Verification¶
Test cases verifying requirements. Each test directive
:verifies: one or more req parents (or building-block /
architecture parents on arc42-structured pages).
ID |
Title |
Status |
Verifies |
|---|---|---|---|
ExponentialBackoff invariants |
open |
||
ConnectorHealth state-machine transitions |
open |
||
MqttRouting wildcard demux predicate |
open |
||
ChannelDescriptor validation |
open |
||
JsonCodec round-trip property test |
open |
||
Codec encode error on undersized buffer |
open |
||
Codec decode error propagation |
open |
||
ChannelWriter → ChannelReader round-trip |
open |
||
Sequence-number monotonicity |
open |
||
Timestamp populated at send |
open |
||
Correlation ID round-trip |
open |
||
Per-channel size — 4 KB, 64 KB, 1 MB |
open |
||
Payload-overflow rejection |
open |
||
Service naming derived from descriptor |
open |
||
QoS 0 round-trip |
open |
||
QoS 1 round-trip |
open |
||
Retained-message publish + subscribe |
open |
||
Wildcard subscription with `+` |
open |
||
Wildcard subscription with `#` |
open |
||
Username/password authentication |
open |
||
TLS connection (developer-machine only) |
open |
||
Reconnect after broker bounce |
open |
||
HealthEvent emitted on every transition |
open |
||
Outbound bridge saturation → BackPressure |
open |
||
Inbound bridge saturation → DroppedInbound |
open |
||
In-process gateway smoke |
open |
||
Separate-process gateway smoke |
open |
||
SIGINT clean exit within 5-second budget |
open |
||
No control-plane envelopes flow |
open |
||
Bridge handoff under arbitrary interleaving |
open |
||
Health state-machine under concurrent updates |
open |
||
Zero allocations in steady-state dispatch |
open |
||
Cap exhaustion and oversize alloc both fail-closed |
open |
||
Steady-state cap behaviour under burst |
open |
||
lock() then alloc panics |
open |
||
Counter accuracy |
open |
||
Concurrent alloc/dealloc safety smoke |
open |
||
Histogram percentile accuracy |
open |
||
Per-task max jitter under synthetic period violation |
open |
||
Overrun counter increments exactly per overrun cycle |
open |
||
Push and pull stat paths agree |
open |
||
Allocation-free telemetry update |
open |
||
EthercatConnector trait surface |
open |
||
EthercatRouting field round-trip |
open |
||
Single MainDevice per gateway instance |
open |
||
Bus reaches OP before traffic accepted |
open |
||
Static PDO map accepted from options |
open |
||
PDO mapping applied during PRE-OP to SAFE-OP |
open |
||
Cycle time configurable |
open |
||
Missed ticks are skipped not queued |
open |
||
Distributed Clocks bring-up is opt-in |
open |
||
Up requires OP and matching working counter |
open |
||
Working-counter mismatch transitions to Degraded |
open |
||
Tokio sidecar contained inside connector crate |
open |
||
Bridge channels are bounded with configurable capacity |
open |
||
Outbound bridge saturation surfaces as BackPressure |
open |
||
Inbound bridge saturation surfaces as DroppedInbound |
open |
||
Gateway opens raw socket on Linux with CAP_NET_RAW |
open |
||
PDI bit-slice byte-aligned round-trip |
open |
||
PDI bit-slice unaligned round-trip |
open |
||
Adjacent PDI bit slices do not interfere |
open |
||
Per-channel routing registry has stable iteration order |
open |
||
Outbound end-to-end (plugin send → PDI slice via mock) |
open |
||
Inbound end-to-end (PDI slice via mock → plugin recv) |
open |
||
Loopback round-trip (plugin → mock → plugin) |
open |
||
Harness builds and runs on Linux non-RT |
open |
||
NDJSON schema validation |
open |
||
Harness telemetry agrees with stats_snapshot |
open |
||
ZenohRouting field validation |
open |
||
ZenohConnector implements Connector with ZenohRouting |
open |
||
Pub/sub end-to-end against MockZenohSession |
open |
||
Query round-trip against MockZenohSession |
open |
REQ_0420; REQ_0421; REQ_0422; REQ_0423; REQ_0424; REQ_0426; REQ_0427 |
|
Codec failure paths for queries |
open |
||
Outbound bridge saturation surfaces as BackPressure |
open |
||
Inbound bridge saturation surfaces as DroppedInbound |
open |
||
Query timeout emits 0x03 terminator |
open |
||
Health state machine on MockZenohSession lifecycle |
implemented |
||
REQ_0441 anti-req — no ReconnectPolicy on session loss |
implemented |
||
zenoh-integration feature gates the real zenoh dep |
implemented |
||
Cross-platform support |
implemented |
||
Two-peer real session pub/sub |
draft |
||
Client-mode router smoke |
draft |
||
Tokio sidecar contained inside taktora-connector-zenoh |
implemented |
||
parse() accepts a representative Beckhoff EL3001 ESI |
open |
||
Parser compiles under no_std + alloc |
open |
||
Parser is independent of ethercrab |
open |
||
Vendor-specific elements survive as RawXml |
open |
||
Parse errors carry line and column |
open |
||
Name sanitisation handles ESI naming edge cases |
open |
||
Revision collision produces distinct idents |
open |
||
PDO entry dedup collapses structurally identical layouts |
open |
||
TokenStream emission, not string formatting |
open |
||
EL3001 backend output snapshot |
open |
||
Generated registry covers every emitted device |
open |
||
Generated module compiles under no_std + alloc |
open |
||
Backend is the sole ethercrab consumer in the toolchain |
open |
||
Object-dictionary emission gated by feature flag |
open |
||
EsiDevice trait shape compiles for a hand-written device |
open |
||
EsiConfigurable async trait shape compiles |
open |
||
ethercat-esi-rt is the trait home, not taktora-internal |
open |
||
Builder writes a parseable Rust file to OUT_DIR |
open |
||
cargo rerun-if-changed emitted per ESI input |
open |
||
Output passes prettyplease formatting |
open |
||
cargo esi expand emits a single device's code |
open |
||
cargo esi list enumerates devices |
open |
||
CLI output matches build helper output byte-for-byte |
open |
||
Verifier passes on matching ESI + SII pair |
open |
||
Verifier reports the differing field |
open |
||
Verifier reuses ethercat-esi parser |
open |
||
Verifier exit codes follow the documented matrix |
open |
||
Repeated codegen runs produce byte-identical output |
open |
||
Input-file ordering does not affect output |
open |
||
Layering integrity check (Cargo.toml audit) |
open |
||
CanConnector trait surface |
open |
||
CanRouting field round-trip |
open |
||
Classical CAN round-trip via MockCanInterface |
open |
||
CAN-FD round-trip via MockCanInterface |
open |
||
Per-iface filter union |
open |
||
Multi-iface inbound demux |
open |
||
Bus-off → Down → ReconnectPolicy reopen |
open |
||
error-passive → Degraded → recovery |
open |
||
Tokio sidecar contained inside taktora-connector-can |
open |
||
Outbound bridge saturation surfaces as BackPressure |
open |
||
Inbound bridge saturation surfaces as DroppedInbound |
open |
||
socketcan-integration feature gates the real socketcan dep |
implemented |
||
Linux raw-socket smoke against vcan0 |
implemented |
||
Error frames not exposed to plugin |
open |
||
Per-iface routing registry has stable iteration order |
open |
||
Identity, DictEntry, PdoEntry round-trip |
open |
||
fieldbus-od-core has no transport deps |
open |
||
fieldbus-od-core compiles under no_std + alloc |
open |
||
ethercat-esi re-exports lifted types |
open |
||
parse() accepts a representative Maxon EPOS4 EDS |
open |
||
Parser compiles under no_std + alloc |
open |
||
Parser is independent of codegen and transport |
open |
||
Unknown sections survive as RawSection |
open |
||
Parse errors carry line and column |
open |
||
Liberal-quirk parsing emits warnings without failing |
open |
||
Name sanitisation handles EDS naming edge cases |
open |
||
Revision collision produces distinct idents |
open |
||
PDO entry dedup collapses structurally identical layouts |
open |
||
TokenStream emission, not string formatting |
open |
||
One EDS file equals one device |
open |
||
EPOS4 backend output snapshot |
open |
||
Generated registry covers every emitted device |
open |
||
Generated module compiles under no_std + alloc |
open |
||
Backend is the sole canopen-eds-rt consumer in the toolchain |
open |
||
Object-dictionary emission gated by feature flag |
open |
||
Dummy entries skipped in PDO struct fields |
open |
||
Bring-up SDO writes emitted from EDS |
open |
||
CanOpenDevice trait shape compiles for a hand-written device |
open |
||
CanOpenConfigurable async trait shape compiles |
open |
||
canopen-eds-rt is the trait home, not taktora-internal |
open |
||
PdoOut payload uses heapless::Vec<u8, 8> |
open |
||
RPDO rejected outside Operational state |
open |
||
Builder writes a parseable Rust file to OUT_DIR |
open |
||
cargo rerun-if-changed emitted per EDS input |
open |
||
Output passes prettyplease formatting |
open |
||
Parser warnings surface as cargo:warning lines |
open |
||
cargo eds expand emits a single device's code |
open |
||
cargo eds list enumerates devices |
open |
||
CLI output matches build helper output byte-for-byte |
open |
||
Verifier passes on matching EDS + dump pair |
open |
||
Verifier reports the differing field |
open |
||
Verifier reuses canopen-eds parser |
open |
||
Verifier exit codes follow the documented matrix |
open |
||
Verifier rejects unknown schema version |
open |
||
Repeated codegen runs produce byte-identical output |
open |
||
Input-file ordering does not affect output |
open |
||
Layering integrity check (Cargo.toml audit) |
open |