feat(quality control): ✨ Add MISRA C-2012 compliance #138
+531
−10
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ZZ-Cat
added
✨️ Enhancement ✨️
29 tasks
… environment I have set the `defect_detector` as the default development environment for the duration of this Pull Request.
…eck flag This exposes the unused functions to Cppcheck and will cause my Defect Detector to fail from now, until I re-factor this later on in the Pull Request.
…o Cppcheck source filters This ensures Cppcheck iterates through every C++ source file in CRSF for Arduino's code-base
Cppcheck will iterate through all files in the `examples` directory in addition to all files in the `src` directory
These are the coding rules CRSF for Arduino MUST comply with, in order for my Quality Control CI to pass.
This outlines what version of the MISRA rules are being used and what deviations from the standard rules exist within CRSF for Arduino's code-base.
This contains a disabled `unusedFunction` flag, because I currently want to have any unused functions exposed to both Cppcheck and the MISRA compliance add-on.
…ntrol.ini` configuration file. But leave it disabled, for now.
…rol.ini` configuration file. But leave it disabled, for now.
…ssions.txt` Cppcheck will now iterate across CRSF for Arduino's code-base, and flag it for any coding errors.
Global declaration for now. Missing Includes are currently false positives, because Cppcheck does not know where these files are, yet my compiler does.
Global declaration for now. Unmatched Suppressions here are false positives, because for some reason, Cppcheck is not seeing when a particular suppression is actually working.
Global declaration for now. I am intentionally suppressing all unused functions for the time being, because things like `loop()` and `setup()` appear as false positives, along with CRSF for Arduino's own API appearing as false positives.
… Arduino's entire code-base Cppcheck now checks CRSF for Arduino for compliance with MISRA C 2012 rules in addition to its own checks.
Defects detectedError summaryMultiple low severity level MISRA C:2012 rule violations. Error message
Ha! I was expecting that to happen. The fact that there are only low severity MISRA rule violations here is a testament to my own coding practices, to be honest. I was actually expecting moderate to high severity stuff, but nah. Just low stuff... more to do with coding style than anything, which is interesting. There are a handful of other things I need to do before I can write in the |
… Matrix This will be populated with each MISRA C:2012 guideline that CRSF for Arduino is compliant with.
This concludes the addition of missing rules.
This explains what each rule flag means
…d add a section for documenting deviations from the MISRA C guidelines
…icons These emoticons depict where and how this guideline is checked
…ine is checked and where
… for manual review
…eckmarks and crosses This indicates how each guideline is checked
…tly violated rules There are currently 774 MISRA C violations in CRSF for Arduino. The Compliance Matrix now shows manual review of these violated rules until each one can be resolved.
… separate tables, and expand on the information provided.
…ed**, and **Mandatory** flags. This provides a better description of how each flag applies to CRSF for Arduino.
This completes the compliance matrix for CRSF for Arduino
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview
Note
Currently, this Pull Request is a work-in-progress.
This Pull Request adds compliance with MISRA C:2012 rules, for increased safety and reliability.
Details
CRSF for Arduino's entire C++ code-base is checked for compliance, including all of its example files.
Currently, there are numerous low severity MISRA C:2012 rule violations within the code-base which need to be squared away before CRSF for Arduino can claim compliance.
A "first-look" of what the compliance matrix may look like is available here
To-do list
The following list consists of what needs to be done before this Pull Request can be merged:
Additional
This is the final part of my supply chain hardening in the wake of the XZ Utils back door incident.
While enforcing MISRA C-2012 may not increase security in any significant way, it certainly aims to significantly increase the safety and reliability of CRSF for Arduino, by checking against an internationally recognised rule set of coding standards as outlined by the Motor Industry Software Reliability Association.
I am doing this because #103 completes the full ExpressLRS or TBS Crossfire/Tracer transmitter and receiver control links, where you will be able to fully pipe uplink and downlink data to-and-from your RC project via your own controller handset.
This means I need to ensure my code-base is as reliable as it can possibly be, and bringing in MISRA compliance provides me with the necessary safety and reliability benchmarks that says my code-base does what you tell it to do.