compression to true.
The CLI command and related documentation are updated to reflect
these changes.
This commit moves all methods belonging to the `CoapBase::PendingRequests`
class into a dedicated section in `coap.cpp`. Recent PRs #12421 and #12527
introduced this class and shifted many methods into it, but kept them in
their original file locations to maintain reviewable `git` diffs. This
update completes the reorganization for better code structure without
any functional changes.
This commit renames all nexus test files and updates corresponding
configuration and source files to include a '1_1_' prefix.
The '1_1' prefix represents the Thread 1.1 test plan. This change
prepares the nexus test suite for the addition of tests from the
Thread 1.2, 1.3, and 1.4 test plans, ensuring a clear and organized
structure for multi-version specification testing.
Changes include:
- Renaming test_<num>.cpp to test_1_1_<num>.cpp.
- Renaming verify_<num>.py to verify_1_1_<num>.py.
- Updating CMakeLists.txt to reflect new test names.
- Updating run_nexus_tests.sh for default tests and variants.
- Updating hardcoded JSON output filenames in C++ test sources.
- Updating testcase name identification in Python verification
scripts.
This fixes the issue that the CLI CoAP server application was not
sending a Block1 option in its final 2.04 response for PUT/POST
methods. The CoAP CLI code is restructured to be more generic,
i.e. allow for NON-confirmable blockwise transfers as well as prepare
for a (future) update that supports the use of Block1/Block2
simultaneously in a POST transaction. Current code is updated to send
5.01 Not Implemented in case an (external) CoAP client would attempt
POST with both Block options together.
The number of returned blocks for this (demo) CLI is also raised to 3,
the minimum to see a start block, middle block and final block; which
is more useful for testing.
Closes#12559
This commit addresses several issues in the Nexus verification scripts
to improve test reliability and prevent runtime errors.
- Fixed a TypeError caused by NullField in MLE command checks. When
p.mle.cmd returns a NullField, it is unhashable and fails when checked
against a set or list (e.g., 'p.mle.cmd in { ... }'). A truthiness
check for p.mle.cmd was added to verify_5_6_4.py, verify_5_6_5.py,
verify_6_2_2.py, and verify_7_1_5.py.
- Improved verify_6_2_2.py robustness:
- Wrapped must_not_next() checks within 'with pkts.save_index()' to
ensure the packet iterator remains at the correct position after
verifying the absence of specific messages.
- Refactored MLE command filtering into a helper function for better
readability and consistency.
- Updated connectivity checks to allow filtering by ROUTER_1_RLOC16
and specifically look for WPAN Data Requests.
- Cleaned up verify_5_6_4.py by replacing the explicit 'nullField'
comparison with a more idiomatic truthiness check.
This commit addresses an intermittent failure in Nexus test 9.2.6
where Step 18 (MGMT_PENDING_SET.req) was occasionally not found.
The failure occurred because the verification script started
searching for the MGMT_PENDING_SET.req packet from index12. In the
simulated Nexus environment, packet capture order from different
nodes can occasionally vary slightly when events occur at nearly
the same simulation time.
The fix expands the search range by starting from index9 (the
Leader's initial update), ensuring that the MGMT_PENDING_SET.req
packet is correctly identified regardless of minor capture order
variations. Since the URI is unique to this part of the test, this
remains a precise filter.
Additionally, this change ensures the global packet index moves
forward correctly by taking the maximum of all relevant child
filter indices.
This commit introduces new helper methods in the `Tmf::Agent` class
(`SendMessageTo()`, `SendMessageToRloc()`, `SendMessageToLeaderAloc()`,
and `SendMessageAllowMulticastLoop()`) to simplify the transmission of
TMF messages.
Previously, callers of `Tmf::Agent::SendMessage()` were required to
manually configure a `Tmf::MessageInfo` object with the appropriate
socket and peer address information before sending a message. This led
to repetitive code across the various modules utilizing TMF.
By incorporating these address resolution and message info preparation
steps directly into `Tmf::Agent`, this change significantly reduces
boilerplate code. All existing calls to `SendMessage()` have been
updated to use the new flavors.
This commit increases the kMergeWaitTime from 300 to 350 seconds in
Nexus test 5.5.4.1.
Detailed analysis of debug logs during intermittent failures showed
that the MLE partition merge process could take up to 250 seconds in
some scenarios, leaving very little margin with the previous 300-second
timeout. Increasing the timeout to 350 seconds provides a more robust
buffer for the network to stabilize and for partitions to merge before
the final connectivity verification.
The fix was verified by running 200 consecutive iterations of the test
without any failures.
This commit fixes an intermittent failure in Nexus test 5.6.6 by ensuring
that the OnMeshPrefixConfig object is properly initialized before use.
The OnMeshPrefixConfig object is declared on the stack and, if not
explicitly cleared, may contain garbage values in its bit-fields (such
as mDhcp or mPreference). This can cause the subsequent call to
AddOnMeshPrefix() to fail its IsValid() check, resulting in a
kErrorInvalidArgs error and a test failure.
Changes:
- Call config.Clear() after declaring the OnMeshPrefixConfig object
in tests/nexus/test_5_6_6.cpp to ensure all fields are initialized
to zero.
This aligns the test implementation with other Nexus tests and improves
the robustness of the test suite in simulation environments.
Verified to pass in the Nexus simulation environment.
This commit removes the certification test scripts in
tests/scripts/thread-cert/ that have been successfully migrated to
the Nexus test framework.
The following tests were migrated and are now available as Nexus
tests under tests/nexus/:
- 5.8.2, 5.8.3, 5.8.4
- 9.2.1 through 9.2.19
Migrating these tests to Nexus provides faster execution, better
reliability, and easier debugging compared to the old
simulation-based scripts.
This commit fixes an intermittent failure in Nexus test 9.2.14 caused by RLOC16 conflicts between independent partitions in the simulation.
When two independent partitions occasionally share the same RLOC16, the packet verification script could incorrectly match a MGMT_PANID_CONFLICT response from the wrong network, leading to out-of-order matching and PacketNotFound errors.
The fix adds a filter to the MGMT_PANID_CONFLICT verification steps to ensure the Channel Mask TLV matches the specific conflict being reported (Channel 20). This uniquely identifies the correct packet even if RLOC16s overlap.
Implementation details:
- tests/nexus/verify_9_2_14.py: Added filtering for the exact Channel Mask TLV value using a defined `CONFLICTING_CHANNEL_MASK` bytes constant in Step 3 and 5.
- Fixed a type mismatch by converting the constant to a `bytes` object and added documentation for the big-endian channel bitmask mapping.
The fix has been verified with 200 successful test runs in the Nexus simulation environment.
Update `Publisher::Entry::UpdateState()` to support quickly removing
a published entry when the desired number of entries is explicitly
set to zero. In this case, we bypass the random removal delay and
remove the entry immediately. This situation helps with SRP/DNS
unicast entries, where if any service data unicast or anycast entry
is seen, we set the desired number to zero and want to quickly
remove any previously added server data unicast entry.
This commit adds Nexus test case 9.2.12 which verifies that networks
on different channels and having different PAN IDs can merge using
the MLE Announce command.
Implementation details:
- tests/nexus/test_9_2_12.cpp: C++ test execution logic. Implements
the 9.2.12 spec using direct core calls. Configures two distinct
partitions with different PAN IDs and channels, then triggers
an MLE Announce process via the Commissioner to merge them.
- tests/nexus/verify_9_2_12.py: PCAP verification script. Verifies
MGMT_ANNOUNCE_BEGIN.ntf, multi-channel MLE Announces, and MLE
Child ID Requests during re-attachment. Includes verification of
MLE layer security and Key Identifier Mode for Announce messages.
- tests/nexus/verify_utils.py: Added support for MLE auxiliary
security header fields in pktverify.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_12 target.
- tests/nexus/run_nexus_tests.sh: Added 9_2_12 to default test list.
This commit adds Nexus test case 9.2.19 which verifies that the DUT
can properly get Pending Operational Dataset parameters using the
MGMT_PENDING_GET.req command.
It also addresses review comments and improves the robustness of IPv6
address verification across several Nexus tests.
Implementation details:
- tests/nexus/test_9_2_19.cpp: Implemented the test procedure. Fixed
incorrectly escaped newline characters.
- tests/nexus/test_9_2_3.cpp: Fixed incorrectly escaped newline
characters.
- tests/nexus/verify_utils.py: Added a robust helper function
'is_leader_aloc_or_rloc' using the 'ipaddress' module to identify
Leader ALOC and RLOC addresses by their IID.
- tests/nexus/verify_9_2_19.py, tests/nexus/verify_9_2_3.py,
tests/nexus/verify_9_2_5.py: Replaced fragile string-slicing and
duplicated code with the shared helper in 'verify_utils.py'.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_19 target.
- tests/nexus/run_nexus_tests.sh: Added 9_2_19 to the test list.
The tests have been verified to pass in the Nexus simulation
environment.
This commit adds Nexus test 9.2.9 which verifies synchronization of
Pending Operational Datasets when two network partitions merge.
The implementation covers:
- Formation of a single partition with Commissioner, Leader, and two
Routers in a LINE topology.
- Initial Pending Operational Dataset configuration via Commissioner.
- Partition split using RF isolation and subsequent dataset updates
in both partitions.
- Verification of dataset synchronization (Active and Pending) during
partition merge per Thread specification 8.4.3.5.
- Validation of network connectivity (ICMPv6 Echo) after synchronization.
Implementation details:
- tests/nexus/test_9_2_9.cpp: C++ test execution logic. Implements the
36-step test specification using direct core calls. Uses a LINE
topology and adjusted timing parameters for partition stability.
- tests/nexus/verify_9_2_9.py: Python pcap verification script. Uses
non-linear searching to handle interleaved post-merge updates and
detailed TLV-level verification for MLE and CoAP messages.
- tests/nexus/verify_utils.py: Updated meshcop timestamp parsing to
support multiple occurrences in a single packet.
- tests/nexus/verify_9_2_11.py: Updated to match timestamp parsing
changes in verify_utils.py.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_9 target.
- tests/nexus/run_nexus_tests.sh: Added 9_2_9 to default test list.
This commit adds a new Nexus test case 9.2.18 that verifies the
rollback of the Active Timestamp via the Pending Operational Dataset
when a new Network Master Key is included.
Changes include:
- Implementation of test 9.2.18 in C++ using direct method calls.
- Implementation of verification script for 9.2.18 in Python.
- Extension of Nexus Core to support exporting multiple network keys.
- Update to verification utilities to handle multiple network keys.
- Addition of test 9.2.18 to the default Nexus test list.
- Fixes to Commissioner and Leader initialization in the Nexus test.
- Addition of AddNetworkKey() to Core to register keys for export.
- Update to SaveTestInfo() to export 'network_keys' list in JSON.
- Robust handling of multiple decryption keys in verify_utils.py.
This commit fixes improper argument usage for SPINEL_DATATYPE_DATA_WLEN_S,
SPINEL_DATATYPE_DATA_S, SPINEL_DATATYPE_EUI64_S, and SPINEL_DATATYPE_UTF8_S
in Logger::LogSpinelFrame.
Key changes:
- Use pointer-to-pointer for data and unsigned int pointer for length
when using spinel_datatype_unpack with data types.
- Switch to spinel_datatype_unpack_in_place() when unpacking into local
buffers or structures (e.g., for EUI-64 addresses and MAC keys).
- Remove redundant length arguments for SPINEL_DATATYPE_UTF8_S.
- Refactor SPINEL_PROP_RCP_MAC_KEY to use otMacKey and in-place unpacking.
These fixes prevent potential crashes, stack corruption, and incorrect
data parsing in the Spinel logging utility.
This commit adds Nexus test case 9.2.17 which verifies the behavior of
an orphaned end device as it searches for a new parent using MLE
Announce messages.
Implementation details:
- tests/nexus/test_9_2_17.cpp: C++ test execution logic. Implements the
3-node topology (Leader_1, Leader_2, ED_1) using direct method calls.
Manages RF isolation by manipulating the Mac Filter AllowList. Sets
log level to note. Uses MED mode for the DUT to enable MLE Announce
behavior. Also explicitly sets the channel mask for Leader_2 for
robustness.
- tests/nexus/verify_9_2_17.py: PCAP verification script. Verifies
initial MLE Advertisements on separate channels, DUT sending MLE
Parent Requests on the primary channel, followed by MLE Announce
on the secondary channel. Verifies Leader_2 sending MLE Announce on
the primary channel and DUT successfully attaching to Leader_2.
- tests/nexus/run_nexus_tests.sh: Added 9_2_17 to default test list.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_17 target.
- Included full test specification as inline comments in both C++ and
Python code.
This commit fixes the problem where OpenThread mDNS responder always
sends responses to port 5353, ignoring the source port of the query.
According to RFC 6762, a mDNS responder should support one-shot
multicast DNS queries by sending the response to the source address
and source port of the query.
Changes:
- Captured the actual source port from incoming queries in Simulation
and POSIX platforms.
- Updated otPlatMdnsSendUnicast in Simulation platform to use the
provided destination port.
- Verified that legacy unicast responses correctly cap TTL to 10
seconds as required by RFC 6762 section 6.7.
This commit adds Nexus test 9.2.16 which verifies synchronization of
Active and Pending Operational Datasets between nodes during attach.
The test case implementation covers:
- Formation of a network with Commissioner, Leader, and Router_1.
- Initial attachment of Router_2 (DUT) to synchronization datasets.
- Dataset updates (Pending and Active) via Commissioner while DUT is
powered down, including PAN ID and Mesh-Local Prefix changes.
- Verification that DUT synchronizes both datasets correctly upon
reattaching to the network with a new PAN ID.
- Validation of network connectivity (ICMPv6 Echo) after the dataset
migration and reattachment.
Implementation details:
- tests/nexus/test_9_2_16.cpp: C++ test execution using direct method
calls. Sets log level to note. Uses AllowList for topology control.
- tests/nexus/verify_9_2_16.py: Python pcap verification script.
Implements robust filtering for CoAP and MLE messages.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_16 target.
- tests/nexus/run_nexus_tests.sh: Added 9_2_16 to default test list.
This commit adds Nexus test case 9.2.13 which verifies that the Thread
device properly accepts and processes Energy Scan Requests and sends
the corresponding Energy Scan Reports.
Implementation details:
- tests/nexus/test_9_2_13.cpp: C++ test execution logic. Implements
the 9.2.13 spec using direct core calls. Manages two separate
networks (Network 1 on channel 11 and Network 2 on channel 12).
Configures a topology with Leader, Commissioner, Router, and FED
nodes in Network 1, and Leader and SED nodes in Network 2.
- tests/nexus/verify_9_2_13.py: PCAP verification script. Verifies
unicast and multicast MGMT_ED_SCAN.qry messages and the resulting
MGMT_ED_REPORT.ans responses. Uses strict CoAP URI path and ICMPv6
type filtering.
- tests/nexus/platform/nexus_core.hpp/cpp: Added an optional leader
node parameter to SaveTestInfo() to allow specifying which network
partition information (like Network Key and Mesh-Local Prefix)
should be exported to the JSON file for verification. This ensures
correct packet dissection in multi-partition test scenarios.
- tests/nexus/run_nexus_tests.sh: Added 9_2_13 to default test list.
- tests/nexus/CMakeLists.txt: Added nexus_9_2_13 target.
Jonathan Hui