Skip to content

Fix MISRA violations for Kernel release V11.2.0 #1251

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Feb 28, 2025
Merged

Fix MISRA violations for Kernel release V11.2.0 #1251

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
f0f8e9e
Fix MISRA violations for Kernel release V11.2.0
kar-rahul-aws Feb 27, 2025
4f51ec1
Fix formatting
kar-rahul-aws Feb 27, 2025
c361e68
Remove redundant configASSERT in timers.c
kar-rahul-aws Feb 28, 2025
4b7338c
Merge branch 'fix_misra_violations' of github.com:kar-rahul-aws/FreeR…
kar-rahul-aws Feb 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions MISRA.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -120,8 +120,8 @@ _Ref 11.5.5_
MISRA C-2012 Rule 14.3: Controlling expressions shall not be invariant.

_Ref 14.3_
- The `configMAX_TASK_NAME_LEN` and `taskRESERVED_TASK_NAME_LENGTH` are
evaluated to constants at compile time and may vary based on the build
- The `configMAX_TASK_NAME_LEN` , `taskRESERVED_TASK_NAME_LENGTH` and `SIZE_MAX`
are evaluated to constants at compile time and may vary based on the build
configuration.

#### Rule 18.1
Expand Down
4 changes: 4 additions & 0 deletions examples/coverity/coverity_misra.config
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,10 @@
"standard" : "c2012",
"title": "Coverity MISRA Configuration",
"deviations" : [
{
"deviation": "Rule 1.2",
"reason": "Allow use of __attribute__ for necessary functions placement in specific memory regions."
},
{
"deviation": "Rule 3.1",
"reason": "We post HTTP links in code comments which contain // inside comments blocks."
Expand Down
5 changes: 4 additions & 1 deletion queue.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -513,7 +513,10 @@ BaseType_t xQueueGenericReset( QueueHandle_t xQueue,
/* Check for multiplication overflow. */
( ( SIZE_MAX / uxQueueLength ) >= uxItemSize ) &&
/* Check for addition overflow. */
( ( SIZE_MAX - sizeof( Queue_t ) ) >= ( size_t ) ( uxQueueLength * uxItemSize ) ) )
/* MISRA Ref 14.3.1 [Configuration dependent invariant] */
/* More details at: https://github.com/FreeRTOS/FreeRTOS-Kernel/blob/main/MISRA.md#rule-143. */
/* coverity[misra_c_2012_rule_14_3_violation] */
( ( SIZE_MAX - sizeof( Queue_t ) ) >= ( size_t ) ( ( size_t ) uxQueueLength * ( size_t ) uxItemSize ) ) )
{
/* Allocate enough space to hold the maximum number of items that
* can be in the queue at any time. It is valid for uxItemSize to be
Expand Down
10 changes: 5 additions & 5 deletions tasks.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2016,7 +2016,7 @@ static void prvInitialiseNewTask( TaskFunction_t pxTaskCode,
pxNewTCB->xTaskRunState = taskTASK_NOT_RUNNING;

/* Is this an idle task? */
if( ( ( TaskFunction_t ) pxTaskCode == ( TaskFunction_t ) prvIdleTask ) || ( ( TaskFunction_t ) pxTaskCode == ( TaskFunction_t ) prvPassiveIdleTask ) )
if( ( ( TaskFunction_t ) pxTaskCode == ( TaskFunction_t ) ( &prvIdleTask ) ) || ( ( TaskFunction_t ) pxTaskCode == ( TaskFunction_t ) ( &prvPassiveIdleTask ) ) )
{
pxNewTCB->uxTaskAttributes |= taskATTRIBUTE_IS_IDLE;
}
Expand Down Expand Up @@ -3573,7 +3573,7 @@ static BaseType_t prvCreateIdleTasks( void )
{
#if ( configNUMBER_OF_CORES == 1 )
{
pxIdleTaskFunction = prvIdleTask;
pxIdleTaskFunction = &prvIdleTask;
}
#else /* #if ( configNUMBER_OF_CORES == 1 ) */
{
Expand All @@ -3582,11 +3582,11 @@ static BaseType_t prvCreateIdleTasks( void )
* run when no other task is available to run. */
if( xCoreID == 0 )
{
pxIdleTaskFunction = prvIdleTask;
pxIdleTaskFunction = &prvIdleTask;
}
else
{
pxIdleTaskFunction = prvPassiveIdleTask;
pxIdleTaskFunction = &prvPassiveIdleTask;
}
}
#endif /* #if ( configNUMBER_OF_CORES == 1 ) */
Expand All @@ -3603,7 +3603,7 @@ static BaseType_t prvCreateIdleTasks( void )
* name will contain an incorrect ASCII character. This is
* acceptable as the task name is used mainly for debugging. */
cIdleName[ xIdleTaskNameIndex ] = ( char ) ( xCoreID + '0' );
cIdleName[ xIdleTaskNameIndex + 1 ] = '\0';
cIdleName[ xIdleTaskNameIndex + 1U ] = '\0';
}
#endif /* if ( configNUMBER_OF_CORES > 1 ) */

Expand Down
193 changes: 100 additions & 93 deletions timers.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -257,7 +257,7 @@
configSTACK_DEPTH_TYPE uxTimerTaskStackSize;

vApplicationGetTimerTaskMemory( &pxTimerTaskTCBBuffer, &pxTimerTaskStackBuffer, &uxTimerTaskStackSize );
xTimerTaskHandle = xTaskCreateStaticAffinitySet( prvTimerTask,
xTimerTaskHandle = xTaskCreateStaticAffinitySet( &prvTimerTask,
configTIMER_SERVICE_TASK_NAME,
uxTimerTaskStackSize,
NULL,
Expand All @@ -273,7 +273,7 @@
}
#else /* if ( configSUPPORT_STATIC_ALLOCATION == 1 ) */
{
xReturn = xTaskCreateAffinitySet( prvTimerTask,
xReturn = xTaskCreateAffinitySet( &prvTimerTask,
configTIMER_SERVICE_TASK_NAME,
configTIMER_TASK_STACK_DEPTH,
NULL,
Expand All @@ -292,7 +292,7 @@
configSTACK_DEPTH_TYPE uxTimerTaskStackSize;

vApplicationGetTimerTaskMemory( &pxTimerTaskTCBBuffer, &pxTimerTaskStackBuffer, &uxTimerTaskStackSize );
xTimerTaskHandle = xTaskCreateStatic( prvTimerTask,
xTimerTaskHandle = xTaskCreateStatic( &prvTimerTask,
configTIMER_SERVICE_TASK_NAME,
uxTimerTaskStackSize,
NULL,
Expand All @@ -307,7 +307,7 @@
}
#else /* if ( configSUPPORT_STATIC_ALLOCATION == 1 ) */
{
xReturn = xTaskCreate( prvTimerTask,
xReturn = xTaskCreate( &prvTimerTask,
configTIMER_SERVICE_TASK_NAME,
configTIMER_TASK_STACK_DEPTH,
NULL,
Expand Down Expand Up @@ -462,7 +462,7 @@

/* Send a message to the timer service task to perform a particular action
* on a particular timer definition. */
if( xTimerQueue != NULL )
if( ( xTimerQueue != NULL ) && ( xTimer != NULL ) )
{
/* Send a command to the timer service task to start the xTimer timer. */
xMessage.xMessageID = xCommandID;
Expand Down Expand Up @@ -513,7 +513,7 @@

/* Send a message to the timer service task to perform a particular action
* on a particular timer definition. */
if( xTimerQueue != NULL )
if( ( xTimerQueue != NULL ) && ( xTimer != NULL ) )
{
/* Send a command to the timer service task to start the xTimer timer. */
xMessage.xMessageID = xCommandID;
Expand Down Expand Up @@ -974,109 +974,116 @@
* software timer. */
pxTimer = xMessage.u.xTimerParameters.pxTimer;

if( listIS_CONTAINED_WITHIN( NULL, &( pxTimer->xTimerListItem ) ) == pdFALSE )
if( pxTimer != NULL )
{
/* The timer is in a list, remove it. */
( void ) uxListRemove( &( pxTimer->xTimerListItem ) );
}
else
{
mtCOVERAGE_TEST_MARKER();
}
if( listIS_CONTAINED_WITHIN( NULL, &( pxTimer->xTimerListItem ) ) == pdFALSE )
{
/* The timer is in a list, remove it. */
( void ) uxListRemove( &( pxTimer->xTimerListItem ) );
}
else
{
mtCOVERAGE_TEST_MARKER();
}

traceTIMER_COMMAND_RECEIVED( pxTimer, xMessage.xMessageID, xMessage.u.xTimerParameters.xMessageValue );
traceTIMER_COMMAND_RECEIVED( pxTimer, xMessage.xMessageID, xMessage.u.xTimerParameters.xMessageValue );

/* In this case the xTimerListsWereSwitched parameter is not used, but
* it must be present in the function call. prvSampleTimeNow() must be
* called after the message is received from xTimerQueue so there is no
* possibility of a higher priority task adding a message to the message
* queue with a time that is ahead of the timer daemon task (because it
* pre-empted the timer daemon task after the xTimeNow value was set). */
xTimeNow = prvSampleTimeNow( &xTimerListsWereSwitched );
/* In this case the xTimerListsWereSwitched parameter is not used, but
* it must be present in the function call. prvSampleTimeNow() must be
* called after the message is received from xTimerQueue so there is no
* possibility of a higher priority task adding a message to the message
* queue with a time that is ahead of the timer daemon task (because it
* pre-empted the timer daemon task after the xTimeNow value was set). */
xTimeNow = prvSampleTimeNow( &xTimerListsWereSwitched );

switch( xMessage.xMessageID )
{
case tmrCOMMAND_START:
case tmrCOMMAND_START_FROM_ISR:
case tmrCOMMAND_RESET:
case tmrCOMMAND_RESET_FROM_ISR:
/* Start or restart a timer. */
pxTimer->ucStatus |= ( uint8_t ) tmrSTATUS_IS_ACTIVE;

if( prvInsertTimerInActiveList( pxTimer, xMessage.u.xTimerParameters.xMessageValue + pxTimer->xTimerPeriodInTicks, xTimeNow, xMessage.u.xTimerParameters.xMessageValue ) != pdFALSE )
{
/* The timer expired before it was added to the active
* timer list. Process it now. */
if( ( pxTimer->ucStatus & tmrSTATUS_IS_AUTORELOAD ) != 0U )
switch( xMessage.xMessageID )
{
case tmrCOMMAND_START:
case tmrCOMMAND_START_FROM_ISR:
case tmrCOMMAND_RESET:
case tmrCOMMAND_RESET_FROM_ISR:
/* Start or restart a timer. */
pxTimer->ucStatus |= ( uint8_t ) tmrSTATUS_IS_ACTIVE;

if( prvInsertTimerInActiveList( pxTimer, xMessage.u.xTimerParameters.xMessageValue + pxTimer->xTimerPeriodInTicks, xTimeNow, xMessage.u.xTimerParameters.xMessageValue ) != pdFALSE )
{
prvReloadTimer( pxTimer, xMessage.u.xTimerParameters.xMessageValue + pxTimer->xTimerPeriodInTicks, xTimeNow );
/* The timer expired before it was added to the active
* timer list. Process it now. */
if( ( pxTimer->ucStatus & tmrSTATUS_IS_AUTORELOAD ) != 0U )
{
prvReloadTimer( pxTimer, xMessage.u.xTimerParameters.xMessageValue + pxTimer->xTimerPeriodInTicks, xTimeNow );
}
else
{
pxTimer->ucStatus &= ( ( uint8_t ) ~tmrSTATUS_IS_ACTIVE );
}

/* Call the timer callback. */
traceTIMER_EXPIRED( pxTimer );
pxTimer->pxCallbackFunction( ( TimerHandle_t ) pxTimer );
}
else
{
pxTimer->ucStatus &= ( ( uint8_t ) ~tmrSTATUS_IS_ACTIVE );
mtCOVERAGE_TEST_MARKER();
}

/* Call the timer callback. */
traceTIMER_EXPIRED( pxTimer );
pxTimer->pxCallbackFunction( ( TimerHandle_t ) pxTimer );
}
else
{
mtCOVERAGE_TEST_MARKER();
}

break;

case tmrCOMMAND_STOP:
case tmrCOMMAND_STOP_FROM_ISR:
/* The timer has already been removed from the active list. */
pxTimer->ucStatus &= ( ( uint8_t ) ~tmrSTATUS_IS_ACTIVE );
break;

case tmrCOMMAND_CHANGE_PERIOD:
case tmrCOMMAND_CHANGE_PERIOD_FROM_ISR:
pxTimer->ucStatus |= ( uint8_t ) tmrSTATUS_IS_ACTIVE;
pxTimer->xTimerPeriodInTicks = xMessage.u.xTimerParameters.xMessageValue;
configASSERT( ( pxTimer->xTimerPeriodInTicks > 0 ) );

/* The new period does not really have a reference, and can
* be longer or shorter than the old one. The command time is
* therefore set to the current time, and as the period cannot
* be zero the next expiry time can only be in the future,
* meaning (unlike for the xTimerStart() case above) there is
* no fail case that needs to be handled here. */
( void ) prvInsertTimerInActiveList( pxTimer, ( xTimeNow + pxTimer->xTimerPeriodInTicks ), xTimeNow, xTimeNow );
break;

case tmrCOMMAND_DELETE:
#if ( configSUPPORT_DYNAMIC_ALLOCATION == 1 )
{
/* The timer has already been removed from the active list,
* just free up the memory if the memory was dynamically
* allocated. */
if( ( pxTimer->ucStatus & tmrSTATUS_IS_STATICALLY_ALLOCATED ) == ( uint8_t ) 0 )
break;

case tmrCOMMAND_STOP:
case tmrCOMMAND_STOP_FROM_ISR:
/* The timer has already been removed from the active list. */
pxTimer->ucStatus &= ( ( uint8_t ) ~tmrSTATUS_IS_ACTIVE );
break;

case tmrCOMMAND_CHANGE_PERIOD:
case tmrCOMMAND_CHANGE_PERIOD_FROM_ISR:
pxTimer->ucStatus |= ( uint8_t ) tmrSTATUS_IS_ACTIVE;
pxTimer->xTimerPeriodInTicks = xMessage.u.xTimerParameters.xMessageValue;
configASSERT( ( pxTimer->xTimerPeriodInTicks > 0 ) );

/* The new period does not really have a reference, and can
* be longer or shorter than the old one. The command time is
* therefore set to the current time, and as the period cannot
* be zero the next expiry time can only be in the future,
* meaning (unlike for the xTimerStart() case above) there is
* no fail case that needs to be handled here. */
( void ) prvInsertTimerInActiveList( pxTimer, ( xTimeNow + pxTimer->xTimerPeriodInTicks ), xTimeNow, xTimeNow );
break;

case tmrCOMMAND_DELETE:
#if ( configSUPPORT_DYNAMIC_ALLOCATION == 1 )
{
vPortFree( pxTimer );
/* The timer has already been removed from the active list,
* just free up the memory if the memory was dynamically
* allocated. */
if( ( pxTimer->ucStatus & tmrSTATUS_IS_STATICALLY_ALLOCATED ) == ( uint8_t ) 0 )
{
vPortFree( pxTimer );
}
else
{
pxTimer->ucStatus &= ( ( uint8_t ) ~tmrSTATUS_IS_ACTIVE );
}
}
else
#else /* if ( configSUPPORT_DYNAMIC_ALLOCATION == 1 ) */
{
/* If dynamic allocation is not enabled, the memory
* could not have been dynamically allocated. So there is
* no need to free the memory - just mark the timer as
* "not active". */
pxTimer->ucStatus &= ( ( uint8_t ) ~tmrSTATUS_IS_ACTIVE );
}
}
#else /* if ( configSUPPORT_DYNAMIC_ALLOCATION == 1 ) */
{
/* If dynamic allocation is not enabled, the memory
* could not have been dynamically allocated. So there is
* no need to free the memory - just mark the timer as
* "not active". */
pxTimer->ucStatus &= ( ( uint8_t ) ~tmrSTATUS_IS_ACTIVE );
}
#endif /* configSUPPORT_DYNAMIC_ALLOCATION */
break;
#endif /* configSUPPORT_DYNAMIC_ALLOCATION */
break;

default:
/* Don't expect to get here. */
break;
default:
/* Don't expect to get here. */
break;
}
}
else
{
mtCOVERAGE_TEST_MARKER();
}
}
}
Expand Down
Loading