├── test ├── cbmc │ ├── proofs │ │ ├── lib │ │ │ ├── __init__.py │ │ │ ├── print_tool_versions.py │ │ │ └── summarize.py │ │ ├── MQTTAgent_Init │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgent_Init_harness.c │ │ ├── MQTTAgent_Ping │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgent_Ping_harness.c │ │ ├── MQTTAgentCommand_Ping │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgentCommand_Ping_harness.c │ │ ├── MQTTAgent_CancelAll │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── README.md │ │ │ ├── MQTTAgent_CancelAll_harness.c │ │ │ └── Makefile │ │ ├── MQTTAgent_CommandLoop │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── MQTTAgent_CommandLoop_harness.c │ │ │ ├── README.md │ │ │ └── Makefile │ │ ├── MQTTAgent_Connect │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgent_Connect_harness.c │ │ ├── MQTTAgent_Disconnect │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── README.md │ │ │ ├── Makefile │ │ │ └── MQTTAgent_Disconnect_harness.c │ │ ├── MQTTAgent_ProcessLoop │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgent_ProcessLoop_harness.c │ │ ├── MQTTAgent_Publish │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgent_Publish_harness.c │ │ ├── MQTTAgent_Subscribe │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgent_Subscribe_harness.c │ │ ├── MQTTAgent_Terminate │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgent_Terminate_harness.c │ │ ├── MQTTAgent_Unsubscribe │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgent_Unsubscribe_harness.c │ │ ├── MQTTAgentCommand_Connect │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgentCommand_Connect_harness.c │ │ ├── MQTTAgentCommand_Publish │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgentCommand_Publish_harness.c │ │ ├── MQTTAgentCommand_Subscribe │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgentCommand_Subscribe_harness.c │ │ ├── MQTTAgentCommand_Terminate │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── README.md │ │ │ ├── Makefile │ │ │ └── MQTTAgentCommand_Terminate_harness.c │ │ ├── MQTTAgent_ResumeSession │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── README.md │ │ │ ├── MQTTAgent_ResumeSession_harness.c │ │ │ └── Makefile │ │ ├── MQTTAgentCommand_Disconnect │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgentCommand_Disconnect_harness.c │ │ ├── MQTTAgentCommand_ProcessLoop │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgentCommand_ProcessLoop_harness.c │ │ ├── MQTTAgentCommand_Unsubscribe │ │ │ ├── cbmc-proof.txt │ │ │ ├── cbmc-viewer.json │ │ │ ├── Makefile │ │ │ ├── README.md │ │ │ └── MQTTAgentCommand_Unsubscribe_harness.c │ │ ├── Makefile-project-targets │ │ ├── Makefile-project-testing │ │ ├── Makefile-template-defines │ │ ├── README.md │ │ └── Makefile-project-defines │ ├── include │ │ ├── core_mqtt_agent_config.h │ │ ├── README.md │ │ ├── get_time_stub.h │ │ ├── incoming_publish_callback_stub.h │ │ ├── agent_message_stubs.h │ │ ├── network_interface_stubs.h │ │ ├── agent_command_pool_stubs.h │ │ ├── core_mqtt_config.h │ │ └── mqtt_agent_cbmc_state.h │ ├── sources │ │ └── README.md │ ├── stubs │ │ ├── README.md │ │ ├── agent_command_pool_stubs.c │ │ ├── incoming_publish_callback_stub.c │ │ ├── get_time_stub.c │ │ ├── agent_message_stubs.c │ │ └── network_interface_stubs.c │ └── .gitignore ├── unit-test │ ├── config │ │ └── core_mqtt_agent_config.h │ ├── cmock_opaque_types.h │ ├── cmock_build.cmake │ ├── logging │ │ └── logging_levels.h │ └── CMakeLists.txt └── CMakeLists.txt ├── .gitmodules ├── CODE_OF_CONDUCT.md ├── manifest.yml ├── cspell.config.yaml ├── mqttAgentFilePaths.cmake ├── .github ├── pull_request_template.md ├── memory_statistics_config.json ├── workflows │ └── doxygen.yml ├── .cSpellWords.txt └── CONTRIBUTING.md ├── tools ├── cmock │ ├── project.yml │ └── coverage.cmake └── coverity │ └── misra.config ├── LICENSE ├── docs └── doxygen │ ├── include │ └── size_table.md │ └── style.css ├── CHANGELOG.md ├── MISRA.md └── source └── include ├── core_mqtt_agent_config_defaults.h └── core_mqtt_agent_default_logging.h /test/cbmc/proofs/lib/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Init/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Ping/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Ping/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_CancelAll/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_CommandLoop/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Connect/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Disconnect/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_ProcessLoop/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Publish/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Subscribe/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Terminate/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Unsubscribe/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Connect/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Publish/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Subscribe/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Terminate/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_ResumeSession/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Disconnect/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_ProcessLoop/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Unsubscribe/cbmc-proof.txt: -------------------------------------------------------------------------------- 1 | # This file marks this directory as containing a CBMC proof. 2 | -------------------------------------------------------------------------------- /test/cbmc/include/core_mqtt_agent_config.h: -------------------------------------------------------------------------------- 1 | /* An empty config file for the CBMC proofs to compile with the default 2 | * definitions of configuration macros. */ 3 | -------------------------------------------------------------------------------- /test/unit-test/config/core_mqtt_agent_config.h: -------------------------------------------------------------------------------- 1 | /* An empty config file for the unit test to compile with the default 2 | * definitions of configuration macros. */ 3 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Init/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgent_Init", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Ping/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgent_Ping", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Connect/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgent_Connect", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Publish/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgent_Publish", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Ping/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgentCommand_Ping", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_CancelAll/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgent_CancelAll", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_CommandLoop/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgent_CommandLoop", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Disconnect/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgent_Disconnect", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_ProcessLoop/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgent_ProcessLoop", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Subscribe/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgent_Subscribe", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Terminate/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgent_Terminate", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Unsubscribe/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgent_Unsubscribe", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_ResumeSession/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgent_ResumeSession", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Connect/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgentCommand_Connect", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Publish/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgentCommand_Publish", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Subscribe/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgentCommand_Subscribe", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Terminate/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgentCommand_Terminate", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Disconnect/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgentCommand_Disconnect", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_ProcessLoop/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgentCommand_ProcessLoop", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Unsubscribe/cbmc-viewer.json: -------------------------------------------------------------------------------- 1 | { "expected-missing-functions": 2 | [ 3 | 4 | ], 5 | "proof-name": "MQTTAgentCommand_Unsubscribe", 6 | "proof-root": "test/cbmc/proofs" 7 | } 8 | -------------------------------------------------------------------------------- /test/cbmc/sources/README.md: -------------------------------------------------------------------------------- 1 | CBMC proof source code 2 | ====================== 3 | 4 | This directory contains source code written for CBMC proofs. It is 5 | common to write some code to model aspects of the system under test, 6 | and this code goes here. 7 | -------------------------------------------------------------------------------- /test/cbmc/include/README.md: -------------------------------------------------------------------------------- 1 | CBMC proof include files 2 | ======================== 3 | 4 | This directory contains include files written for CBMC proof. It is 5 | common to write some code to model aspects of the system under test, 6 | and the header files for this code go here. 7 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "source/dependency/coreMQTT"] 2 | path = source/dependency/coreMQTT 3 | url = https://github.com/FreeRTOS/coreMQTT.git 4 | [submodule "test/unit-test/CMock"] 5 | path = test/unit-test/CMock 6 | url = https://github.com/ThrowTheSwitch/CMock.git 7 | update = none 8 | -------------------------------------------------------------------------------- /test/cbmc/stubs/README.md: -------------------------------------------------------------------------------- 1 | CBMC proof stubs 2 | ====================== 3 | 4 | This directory contains the stubs written for CBMC proofs. It is 5 | common to stub out functionality like network send and receive methods 6 | when writing a CBMC proof, and the code for these stubs goes here. 7 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | ## Code of Conduct 2 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 3 | For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 4 | opensource-codeofconduct@amazon.com with any additional questions or comments. 5 | -------------------------------------------------------------------------------- /test/cbmc/.gitignore: -------------------------------------------------------------------------------- 1 | # Emitted when running CBMC proofs 2 | proofs/**/logs 3 | proofs/**/gotos 4 | proofs/**/report 5 | proofs/**/html 6 | proofs/output 7 | 8 | # Emitted by CBMC Viewer 9 | TAGS-* 10 | 11 | # Emitted by Arpa 12 | arpa_cmake/ 13 | arpa-validation-logs/ 14 | Makefile.arpa 15 | 16 | # Emitted by litani 17 | .ninja_deps 18 | .ninja_log 19 | .litani_cache_dir 20 | 21 | # These files should be overwritten whenever prepare.py runs 22 | cbmc-batch.yaml 23 | 24 | __pycache__/ 25 | -------------------------------------------------------------------------------- /test/cbmc/proofs/Makefile-project-targets: -------------------------------------------------------------------------------- 1 | # -*- mode: makefile -*- 2 | # The first line sets the emacs major mode to Makefile 3 | 4 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 5 | # SPDX-License-Identifier: MIT-0 6 | 7 | ################################################################ 8 | # Use this file to give project-specific targets, including targets 9 | # that may depend on targets defined in Makefile.common. 10 | ################################################################ 11 | -------------------------------------------------------------------------------- /test/cbmc/proofs/Makefile-project-testing: -------------------------------------------------------------------------------- 1 | # -*- mode: makefile -*- 2 | # The first line sets the emacs major mode to Makefile 3 | 4 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 5 | # SPDX-License-Identifier: MIT-0 6 | 7 | ################################################################ 8 | # Use this file to define project-specific targets and definitions for 9 | # unit testing or continuous integration that may depend on targets 10 | # defined in Makefile.common 11 | ################################################################ 12 | -------------------------------------------------------------------------------- /test/cbmc/proofs/Makefile-template-defines: -------------------------------------------------------------------------------- 1 | PROOF_ROOT ?= $(abspath .) 2 | 3 | # Absolute path to the root of the source tree. 4 | # 5 | SRCDIR ?= $(abspath $(PROOF_ROOT)/../../..) 6 | 7 | 8 | # Absolute path to the litani script. 9 | # 10 | LITANI ?= litani 11 | 12 | 13 | 14 | # Name of this proof project, displayed in proof reports. For example, 15 | # "s2n" or "Amazon FreeRTOS". For projects with multiple proof roots, 16 | # this may be overridden on the command-line to Make, for example 17 | # 18 | # make PROJECT_NAME="FreeRTOS MQTT" report 19 | # 20 | PROJECT_NAME = "coreMQTT-Agent" 21 | 22 | -------------------------------------------------------------------------------- /manifest.yml: -------------------------------------------------------------------------------- 1 | name : "coreMQTT Agent" 2 | version: "v1.3.1+" 3 | description: | 4 | "Agent for thread-safe use of coreMQTT.\n" 5 | license: "MIT" 6 | dependencies: 7 | - name : "coreMQTT" 8 | version: "86a5750bb31e05fa69ef3f4e2f5e69d9317fae44" 9 | license: "MIT" 10 | repository: 11 | type: "git" 12 | url: "https://github.com/FreeRTOS/coreMQTT/" 13 | path: source/dependency/coreMQTT 14 | 15 | - name: "CMock" 16 | version: "v2.5.3" 17 | license: "MIT" 18 | repository: 19 | type: "git" 20 | url: " https://github.com/ThrowTheSwitch/CMock.git" 21 | path: "test/unit-test/CMock" 22 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Init/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgent_Init_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgent_Init 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | 19 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 20 | 21 | include ../Makefile.common 22 | -------------------------------------------------------------------------------- /cspell.config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | $schema: https://raw.githubusercontent.com/streetsidesoftware/cspell/main/cspell.schema.json 3 | version: '0.2' 4 | # Allows things like stringLength 5 | allowCompoundWords: true 6 | useGitignore: true 7 | # Could split this up? And do a dictionary for each repo? 8 | # But feel like if this isn't super slow 9 | # That having just one single dictionary might be nicer? 10 | dictionaryDefinitions: 11 | - name: freertos-words 12 | path: '.github/.cSpellWords.txt' 13 | addWords: true 14 | dictionaries: 15 | - freertos-words 16 | ignorePaths: 17 | - 'node_modules' 18 | - '.cSpellWords.txt' 19 | - 'dependency' 20 | - 'docs' 21 | - 'ThirdParty' 22 | 23 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Ping/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgentCommand_Ping_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgentCommand_Ping 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent_command_functions.c 19 | 20 | include ../Makefile.common 21 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Publish/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgentCommand_Publish_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgentCommand_Publish 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent_command_functions.c 19 | 20 | include ../Makefile.common 21 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Disconnect/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgentCommand_Disconnect_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgentCommand_Disconnect 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent_command_functions.c 19 | 20 | include ../Makefile.common 21 | -------------------------------------------------------------------------------- /mqttAgentFilePaths.cmake: -------------------------------------------------------------------------------- 1 | # This file is to add source files and include directories 2 | # into variables so that it can be reused from different repositories 3 | # in their Cmake based build system by including this file. 4 | # 5 | # Files specific to the repository such as test runner, platform tests 6 | # are not added to the variables. 7 | 8 | 9 | # MQTT Agent library Public Include directories. 10 | set( MQTT_AGENT_INCLUDE_PUBLIC_DIRS 11 | "${CMAKE_CURRENT_LIST_DIR}/source/include" ) 12 | 13 | # MQTT Agent library source files. 14 | set( MQTT_AGENT_SOURCES 15 | "${CMAKE_CURRENT_LIST_DIR}/source/core_mqtt_agent.c" 16 | "${CMAKE_CURRENT_LIST_DIR}/source/core_mqtt_agent_command_functions.c" ) 17 | 18 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_ProcessLoop/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgentCommand_ProcessLoop_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgentCommand_ProcessLoop 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent_command_functions.c 19 | 20 | include ../Makefile.common 21 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Connect/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgentCommand_Connect_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgentCommand_Connect 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 19 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent_command_functions.c 20 | 21 | include ../Makefile.common 22 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Subscribe/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgentCommand_Subscribe_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgentCommand_Subscribe 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 19 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent_command_functions.c 20 | 21 | include ../Makefile.common 22 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Unsubscribe/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgentCommand_Unsubscribe_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgentCommand_Unsubscribe 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 19 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent_command_functions.c 20 | 21 | include ../Makefile.common 22 | -------------------------------------------------------------------------------- /.github/pull_request_template.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | Description 4 | ----------- 5 | 6 | 7 | Test Steps 8 | ----------- 9 | 10 | 11 | Checklist: 12 | ---------- 13 | 14 | 15 | - [ ] I have tested my changes. No regression in existing tests. 16 | - [ ] I have modified and/or added unit-tests to cover the code changes in this Pull Request. 17 | 18 | Related Issue 19 | ----------- 20 | 21 | 22 | By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. 23 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Init/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgent_Init proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgent_Init. 5 | 6 | To run the proof. 7 | ------------- 8 | 9 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 10 | to your path. 11 | * Run `make`. 12 | * Open html/index.html in a web browser. 13 | 14 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 15 | ------------- 16 | 17 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 18 | * Use Makefile.arpa as the starting point for your proof Makefile by: 19 | 1. Modifying Makefile.arpa (if required). 20 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 21 | -------------------------------------------------------------------------------- /tools/cmock/project.yml: -------------------------------------------------------------------------------- 1 | # Taken from amazon-freertos repository 2 | :cmock: 3 | :mock_prefix: mock_ 4 | :when_no_prototypes: :warn 5 | :enforce_strict_ordering: TRUE 6 | :plugins: 7 | - :ignore 8 | - :ignore_arg 9 | - :expect_any_args 10 | - :array 11 | - :callback 12 | - :return_thru_ptr 13 | :callback_include_count: true # include a count arg when calling the callback 14 | :callback_after_arg_check: false # check arguments before calling the callback 15 | :treat_as: 16 | uint8: HEX8 17 | uint16: HEX16 18 | uint32: UINT32 19 | int8: INT8 20 | bool: UINT8 21 | :includes: # This will add these includes to each mock. 22 | - 23 | - 24 | :includes_c_post_header: 25 | - 26 | :treat_externs: :exclude # Now the extern-ed functions will be mocked. 27 | :treat_externs: :include 28 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Disconnect/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgent_Disconnect proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgent_Disconnect. 5 | 6 | To run the proof. 7 | ------------- 8 | 9 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 10 | to your path. 11 | * Run `make`. 12 | * Open html/index.html in a web browser. 13 | 14 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 15 | ------------- 16 | 17 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 18 | * Use Makefile.arpa as the starting point for your proof Makefile by: 19 | 1. Modifying Makefile.arpa (if required). 20 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 21 | -------------------------------------------------------------------------------- /.github/memory_statistics_config.json: -------------------------------------------------------------------------------- 1 | { 2 | "lib_name": "coreMQTT Agent", 3 | "src": [ 4 | "source/core_mqtt_agent.c", 5 | "source/core_mqtt_agent_command_functions.c", 6 | { 7 | "file": "source/dependency/coreMQTT/source/core_mqtt.c", 8 | "tag": "coreMQTT" 9 | }, 10 | { 11 | "file": "source/dependency/coreMQTT/source/core_mqtt_state.c", 12 | "tag": "coreMQTT" 13 | }, 14 | { 15 | "file": "source/dependency/coreMQTT/source/core_mqtt_serializer.c", 16 | "tag": "coreMQTT" 17 | } 18 | ], 19 | "include": [ 20 | "source/include", 21 | "source/dependency/coreMQTT/source/include", 22 | "source/dependency/coreMQTT/source/interface" 23 | ], 24 | "compiler_flags": [ 25 | "MQTT_DO_NOT_USE_CUSTOM_CONFIG", 26 | "MQTT_AGENT_DO_NOT_USE_CUSTOM_CONFIG" 27 | ] 28 | } 29 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_CancelAll/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgent_CancelAll proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgent_CancelAll. 5 | 6 | The proof runs within 3 minutes on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgent_CancelAll() 8 | 9 | To run the proof. 10 | ------------- 11 | 12 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 13 | to your path. 14 | * Run `make`. 15 | * Open html/index.html in a web browser. 16 | 17 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 18 | ------------- 19 | 20 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 21 | * Use Makefile.arpa as the starting point for your proof Makefile by: 22 | 1. Modifying Makefile.arpa (if required). 23 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 24 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Ping/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgentCommand_Ping proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgentCommand_Ping. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgentCommand_Ping() 8 | 9 | To run the proof. 10 | ------------- 11 | 12 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 13 | to your path. 14 | * Run `make`. 15 | * Open html/index.html in a web browser. 16 | 17 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 18 | ------------- 19 | 20 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 21 | * Use Makefile.arpa as the starting point for your proof Makefile by: 22 | 1. Modifying Makefile.arpa (if required). 23 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 24 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Connect/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgentCommand_Connect proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgentCommand_Connect. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgentCommand_Connect() 8 | 9 | To run the proof. 10 | ------------- 11 | 12 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 13 | to your path. 14 | * Run `make`. 15 | * Open html/index.html in a web browser. 16 | 17 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 18 | ------------- 19 | 20 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 21 | * Use Makefile.arpa as the starting point for your proof Makefile by: 22 | 1. Modifying Makefile.arpa (if required). 23 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 24 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Publish/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgentCommand_Publish proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgentCommand_Publish. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgentCommand_Publish() 8 | 9 | To run the proof. 10 | ------------- 11 | 12 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 13 | to your path. 14 | * Run `make`. 15 | * Open html/index.html in a web browser. 16 | 17 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 18 | ------------- 19 | 20 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 21 | * Use Makefile.arpa as the starting point for your proof Makefile by: 22 | 1. Modifying Makefile.arpa (if required). 23 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 24 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Subscribe/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgentCommand_Subscribe proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgentCommand_Subscribe. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgentCommand_Subscribe() 8 | 9 | To run the proof. 10 | ------------- 11 | 12 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 13 | to your path. 14 | * Run `make`. 15 | * Open html/index.html in a web browser. 16 | 17 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 18 | ------------- 19 | 20 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 21 | * Use Makefile.arpa as the starting point for your proof Makefile by: 22 | 1. Modifying Makefile.arpa (if required). 23 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 24 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Terminate/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgentCommand_Terminate proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgentCommand_Terminate. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgentCommand_Terminate() 8 | 9 | To run the proof. 10 | ------------- 11 | 12 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 13 | to your path. 14 | * Run `make`. 15 | * Open html/index.html in a web browser. 16 | 17 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 18 | ------------- 19 | 20 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 21 | * Use Makefile.arpa as the starting point for your proof Makefile by: 22 | 1. Modifying Makefile.arpa (if required). 23 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 24 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Disconnect/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgentCommand_Disconnect proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgentCommand_Disconnect. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgentCommand_Disconnect() 8 | 9 | To run the proof. 10 | ------------- 11 | 12 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 13 | to your path. 14 | * Run `make`. 15 | * Open html/index.html in a web browser. 16 | 17 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 18 | ------------- 19 | 20 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 21 | * Use Makefile.arpa as the starting point for your proof Makefile by: 22 | 1. Modifying Makefile.arpa (if required). 23 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 24 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_ProcessLoop/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgentCommand_ProcessLoop proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgentCommand_ProcessLoop. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgentCommand_ProcessLoop() 8 | 9 | To run the proof. 10 | ------------- 11 | 12 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 13 | to your path. 14 | * Run `make`. 15 | * Open html/index.html in a web browser. 16 | 17 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 18 | ------------- 19 | 20 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 21 | * Use Makefile.arpa as the starting point for your proof Makefile by: 22 | 1. Modifying Makefile.arpa (if required). 23 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 24 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Unsubscribe/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgentCommand_Unsubscribe proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgentCommand_Unsubscribe. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgentCommand_Unsubscribe() 8 | 9 | To run the proof. 10 | ------------- 11 | 12 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 13 | to your path. 14 | * Run `make`. 15 | * Open html/index.html in a web browser. 16 | 17 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 18 | ------------- 19 | 20 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 21 | * Use Makefile.arpa as the starting point for your proof Makefile by: 22 | 1. Modifying Makefile.arpa (if required). 23 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 24 | -------------------------------------------------------------------------------- /.github/workflows/doxygen.yml: -------------------------------------------------------------------------------- 1 | name: Doxygen Generation 2 | on: 3 | push: 4 | branches: [main] 5 | workflow_dispatch: 6 | jobs: 7 | doxygen-generation: 8 | runs-on: ubuntu-latest 9 | steps: 10 | - name: Doxygen generation 11 | uses: FreeRTOS/CI-CD-Github-Actions/doxygen-generation@main 12 | with: 13 | generate_command: | 14 | # generate coreMQTT docs 15 | git submodule update --init --checkout source/dependency/coreMQTT 16 | cd source/dependency/coreMQTT 17 | doxygen docs/doxygen/config.doxyfile 2>&1 | tee doxyoutput.txt 18 | cd ../../.. 19 | # generate coreMQTT-Agent docs 20 | ( cat docs/doxygen/config.doxyfile; 21 | echo "TAGFILES = source/dependency/coreMQTT/docs/doxygen/output/mqtt.tag=coreMQTT" 22 | ) | doxygen - 2>&1 | tee -a doxyoutput.txt 23 | mv source/dependency/coreMQTT/docs/doxygen/output/html docs/doxygen/output/html/coreMQTT 24 | if [ "$(wc -c < doxyoutput.txt | bc)" = "0" ]; then exit 0; else exit 1; fi 25 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy 4 | of this software and associated documentation files (the "Software"), to deal 5 | in the Software without restriction, including without limitation the rights 6 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 7 | copies of the Software, and to permit persons to whom the Software is 8 | furnished to do so, subject to the following conditions: 9 | 10 | The above copyright notice and this permission notice shall be included in all 11 | copies or substantial portions of the Software. 12 | 13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 14 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 16 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 17 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 18 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 19 | SOFTWARE. 20 | -------------------------------------------------------------------------------- /test/cbmc/proofs/README.md: -------------------------------------------------------------------------------- 1 | CBMC proofs 2 | =========== 3 | 4 | This directory contains the CBMC proofs. Each proof is in its own 5 | directory. 6 | 7 | This directory includes four Makefiles. 8 | 9 | One Makefile describes the basic workflow for building and running proofs: 10 | 11 | * Makefile.common: 12 | * make: builds the goto binary, does the cbmc property checking 13 | and coverage checking, and builds the final report. 14 | * make goto: builds the goto binary 15 | * make result: does cbmc property checking 16 | * make coverage: does cbmc coverage checking 17 | * make report: builds the final report 18 | 19 | Three included Makefiles describe project-specific settings and can override 20 | definitions in Makefile.common: 21 | 22 | * Makefile-project-defines: definitions like compiler flags 23 | required to build the goto binaries, and definitions to override 24 | definitions in Makefile.common. 25 | * Makefile-project-targets: other make targets needed for the project 26 | * Makefile-project-testing: other definitions and targets needed for 27 | unit testing or continuous integration. 28 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Ping/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgent_Ping_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgent_Ping 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 19 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/network_interface_stubs.c 20 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/incoming_publish_callback_stub.c 21 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/get_time_stub.c 22 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_pool_stubs.c 23 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_message_stubs.c 24 | 25 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 26 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt.c 27 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt_serializer.c 28 | 29 | include ../Makefile.common 30 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Connect/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgent_Connect_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgent_Connect 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 19 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/network_interface_stubs.c 20 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/incoming_publish_callback_stub.c 21 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/get_time_stub.c 22 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_pool_stubs.c 23 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_message_stubs.c 24 | 25 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 26 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt.c 27 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt_serializer.c 28 | 29 | include ../Makefile.common 30 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Publish/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgent_Publish_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgent_Publish 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 19 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/network_interface_stubs.c 20 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/incoming_publish_callback_stub.c 21 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/get_time_stub.c 22 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_pool_stubs.c 23 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_message_stubs.c 24 | 25 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 26 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt.c 27 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt_serializer.c 28 | 29 | include ../Makefile.common 30 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Disconnect/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgent_Disconnect_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgent_Disconnect 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 19 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/network_interface_stubs.c 20 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/incoming_publish_callback_stub.c 21 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/get_time_stub.c 22 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_pool_stubs.c 23 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_message_stubs.c 24 | 25 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 26 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt.c 27 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt_serializer.c 28 | 29 | include ../Makefile.common 30 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Subscribe/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgent_Subscribe_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgent_Subscribe 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 19 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/network_interface_stubs.c 20 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/incoming_publish_callback_stub.c 21 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/get_time_stub.c 22 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_pool_stubs.c 23 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_message_stubs.c 24 | 25 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 26 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt.c 27 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt_serializer.c 28 | 29 | include ../Makefile.common 30 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Terminate/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgent_Terminate_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgent_Terminate 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 19 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/network_interface_stubs.c 20 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/incoming_publish_callback_stub.c 21 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/get_time_stub.c 22 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_pool_stubs.c 23 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_message_stubs.c 24 | 25 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 26 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt.c 27 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt_serializer.c 28 | 29 | include ../Makefile.common 30 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Unsubscribe/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgent_Unsubscribe_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgent_Unsubscribe 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 19 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/network_interface_stubs.c 20 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/incoming_publish_callback_stub.c 21 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/get_time_stub.c 22 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_pool_stubs.c 23 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_message_stubs.c 24 | 25 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 26 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt.c 27 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt_serializer.c 28 | 29 | include ../Makefile.common 30 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_ProcessLoop/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgent_ProcessLoop_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgent_ProcessLoop 10 | 11 | DEFINES += 12 | INCLUDES += 13 | 14 | REMOVE_FUNCTION_BODY += 15 | UNWINDSET += 16 | 17 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 18 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 19 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/network_interface_stubs.c 20 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/incoming_publish_callback_stub.c 21 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/get_time_stub.c 22 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_pool_stubs.c 23 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_message_stubs.c 24 | 25 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 26 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt.c 27 | PROJECT_SOURCES += $(SRCDIR)/source/dependency/coreMQTT/source/core_mqtt_serializer.c 28 | 29 | 30 | include ../Makefile.common 31 | -------------------------------------------------------------------------------- /docs/doxygen/include/size_table.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 |
Code Size of coreMQTT Agent (example generated with GCC for ARM Cortex-M)
File
With -O1 Optimization
With -Os Optimization
core_mqtt_agent.c
1.7K
1.5K
core_mqtt_agent_command_functions.c
0.3K
0.2K
core_mqtt.c (coreMQTT)
4.9K
4.2K
core_mqtt_state.c (coreMQTT)
1.7K
1.3K
core_mqtt_serializer.c (coreMQTT)
2.9K
2.3K
Total estimates
11.5K
9.5K
41 | -------------------------------------------------------------------------------- /test/cbmc/proofs/Makefile-project-defines: -------------------------------------------------------------------------------- 1 | # -*- mode: makefile -*- 2 | # The first line sets the emacs major mode to Makefile 3 | 4 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 5 | # SPDX-License-Identifier: MIT-0 6 | 7 | ################################################################ 8 | # Use this file to give project-specific definitions of the command 9 | # line arguments to pass to CBMC tools like goto-cc to build the goto 10 | # binaries and cbmc to do the property and coverage checking. 11 | # 12 | # Use this file to override most default definitions of variables in 13 | # Makefile.common. 14 | ################################################################ 15 | 16 | # Flags to pass to goto-cc for compilation (typically those passed to gcc -c) 17 | COMPILE_FLAGS += -fPIC 18 | COMPILE_FLAGS += -std=gnu90 19 | 20 | # Flags to pass to goto-cc for linking (typically those passed to gcc) 21 | # LINK_FLAGS = 22 | 23 | # Preprocessor include paths -I... 24 | INCLUDES += -I$(SRCDIR)/test/cbmc/include 25 | INCLUDES += -I$(SRCDIR)/source/include 26 | INCLUDES += -I$(SRCDIR)/source/dependency/coreMQTT/source/include 27 | INCLUDES += -I$(SRCDIR)/source/dependency/coreMQTT/source/interface 28 | 29 | # Preprocessor definitions -D... 30 | # DEFINES = 31 | 32 | # Path to arpa executable 33 | # ARPA = 34 | 35 | # Flags to pass to cmake for building the project 36 | # ARPA_CMAKE_FLAGS = 37 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Connect/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgent_Connect proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgent_Connect. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgent_Connect() 8 | * MQTTAgent_Init() 9 | * addCommandToQueue() 10 | * createAndAddCommand() 11 | * validateStruct() 12 | 13 | For this proof, stubs are used for the implementation of functions in the following interfaces and 14 | function types. Since the implementation for these functions will be provided by the applications, 15 | the proof only will require stubs. 16 | * MQTTAgentMessageInterface_t 17 | * TransportInterface_t 18 | * MQTTGetCurrentTimeFunc_t 19 | * MQTTAgentIncomingPublishCallback_t 20 | 21 | To run the proof. 22 | ------------- 23 | 24 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 25 | to your path. 26 | * Run `make`. 27 | * Open html/index.html in a web browser. 28 | 29 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 30 | ------------- 31 | 32 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 33 | * Use Makefile.arpa as the starting point for your proof Makefile by: 34 | 1. Modifying Makefile.arpa (if required). 35 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 36 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Terminate/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgent_Terminate proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgent_Terminate. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgent_Terminate() 8 | * MQTTAgent_Init() 9 | * addCommandToQueue() 10 | * createAndAddCommand() 11 | * validateStruct() 12 | 13 | For this proof, stubs are used for the implementation of functions in the following interfaces and 14 | function types. Since the implementation for these functions will be provided by the applications, 15 | the proof only will require stubs. 16 | * MQTTAgentMessageInterface_t 17 | * TransportInterface_t 18 | * MQTTGetCurrentTimeFunc_t 19 | * MQTTAgentIncomingPublishCallback_t 20 | 21 | To run the proof. 22 | ------------- 23 | 24 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 25 | to your path. 26 | * Run `make`. 27 | * Open html/index.html in a web browser. 28 | 29 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 30 | ------------- 31 | 32 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 33 | * Use Makefile.arpa as the starting point for your proof Makefile by: 34 | 1. Modifying Makefile.arpa (if required). 35 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 36 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Ping/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgent_Ping proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgent_Ping. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgent_Ping() 8 | * MQTTAgent_Init() 9 | * addCommandToQueue() 10 | * createAndAddCommand() 11 | * validateStruct() 12 | * isSpaceInPendingAckList() 13 | 14 | For this proof, stubs are used for the implementation of functions in the following interfaces and 15 | function types. Since the implementation for these functions will be provided by the applications, 16 | the proof only will require stubs. 17 | * MQTTAgentMessageInterface_t 18 | * TransportInterface_t 19 | * MQTTGetCurrentTimeFunc_t 20 | * MQTTAgentIncomingPublishCallback_t 21 | 22 | To run the proof. 23 | ------------- 24 | 25 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 26 | to your path. 27 | * Run `make`. 28 | * Open html/index.html in a web browser. 29 | 30 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 31 | ------------- 32 | 33 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 34 | * Use Makefile.arpa as the starting point for your proof Makefile by: 35 | 1. Modifying Makefile.arpa (if required). 36 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 37 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Publish/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgent_Publish proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgent_Publish. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgent_Publish() 8 | * MQTTAgent_Init() 9 | * addCommandToQueue() 10 | * createAndAddCommand() 11 | * validateStruct() 12 | * isSpaceInPendingAckList() 13 | 14 | For this proof, stubs are used for the implementation of functions in the following interfaces and 15 | function types. Since the implementation for these functions will be provided by the applications, 16 | the proof only will require stubs. 17 | * MQTTAgentMessageInterface_t 18 | * TransportInterface_t 19 | * MQTTGetCurrentTimeFunc_t 20 | * MQTTAgentIncomingPublishCallback_t 21 | 22 | To run the proof. 23 | ------------- 24 | 25 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 26 | to your path. 27 | * Run `make`. 28 | * Open html/index.html in a web browser. 29 | 30 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 31 | ------------- 32 | 33 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 34 | * Use Makefile.arpa as the starting point for your proof Makefile by: 35 | 1. Modifying Makefile.arpa (if required). 36 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 37 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Subscribe/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgent_Subscribe proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgent_Subscribe. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgent_Subscribe() 8 | * MQTTAgent_Init() 9 | * addCommandToQueue() 10 | * createAndAddCommand() 11 | * validateStruct() 12 | * isSpaceInPendingAckList() 13 | 14 | For this proof, stubs are used for the implementation of functions in the following interfaces and 15 | function types. Since the implementation for these functions will be provided by the applications, 16 | the proof only will require stubs. 17 | * MQTTAgentMessageInterface_t 18 | * TransportInterface_t 19 | * MQTTGetCurrentTimeFunc_t 20 | * MQTTAgentIncomingPublishCallback_t 21 | 22 | To run the proof. 23 | ------------- 24 | 25 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 26 | to your path. 27 | * Run `make`. 28 | * Open html/index.html in a web browser. 29 | 30 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 31 | ------------- 32 | 33 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 34 | * Use Makefile.arpa as the starting point for your proof Makefile by: 35 | 1. Modifying Makefile.arpa (if required). 36 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 37 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_ProcessLoop/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgent_ProcessLoop proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgent_ProcessLoop. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgent_ProcessLoop() 8 | * MQTTAgent_Init() 9 | * addCommandToQueue() 10 | * createAndAddCommand() 11 | * validateStruct() 12 | * isSpaceInPendingAckList() 13 | 14 | For this proof, stubs are used for the implementation of functions in the following interfaces and 15 | function types. Since the implementation for these functions will be provided by the applications, 16 | the proof only will require stubs. 17 | * MQTTAgentMessageInterface_t 18 | * TransportInterface_t 19 | * MQTTGetCurrentTimeFunc_t 20 | * MQTTAgentIncomingPublishCallback_t 21 | 22 | To run the proof. 23 | ------------- 24 | 25 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 26 | to your path. 27 | * Run `make`. 28 | * Open html/index.html in a web browser. 29 | 30 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 31 | ------------- 32 | 33 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 34 | * Use Makefile.arpa as the starting point for your proof Makefile by: 35 | 1. Modifying Makefile.arpa (if required). 36 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 37 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Unsubscribe/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgent_Unsubscribe proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgent_Unsubscribe. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgent_Unsubscribe() 8 | * MQTTAgent_Init() 9 | * addCommandToQueue() 10 | * createAndAddCommand() 11 | * validateStruct() 12 | * isSpaceInPendingAckList() 13 | 14 | For this proof, stubs are used for the implementation of functions in the following interfaces and 15 | function types. Since the implementation for these functions will be provided by the applications, 16 | the proof only will require stubs. 17 | * MQTTAgentMessageInterface_t 18 | * TransportInterface_t 19 | * MQTTGetCurrentTimeFunc_t 20 | * MQTTAgentIncomingPublishCallback_t 21 | 22 | To run the proof. 23 | ------------- 24 | 25 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 26 | to your path. 27 | * Run `make`. 28 | * Open html/index.html in a web browser. 29 | 30 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 31 | ------------- 32 | 33 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 34 | * Use Makefile.arpa as the starting point for your proof Makefile by: 35 | 1. Modifying Makefile.arpa (if required). 36 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 37 | -------------------------------------------------------------------------------- /test/unit-test/cmock_opaque_types.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * 4 | * SPDX-License-Identifier: MIT 5 | * 6 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 7 | * this software and associated documentation files (the "Software"), to deal in 8 | * the Software without restriction, including without limitation the rights to 9 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 10 | * the Software, and to permit persons to whom the Software is furnished to do so, 11 | * subject to the following conditions: 12 | * 13 | * The above copyright notice and this permission notice shall be included in all 14 | * copies or substantial portions of the Software. 15 | * 16 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 18 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 19 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 20 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 22 | */ 23 | 24 | #ifndef CMOCK_OPAQUE_TYPES_H_ 25 | #define CMOCK_OPAQUE_TYPES_H_ 26 | 27 | /* CMock does not support opaque types so needs concrete definitions for them. 28 | * This file is included in CMock .c files. */ 29 | 30 | struct MQTTVec 31 | { 32 | void * a; 33 | int b; 34 | }; 35 | 36 | #endif /* ifndef CMOCK_OPAQUE_TYPES_H_ */ 37 | -------------------------------------------------------------------------------- /test/cbmc/include/get_time_stub.h: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file get_time_stub.h 25 | * @brief Stub definition for the application defined callback to retrieve the 26 | * current time in milliseconds. 27 | */ 28 | #ifndef GET_TIME_STUB_H_ 29 | #define GET_TIME_STUB_H_ 30 | 31 | /** 32 | * Application defined callback to retrieve the current time in milliseconds. 33 | * 34 | * @return The current time in milliseconds. 35 | */ 36 | uint32_t GetCurrentTimeStub( void ); 37 | 38 | #endif /* ifndef GET_TIME_STUB_H_ */ 39 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_CommandLoop/MQTTAgent_CommandLoop_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /* MQTT agent include. */ 24 | #include "core_mqtt_agent.h" 25 | 26 | #include "mqtt_agent_cbmc_state.h" 27 | 28 | void harness() 29 | { 30 | MQTTAgentContext_t * pMqttAgentContext = NULL; 31 | 32 | pMqttAgentContext = allocateMqttAgentContext( pMqttAgentContext ); 33 | 34 | if( pMqttAgentContext != NULL ) 35 | { 36 | pMqttAgentContext->mqttContext.connectStatus = MQTTConnected; 37 | } 38 | 39 | MQTTAgent_CommandLoop( pMqttAgentContext ); 40 | } 41 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Disconnect/MQTTAgent_Disconnect_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /* MQTT agent include. */ 24 | #include "core_mqtt_agent.h" 25 | 26 | #include "mqtt_agent_cbmc_state.h" 27 | 28 | void harness() 29 | { 30 | MQTTAgentContext_t * pMqttAgentContext; 31 | MQTTAgentCommandInfo_t * pCommandInfo; 32 | 33 | pMqttAgentContext = allocateMqttAgentContext( NULL ); 34 | __CPROVER_assume( isValidMqttAgentContext( pMqttAgentContext ) ); 35 | 36 | pCommandInfo = malloc( sizeof( MQTTAgentCommandInfo_t ) ); 37 | 38 | MQTTAgent_Disconnect( pMqttAgentContext, 39 | pCommandInfo ); 40 | } 41 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_CancelAll/MQTTAgent_CancelAll_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file MQTTAgent_CancelAll_harness.c 25 | * @brief Implements the proof harness for MQTTAgent_CancelAll function. 26 | */ 27 | 28 | /* MQTT agent include. */ 29 | #include "core_mqtt_agent.h" 30 | #include "mqtt_agent_cbmc_state.h" 31 | 32 | void harness() 33 | { 34 | MQTTAgentContext_t * pMqttAgentContext; 35 | 36 | pMqttAgentContext = allocateMqttAgentContext( NULL ); 37 | 38 | if( pMqttAgentContext != NULL ) 39 | { 40 | addPendingAcks( pMqttAgentContext ); 41 | } 42 | 43 | MQTTAgent_CancelAll( pMqttAgentContext ); 44 | } 45 | -------------------------------------------------------------------------------- /test/cbmc/stubs/agent_command_pool_stubs.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file agent_command_pool_stubs.h 25 | * @brief Stub functions to get and release command structure from a command pool. 26 | */ 27 | #include "core_mqtt_agent.h" 28 | #include "agent_command_pool_stubs.h" 29 | 30 | MQTTAgentCommand_t * AgentGetCommandStub( uint32_t blockTimeMs ) 31 | { 32 | MQTTAgentCommand_t * pCommand; 33 | 34 | pCommand = malloc( sizeof( MQTTAgentCommand_t ) ); 35 | 36 | return pCommand; 37 | } 38 | 39 | bool Agent_ReleaseCommand( MQTTAgentCommand_t * pCommandToRelease ) 40 | { 41 | return ( pCommandToRelease != NULL ) ? true : false; 42 | } 43 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_ResumeSession/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgent_ResumeSession proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgent_ResumeSession. 5 | 6 | The proof runs within 10 seconds on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgent_ResumeSession() 8 | * MQTTAgent_Init() 9 | * clearPendingAcknowledgments() 10 | * resendPublishes() 11 | * concludeCommand() 12 | * addPendingAcks() 13 | * isSpaceInPendingAckList() 14 | 15 | For this proof, stubs are used for the implementation of functions in the following interfaces and 16 | function types. Since the implementation for these functions will be provided by the applications, 17 | the proof only will require stubs. 18 | * MQTTAgentMessageInterface_t 19 | * TransportInterface_t 20 | * MQTTGetCurrentTimeFunc_t 21 | * MQTTAgentIncomingPublishCallback_t 22 | * MQTTAgentCommandCallback_t 23 | 24 | In addition to the interfaces and the function types, stubs are used for the below listed functions. 25 | CBMC proofs are written for these functions separately. 26 | * MQTT_ProcessLoop() 27 | * MQTT_Init() 28 | * MQTT_Publish() 29 | * MQTT_PublishToResend() 30 | 31 | To run the proof. 32 | ------------- 33 | 34 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 35 | to your path. 36 | * Run `make`. 37 | * Open html/index.html in a web browser. 38 | 39 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 40 | ------------- 41 | 42 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 43 | * Use Makefile.arpa as the starting point for your proof Makefile by: 44 | 1. Modifying Makefile.arpa (if required). 45 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 46 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Ping/MQTTAgentCommand_Ping_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file MQTTAgentCommand_Ping_harness.c 25 | * @brief Implements the proof harness for MQTTAgentCommand_Ping function. 26 | */ 27 | 28 | /* MQTT agent include. */ 29 | #include "core_mqtt_agent_command_functions.h" 30 | 31 | void harness() 32 | { 33 | MQTTAgentContext_t * pMqttAgentContext; 34 | MQTTAgentCommandFuncReturns_t * pReturnFlags; 35 | 36 | pMqttAgentContext = malloc( sizeof( MQTTAgentContext_t ) ); 37 | __CPROVER_assume( pMqttAgentContext != NULL ); 38 | pReturnFlags = malloc( sizeof( MQTTAgentCommandFuncReturns_t ) ); 39 | __CPROVER_assume( pReturnFlags != NULL ); 40 | 41 | MQTTAgentCommand_Ping( pMqttAgentContext, NULL, pReturnFlags ); 42 | } 43 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_ProcessLoop/MQTTAgentCommand_ProcessLoop_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file MQTTAgentCommand_ProcessLoop_harness.c 25 | * @brief Implements the proof harness for MQTTAgentCommand_ProcessLoop function. 26 | */ 27 | 28 | /* MQTT agent include. */ 29 | #include "core_mqtt_agent_command_functions.h" 30 | 31 | void harness() 32 | { 33 | MQTTAgentContext_t * pMqttAgentContext; 34 | MQTTAgentCommandFuncReturns_t * pReturnFlags; 35 | 36 | pMqttAgentContext = malloc( sizeof( MQTTAgentContext_t ) ); 37 | __CPROVER_assume( pMqttAgentContext != NULL ); 38 | pReturnFlags = malloc( sizeof( MQTTAgentCommandFuncReturns_t ) ); 39 | __CPROVER_assume( pReturnFlags != NULL ); 40 | 41 | MQTTAgentCommand_ProcessLoop( pMqttAgentContext, NULL, pReturnFlags ); 42 | } 43 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Disconnect/MQTTAgentCommand_Disconnect_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file MQTTAgentCommand_Disconnect_harness.c 25 | * @brief Implements the proof harness for MQTTAgentCommand_Disconnect function. 26 | */ 27 | 28 | /* MQTT agent include. */ 29 | #include "core_mqtt_agent_command_functions.h" 30 | 31 | 32 | void harness() 33 | { 34 | MQTTAgentContext_t * pMqttAgentContext; 35 | MQTTAgentCommandFuncReturns_t * pReturnFlags; 36 | 37 | pMqttAgentContext = malloc( sizeof( MQTTAgentContext_t ) ); 38 | __CPROVER_assume( pMqttAgentContext != NULL ); 39 | pReturnFlags = malloc( sizeof( MQTTAgentCommandFuncReturns_t ) ); 40 | __CPROVER_assume( pReturnFlags != NULL ); 41 | 42 | MQTTAgentCommand_Disconnect( pMqttAgentContext, NULL, pReturnFlags ); 43 | } 44 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Terminate/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgentCommand_Terminate_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgentCommand_Terminate 10 | 11 | # MQTT_AGENT_MAX_OUTSTANDING_ACKS set the maximum number of acknowledgments 12 | # that can be outstanding at any one time. A small number 2 will be enough 13 | # for proving the memory safety and making the proofs run faster. 14 | MQTT_AGENT_MAX_OUTSTANDING_ACKS=2 15 | 16 | MAX_BOUND_FOR_RECEIVE_COMMAND_LOOP=2 17 | 18 | # Bound for loop unwinding for the loops trying to read and write into the 19 | # outstanding acks array. The size of the array is determined by 20 | # MQTT_AGENT_MAX_OUTSTANDING_ACKS. The max bound will be one more than 21 | # array size for the proofs. 22 | MAX_BOUND_FOR_PENDING_ACK_LOOPS=$(shell expr $(MQTT_AGENT_MAX_OUTSTANDING_ACKS) + 1 ) 23 | 24 | DEFINES += -DMQTT_AGENT_MAX_OUTSTANDING_ACKS=$(MQTT_AGENT_MAX_OUTSTANDING_ACKS) 25 | DEFINES += 26 | INCLUDES += 27 | 28 | REMOVE_FUNCTION_BODY += MQTTAgent_CancelAll 29 | UNWINDSET += addPendingAcks.0:$(MAX_BOUND_FOR_PENDING_ACK_LOOPS) 30 | 31 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 32 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 33 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/network_interface_stubs.c 34 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/incoming_publish_callback_stub.c 35 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/get_time_stub.c 36 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_pool_stubs.c 37 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_message_stubs.c 38 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/core_mqtt_stubs.c 39 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent_command_functions.c 40 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 41 | 42 | include ../Makefile.common 43 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_ResumeSession/MQTTAgent_ResumeSession_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /* MQTT agent include. */ 24 | #include "core_mqtt_agent.h" 25 | 26 | #include "mqtt_agent_cbmc_state.h" 27 | 28 | void harness() 29 | { 30 | MQTTAgentContext_t * pMqttAgentContext; 31 | bool sessionPresent; 32 | MQTTStatus_t mqttStatus; 33 | 34 | pMqttAgentContext = allocateMqttAgentContext( NULL ); 35 | 36 | if( pMqttAgentContext != NULL ) 37 | { 38 | addPendingAcks( pMqttAgentContext ); 39 | } 40 | 41 | mqttStatus = MQTTAgent_ResumeSession( pMqttAgentContext, 42 | sessionPresent ); 43 | 44 | __CPROVER_assert( ( mqttStatus >= MQTTSuccess && mqttStatus <= MQTTKeepAliveTimeout ), 45 | "Return status from MQTTAgent_ResumeSession is a MQTT status." ); 46 | } 47 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_CancelAll/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgent_CancelAll_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgent_CancelAll 10 | 11 | # MQTT_AGENT_MAX_OUTSTANDING_ACKS set the maximum number of acknowledgments 12 | # that can be outstanding at any one time. A small number 2 will be enough 13 | # for proving the memory safety and making the proofs run faster. 14 | MQTT_AGENT_MAX_OUTSTANDING_ACKS=2 15 | 16 | MAX_BOUND_FOR_RECEIVE_COMMAND_LOOP=2 17 | 18 | # Bound for loop unwinding for the loops trying to read and write into the 19 | # outstanding acks array. The size of the array is determined by 20 | # MQTT_AGENT_MAX_OUTSTANDING_ACKS. The max bound will be one more than 21 | # array size for the proofs. 22 | MAX_BOUND_FOR_PENDING_ACK_LOOPS=$(shell expr $(MQTT_AGENT_MAX_OUTSTANDING_ACKS) + 1 ) 23 | 24 | DEFINES += -DMQTT_AGENT_MAX_OUTSTANDING_ACKS=$(MQTT_AGENT_MAX_OUTSTANDING_ACKS) 25 | DEFINES += 26 | INCLUDES += 27 | 28 | REMOVE_FUNCTION_BODY += 29 | UNWINDSET += addPendingAcks.0:$(MAX_BOUND_FOR_PENDING_ACK_LOOPS) 30 | UNWINDSET += MQTTAgent_CancelAll.0:$(MAX_BOUND_FOR_RECEIVE_COMMAND_LOOP) 31 | UNWINDSET += MQTTAgent_CancelAll.1:$(MAX_BOUND_FOR_PENDING_ACK_LOOPS) 32 | 33 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 34 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 35 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/network_interface_stubs.c 36 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/incoming_publish_callback_stub.c 37 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/get_time_stub.c 38 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_pool_stubs.c 39 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_message_stubs.c 40 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/core_mqtt_stubs.c 41 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 42 | 43 | include ../Makefile.common 44 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_CommandLoop/README.md: -------------------------------------------------------------------------------- 1 | MQTTAgent_CommandLoop proof 2 | ============== 3 | 4 | This directory contains a memory safety proof for MQTTAgent_CommandLoop. 5 | 6 | The proof runs within 3 minutes on a t2.2xlarge. It provides complete coverage of: 7 | * MQTTAgent_CommandLoop() 8 | * MQTTAgent_Init() 9 | * addAwaitingOperation() 10 | * getAgentFromMQTTContext() 11 | * getAwaitingOperation() 12 | * handleAcks() 13 | * mqttEventCallback() 14 | 15 | For this proof, stubs are used for the implementation of functions in the following interfaces and 16 | function types. Since the implementation for these functions will be provided by the applications, 17 | the proof only will require stubs. 18 | * MQTTAgentMessageInterface_t 19 | * TransportInterface_t 20 | * MQTTGetCurrentTimeFunc_t 21 | * MQTTAgentIncomingPublishCallback_t 22 | * MQTTAgentCommandCallback_t 23 | 24 | In addition to the interfaces and the function types, stubs are used for the below listed functions. 25 | CBMC proofs are written for these functions separately. 26 | * MQTTAgentCommand_ProcessLoop() 27 | * MQTTAgentCommand_Publish() 28 | * MQTTAgentCommand_Subscribe() 29 | * MQTTAgentCommand_Unsubscribe() 30 | * MQTTAgentCommand_Connect() 31 | * MQTTAgentCommand_Disconnect() 32 | * MQTTAgentCommand_Ping() 33 | * MQTTAgentCommand_Terminate() 34 | * MQTT_ProcessLoop() 35 | * MQTT_Init() 36 | 37 | To run the proof. 38 | ------------- 39 | 40 | * Add `cbmc`, `goto-cc`, `goto-instrument`, `goto-analyzer`, and `cbmc-viewer` 41 | to your path. 42 | * Run `make`. 43 | * Open html/index.html in a web browser. 44 | 45 | To use [`arpa`](https://awslabs.github.io/aws-proof-build-assistant) to simplify writing Makefiles. 46 | ------------- 47 | 48 | * Run `make arpa` to generate a Makefile.arpa that contains relevant build information for the proof. 49 | * Use Makefile.arpa as the starting point for your proof Makefile by: 50 | 1. Modifying Makefile.arpa (if required). 51 | 2. Including Makefile.arpa into the existing proof Makefile (add `sinclude Makefile.arpa` at the bottom of the Makefile, right before `include ../Makefile.common`). 52 | -------------------------------------------------------------------------------- /test/cbmc/stubs/incoming_publish_callback_stub.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file incoming_publish_callback_stub.c 25 | * @brief A stub for the incoming publish callback. 26 | */ 27 | 28 | #include "core_mqtt_agent.h" 29 | #include "incoming_publish_callback_stub.h" 30 | 31 | void IncomingPublishCallbackStub( MQTTAgentContext_t * pMqttAgentContext, 32 | uint16_t packetId, 33 | MQTTPublishInfo_t * pPublishInfo ) 34 | { 35 | __CPROVER_assert( pMqttAgentContext != NULL, 36 | "IncomingPublishCallbackStub pMqttAgentContext is not NULL." ); 37 | __CPROVER_assert( packetId != 0U, 38 | "IncomingPublishCallbackStub packetId is not 0." ); 39 | __CPROVER_assert( pPublishInfo != NULL, 40 | "IncomingPublishCallbackStub pPublishInfo is not NULL" ); 41 | } 42 | -------------------------------------------------------------------------------- /test/cbmc/stubs/get_time_stub.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file get_time_stub.c 25 | * @brief A stub to mock the retrieval of current time. 26 | */ 27 | 28 | #include "core_mqtt.h" 29 | #include "get_time_stub.h" 30 | 31 | uint32_t GetCurrentTimeStub( void ) 32 | { 33 | /* There are loops in the MQTT library that rely on the timestamp being 34 | * reasonable in order to complete. Returning an unbounded timestamp does 35 | * not add value to the proofs as the MQTT library uses the timestamp for 36 | * only arithmetic operations. In C arithmetic operations on unsigned 37 | * integers are guaranteed to reliably wrap around with no adverse side 38 | * effects. If the time returned was unbounded, the loops could be unwound 39 | * a large number of times making the proof execution very long. */ 40 | static uint32_t globalEntryTime = 0; 41 | 42 | return ++globalEntryTime; 43 | } 44 | -------------------------------------------------------------------------------- /test/cbmc/include/incoming_publish_callback_stub.h: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file incoming_publish_callback_stub.h 25 | * @brief Stub definition for the application defined MQTT library incoming 26 | * publish callback. 27 | */ 28 | #ifndef INCOMING_PUBLISH_CALLBACK_STUB_H_ 29 | #define INCOMING_PUBLISH_CALLBACK_STUB_H_ 30 | 31 | /* core_mqtt_agent.h must precede including this header. */ 32 | 33 | /** 34 | * @brief Callback function called when receiving a publish. 35 | * 36 | * @param[in] pMqttAgentContext The context of the MQTT agent. 37 | * @param[in] packetId The packet ID of the received publish. 38 | * @param[in] pPublishInfo Deserialized publish information. 39 | */ 40 | void IncomingPublishCallbackStub( MQTTAgentContext_t * pContext, 41 | uint16_t packetId, 42 | MQTTPublishInfo_t * pPublishInfo ); 43 | 44 | #endif /* ifndef INCOMING_PUBLISH_CALLBACK_STUB_H_ */ 45 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Publish/MQTTAgentCommand_Publish_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file MQTTAgentCommand_Publish_harness.c 25 | * @brief Implements the proof harness for MQTTAgentCommand_Publish function. 26 | */ 27 | 28 | /* MQTT agent include. */ 29 | #include "core_mqtt_agent_command_functions.h" 30 | 31 | void harness() 32 | { 33 | MQTTAgentContext_t * pMqttAgentContext; 34 | MQTTAgentCommandFuncReturns_t * pReturnFlags; 35 | MQTTPublishInfo_t * pPublishArg; 36 | 37 | pMqttAgentContext = malloc( sizeof( MQTTAgentContext_t ) ); 38 | __CPROVER_assume( pMqttAgentContext != NULL ); 39 | pReturnFlags = malloc( sizeof( MQTTAgentCommandFuncReturns_t ) ); 40 | __CPROVER_assume( pReturnFlags != NULL ); 41 | pPublishArg = malloc( sizeof( MQTTPublishInfo_t ) ); 42 | __CPROVER_assume( pPublishArg != NULL ); 43 | 44 | MQTTAgentCommand_Publish( pMqttAgentContext, pPublishArg, pReturnFlags ); 45 | } 46 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Subscribe/MQTTAgentCommand_Subscribe_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file MQTTAgentCommand_Subscribe_harness.c 25 | * @brief Implements the proof harness for MQTTAgentCommand_Subscribe function. 26 | */ 27 | 28 | /* MQTT agent include. */ 29 | #include "core_mqtt_agent_command_functions.h" 30 | #include "mqtt_agent_cbmc_state.h" 31 | 32 | void harness() 33 | { 34 | MQTTAgentContext_t * pMqttAgentContext; 35 | MQTTAgentCommandFuncReturns_t * pReturnFlags; 36 | MQTTAgentSubscribeArgs_t * pSubscribeArgs; 37 | 38 | pMqttAgentContext = malloc( sizeof( MQTTAgentContext_t ) ); 39 | __CPROVER_assume( pMqttAgentContext != NULL ); 40 | pReturnFlags = malloc( sizeof( MQTTAgentCommandFuncReturns_t ) ); 41 | __CPROVER_assume( pReturnFlags != NULL ); 42 | pSubscribeArgs = allocateSubscribeArgs( NULL ); 43 | 44 | MQTTAgentCommand_Subscribe( pMqttAgentContext, pSubscribeArgs, pReturnFlags ); 45 | } 46 | -------------------------------------------------------------------------------- /tools/coverity/misra.config: -------------------------------------------------------------------------------- 1 | { 2 | "version" : "2.0", 3 | "standard" : "c2012", 4 | "title": "Coverity MISRA Configuration", 5 | "deviations" : [ 6 | // Disable the following rules. 7 | { 8 | "deviation": "Directive 4.5", 9 | "reason": "Allow names that MISRA considers ambiguous." 10 | }, 11 | { 12 | "deviation": "Directive 4.8", 13 | "reason": "Allow inclusion of unused types. Header files for coreMQTT, which are needed by all files, define types that are not used by the agent." 14 | }, 15 | { 16 | "deviation": "Directive 4.9", 17 | "reason": "Allow inclusion of function like macros. Asserts and logging are done using function like macros." 18 | }, 19 | { 20 | "deviation": "Rule 2.3", 21 | "reason": "Allow unused types. coreMQTT Library headers define types intended for the application's use, but are not used by the agent files." 22 | }, 23 | { 24 | "deviation": "Rule 2.4", 25 | "reason": "Allow unused tags. Some compilers warn if types are not tagged." 26 | }, 27 | { 28 | "deviation": "Rule 2.5", 29 | "reason": "Allow unused macros. coreMQTT Library headers define macros intended for the application's use, but are not used by the agent." 30 | }, 31 | { 32 | "deviation": "Rule 3.1", 33 | "reason": "Allow nested comments. Documentation blocks contain comments for example code." 34 | }, 35 | { 36 | "deviation": "Rule 8.7", 37 | "reason": "API functions are not used by the library outside of the files they are defined; however, they must be externally visible in order to be used by an application." 38 | }, 39 | { 40 | "deviation": "Rule 8.13", 41 | "reason": "Allow to not to use const-qualified type for callback function." 42 | }, 43 | { 44 | "deviation": "Rule 11.5", 45 | "reason": "Allow casts from void *. Contexts are passed as void * and must be cast to the correct data type before use." 46 | } 47 | ] 48 | } 49 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Unsubscribe/MQTTAgentCommand_Unsubscribe_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file MQTTAgentCommand_Unsubscribe_harness.c 25 | * @brief Implements the proof harness for MQTTAgentCommand_Unsubscribe function. 26 | */ 27 | 28 | /* MQTT agent include. */ 29 | #include "core_mqtt_agent_command_functions.h" 30 | #include "mqtt_agent_cbmc_state.h" 31 | 32 | void harness() 33 | { 34 | MQTTAgentContext_t * pMqttAgentContext; 35 | MQTTAgentCommandFuncReturns_t * pReturnFlags; 36 | MQTTAgentSubscribeArgs_t * pSubscribeArgs; 37 | 38 | pMqttAgentContext = malloc( sizeof( MQTTAgentContext_t ) ); 39 | __CPROVER_assume( pMqttAgentContext != NULL ); 40 | pReturnFlags = malloc( sizeof( MQTTAgentCommandFuncReturns_t ) ); 41 | __CPROVER_assume( pReturnFlags != NULL ); 42 | pSubscribeArgs = allocateSubscribeArgs( NULL ); 43 | 44 | MQTTAgentCommand_Unsubscribe( pMqttAgentContext, pSubscribeArgs, pReturnFlags ); 45 | } 46 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Connect/MQTTAgent_Connect_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /* MQTT agent include. */ 24 | #include "core_mqtt_agent.h" 25 | 26 | #include "mqtt_agent_cbmc_state.h" 27 | 28 | 29 | void harness() 30 | { 31 | MQTTAgentContext_t * pMqttAgentContext; 32 | MQTTAgentConnectArgs_t * pConnectArgs; 33 | MQTTAgentCommandInfo_t * pCommandInfo; 34 | MQTTStatus_t mqttStatus; 35 | 36 | pMqttAgentContext = allocateMqttAgentContext( NULL ); 37 | __CPROVER_assume( isValidMqttAgentContext( pMqttAgentContext ) ); 38 | 39 | pConnectArgs = malloc( sizeof( MQTTAgentConnectArgs_t ) ); 40 | pCommandInfo = malloc( sizeof( MQTTAgentCommandInfo_t ) ); 41 | 42 | mqttStatus = MQTTAgent_Connect( pMqttAgentContext, 43 | pConnectArgs, 44 | pCommandInfo ); 45 | 46 | __CPROVER_assert( isAgentSendCommandFunctionStatus( mqttStatus ), "The return value is a MQTTStatus_t." ); 47 | } 48 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Connect/MQTTAgentCommand_Connect_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file MQTTAgentCommand_Connect_harness.c 25 | * @brief Implements the proof harness for MQTTAgentCommand_Connect function. 26 | */ 27 | 28 | /* MQTT agent include. */ 29 | #include "core_mqtt_agent_command_functions.h" 30 | #include "mqtt_agent_cbmc_state.h" 31 | 32 | void harness() 33 | { 34 | MQTTAgentContext_t * pMqttAgentContext; 35 | MQTTAgentCommandFuncReturns_t * pReturnFlags; 36 | MQTTAgentConnectArgs_t * pConnectArgs; 37 | 38 | pMqttAgentContext = malloc( sizeof( MQTTAgentContext_t ) ); 39 | __CPROVER_assume( pMqttAgentContext != NULL ); 40 | pReturnFlags = malloc( sizeof( MQTTAgentCommandFuncReturns_t ) ); 41 | __CPROVER_assume( pReturnFlags != NULL ); 42 | pConnectArgs = allocateConnectArgs( NULL ); 43 | __CPROVER_assume( pConnectArgs != NULL ); 44 | MQTTAgentCommand_Connect( pMqttAgentContext, pConnectArgs, pReturnFlags ); 45 | } 46 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Ping/MQTTAgent_Ping_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /* MQTT agent include. */ 24 | #include "core_mqtt_agent.h" 25 | 26 | #include "mqtt_agent_cbmc_state.h" 27 | 28 | void harness() 29 | { 30 | MQTTAgentContext_t * pMqttAgentContext; 31 | MQTTAgentCommandInfo_t * pCommandInfo; 32 | MQTTStatus_t mqttStatus; 33 | 34 | pMqttAgentContext = allocateMqttAgentContext( NULL ); 35 | __CPROVER_assume( isValidMqttAgentContext( pMqttAgentContext ) ); 36 | 37 | /* MQTTAgentCommandInfo is only added to Queue in MQTTAgent_Ping and 38 | * non deterministic values for the members of MQTTAgentCommandInfo_t 39 | * type will be sufficient for this proof. */ 40 | pCommandInfo = malloc( sizeof( MQTTAgentCommandInfo_t ) ); 41 | 42 | mqttStatus = MQTTAgent_Ping( pMqttAgentContext, 43 | pCommandInfo ); 44 | __CPROVER_assert( isAgentSendCommandFunctionStatus( mqttStatus ), "The return value is a MQTTStatus_t." ); 45 | } 46 | -------------------------------------------------------------------------------- /test/cbmc/proofs/lib/print_tool_versions.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # 3 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | # SPDX-License-Identifier: MIT-0 5 | 6 | 7 | import logging 8 | import pathlib 9 | import shutil 10 | import subprocess 11 | 12 | 13 | _TOOLS = [ 14 | "cadical", 15 | "cbmc", 16 | "cbmc-viewer", 17 | "cbmc-starter-kit-update", 18 | "kissat", 19 | "litani", 20 | ] 21 | 22 | 23 | def _format_versions(table): 24 | lines = [ 25 | "", 26 | '', 27 | ] 28 | for tool, version in table.items(): 29 | if version: 30 | v_str = f'
{version}
' 31 | else: 32 | v_str = 'not found' 33 | lines.append( 34 | f'' 36 | f'') 37 | lines.append("
Tool Versions
{tool}:{v_str}
") 38 | return "\n".join(lines) 39 | 40 | 41 | def _get_tool_versions(): 42 | ret = {} 43 | for tool in _TOOLS: 44 | err = f"Could not determine version of {tool}: " 45 | ret[tool] = None 46 | if not shutil.which(tool): 47 | logging.error("%s'%s' not found on $PATH", err, tool) 48 | continue 49 | cmd = [tool, "--version"] 50 | proc = subprocess.Popen(cmd, text=True, stdout=subprocess.PIPE) 51 | try: 52 | out, _ = proc.communicate(timeout=10) 53 | except subprocess.TimeoutExpired: 54 | logging.error("%s'%s --version' timed out", err, tool) 55 | continue 56 | if proc.returncode: 57 | logging.error( 58 | "%s'%s --version' returned %s", err, tool, str(proc.returncode)) 59 | continue 60 | ret[tool] = out.strip() 61 | return ret 62 | 63 | 64 | def main(): 65 | exe_name = pathlib.Path(__file__).name 66 | logging.basicConfig(format=f"{exe_name}: %(message)s") 67 | 68 | table = _get_tool_versions() 69 | out = _format_versions(table) 70 | print(out) 71 | 72 | 73 | if __name__ == "__main__": 74 | main() 75 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_ProcessLoop/MQTTAgent_ProcessLoop_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /* MQTT agent include. */ 24 | #include "core_mqtt_agent.h" 25 | 26 | #include "mqtt_agent_cbmc_state.h" 27 | 28 | void harness() 29 | { 30 | MQTTAgentContext_t * pMqttAgentContext; 31 | MQTTAgentCommandInfo_t * pCommandInfo; 32 | MQTTStatus_t mqttStatus; 33 | 34 | pMqttAgentContext = allocateMqttAgentContext( NULL ); 35 | __CPROVER_assume( isValidMqttAgentContext( pMqttAgentContext ) ); 36 | 37 | /* MQTTAgentCommandInfo is only added to Queue in MQTTAgent_ProcessLoop and 38 | * non deterministic values for the members of MQTTAgentCommandInfo_t type 39 | * will be sufficient for this proof. */ 40 | pCommandInfo = malloc( sizeof( MQTTAgentCommandInfo_t ) ); 41 | 42 | mqttStatus = MQTTAgent_ProcessLoop( pMqttAgentContext, 43 | pCommandInfo ); 44 | 45 | __CPROVER_assert( isAgentSendCommandFunctionStatus( mqttStatus ), "The return value is a MQTTStatus_t." ); 46 | } 47 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgentCommand_Terminate/MQTTAgentCommand_Terminate_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file MQTTAgentCommand_Terminate_harness.c 25 | * @brief Implements the proof harness for MQTTAgentCommand_Terminate function. 26 | */ 27 | 28 | /* MQTT agent include. */ 29 | #include "core_mqtt_agent_command_functions.h" 30 | #include "mqtt_agent_cbmc_state.h" 31 | 32 | void harness() 33 | { 34 | MQTTAgentContext_t * pMqttAgentContext; 35 | MQTTAgentCommandFuncReturns_t * pReturnFlags; 36 | 37 | pMqttAgentContext = allocateMqttAgentContext( NULL ); 38 | __CPROVER_assume( pMqttAgentContext != NULL ); 39 | __CPROVER_assume( pMqttAgentContext->agentInterface.releaseCommand != NULL ); 40 | pReturnFlags = malloc( sizeof( MQTTAgentCommandFuncReturns_t ) ); 41 | __CPROVER_assume( pReturnFlags != NULL ); 42 | 43 | if( pMqttAgentContext != NULL ) 44 | { 45 | addPendingAcks( pMqttAgentContext ); 46 | } 47 | 48 | MQTTAgentCommand_Terminate( pMqttAgentContext, NULL, pReturnFlags ); 49 | } 50 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Changelog for coreMQTT Agent Library 2 | 3 | ## v1.3.1 (August 2024) 4 | 5 | ### Changes 6 | - [#117](https://github.com/FreeRTOS/coreMQTT-Agent/pull/117) Update the incorrect version number. 7 | 8 | ## v1.3.0 (August 2024) 9 | 10 | ### Changes 11 | - [#114](https://github.com/FreeRTOS/coreMQTT-Agent/pull/114) Update CMock submodule pointer to latest version v2.5.3. 12 | - [#111](https://github.com/FreeRTOS/coreMQTT-Agent/pull/111) Update coreMQTT-Agent to work with the coreMQTT v2.3.1. 13 | - [#110](https://github.com/FreeRTOS/coreMQTT-Agent/pull/110) Fix MISRA violation. 14 | - [#109](https://github.com/FreeRTOS/coreMQTT-Agent/pull/109) Update CMakeList optionally build UT/Coverity & Update Coverity configuration. 15 | - [#108](https://github.com/FreeRTOS/coreMQTT-Agent/pull/108) Use CBMC version 5.95.1. 16 | - [#107](https://github.com/FreeRTOS/coreMQTT-Agent/pull/107) Add documentation about configuration options. 17 | - [#105](https://github.com/FreeRTOS/coreMQTT-Agent/pull/105) Update this repository to use new CI-CD Actions. 18 | - [#103](https://github.com/FreeRTOS/coreMQTT-Agent/pull/103) Update Agent to treat MQTTNeedMoreBytes correctly. 19 | - [#84](https://github.com/FreeRTOS/coreMQTT-Agent/pull/84) Create pull_request_template.md. 20 | - [#83](https://github.com/FreeRTOS/coreMQTT-Agent/pull/83) Add CBMC proof-running GitHub Action. 21 | - [#81](https://github.com/FreeRTOS/coreMQTT-Agent/pull/81) Fix unsigned comparison IAR compiler warnings. 22 | 23 | ## v1.2.0 (October 2022) 24 | 25 | ### Changes 26 | - [#77](https://github.com/FreeRTOS/coreMQTT-Agent/pull/77) Update coreMQTT-Agent to work with the coreMQTT v2.1.0. No breaking changes from the previous version. 27 | - [#75](https://github.com/FreeRTOS/coreMQTT-Agent/pull/75) Update coreMQTT-Agent to work with the coreMQTT v2.0.0. 28 | 29 | ## v1.1.0 (November 2021) 30 | 31 | ### Changes 32 | - [#59](https://github.com/FreeRTOS/coreMQTT-Agent/pull/59) Update doxygen version used for documentation to 1.9.2. 33 | 34 | ## v1.0.1 (July 2021) 35 | 36 | ### Changes 37 | - [#56](https://github.com/FreeRTOS/coreMQTT-Agent/pull/56) Add header guards for C++ linkage and update coreMQTT submodule. 38 | 39 | ## v1.0.0 (April 2021) 40 | 41 | This is the first release of the coreMQTT Agent library in this repository. 42 | 43 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Terminate/MQTTAgent_Terminate_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /* MQTT agent include. */ 24 | #include "core_mqtt_agent.h" 25 | #include "mqtt_agent_cbmc_state.h" 26 | 27 | 28 | /* Test harness entry function. */ 29 | void harness() 30 | { 31 | MQTTAgentContext_t * pMqttAgentContext; 32 | MQTTAgentCommandInfo_t * pCommandInfo; 33 | MQTTStatus_t mqttStatus; 34 | 35 | pMqttAgentContext = allocateMqttAgentContext( NULL ); 36 | __CPROVER_assume( isValidMqttAgentContext( pMqttAgentContext ) ); 37 | 38 | /* MQTTAgentCommandInfo is only added to Queue in MQTTAgent_Terminate and 39 | * non deterministic values for the members of MQTTAgentCommandInfo_t type 40 | * will be sufficient for this proof.*/ 41 | pCommandInfo = malloc( sizeof( MQTTAgentCommandInfo_t ) ); 42 | 43 | mqttStatus = MQTTAgent_Terminate( pMqttAgentContext, 44 | pCommandInfo ); 45 | 46 | __CPROVER_assert( isAgentSendCommandFunctionStatus( mqttStatus ), "The return value is a MQTTStatus_t." ); 47 | } 48 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Init/MQTTAgent_Init_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /* MQTT agent include. */ 24 | #include "core_mqtt_agent.h" 25 | 26 | void harness() 27 | { 28 | MQTTAgentContext_t * pMqttAgentContext; 29 | MQTTAgentMessageInterface_t * pMsgInterface; 30 | MQTTFixedBuffer_t * pNetworkBuffer; 31 | TransportInterface_t * pTransportInterface; 32 | MQTTGetCurrentTimeFunc_t getCurrentTimeMs; 33 | MQTTAgentIncomingPublishCallback_t incomingCallback; 34 | void * pIncomingPacketContext; 35 | 36 | pMqttAgentContext = malloc( sizeof( MQTTAgentContext_t ) ); 37 | pMsgInterface = malloc( sizeof( MQTTAgentMessageInterface_t ) ); 38 | pNetworkBuffer = malloc( sizeof( MQTTFixedBuffer_t ) ); 39 | pTransportInterface = malloc( sizeof( TransportInterface_t ) ); 40 | 41 | MQTTAgent_Init( pMqttAgentContext, 42 | pMsgInterface, 43 | pNetworkBuffer, 44 | pTransportInterface, 45 | getCurrentTimeMs, 46 | incomingCallback, 47 | pIncomingPacketContext ); 48 | } 49 | -------------------------------------------------------------------------------- /test/unit-test/cmock_build.cmake: -------------------------------------------------------------------------------- 1 | # Macro utility to clone the CMock submodule. 2 | macro( clone_cmock ) 3 | find_package( Git REQUIRED ) 4 | message( "Cloning submodule CMock." ) 5 | execute_process( COMMAND rm -rf ${CMOCK_DIR} 6 | COMMAND ${GIT_EXECUTABLE} submodule update --checkout --init --recursive ${CMOCK_DIR} 7 | WORKING_DIRECTORY ${PROJECT_SOURCE_DIR} 8 | RESULT_VARIABLE CMOCK_CLONE_RESULT ) 9 | 10 | if( NOT ${CMOCK_CLONE_RESULT} STREQUAL "0" ) 11 | message( FATAL_ERROR "Failed to clone CMock submodule." ) 12 | endif() 13 | endmacro() 14 | 15 | # Macro utility to add library targets for Unity and CMock to build configuration. 16 | macro( add_cmock_targets ) 17 | # Build Configuration for CMock and Unity libraries. 18 | list( APPEND CMOCK_INCLUDE_DIRS 19 | "${CMOCK_DIR}/vendor/unity/src/" 20 | "${CMOCK_DIR}/vendor/unity/extras/fixture/src" 21 | "${CMOCK_DIR}/vendor/unity/extras/memory/src" 22 | "${CMOCK_DIR}/src" 23 | ) 24 | 25 | add_library(cmock STATIC 26 | "${CMOCK_DIR}/src/cmock.c" 27 | ) 28 | 29 | set_target_properties(cmock PROPERTIES 30 | ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib 31 | POSITION_INDEPENDENT_CODE ON 32 | COMPILE_FLAGS "-Og" 33 | ) 34 | 35 | target_include_directories(cmock PUBLIC 36 | ${CMOCK_DIR}/src 37 | ${CMOCK_DIR}/vendor/unity/src/ 38 | ${CMOCK_DIR}/examples 39 | ${CMOCK_INCLUDE_DIRS} 40 | ) 41 | 42 | add_library(unity STATIC 43 | "${CMOCK_DIR}/vendor/unity/src/unity.c" 44 | "${CMOCK_DIR}/vendor/unity/extras/fixture/src/unity_fixture.c" 45 | "${CMOCK_DIR}/vendor/unity/extras/memory/src/unity_memory.c" 46 | ) 47 | 48 | set_target_properties(unity PROPERTIES 49 | ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib 50 | POSITION_INDEPENDENT_CODE ON 51 | ) 52 | 53 | target_include_directories(unity PUBLIC 54 | ${CMOCK_INCLUDE_DIRS} 55 | ) 56 | 57 | target_link_libraries(cmock unity) 58 | endmacro() 59 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Publish/MQTTAgent_Publish_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /* MQTT agent include. */ 24 | #include "core_mqtt_agent.h" 25 | 26 | #include "mqtt_agent_cbmc_state.h" 27 | 28 | void harness() 29 | { 30 | MQTTAgentContext_t * pMqttAgentContext; 31 | MQTTPublishInfo_t * pPublishInfo; 32 | MQTTAgentCommandInfo_t * pCommandInfo; 33 | MQTTStatus_t mqttStatus; 34 | 35 | pMqttAgentContext = allocateMqttAgentContext( NULL ); 36 | __CPROVER_assume( isValidMqttAgentContext( pMqttAgentContext ) ); 37 | 38 | /* MQTTAgentCommandInfo and MQTTPublishInfo_t are only added to Queue 39 | * in MQTTAgent_Publish and non deterministic values for the 40 | * members of MQTTAgentCommandInfo_t and MQTTPublishInfo_t type will be 41 | * sufficient for this proof.*/ 42 | pPublishInfo = malloc( sizeof( MQTTPublishInfo_t ) ); 43 | pCommandInfo = malloc( sizeof( MQTTAgentCommandInfo_t ) ); 44 | 45 | mqttStatus = MQTTAgent_Publish( pMqttAgentContext, 46 | pPublishInfo, 47 | pCommandInfo ); 48 | 49 | __CPROVER_assert( isAgentSendCommandFunctionStatus( mqttStatus ), "The return value is a MQTTStatus_t." ); 50 | } 51 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Subscribe/MQTTAgent_Subscribe_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /* MQTT agent include. */ 24 | #include "core_mqtt_agent.h" 25 | 26 | #include "mqtt_agent_cbmc_state.h" 27 | 28 | void harness() 29 | { 30 | MQTTAgentContext_t * pMqttAgentContext; 31 | MQTTAgentSubscribeArgs_t * pSubscriptionArgs; 32 | MQTTAgentCommandInfo_t * pCommandInfo; 33 | MQTTStatus_t mqttStatus; 34 | 35 | pMqttAgentContext = allocateMqttAgentContext( NULL ); 36 | __CPROVER_assume( isValidMqttAgentContext( pMqttAgentContext ) ); 37 | 38 | /* MQTTAgentCommandInfo and MQTTAgentSubscribeArgs_t are only added to Queue 39 | * in MQTTAgent_Subscribe and non deterministic values for the members 40 | * of MQTTAgentCommandInfo_t and MQTTAgentSubscribeArgs_t type will be sufficient 41 | * for this proof.*/ 42 | pSubscriptionArgs = malloc( sizeof( MQTTAgentSubscribeArgs_t ) ); 43 | pCommandInfo = malloc( sizeof( MQTTAgentCommandInfo_t ) ); 44 | 45 | mqttStatus = MQTTAgent_Subscribe( pMqttAgentContext, 46 | pSubscriptionArgs, 47 | pCommandInfo ); 48 | 49 | __CPROVER_assert( isAgentSendCommandFunctionStatus( mqttStatus ), "The return value is a MQTTStatus_t." ); 50 | } 51 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_Unsubscribe/MQTTAgent_Unsubscribe_harness.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /* MQTT agent include. */ 24 | #include "core_mqtt_agent.h" 25 | 26 | #include "mqtt_agent_cbmc_state.h" 27 | 28 | void harness() 29 | { 30 | MQTTAgentContext_t * pMqttAgentContext; 31 | MQTTAgentSubscribeArgs_t * pSubscriptionArgs; 32 | MQTTAgentCommandInfo_t * pCommandInfo; 33 | MQTTStatus_t mqttStatus; 34 | 35 | pMqttAgentContext = allocateMqttAgentContext( NULL ); 36 | __CPROVER_assume( isValidMqttAgentContext( pMqttAgentContext ) ); 37 | 38 | /* MQTTAgentCommandInfo and MQTTAgentSubscribeArgs_t are only added to Queue 39 | * in MQTTAgent_Unsubscribe and non deterministic values for the members 40 | * of MQTTAgentCommandInfo_t and MQTTAgentSubscribeArgs_t type will be sufficient 41 | * for this proof. */ 42 | pSubscriptionArgs = malloc( sizeof( MQTTAgentSubscribeArgs_t ) ); 43 | pCommandInfo = malloc( sizeof( MQTTAgentCommandInfo_t ) ); 44 | 45 | mqttStatus = MQTTAgent_Unsubscribe( pMqttAgentContext, 46 | pSubscriptionArgs, 47 | pCommandInfo ); 48 | 49 | __CPROVER_assert( isAgentSendCommandFunctionStatus( mqttStatus ), "The return value is a MQTTStatus_t." ); 50 | } 51 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_ResumeSession/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgent_ResumeSession_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgent_ResumeSession 10 | 11 | # MQTT_AGENT_MAX_OUTSTANDING_ACKS set the maximum number of acknowledgments 12 | # that can be outstanding at any one time. A small number 2 will be enough 13 | # for proving the memory safety and making the proofs run faster. 14 | MQTT_AGENT_MAX_OUTSTANDING_ACKS=2 15 | 16 | # Bound for loop unwinding for the loops trying to read and write into the 17 | # outstanding acks array. The size of the array is determined by 18 | # MQTT_AGENT_MAX_OUTSTANDING_ACKS. The max bound will be one more than 19 | # array size for the proofs. 20 | MAX_BOUND_FOR_PENDING_ACK_LOOPS=$(shell expr $(MQTT_AGENT_MAX_OUTSTANDING_ACKS) + 1 ) 21 | 22 | # The maximum value for packet identifier for the packets to be filled in the 23 | # pending acks array. Chosen a small value 5 to increase the probability of 24 | # finding a matching packet for query from MQTT_PublishToResend API. 25 | MAX_PACKET_ID=5 26 | 27 | DEFINES += -DMQTT_AGENT_MAX_OUTSTANDING_ACKS=$(MQTT_AGENT_MAX_OUTSTANDING_ACKS) 28 | DEFINES += -DMAX_PACKET_ID=$(MAX_PACKET_ID) 29 | 30 | INCLUDES += 31 | 32 | REMOVE_FUNCTION_BODY += 33 | 34 | UNWINDSET += __CPROVER_file_local_core_mqtt_agent_c_getAwaitingOperation.0:$(MAX_BOUND_FOR_PENDING_ACK_LOOPS) 35 | UNWINDSET += __CPROVER_file_local_core_mqtt_agent_c_clearPendingAcknowledgments.0:$(MAX_BOUND_FOR_PENDING_ACK_LOOPS) 36 | UNWINDSET += __CPROVER_file_local_core_mqtt_agent_c_resendPublishes.0:$(MAX_BOUND_FOR_PENDING_ACK_LOOPS) 37 | UNWINDSET += addPendingAcks.0:$(MAX_BOUND_FOR_PENDING_ACK_LOOPS) 38 | 39 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 40 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 41 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/network_interface_stubs.c 42 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/incoming_publish_callback_stub.c 43 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/get_time_stub.c 44 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_pool_stubs.c 45 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_message_stubs.c 46 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/core_mqtt_stubs.c 47 | 48 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 49 | 50 | include ../Makefile.common 51 | -------------------------------------------------------------------------------- /.github/.cSpellWords.txt: -------------------------------------------------------------------------------- 1 | ACKS 2 | Ack 3 | CBMC 4 | CBOR 5 | CMOCK 6 | CMock 7 | CONNACK 8 | COVERITY 9 | CSDK 10 | CTest 11 | CmdCompleteCallback 12 | Cmock 13 | Coverity 14 | DCMOCK 15 | DECIHOURS 16 | DNDEBUG 17 | DOXYGEN 18 | DUNITY 19 | DUP 20 | Decihours 21 | Deserialized 22 | Doxygen 23 | FuncToTest 24 | Init 25 | LWT 26 | MISRA 27 | MQTT 28 | MQTT's 29 | MQTTAgentCommandFunc 30 | MQTTAgentCommandFuncReturns 31 | MQTTAgentConnectArgs 32 | MQTTAgentSubscribeArgs 33 | MQTTGetCurrentTimeFunc 34 | MQTTQoS 35 | MQTTRecvFailed 36 | Misra 37 | Mqtt 38 | NONDET 39 | NUM 40 | Nondet 41 | POSIX 42 | PUBACK 43 | PUBLISHes 44 | QOS 45 | QoS 46 | Qos 47 | RECV 48 | SDK 49 | STDC 50 | SUBACK 51 | SUBACK's 52 | SYSCLK 53 | SYSCLOCK 54 | SYSClk 55 | Struct 56 | SysClk 57 | SysClock 58 | Sysclk 59 | Sysclock 60 | TODO 61 | UNACKED 62 | UNPADDED 63 | UNSUB 64 | UNSUBACK 65 | Unpadded 66 | Unprotect 67 | Unprotected 68 | Unsub 69 | VECT 70 | Vect 71 | Wunused 72 | ack 73 | acked 74 | acknowledgement 75 | acknowledgements 76 | acks 77 | args 78 | bool 79 | br 80 | bytesToRecv 81 | cbmc 82 | cbor 83 | cmdCompleteCallback 84 | cmdCompleteCb 85 | cmock 86 | connectArgs 87 | connectCmdCallback 88 | connectionArgs 89 | const 90 | coremqtt 91 | coverity 92 | ctest 93 | ctestACK 94 | decihours 95 | deserialized 96 | disconnectCmdCallback 97 | doxygen 98 | dup 99 | endcond 100 | enqueue 101 | enqueued 102 | enqueueing 103 | enqueues 104 | enum 105 | enums 106 | func 107 | getpacketid 108 | hu 109 | ifndef 110 | init 111 | initalized 112 | initializers 113 | isystem 114 | lcov 115 | lwt 116 | memset 117 | messagectx 118 | messagerecv 119 | misra 120 | mqtt 121 | mypy 122 | networkRecv 123 | nondet 124 | numSubscriptions 125 | pAckInfo 126 | pArgs 127 | pCmdCallbackContext 128 | pCmdCompleteCallbackContext 129 | pCmdContext 130 | pConnectArgs 131 | pDeserializedInfo 132 | pFuncName 133 | pMqttInfoParam 134 | pMsgCtx 135 | pMsgInterface 136 | pParams 137 | pPendingAcks 138 | pPublishArg 139 | pSubackCodes 140 | pSubscribeArgs 141 | pSubscriptionArgs 142 | pUnusedArg 143 | pVoidConnectArgs 144 | pVoidSubscribeArgs 145 | params 146 | pendingAcks 147 | preprocessor 148 | printf 149 | publishCmdCompleteCb 150 | pylint 151 | pytest 152 | pyyaml 153 | qos 154 | recv 155 | sinclude 156 | strlen 157 | struct 158 | structs 159 | suback 160 | subscribeArgs 161 | subscribeCmdCompleteCb 162 | sysclk 163 | sysclock 164 | th 165 | uint 166 | unpadded 167 | unprotect 168 | unsubscribeArgs 169 | unsubscribeCmdCompleteCb 170 | unsubscriptions 171 | utest 172 | vect 173 | writev 174 | xlarge 175 | DCMAKE 176 | Wextra 177 | Wsign 178 | Werror -------------------------------------------------------------------------------- /test/cbmc/include/agent_message_stubs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file agent_message_stubs.h 25 | * @brief Stub functions to interact with queues. 26 | */ 27 | #ifndef AGENT_MESSAGE_STUBS_H 28 | #define AGENT_MESSAGE_STUBS_H 29 | 30 | #include 31 | #include 32 | #include 33 | 34 | /* core_mqtt_agent.h must precede including this header. */ 35 | 36 | /** 37 | * @brief Send a message to the specified context. 38 | * 39 | * @param[in] pMsgCtx An #MQTTAgentMessageContext_t. 40 | * @param[in] pData Pointer to element to send to queue. 41 | * @param[in] blockTimeMs Block time to wait for a send. 42 | * 43 | * @return `true` if send was successful, else `false`. 44 | */ 45 | bool AgentMessageSendStub( MQTTAgentMessageContext_t * pMsgCtx, 46 | const void * pData, 47 | uint32_t blockTimeMs ); 48 | 49 | /** 50 | * @brief Receive a message from the specified context. 51 | * Must be thread safe. 52 | * 53 | * @param[in] pMsgCtx An #MQTTAgentMessageContext_t. 54 | * @param[in] pBuffer Pointer to buffer to write received data. 55 | * @param[in] blockTimeMs Block time to wait for a receive. 56 | * 57 | * @return `true` if receive was successful, else `false`. 58 | */ 59 | bool AgentMessageRecvStub( MQTTAgentMessageContext_t * pMsgCtx, 60 | void * pBuffer, 61 | uint32_t blockTimeMs ); 62 | 63 | #endif /* AGENT_MESSAGE_STUBS_H */ 64 | -------------------------------------------------------------------------------- /test/cbmc/include/network_interface_stubs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file network_interface_stubs.h 25 | * @brief Stub definitions for the application defined transport interface send 26 | * and receive callback. 27 | */ 28 | #ifndef NETWORK_INTERFACE_STUBS_H_ 29 | #define NETWORK_INTERFACE_STUBS_H_ 30 | 31 | /* transport_interface.h must precede including this header. */ 32 | 33 | /** 34 | * @brief Application defined network interface receive function. 35 | * 36 | * @param[in] pNetworkContext Application defined network interface context. 37 | * @param[out] pBuffer MQTT network receive buffer. 38 | * @param[in] bytesToRecv MQTT requested bytes. 39 | * 40 | * @return Any value from INT32_MIN to INT32_MAX. 41 | */ 42 | int32_t NetworkInterfaceReceiveStub( NetworkContext_t * pNetworkContext, 43 | void * pBuffer, 44 | size_t bytesToRecv ); 45 | 46 | /** 47 | * @brief Application defined network interface send function. 48 | * 49 | * @param[in] pNetworkContext Application defined network interface context. 50 | * @param[out] pBuffer MQTT network send buffer. 51 | * @param[in] bytesToSend Number of bytes to send over the network. 52 | * 53 | * @return Any value from INT32_MIN to INT32_MAX. 54 | */ 55 | int32_t NetworkInterfaceSendStub( NetworkContext_t * pNetworkContext, 56 | const void * pBuffer, 57 | size_t bytesToSend ); 58 | 59 | #endif /* ifndef NETWORK_INTERFACE_STUBS_H_ */ 60 | -------------------------------------------------------------------------------- /test/cbmc/include/agent_command_pool_stubs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file agent_command_pool_stubs.h 25 | * @brief Stub functions to get and release command structure from a command pool. 26 | */ 27 | #ifndef AGENT_COMMAND_POOL_STUBS_H 28 | #define AGENT_COMMAND_POOL_STUBS_H 29 | 30 | #include 31 | #include 32 | #include 33 | 34 | /* core_mqtt_agent.h must precede including this header. */ 35 | 36 | /** 37 | * @brief Send a message to the specified context. 38 | * 39 | * @param[in] blockTimeMs The length of time the calling task should remain in the 40 | * Blocked state (so not consuming any CPU time) to wait for a MQTTAgentCommand_t structure to 41 | * become available should one not be immediately at the time of the call. 42 | * 43 | * @return A pointer to a MQTTAgentCommand_t structure if one becomes available before 44 | * blockTimeMs time expired, otherwise NULL. 45 | */ 46 | MQTTAgentCommand_t * AgentGetCommandStub( uint32_t blockTimeMs ); 47 | 48 | /** 49 | * @brief Receive a message from the specified context. 50 | * Must be thread safe. 51 | * 52 | * @param[in] pCommandToRelease A pointer to the MQTTAgentCommand_t structure to return to 53 | * the pool. The structure must first have been obtained by calling 54 | * Agent_GetCommand(), otherwise Agent_ReleaseCommand() will 55 | * have no effect. 56 | * 57 | * @return true if the MQTTAgentCommand_t structure was returned to the pool, otherwise false. 58 | */ 59 | bool Agent_ReleaseCommand( MQTTAgentCommand_t * pCommandToRelease ); 60 | 61 | #endif /* AGENT_COMMAND_POOL_STUBS_H */ 62 | -------------------------------------------------------------------------------- /MISRA.md: -------------------------------------------------------------------------------- 1 | # MISRA Compliance 2 | 3 | The coreMQTT Agent library files conform to the [MISRA C:2012](https://www.misra.org.uk) 4 | guidelines, with some noted exceptions. Compliance is checked with Coverity static analysis. 5 | Deviations from the MISRA standard are listed below: 6 | 7 | ### Ignored by [Coverity Configuration](tools/coverity/misra.config) 8 | | Deviation | Category | Justification | 9 | | :-: | :-: | :-: | 10 | | Directive 4.5 | Advisory | Allow names that MISRA considers ambiguous (such as LogInfo and LogError) | 11 | | Directive 4.8 | Advisory | Allow inclusion of unused types. Header files from coreMQTT may define types that are not used by the agent. | 12 | | Directive 4.9 | Advisory | Allow inclusion of function like macros. The `assert` macro is used throughout the library for parameter validation, and logging is done using function like macros. | 13 | | Rule 2.3 | Advisory | Allow unused types. Both the agent and coreMQTT headers define types that are not directly used by the library but are still intended to be used by the application. | 14 | | Rule 2.4 | Advisory | Allow unused tags. Some compilers warn if types are not tagged. | 15 | | Rule 2.5 | Advisory | Allow unused macros. Library headers may define macros intended for the application's use, but are not used by a specific file. | 16 | | Rule 3.1 | Required | Allow nested comments. C++ style `//` comments are used in example code within Doxygen documentation blocks. | 17 | | Rule 11.5 | Advisory | Allow casts from `void *`. Fields such as command parameters are passed as `void *` for generalization and must be cast to the correct data type before use. | 18 | 19 | ### Flagged by Coverity 20 | | Deviation | Category | Justification | 21 | | :-: | :-: | :-: | 22 | | Rule 8.7 | Advisory | API functions are not used by the library outside of the files they are defined; however, they must be externally visible in order to be used by an application. | 23 | | Rule 8.13 | Advisory | Functions that are passed as pointers to coreMQTT or the agent must exactly match function signatures with the pointer type definition, so `const` modifiers cannot be added even if a specific function implementation does not modify a given parameter. | 24 | 25 | ### Suppressed with Coverity Comments 26 | To find the deviation references in the source files run grep on the source code 27 | with ( Assuming rule 11.3 violation; with justification in point 1 ): 28 | ``` 29 | grep 'MISRA Ref 11.3.1' . -rI 30 | ``` 31 | #### Rule 11.3 32 | 33 | _Ref 11.3.1_ 34 | 35 | - MISRA C-2012 Rule 11.3 states that a cast shall not be performed between a pointer to 36 | to object type and a pointer to a different object type. In this library, the MQTT stack 37 | processes data as byte stream, requiring casting to specific data structure. However this 38 | casting is safe because the buffers are aligned to a 4-byte boundaries, ensuring that no 39 | unaligned memory access occurs. 40 | -------------------------------------------------------------------------------- /test/cbmc/proofs/MQTTAgent_CommandLoop/Makefile: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | HARNESS_ENTRY = harness 5 | HARNESS_FILE = MQTTAgent_CommandLoop_harness 6 | 7 | # This should be a unique identifier for this proof, and will appear on the 8 | # Litani dashboard. It can be human-readable and contain spaces if you wish. 9 | PROOF_UID = MQTTAgent_CommandLoop 10 | 11 | # MQTT_AGENT_MAX_OUTSTANDING_ACKS set the maximum number of acknowledgments 12 | # that can be outstanding at any one time. A small number 2 will be enough 13 | # for proving the memory safety and making the proofs run faster. 14 | MQTT_AGENT_MAX_OUTSTANDING_ACKS=2 15 | 16 | # Bound for loop unwinding for the loops trying to read and write into the 17 | # outstanding acks array. The size of the array is determined by 18 | # MQTT_AGENT_MAX_OUTSTANDING_ACKS. The max bound will be one more than 19 | # array size for the proofs. 20 | MAX_BOUND_FOR_PENDING_ACK_LOOPS=$(shell expr $(MQTT_AGENT_MAX_OUTSTANDING_ACKS) + 1 ) 21 | 22 | # Bound for loop unwinding for the main loop in MQTTAgent_CommandLoop. Unwinding 23 | # the loop 3 times will be enough for proving memory safety. 24 | MAX_BOUND_FOR_COMMAND_LOOP=3 25 | 26 | # Bound for loop unwinding for loop in processCommand function. Unwinding 27 | # the loop 2 times will be enough for proving memory safety. 28 | MAX_BOUND_FOR_PROCESS_COMMAND_LOOP=2 29 | 30 | # Force CBMC to only use the AgentMessageRecvStub function as the pointee of 31 | # the recv function. 32 | RESTRICT_FUNCTION_POINTER += MQTTAgent_CommandLoop.function_pointer_call.1/AgentMessageRecvStub 33 | 34 | DEFINES += -DMQTT_AGENT_MAX_OUTSTANDING_ACKS=$(MQTT_AGENT_MAX_OUTSTANDING_ACKS) 35 | 36 | INCLUDES += 37 | 38 | REMOVE_FUNCTION_BODY += 39 | 40 | UNWINDSET += MQTTAgent_CommandLoop.0:$(MAX_BOUND_FOR_COMMAND_LOOP) 41 | UNWINDSET += __CPROVER_file_local_core_mqtt_agent_c_addAwaitingOperation.0:$(MAX_BOUND_FOR_PENDING_ACK_LOOPS) 42 | UNWINDSET += __CPROVER_file_local_core_mqtt_agent_c_getAwaitingOperation.0:$(MAX_BOUND_FOR_PENDING_ACK_LOOPS) 43 | UNWINDSET += __CPROVER_file_local_core_mqtt_agent_c_processCommand.0:$(MAX_BOUND_FOR_PROCESS_COMMAND_LOOP) 44 | 45 | PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c 46 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/sources/mqtt_agent_cbmc_state.c 47 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/network_interface_stubs.c 48 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/incoming_publish_callback_stub.c 49 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/get_time_stub.c 50 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_pool_stubs.c 51 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_message_stubs.c 52 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/agent_command_functions_stub.c 53 | PROOF_SOURCES += $(SRCDIR)/test/cbmc/stubs/core_mqtt_stubs.c 54 | 55 | PROJECT_SOURCES += $(SRCDIR)/source/core_mqtt_agent.c 56 | 57 | include ../Makefile.common 58 | -------------------------------------------------------------------------------- /tools/cmock/coverage.cmake: -------------------------------------------------------------------------------- 1 | # Taken from amazon-freertos repository 2 | cmake_minimum_required(VERSION 3.13) 3 | set(BINARY_DIR ${CMAKE_BINARY_DIR}) 4 | # reset coverage counters 5 | execute_process( 6 | COMMAND lcov --directory ${CMAKE_BINARY_DIR} 7 | --base-directory ${CMAKE_BINARY_DIR} 8 | --zerocounters 9 | 10 | COMMAND mkdir -p ${CMAKE_BINARY_DIR}/coverage 11 | ) 12 | # make the initial/baseline capture a zeroed out files 13 | execute_process( COMMAND lcov --directory ${CMAKE_BINARY_DIR} 14 | --base-directory ${CMAKE_BINARY_DIR} 15 | --initial 16 | --capture 17 | --rc lcov_branch_coverage=1 18 | --output-file=${CMAKE_BINARY_DIR}/base_coverage.info 19 | --include "*source*" 20 | 21 | ) 22 | file(GLOB files "${CMAKE_BINARY_DIR}/bin/tests/*") 23 | 24 | set(REPORT_FILE ${CMAKE_BINARY_DIR}/utest_report.txt) 25 | file(WRITE ${REPORT_FILE} "") 26 | # execute all files in bin directory, gathering the output to show it in CI 27 | foreach(testname ${files}) 28 | get_filename_component(test 29 | ${testname} 30 | NAME_WLE 31 | ) 32 | message("Running ${testname}") 33 | execute_process(COMMAND ${testname} OUTPUT_FILE ${CMAKE_BINARY_DIR}/${test}_out.txt) 34 | 35 | file(READ ${CMAKE_BINARY_DIR}/${test}_out.txt CONTENTS) 36 | file(APPEND ${REPORT_FILE} "${CONTENTS}") 37 | endforeach() 38 | 39 | # generate Junit style xml output 40 | execute_process(COMMAND ruby 41 | ${CMOCK_DIR}/vendor/unity/auto/parse_output.rb 42 | -xml ${REPORT_FILE} 43 | WORKING_DIRECTORY ${CMAKE_BINARY_DIR} 44 | ) 45 | 46 | # capture data after running the tests 47 | execute_process( 48 | COMMAND lcov --capture 49 | --rc lcov_branch_coverage=1 50 | --base-directory ${CMAKE_BINARY_DIR} 51 | --directory ${CMAKE_BINARY_DIR} 52 | --output-file ${CMAKE_BINARY_DIR}/second_coverage.info 53 | --include "*source*" 54 | ) 55 | 56 | # combile baseline results (zeros) with the one after running the tests 57 | execute_process( 58 | COMMAND lcov --base-directory ${CMAKE_BINARY_DIR} 59 | --directory ${CMAKE_BINARY_DIR} 60 | --add-tracefile ${CMAKE_BINARY_DIR}/base_coverage.info 61 | --add-tracefile ${CMAKE_BINARY_DIR}/second_coverage.info 62 | --output-file ${CMAKE_BINARY_DIR}/coverage.info 63 | --rc lcov_branch_coverage=1 64 | --include "*source*" 65 | ) 66 | execute_process( 67 | COMMAND genhtml --rc lcov_branch_coverage=1 68 | --branch-coverage 69 | --output-directory ${CMAKE_BINARY_DIR}/coverage 70 | ${CMAKE_BINARY_DIR}/coverage.info 71 | ) 72 | -------------------------------------------------------------------------------- /docs/doxygen/style.css: -------------------------------------------------------------------------------- 1 | /* 2 | * Stylesheet for Doxygen HTML output. 3 | * 4 | * This file defines styles for custom elements in the header/footer and 5 | * overrides some of the default Doxygen styles. 6 | * 7 | * Styles in this file do not affect the treeview sidebar. 8 | */ 9 | 10 | /* Set the margins to place a small amount of whitespace on the left and right 11 | * side of the page. */ 12 | div.contents { 13 | margin-left:4em; 14 | margin-right:4em; 15 | } 16 | 17 | /* Justify text in paragraphs. */ 18 | p { 19 | text-align: justify; 20 | } 21 | 22 | /* Style of section headings. */ 23 | h1 { 24 | border-bottom: 1px solid #879ECB; 25 | color: #354C7B; 26 | font-size: 160%; 27 | font-weight: normal; 28 | padding-bottom: 4px; 29 | padding-top: 8px; 30 | } 31 | 32 | /* Style of subsection headings. */ 33 | h2:not(.memtitle):not(.groupheader) { 34 | font-size: 125%; 35 | margin-bottom: 0px; 36 | margin-top: 16px; 37 | padding: 0px; 38 | } 39 | 40 | /* Style of paragraphs immediately after subsection headings. */ 41 | h2 + p { 42 | margin: 0px; 43 | padding: 0px; 44 | } 45 | 46 | /* Style of subsection headings. */ 47 | h3 { 48 | font-size: 100%; 49 | margin-bottom: 0px; 50 | margin-left: 2em; 51 | margin-right: 2em; 52 | } 53 | 54 | /* Style of paragraphs immediately after subsubsection headings. */ 55 | h3 + p { 56 | margin-top: 0px; 57 | margin-left: 2em; 58 | margin-right: 2em; 59 | } 60 | 61 | /* Style of the prefix "AWS IoT Device SDK C" that appears in the header. */ 62 | #csdkprefix { 63 | color: #757575; 64 | } 65 | 66 | /* Style of the "Return to main page" link that appears in the header. */ 67 | #returntomain { 68 | padding: 0.5em; 69 | } 70 | 71 | /* Style of the dividers on Configuration Settings pages. */ 72 | div.configpagedivider { 73 | margin-left: 0px !important; 74 | margin-right: 0px !important; 75 | margin-top: 20px !important; 76 | } 77 | 78 | /* Style of configuration setting names. */ 79 | dl.section.user ~ h1 { 80 | border-bottom: none; 81 | color: #000000; 82 | font-family: monospace, fixed; 83 | font-size: 16px; 84 | margin-bottom: 0px; 85 | margin-left: 2em; 86 | margin-top: 1.5em; 87 | } 88 | 89 | /* Style of paragraphs on a configuration settings page. */ 90 | dl.section.user ~ * { 91 | margin-bottom: 10px; 92 | margin-left: 4em; 93 | margin-right: 4em; 94 | margin-top: 0px; 95 | } 96 | 97 | /* Hide the configuration setting marker. */ 98 | dl.section.user { 99 | display: none; 100 | } 101 | 102 | /* Overrides for code fragments and lines. */ 103 | div.fragment { 104 | background: #ffffff; 105 | border: none; 106 | padding: 5px; 107 | } 108 | 109 | div.line { 110 | color: #3a3a3a; 111 | } 112 | 113 | /* Overrides for code syntax highlighting colors. */ 114 | span.comment { 115 | color: #008000; 116 | } 117 | 118 | span.keyword, span.keywordtype, span.keywordflow { 119 | color: #0000ff; 120 | } 121 | 122 | span.preprocessor { 123 | color: #50015a; 124 | } 125 | 126 | span.stringliteral, span.charliteral { 127 | color: #800c0c; 128 | } 129 | 130 | a.code, a.code:visited, a.line, a.line:visited { 131 | color: #496194; 132 | } 133 | -------------------------------------------------------------------------------- /.github/CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing Guidelines 2 | 3 | Thank you for your interest in contributing to our project. Whether it's a bug report, new feature, correction, or additional 4 | documentation, we greatly value feedback and contributions from our community. 5 | 6 | Please read through this document before submitting any issues or pull requests to ensure we have all the necessary 7 | information to effectively respond to your bug report or contribution. 8 | 9 | 10 | ## Reporting Bugs/Feature Requests 11 | 12 | We welcome you to use the GitHub issue tracker to report bugs or suggest features. 13 | 14 | When filing an issue, please check [existing open](https://github.com/FreeRTOS/coreMQTT-Agent/issues), or [recently closed](https://github.com/FreeRTOS/coreMQTT-Agent/issues?q=is%3Aissue+is%3Aclosed), issues to make sure somebody else hasn't already 15 | reported the issue. Please try to include as much information as you can. Details like these are incredibly useful: 16 | 17 | * A reproducible test case or series of steps 18 | * The version of our code being used 19 | * Any modifications you've made relevant to the bug 20 | * Anything unusual about your environment or deployment 21 | 22 | 23 | ## Contributing via Pull Requests 24 | Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that: 25 | 26 | 1. You are working against the latest source on the *main* branch. 27 | 1. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already. 28 | 1. You open an issue to discuss any significant work - we would hate for your time to be wasted. 29 | 30 | To send us a pull request, please: 31 | 32 | 1. Fork the repository. 33 | 1. Modify the source; please focus on the specific change you are contributing. If you also reformat all the code, it will be hard for us to focus on your change. 34 | 1. Ensure that your contributions conform to the [style guide](https://docs.aws.amazon.com/embedded-csdk/202011.00/lib-ref/docs/doxygen/output/html/guide_developer_styleguide.html). 35 | 1. Format your code with uncrustify, using the config available in [FreeRTOS/CI-CD-Github-Actions](https://github.com/FreeRTOS/CI-CD-Github-Actions/blob/main/formatting/uncrustify.cfg). 36 | 1. Ensure local tests pass. 37 | 1. Commit to your fork using clear commit messages. 38 | 1. Send us a pull request, answering any default questions in the pull request interface. 39 | 1. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation. 40 | 41 | GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and 42 | [creating a pull request](https://help.github.com/articles/creating-a-pull-request/). 43 | 44 | 45 | ## Finding contributions to work on 46 | Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels ((enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any ['help wanted'](https://github.com/FreeRTOS/coreMQTT-Agent/labels?q=help+wanted) issues is a great place to start. 47 | 48 | 49 | ## Code of Conduct 50 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 51 | For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 52 | opensource-codeofconduct@amazon.com with any additional questions or comments. 53 | 54 | 55 | ## Security issue notifications 56 | If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](https://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue. 57 | 58 | 59 | ## Licensing 60 | 61 | See the [LICENSE](../LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution. 62 | 63 | We may ask you to sign a [Contributor License Agreement (CLA)](https://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes. 64 | -------------------------------------------------------------------------------- /test/cbmc/stubs/agent_message_stubs.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file agent_message_stubs.h 25 | * @brief Stub functions to interact with queues. 26 | */ 27 | 28 | #include "core_mqtt_agent.h" 29 | #include "agent_message_stubs.h" 30 | 31 | static void commandCompleteCallbackStub( void * pCmdCallbackContext, 32 | MQTTAgentReturnInfo_t * pReturnInfo ) 33 | { 34 | __CPROVER_assert( pReturnInfo != NULL, 35 | "Command complete return info is not NULL." ); 36 | } 37 | 38 | static MQTTAgentCommand_t * allocateCommand() 39 | { 40 | MQTTAgentSubscribeArgs_t * pSubscribeArgs; 41 | MQTTPublishInfo_t * pPublishInfo; 42 | static bool terminate = false; 43 | 44 | MQTTAgentCommand_t * command = malloc( sizeof( MQTTAgentCommand_t ) ); 45 | 46 | /* Second command always is TERMINATE to keep the MQTTAgent_CommandLoop unwind bound. */ 47 | if( terminate == true ) 48 | { 49 | __CPROVER_assume( command != NULL ); 50 | __CPROVER_assume( command->commandType == TERMINATE ); 51 | } 52 | 53 | if( command != NULL ) 54 | { 55 | __CPROVER_assume( command->commandType >= NONE && command->commandType < NUM_COMMANDS ); 56 | 57 | if( ( command->commandType == SUBSCRIBE ) || ( command->commandType == UNSUBSCRIBE ) ) 58 | { 59 | pSubscribeArgs = malloc( sizeof( MQTTAgentSubscribeArgs_t ) ); 60 | command->pArgs = ( void * ) pSubscribeArgs; 61 | } 62 | else if( command->commandType == PUBLISH ) 63 | { 64 | pPublishInfo = malloc( sizeof( MQTTPublishInfo_t ) ); 65 | command->pArgs = ( void * ) pPublishInfo; 66 | } 67 | else 68 | { 69 | /* Empty else. */ 70 | } 71 | 72 | __CPROVER_assume( command->pCommandCompleteCallback == commandCompleteCallbackStub ); 73 | } 74 | 75 | terminate = true; 76 | return command; 77 | } 78 | 79 | bool AgentMessageSendStub( MQTTAgentMessageContext_t * pMsgCtx, 80 | const void * pData, 81 | uint32_t blockTimeMs ) 82 | { 83 | /* For the proofs, returning a non deterministic boolean value 84 | * will be good enough. */ 85 | return nondet_bool(); 86 | } 87 | 88 | bool AgentMessageRecvStub( MQTTAgentMessageContext_t * pMsgCtx, 89 | void * pBuffer, 90 | uint32_t blockTimeMs ) 91 | { 92 | MQTTAgentCommand_t * command; 93 | bool returnStatus; 94 | 95 | __CPROVER_assert( pBuffer != NULL, 96 | "Command buffer is not NULL." ); 97 | 98 | command = allocateCommand(); 99 | 100 | if( ( command != NULL ) && ( command->commandType == TERMINATE ) ) 101 | { 102 | returnStatus = false; 103 | } 104 | 105 | *( ( MQTTAgentCommand_t ** ) pBuffer ) = command; 106 | 107 | return returnStatus; 108 | } 109 | -------------------------------------------------------------------------------- /test/cbmc/include/core_mqtt_config.h: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file core_mqtt_config.h 25 | * @brief This header sets configuration macros for the MQTT library. 26 | */ 27 | #ifndef CORE_MQTT_CONFIG_H_ 28 | #define CORE_MQTT_CONFIG_H_ 29 | 30 | /* Mock a network context for the CBMC proofs. */ 31 | struct NetworkContext 32 | { 33 | int NetworkContext; 34 | }; 35 | 36 | /** 37 | * @brief Determines the maximum number of MQTT PUBLISH messages, pending 38 | * acknowledgement at a time, that are supported for incoming and outgoing 39 | * direction of messages, separately. 40 | * 41 | * QoS 1 and 2 MQTT PUBLISHes require acknowledgement from the server before 42 | * they can be completed. While they are awaiting the acknowledgement, the 43 | * client must maintain information about their state. The value of this 44 | * macro sets the limit on how many simultaneous PUBLISH states an MQTT 45 | * context maintains, separately, for both incoming and outgoing direction of 46 | * PUBLISHes. 47 | * 48 | * @note This definition must exist in order to compile. 10U is a typical value 49 | * used in the MQTT demos. 50 | */ 51 | #define MQTT_STATE_ARRAY_MAX_COUNT ( 10U ) 52 | 53 | /** 54 | * @brief Retry count for reading CONNACK from network. 55 | * 56 | * The MQTT_MAX_CONNACK_RECEIVE_RETRY_COUNT will be used only when the 57 | * timeoutMs parameter of #MQTT_Connect() is passed as 0 . The transport 58 | * receive for CONNACK will be retried MQTT_MAX_CONNACK_RECEIVE_RETRY_COUNT 59 | * times before timing out. A value of 0 for this config will cause the 60 | * transport receive for CONNACK to be invoked only once. 61 | */ 62 | #define MQTT_MAX_CONNACK_RECEIVE_RETRY_COUNT ( 2U ) 63 | 64 | /** 65 | * @brief Number of milliseconds to wait for a ping response to a ping 66 | * request as part of the keep-alive mechanism. 67 | * 68 | * If a ping response is not received before this timeout, then 69 | * #MQTT_ProcessLoop will return #MQTTKeepAliveTimeout. 70 | */ 71 | #define MQTT_PINGRESP_TIMEOUT_MS ( 500U ) 72 | 73 | /** 74 | * @brief The maximum duration of receiving no data over network when 75 | * attempting to read an incoming MQTT packet by the #MQTT_ProcessLoop or 76 | * #MQTT_ReceiveLoop API functions. 77 | * 78 | * When an incoming MQTT packet is detected, the transport receive function 79 | * may be called multiple times until all the expected number of bytes for the 80 | * packet are received. This timeout represents the maximum duration of polling 81 | * for any data to be received over the network for the incoming. 82 | * If the timeout expires, the #MQTT_ProcessLoop or #MQTT_ReceiveLoop functions 83 | * return #MQTTRecvFailed. 84 | * 85 | * This is set to 1 to exit right away after a zero is received in the transport 86 | * receive stub. There is no added value, in proving memory safety, to repeat 87 | * the logic that checks if the polling timeout is reached. 88 | */ 89 | #define MQTT_RECV_POLLING_TIMEOUT_MS ( 1U ) 90 | 91 | #endif /* ifndef CORE_MQTT_CONFIG_H_ */ 92 | -------------------------------------------------------------------------------- /test/unit-test/logging/logging_levels.h: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file logging_levels.h 25 | * @brief Defines the logging level macros. 26 | */ 27 | 28 | #ifndef LOGGING_LEVELS_H_ 29 | #define LOGGING_LEVELS_H_ 30 | 31 | /** 32 | * @brief No log messages. 33 | * 34 | * When @ref LIBRARY_LOG_LEVEL is #LOG_NONE, logging is disabled and no 35 | * logging messages are printed. 36 | */ 37 | #define LOG_NONE 0 38 | 39 | /** 40 | * @brief Represents erroneous application state or event. 41 | * 42 | * These messages describe the situations when a library encounters an error from 43 | * which it cannot recover. 44 | * 45 | * These messages are printed when @ref LIBRARY_LOG_LEVEL is defined as either 46 | * of #LOG_ERROR, #LOG_WARN, #LOG_INFO or #LOG_DEBUG. 47 | */ 48 | #define LOG_ERROR 1 49 | 50 | /** 51 | * @brief Message about an abnormal event. 52 | * 53 | * These messages describe the situations when a library encounters 54 | * abnormal event that may be indicative of an error. Libraries continue 55 | * execution after logging a warning. 56 | * 57 | * These messages are printed when @ref LIBRARY_LOG_LEVEL is defined as either 58 | * of #LOG_WARN, #LOG_INFO or #LOG_DEBUG. 59 | */ 60 | #define LOG_WARN 2 61 | 62 | /** 63 | * @brief A helpful, informational message. 64 | * 65 | * These messages describe normal execution of a library. They provide 66 | * the progress of the program at a coarse-grained level. 67 | * 68 | * These messages are printed when @ref LIBRARY_LOG_LEVEL is defined as either 69 | * of #LOG_INFO or #LOG_DEBUG. 70 | */ 71 | #define LOG_INFO 3 72 | 73 | /** 74 | * @brief Detailed and excessive debug information. 75 | * 76 | * Debug log messages are used to provide the 77 | * progress of the program at a fine-grained level. These are mostly used 78 | * for debugging and may contain excessive information such as internal 79 | * variables, buffers, or other specific information. 80 | * 81 | * These messages are only printed when @ref LIBRARY_LOG_LEVEL is defined as 82 | * #LOG_DEBUG. 83 | */ 84 | #define LOG_DEBUG 4 85 | 86 | /* The macro definition for LIBRARY_LOG_LEVEL is for Doxygen 87 | * documentation only. This macro is typically defined in only the 88 | * _config.h file or the demo_config.h file. */ 89 | 90 | /** 91 | * @brief The logging level verbosity configuration of log messages from library. 92 | * 93 | * The logging verbosity levels are one of #LOG_DEBUG, #LOG_INFO, #LOG_WARN, 94 | * and #LOG_ERROR. 95 | * - With level #LOG_NONE, logging will be disabled. 96 | * - With level #LOG_DEBUG, all log messages will print. 97 | * - With level #LOG_INFO, all log messages, except level #LOG_DEBUG, will print. 98 | * - With level #LOG_WARN, only messages this level and #LOG_ERROR level will print. 99 | * - With level #LOG_ERROR, only messages at this level will print. 100 | */ 101 | #ifdef DOXYGEN 102 | #define LIBRARY_LOG_LEVEL LOG_ERROR 103 | #endif 104 | 105 | #endif /* ifndef LOGGING_LEVELS_H_ */ 106 | -------------------------------------------------------------------------------- /test/cbmc/stubs/network_interface_stubs.c: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file network_interface_stubs.c 25 | * @brief Stubs to mock sending and receiving over a network interface. 26 | */ 27 | 28 | #include "core_mqtt.h" 29 | #include "network_interface_stubs.h" 30 | 31 | /* An exclusive bound on the times that the NetworkInterfaceSendStub will be 32 | * invoked before returning a loop terminating value. This is usually defined 33 | * in the Makefile of the harnessed function. */ 34 | #ifndef MAX_NETWORK_SEND_TRIES 35 | #define MAX_NETWORK_SEND_TRIES 3 36 | #endif 37 | 38 | /* An exclusive bound on the times that the NetworkInterfaceReceiveStub will 39 | * return an unbound value. At this value and beyond, the 40 | * NetworkInterfaceReceiveStub will return zero on every call. */ 41 | #ifndef MAX_NETWORK_RECV_TRIES 42 | #define MAX_NETWORK_RECV_TRIES 4 43 | #endif 44 | 45 | int32_t NetworkInterfaceReceiveStub( NetworkContext_t * pNetworkContext, 46 | void * pBuffer, 47 | size_t bytesToRecv ) 48 | { 49 | __CPROVER_assert( pBuffer != NULL, 50 | "NetworkInterfaceReceiveStub pBuffer is not NULL." ); 51 | 52 | __CPROVER_assert( __CPROVER_w_ok( pBuffer, bytesToRecv ), 53 | "NetworkInterfaceReceiveStub pBuffer is writable up to bytesToRecv." ); 54 | 55 | __CPROVER_havoc_object( pBuffer ); 56 | 57 | int32_t bytesOrError; 58 | static size_t tries = 0; 59 | 60 | /* It is a bug for the application defined transport send function to return 61 | * more than bytesToRecv. */ 62 | __CPROVER_assume( bytesOrError <= ( int32_t ) bytesToRecv ); 63 | 64 | if( tries < ( MAX_NETWORK_RECV_TRIES - 1 ) ) 65 | { 66 | tries++; 67 | } 68 | else 69 | { 70 | bytesOrError = 0; 71 | } 72 | 73 | return bytesOrError; 74 | } 75 | 76 | int32_t NetworkInterfaceSendStub( NetworkContext_t * pNetworkContext, 77 | const void * pBuffer, 78 | size_t bytesToSend ) 79 | { 80 | __CPROVER_assert( pBuffer != NULL, 81 | "NetworkInterfaceSendStub pBuffer is not NULL." ); 82 | 83 | /* The number of tries to send the message before this invocation. */ 84 | static size_t tries = 1; 85 | 86 | int32_t bytesOrError; 87 | 88 | /* It is a bug for the application defined transport send function to return 89 | * more than bytesToSend. */ 90 | __CPROVER_assume( bytesOrError <= ( int32_t ) bytesToSend ); 91 | 92 | /* If the maximum tries are reached, then return a timeout. In the MQTT library 93 | * this stub is wrapped in a loop that will does not end until the bytesOrError 94 | * returned is negative. This means we could loop possibly INT32_MAX 95 | * iterations. Looping for INT32_MAX times adds no value to the proof. 96 | * What matters is that the MQTT library can handle all the possible values 97 | * that could be returned. */ 98 | if( tries < ( MAX_NETWORK_SEND_TRIES - 1 ) ) 99 | { 100 | tries++; 101 | } 102 | else 103 | { 104 | tries = 1; 105 | bytesOrError = bytesToSend; 106 | } 107 | 108 | return bytesOrError; 109 | } 110 | -------------------------------------------------------------------------------- /test/unit-test/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # Include filepaths for source and include. 2 | include( ${MODULE_ROOT_DIR}/source/dependency/coreMQTT/mqttFilePaths.cmake ) 3 | include( ${MODULE_ROOT_DIR}/mqttAgentFilePaths.cmake ) 4 | 5 | # ==================== Define your project name (edit) ======================== 6 | set(project_name "mqtt_agent") 7 | 8 | # ===================== Create your mock here (edit) ======================== 9 | 10 | # list the files to mock here 11 | list(APPEND mock_list 12 | "${MODULE_ROOT_DIR}/source/dependency/coreMQTT/source/include/core_mqtt.h" 13 | "${MODULE_ROOT_DIR}/source/dependency/coreMQTT/source/include/core_mqtt_state.h" 14 | "${MODULE_ROOT_DIR}/source/include/core_mqtt_agent_command_functions.h" 15 | ) 16 | 17 | list(APPEND mock_list_command_functions 18 | "${MODULE_ROOT_DIR}/source/dependency/coreMQTT/source/include/core_mqtt.h" 19 | "${MODULE_ROOT_DIR}/source/dependency/coreMQTT/source/include/core_mqtt_state.h" 20 | "${MODULE_ROOT_DIR}/source/include/core_mqtt_agent.h" 21 | ) 22 | 23 | # list the directories your mocks need 24 | list(APPEND mock_include_list 25 | . 26 | ${CMAKE_CURRENT_LIST_DIR}/logging 27 | ${CMAKE_CURRENT_LIST_DIR}/config 28 | ${MQTT_AGENT_INCLUDE_PUBLIC_DIRS} 29 | ${MQTT_INCLUDE_PUBLIC_DIRS} 30 | ) 31 | 32 | #list the definitions of your mocks to control what to be included 33 | list(APPEND mock_define_list 34 | "" 35 | ) 36 | 37 | # ================= Create the library under test here (edit) ================== 38 | 39 | # list the files you would like to test here 40 | list(APPEND real_source_files 41 | ${MQTT_AGENT_SOURCES} 42 | ) 43 | # list the directories the module under test includes 44 | list(APPEND real_include_directories 45 | . 46 | ${CMAKE_CURRENT_LIST_DIR}/logging 47 | ${CMAKE_CURRENT_LIST_DIR}/config 48 | ${MQTT_AGENT_INCLUDE_PUBLIC_DIRS} 49 | ${MQTT_INCLUDE_PUBLIC_DIRS} 50 | ) 51 | 52 | # ===================== Create UnitTest Code here (edit) ===================== 53 | 54 | # list the directories your test needs to include 55 | list(APPEND test_include_directories 56 | . 57 | ${MQTT_AGENT_INCLUDE_PUBLIC_DIRS} 58 | ) 59 | 60 | # ============================= (end edit) =================================== 61 | 62 | set(mock_name "${project_name}_mock") 63 | set(real_name "${project_name}_real") 64 | 65 | create_mock_list(${mock_name} 66 | "${mock_list}" 67 | "${MODULE_ROOT_DIR}/tools/cmock/project.yml" 68 | "${mock_include_list}" 69 | "${mock_define_list}" 70 | ) 71 | 72 | create_real_library(${real_name} 73 | "${real_source_files}" 74 | "${real_include_directories}" 75 | "${mock_name}" 76 | ) 77 | 78 | list(APPEND utest_link_list 79 | -l${mock_name} 80 | lib${real_name}.a 81 | ) 82 | 83 | list(APPEND utest_dep_list 84 | ${real_name} 85 | ) 86 | 87 | 88 | # mqtt_agent_utest 89 | set(utest_name "${project_name}_utest") 90 | set(utest_source "${project_name}_utest.c") 91 | create_test(${utest_name} 92 | ${utest_source} 93 | "${utest_link_list}" 94 | "${utest_dep_list}" 95 | "${test_include_directories}" 96 | ) 97 | 98 | # mqtt_agent_command_functions_utest 99 | set(mock_name "${project_name}_command_functions_mock") 100 | set(real_name "${project_name}_command_functions_real") 101 | create_mock_list(${mock_name} 102 | "${mock_list_command_functions}" 103 | "${MODULE_ROOT_DIR}/tools/cmock/project.yml" 104 | "${mock_include_list}" 105 | "${mock_define_list}" 106 | ) 107 | 108 | create_real_library(${real_name} 109 | "${real_source_files}" 110 | "${real_include_directories}" 111 | "${mock_name}" 112 | ) 113 | 114 | set(utest_link_list "") 115 | list(APPEND utest_link_list 116 | -l${mock_name} 117 | lib${real_name}.a 118 | ) 119 | 120 | set(utest_dep_list "") 121 | list(APPEND utest_dep_list 122 | ${real_name} 123 | ) 124 | set(utest_name "${project_name}_command_functions_utest") 125 | set(utest_source "${project_name}_command_functions_utest.c") 126 | create_test(${utest_name} 127 | ${utest_source} 128 | "${utest_link_list}" 129 | "${utest_dep_list}" 130 | "${test_include_directories}" 131 | ) 132 | -------------------------------------------------------------------------------- /test/cbmc/include/mqtt_agent_cbmc_state.h: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file mqtt_agent_cbmc_state.h 25 | * @brief Allocation and assumption utilities for the MQTT Agent library CBMC proofs. 26 | */ 27 | #ifndef MQTT_AGENT_CBMC_STATE_H_ 28 | #define MQTT_AGENT_CBMC_STATE_H_ 29 | 30 | #include 31 | 32 | /* core_mqtt_agent.h must precede including this header. */ 33 | 34 | /** 35 | * @brief Allocate a #MQTTFixedBuffer_t object. 36 | * 37 | * @param[in] pBuffer #MQTTFixedBuffer_t object information. 38 | * 39 | * @return NULL or allocated #MQTTFixedBuffer_t memory. 40 | */ 41 | MQTTFixedBuffer_t * allocateMqttFixedBuffer( MQTTFixedBuffer_t * pFixedBuffer ); 42 | 43 | /** 44 | * @brief Validate a #MQTTFixedBuffer_t object. 45 | * 46 | * @param[in] pBuffer #MQTTFixedBuffer_t object to validate. 47 | * 48 | * @return True if the #MQTTFixedBuffer_t object is valid, false otherwise. 49 | * 50 | * @note A NULL object is a valid object. This is for coverage of the NULL 51 | * parameter checks in the function under proof. 52 | */ 53 | bool isValidMqttFixedBuffer( const MQTTFixedBuffer_t * pFixedBuffer ); 54 | 55 | /** 56 | * @brief Allocate a #MQTTAgentContext_t object. 57 | * 58 | * @param[in] pContext #MQTTAgentContext_t object information. 59 | * 60 | * @return NULL or allocated #MQTTAgentContext_t memory. 61 | */ 62 | MQTTAgentContext_t * allocateMqttAgentContext( MQTTAgentContext_t * pContext ); 63 | 64 | /** 65 | * @brief Validate a #MQTTAgentContext_t object. 66 | * 67 | * @param[in] pContext #MQTTAgentContext_t object to validate. 68 | * 69 | * @return True if the #MQTTAgentContext_t object is valid, false otherwise. 70 | * 71 | * @note A NULL object is a valid object. This is for coverage of the NULL 72 | * parameter checks in the function under proof. 73 | */ 74 | bool isValidMqttAgentContext( const MQTTAgentContext_t * pContext ); 75 | 76 | /** 77 | * @brief Function to check if the status is a valid status for the MQTT Agent 78 | * functions that send a command to the queue. The functions are: 79 | * - MQTTAgent_Connect 80 | * - MQTTAgent_Disconnect 81 | * - MQTTAgent_Subscribe 82 | * - MQTTAgent_Unsubscribe 83 | * - MQTTAgent_Ping 84 | * - MQTTAgent_Publish 85 | * - MQTTAgent_ProcessLoop 86 | * - MQTTAgent_Terminate 87 | * 88 | * @param[in] mqttStatus MQTT status to check if it is a valid MQTTAgent_Connect 89 | * status. 90 | * 91 | * @return true if an MQTTAgent_Connect status, false otherwise. 92 | */ 93 | bool isAgentSendCommandFunctionStatus( MQTTStatus_t mqttStatus ); 94 | 95 | /** 96 | * @brief Allocate a #MQTTAgentConnectArgs_t object. 97 | * 98 | * @param[in] pConnectArgs #MQTTAgentConnectArgs_t object information. 99 | * 100 | * @return NULL or allocated #MQTTAgentConnectArgs_t memory. 101 | */ 102 | MQTTAgentConnectArgs_t * allocateConnectArgs( MQTTAgentConnectArgs_t * pConnectArgs ); 103 | 104 | /** 105 | * @brief Add Pending ACKs to the MQTTAgentContext. 106 | * 107 | * @param[in] pContext #MQTTAgentContext_t object to add ACKs. 108 | */ 109 | void addPendingAcks( MQTTAgentContext_t * pContext ); 110 | 111 | /** 112 | * @brief Allocate a #MQTTAgentSubscribeArgs_t object. 113 | * 114 | * @param[in] pSubscribeArgs #MQTTAgentSubscribeArgs_t object information. 115 | * 116 | * @return NULL or allocated #MQTTAgentSubscribeArgs_t memory. 117 | */ 118 | MQTTAgentSubscribeArgs_t * allocateSubscribeArgs( MQTTAgentSubscribeArgs_t * pSubscribeArgs ); 119 | 120 | #endif /* ifndef MQTT_AGENT_CBMC_STATE_H_ */ 121 | -------------------------------------------------------------------------------- /test/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | cmake_minimum_required ( VERSION 3.22.0 ) 2 | project ( "MQTTAgent tests" 3 | VERSION 1.3.1 4 | LANGUAGES C ) 5 | 6 | # Allow the project to be organized into folders. 7 | set_property( GLOBAL PROPERTY USE_FOLDERS ON ) 8 | 9 | # Use C90 if not specified. 10 | if( NOT DEFINED CMAKE_C_STANDARD ) 11 | set( CMAKE_C_STANDARD 90 ) 12 | endif() 13 | if( NOT DEFINED CMAKE_C_STANDARD_REQUIRED ) 14 | set( CMAKE_C_STANDARD_REQUIRED ON ) 15 | endif() 16 | 17 | # If no configuration is defined, turn everything on. 18 | if( NOT DEFINED COV_ANALYSIS AND NOT DEFINED UNITTEST ) 19 | set( COV_ANALYSIS TRUE ) 20 | set( UNITTEST TRUE ) 21 | endif() 22 | 23 | # Do not allow in-source build. 24 | if( ${PROJECT_SOURCE_DIR} STREQUAL ${PROJECT_BINARY_DIR} ) 25 | message( FATAL_ERROR "In-source build is not allowed. Please build in a separate directory, such as ${PROJECT_SOURCE_DIR}/build." ) 26 | endif() 27 | 28 | # Set global path variables. 29 | get_filename_component(__MODULE_ROOT_DIR "${CMAKE_CURRENT_LIST_DIR}/.." ABSOLUTE) 30 | set(MODULE_ROOT_DIR ${__MODULE_ROOT_DIR} CACHE INTERNAL "coreMQTT-Agent repository root.") 31 | 32 | # Configure options to always show in CMake GUI. 33 | option( BUILD_CLONE_SUBMODULES 34 | "Set this to ON to automatically clone any required Git submodules. When OFF, submodules must be manually cloned." 35 | OFF ) 36 | 37 | # Set output directories. 38 | set( CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/bin ) 39 | set( CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib ) 40 | set( CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib ) 41 | 42 | # ===================================== Coverity Analysis Configuration ================================================= 43 | 44 | if( COV_ANALYSIS ) 45 | # Include filepaths for source and include. 46 | include( ${MODULE_ROOT_DIR}/source/dependency/coreMQTT/mqttFilePaths.cmake ) 47 | include( ${MODULE_ROOT_DIR}/mqttAgentFilePaths.cmake ) 48 | # Target for Coverity analysis that builds the library. 49 | add_library( coverity_analysis 50 | ${MQTT_AGENT_SOURCES} 51 | ${MQTT_SOURCES} 52 | ${MQTT_SERIALIZER_SOURCES} ) 53 | 54 | # Build MQTT library target without custom config dependency. 55 | target_compile_definitions( coverity_analysis PUBLIC MQTT_DO_NOT_USE_CUSTOM_CONFIG=1 MQTT_AGENT_DO_NOT_USE_CUSTOM_CONFIG=1 ) 56 | 57 | # MQTT AGENT public include path. 58 | target_include_directories( coverity_analysis PUBLIC ${MQTT_AGENT_INCLUDE_PUBLIC_DIRS} ${MQTT_INCLUDE_PUBLIC_DIRS} ) 59 | 60 | # Remove inclusion of assert. 61 | add_compile_definitions( NDEBUG=1 ) 62 | 63 | endif() 64 | 65 | # ==================================== Test Configuration ======================================== 66 | 67 | if( UNITTEST ) 68 | # Define a CMock resource path. 69 | set( CMOCK_DIR ${MODULE_ROOT_DIR}/test/unit-test/CMock CACHE INTERNAL "CMock library source directory." ) 70 | 71 | # Include CMock build configuration. 72 | include( unit-test/cmock_build.cmake ) 73 | 74 | # Check if the CMock source directory exists, and if not present, clone the submodule 75 | # if BUILD_CLONE_SUBMODULES configuration is enabled. 76 | if( NOT EXISTS ${CMOCK_DIR}/src ) 77 | # Attempt to clone CMock. 78 | if( ${BUILD_CLONE_SUBMODULES} ) 79 | clone_cmock() 80 | else() 81 | message( FATAL_ERROR "The required submodule CMock does not exist. Either clone it manually, or set\ 82 | BUILD_CLONE_SUBMODULES to 1 to automatically clone it during build." ) 83 | endif() 84 | endif() 85 | 86 | # Add unit test and coverage configuration. 87 | 88 | # Use CTest utility for managing test runs. This has to be added BEFORE 89 | # defining test targets with add_test() 90 | enable_testing() 91 | 92 | # Add build targets for CMock and Unit, required for unit testing. 93 | add_cmock_targets() 94 | 95 | # Add function to enable CMock based tests and coverage. 96 | include( ${MODULE_ROOT_DIR}/source/dependency/coreMQTT/tools/cmock/create_test.cmake ) 97 | 98 | # Include build configuration for unit tests. 99 | add_subdirectory( unit-test ) 100 | 101 | # ==================================== Coverage Analysis configuration ======================================== 102 | 103 | # Add a target for running coverage on tests. 104 | add_custom_target( coverage 105 | COMMAND ${CMAKE_COMMAND} -DCMOCK_DIR=${CMOCK_DIR} 106 | -P ${MODULE_ROOT_DIR}/tools/cmock/coverage.cmake 107 | DEPENDS cmock unity mqtt_agent_utest mqtt_agent_command_functions_utest 108 | WORKING_DIRECTORY ${CMAKE_BINARY_DIR} 109 | ) 110 | endif() 111 | -------------------------------------------------------------------------------- /source/include/core_mqtt_agent_config_defaults.h: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file core_mqtt_agent_config_defaults.h 25 | * @brief This represents the default values for the configuration macros 26 | * for the MQTT-Agent library. 27 | * 28 | * @note This file SHOULD NOT be modified. If custom values are needed for 29 | * any configuration macro, a core_mqtt_agent_config.h file should be provided to 30 | * the MQTT-Agent library to override the default values defined in this file. 31 | * To use the custom config file, the MQTT_AGENT_DO_NOT_USE_CUSTOM_CONFIG 32 | * preprocessor macro SHOULD NOT be set. 33 | */ 34 | 35 | #ifndef CORE_MQTT_AGENT_CONFIG_DEFAULTS_H_ 36 | #define CORE_MQTT_AGENT_CONFIG_DEFAULTS_H_ 37 | 38 | /* *INDENT-OFF* */ 39 | #ifdef __cplusplus 40 | extern "C" { 41 | #endif 42 | /* *INDENT-ON* */ 43 | 44 | #include "core_mqtt_config_defaults.h" 45 | 46 | /* MQTT_AGENT_DO_NOT_USE_CUSTOM_CONFIG allows building the MQTT library 47 | * without a custom config. If a custom config is provided, the 48 | * MQTT_AGENT_DO_NOT_USE_CUSTOM_CONFIG macro should not be defined. */ 49 | #ifndef MQTT_AGENT_DO_NOT_USE_CUSTOM_CONFIG 50 | /* Include custom config file before other headers. */ 51 | #include "core_mqtt_agent_config.h" 52 | #endif 53 | 54 | /* The macro definition for MQTT_AGENT_DO_NOT_USE_CUSTOM_CONFIG is for Doxygen 55 | * documentation only. */ 56 | 57 | /** 58 | * @brief Define this macro to build the MQTT library without the custom config 59 | * file core_mqtt_agent_config.h. 60 | * 61 | * Without the custom config, the MQTT library builds with 62 | * default values of config macros defined in core_mqtt_agent_config_defaults.h file. 63 | * 64 | * If a custom config is provided, then MQTT_AGENT_DO_NOT_USE_CUSTOM_CONFIG should 65 | * be defined. 66 | */ 67 | #ifdef DOXYGEN 68 | #define MQTT_AGENT_DO_NOT_USE_CUSTOM_CONFIG 69 | #endif 70 | 71 | /** 72 | * @brief The maximum number of pending acknowledgments to track for a single 73 | * connection. 74 | * 75 | * @note The MQTT agent tracks MQTT commands (such as PUBLISH and SUBSCRIBE) th 76 | * at are still waiting to be acknowledged. MQTT_AGENT_MAX_OUTSTANDING_ACKS set 77 | * the maximum number of acknowledgments that can be outstanding at any one time. 78 | * The higher this number is the greater the agent's RAM consumption will be. 79 | * 80 | * Possible values: Any positive integer up to SIZE_MAX.
81 | * Default value: `20` 82 | */ 83 | #ifndef MQTT_AGENT_MAX_OUTSTANDING_ACKS 84 | #define MQTT_AGENT_MAX_OUTSTANDING_ACKS ( 20U ) 85 | #endif 86 | 87 | /** 88 | * @brief Time in milliseconds that the MQTT agent task will wait in the Blocked state (so 89 | * not using any CPU time) for a command to arrive in its command queue before 90 | * exiting the blocked state so it can call MQTT_ProcessLoop(). 91 | * 92 | * @note It is important MQTT_ProcessLoop() is called often if there is known 93 | * MQTT traffic, but calling it too often can take processing time away from 94 | * lower priority tasks and waste CPU time and power. 95 | * 96 | * Possible values: Any positive 32 bit integer.
97 | * Default value: `1000` 98 | */ 99 | #ifndef MQTT_AGENT_MAX_EVENT_QUEUE_WAIT_TIME 100 | #define MQTT_AGENT_MAX_EVENT_QUEUE_WAIT_TIME ( 1000U ) 101 | #endif 102 | 103 | /** 104 | * @brief Whether the agent should configure the coreMQTT library to be used with publishes 105 | * greater than QoS0. Setting this to 0 will disallow the coreMQTT library to send publishes 106 | * with QoS > 0. 107 | * 108 | * Possible values: 0 or 1
109 | * Default value: `1` 110 | */ 111 | #ifndef MQTT_AGENT_USE_QOS_1_2_PUBLISH 112 | #define MQTT_AGENT_USE_QOS_1_2_PUBLISH ( 1 ) 113 | #endif 114 | 115 | /* *INDENT-OFF* */ 116 | #ifdef __cplusplus 117 | } 118 | #endif 119 | /* *INDENT-ON* */ 120 | 121 | #endif /* ifndef CORE_MQTT_AGENT_CONFIG_DEFAULTS_H_ */ 122 | -------------------------------------------------------------------------------- /test/cbmc/proofs/lib/summarize.py: -------------------------------------------------------------------------------- 1 | # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | # SPDX-License-Identifier: MIT-0 3 | 4 | import argparse 5 | import json 6 | import logging 7 | import os 8 | import sys 9 | 10 | 11 | DESCRIPTION = """Print 2 tables in GitHub-flavored Markdown that summarize 12 | an execution of CBMC proofs.""" 13 | 14 | 15 | def get_args(): 16 | """Parse arguments for summarize script.""" 17 | parser = argparse.ArgumentParser(description=DESCRIPTION) 18 | for arg in [{ 19 | "flags": ["--run-file"], 20 | "help": "path to the Litani run.json file", 21 | "required": True, 22 | }]: 23 | flags = arg.pop("flags") 24 | parser.add_argument(*flags, **arg) 25 | return parser.parse_args() 26 | 27 | 28 | def _get_max_length_per_column_list(data): 29 | ret = [len(item) + 1 for item in data[0]] 30 | for row in data[1:]: 31 | for idx, item in enumerate(row): 32 | ret[idx] = max(ret[idx], len(item) + 1) 33 | return ret 34 | 35 | 36 | def _get_table_header_separator(max_length_per_column_list): 37 | line_sep = "" 38 | for max_length_of_word_in_col in max_length_per_column_list: 39 | line_sep += "|" + "-" * (max_length_of_word_in_col + 1) 40 | line_sep += "|\n" 41 | return line_sep 42 | 43 | 44 | def _get_entries(max_length_per_column_list, row_data): 45 | entries = [] 46 | for row in row_data: 47 | entry = "" 48 | for idx, word in enumerate(row): 49 | max_length_of_word_in_col = max_length_per_column_list[idx] 50 | space_formatted_word = (max_length_of_word_in_col - len(word)) * " " 51 | entry += "| " + word + space_formatted_word 52 | entry += "|\n" 53 | entries.append(entry) 54 | return entries 55 | 56 | 57 | def _get_rendered_table(data): 58 | table = [] 59 | max_length_per_column_list = _get_max_length_per_column_list(data) 60 | entries = _get_entries(max_length_per_column_list, data) 61 | for idx, entry in enumerate(entries): 62 | if idx == 1: 63 | line_sep = _get_table_header_separator(max_length_per_column_list) 64 | table.append(line_sep) 65 | table.append(entry) 66 | table.append("\n") 67 | return "".join(table) 68 | 69 | 70 | def _get_status_and_proof_summaries(run_dict): 71 | """Parse a dict representing a Litani run and create lists summarizing the 72 | proof results. 73 | 74 | Parameters 75 | ---------- 76 | run_dict 77 | A dictionary representing a Litani run. 78 | 79 | 80 | Returns 81 | ------- 82 | A list of 2 lists. 83 | The first sub-list maps a status to the number of proofs with that status. 84 | The second sub-list maps each proof to its status. 85 | """ 86 | count_statuses = {} 87 | proofs = [["Proof", "Status"]] 88 | for proof_pipeline in run_dict["pipelines"]: 89 | status_pretty_name = proof_pipeline["status"].title().replace("_", " ") 90 | try: 91 | count_statuses[status_pretty_name] += 1 92 | except KeyError: 93 | count_statuses[status_pretty_name] = 1 94 | if proof_pipeline["name"] == "print_tool_versions": 95 | continue 96 | proofs.append([proof_pipeline["name"], status_pretty_name]) 97 | statuses = [["Status", "Count"]] 98 | for status, count in count_statuses.items(): 99 | statuses.append([status, str(count)]) 100 | return [statuses, proofs] 101 | 102 | 103 | def print_proof_results(out_file): 104 | """ 105 | Print 2 strings that summarize the proof results. 106 | When printing, each string will render as a GitHub flavored Markdown table. 107 | """ 108 | output = "## Summary of CBMC proof results\n\n" 109 | with open(out_file, encoding='utf-8') as run_json: 110 | run_dict = json.load(run_json) 111 | status_table, proof_table = _get_status_and_proof_summaries(run_dict) 112 | for summary in (status_table, proof_table): 113 | output += _get_rendered_table(summary) 114 | 115 | print(output) 116 | sys.stdout.flush() 117 | 118 | github_summary_file = os.getenv("GITHUB_STEP_SUMMARY") 119 | if github_summary_file: 120 | with open(github_summary_file, "a") as handle: 121 | print(output, file=handle) 122 | handle.flush() 123 | else: 124 | logging.warning( 125 | "$GITHUB_STEP_SUMMARY not set, not writing summary file") 126 | 127 | msg = ( 128 | "Click the 'Summary' button to view a Markdown table " 129 | "summarizing all proof results") 130 | if run_dict["status"] != "success": 131 | logging.error("Not all proofs passed.") 132 | logging.error(msg) 133 | sys.exit(1) 134 | logging.info(msg) 135 | 136 | 137 | if __name__ == '__main__': 138 | args = get_args() 139 | logging.basicConfig(format="%(levelname)s: %(message)s") 140 | try: 141 | print_proof_results(args.run_file) 142 | except Exception as ex: # pylint: disable=broad-except 143 | logging.critical("Could not print results. Exception: %s", str(ex)) 144 | -------------------------------------------------------------------------------- /source/include/core_mqtt_agent_default_logging.h: -------------------------------------------------------------------------------- 1 | /* 2 | * coreMQTT Agent 3 | * Copyright (C) 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * 5 | * Permission is hereby granted, free of charge, to any person obtaining a copy of 6 | * this software and associated documentation files (the "Software"), to deal in 7 | * the Software without restriction, including without limitation the rights to 8 | * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 9 | * the Software, and to permit persons to whom the Software is furnished to do so, 10 | * subject to the following conditions: 11 | * 12 | * The above copyright notice and this permission notice shall be included in all 13 | * copies or substantial portions of the Software. 14 | * 15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 17 | * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 18 | * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 19 | * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 20 | * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | */ 22 | 23 | /** 24 | * @file core_mqtt_agent_default_logging.h 25 | * @brief This represents the default values for the logging macros for the MQTT-Agent 26 | * library. 27 | * 28 | * @note This file SHOULD NOT be modified. If custom values are needed for 29 | * any configuration macro, a core_mqtt_agent_config.h file should be provided to 30 | * the MQTT-Agent library to override the default values defined in this file. 31 | * To use the custom config file, the MQTT_AGENT_DO_NOT_USE_CUSTOM_CONFIG preprocessor 32 | * macro SHOULD NOT be set. 33 | */ 34 | 35 | #ifndef CORE_MQTT_AGENT_DEFAULT_LOGGING_H_ 36 | #define CORE_MQTT_AGENT_DEFAULT_LOGGING_H_ 37 | 38 | /* *INDENT-OFF* */ 39 | #ifdef __cplusplus 40 | extern "C" { 41 | #endif 42 | /* *INDENT-ON* */ 43 | 44 | /** 45 | * @brief Macro that is called in the MQTT-Agent library for logging "Error" level 46 | * messages. 47 | * 48 | * To enable error level logging in the MQTT-Agent library, this macro should be mapped to the 49 | * application-specific logging implementation that supports error logging. 50 | * 51 | * @note This logging macro is called in the MQTT-Agent library with parameters wrapped in 52 | * double parentheses to be ISO C89/C90 standard compliant. For a reference 53 | * POSIX implementation of the logging macros, refer to core_mqtt_config.h files, and the 54 | * logging-stack in demos folder of the 55 | * [AWS IoT Embedded C SDK repository](https://github.com/aws/aws-iot-device-sdk-embedded-C). 56 | * 57 | * Default value: Error logging is turned off, and no code is generated for calls 58 | * to the macro in the MQTT library on compilation. 59 | */ 60 | #ifndef LogError 61 | #define LogError( message ) 62 | #endif 63 | 64 | /** 65 | * @brief Macro that is called in the MQTT-Agent library for logging "Warning" level messages. 66 | * 67 | * To enable warning level logging in the MQTT-Agent library, this macro should be mapped to the 68 | * application-specific logging implementation that supports warning logging. 69 | * 70 | * @note This logging macro is called in the MQTT-Agent library with parameters wrapped in 71 | * double parentheses to be ISO C89/C90 standard compliant. For a reference 72 | * POSIX implementation of the logging macros, refer to core_mqtt_config.h files, and the 73 | * logging-stack in demos folder of the 74 | * [AWS IoT Embedded C SDK repository](https://github.com/aws/aws-iot-device-sdk-embedded-C/). 75 | * 76 | * Default value: Warning logs are turned off, and no code is generated for calls 77 | * to the macro in the MQTT library on compilation. 78 | */ 79 | #ifndef LogWarn 80 | #define LogWarn( message ) 81 | #endif 82 | 83 | /** 84 | * @brief Macro that is called in the MQTT-Agent library for logging "Info" level 85 | * messages. 86 | * 87 | * To enable info level logging in the MQTT-Agent library, this macro should be mapped to the 88 | * application-specific logging implementation that supports info logging. 89 | * 90 | * @note This logging macro is called in the MQTT-Agent library with parameters wrapped in 91 | * double parentheses to be ISO C89/C90 standard compliant. For a reference 92 | * POSIX implementation of the logging macros, refer to core_mqtt_config.h files, and the 93 | * logging-stack in demos folder of the 94 | * [AWS IoT Embedded C SDK repository](https://github.com/aws/aws-iot-device-sdk-embedded-C/). 95 | * 96 | * Default value: Info logging is turned off, and no code is generated for calls 97 | * to the macro in the MQTT library on compilation. 98 | */ 99 | #ifndef LogInfo 100 | #define LogInfo( message ) 101 | #endif 102 | 103 | /** 104 | * @brief Macro that is called in the MQTT-Agent library for logging "Debug" level 105 | * messages. 106 | * 107 | * To enable debug level logging from MQTT-Agent library, this macro should be mapped to the 108 | * application-specific logging implementation that supports debug logging. 109 | * 110 | * @note This logging macro is called in the MQTT-Agent library with parameters wrapped in 111 | * double parentheses to be ISO C89/C90 standard compliant. For a reference 112 | * POSIX implementation of the logging macros, refer to core_mqtt_config.h files, and the 113 | * logging-stack in demos folder of the 114 | * [AWS IoT Embedded C SDK repository](https://github.com/aws/aws-iot-device-sdk-embedded-C/). 115 | * 116 | * Default value: Debug logging is turned off, and no code is generated for calls 117 | * to the macro in the MQTT library on compilation. 118 | */ 119 | #ifndef LogDebug 120 | #define LogDebug( message ) 121 | #endif 122 | 123 | /* *INDENT-OFF* */ 124 | #ifdef __cplusplus 125 | } 126 | #endif 127 | /* *INDENT-ON* */ 128 | 129 | #endif /* ifndef CORE_MQTT_AGENT_DEFAULT_LOGGING_H_ */ 130 | --------------------------------------------------------------------------------