MISRA 17.12 fixes, justifications for other reporting issues. (#1372)

* [8.6] Suppress declaration without definitions warnings

This is expected from the portable header as it is
implemented by the port.

* [21.3] Document unsupressed deviation

Deviations which are unsupressed should be
documented for user awareness.

* [2.2] Disclose dead code warning

* [2.1] Justify unreachable code in example

* [17.12] Add addressing operator to callback function

This is required to disambiguate a function call and a
function to-be called

* [4.12] Explain deviation for dynamic allocation

* [8.6] Remove suppression, instead explain reporting

* Suppress false null dereference
Coverity provides a false positive
of pxQueueSetContainer being null.

Author: kstribrnAmzn

MISRA.md

@@ -19,6 +19,7 @@ grep 'MISRA Ref 8.4.1' . -rI
 ```
 
 #### Dir 4.7
+
 MISRA C:2012 Dir 4.7: If a function returns error information, then that error
 information shall be tested.
 
@@ -143,3 +144,90 @@ _Ref 21.6.1_
  - The Standard Library function snprintf is used in vTaskListTasks and
    vTaskGetRunTimeStatistics APIs, both of which are utility functions only and
    are not considered part of core kernel implementation.
+
+### Unsuppressed Deviations
+
+Certain deviating code is left unsuppressed for awareness. These violations
+will be reported when audited by a MISRA-checking static analysis tool.
+
+Some of these unsuppressed exceptions correspond to example code provided
+either for demonstration or verification of the FreeRTOS kernel. This code
+is not considered part of the kernel implementation and should not be used
+in an application.
+
+Other unsuppressed violations are left present in the kernel implementation
+as implementations, code, or other missing functionality being flagged for
+violations will be present with the porting layer provided by the
+application. The presence of these errors after providing a port indicates
+a valid MISRA issue.
+
+#### Rule 2.1
+
+MISRA C:2012 Dir 2.1: A project shall not contain unreachable code
+
+_Ref 2.1_
+ - Simplified example contains unreachable code for demonstration of
+   FreeRTOS scheduler. A production implementation should not contain
+   this.
+
+    Affected Files:
+    - examples/cmake_example/main.c
+
+#### Rule 2.2
+
+MISRA C:2012 Dir 2.2: There shall be no dead code.
+
+_Ref 2.2_
+ - `vPortEndScheduler` is erroneously determined to be dead code due to
+    the use of a simplified verification port.
+
+    Affected Files:
+    - tasks.c
+
+#### Dir 4.12
+
+MISRA C:2012 Dir 4.12: Dynamic allocation shall not be used
+
+_Ref 4.12_
+  - Heap memory solutions utilize pvPortMalloc/vPortFree to provide heap
+    memory for dynamic object allocation. These functions may rely upon
+    the malloc/free of the underlying port. Static allocation is recommended
+    for MISRA compliant applications.
+
+    Affected Files:
+    - portable/MemMang/heap_*.c
+
+
+#### Rule 8.6
+
+MISRA C:2012 Rule 8.6: An identifier with external linkage shall have exactly
+one external definition.
+
+_Ref 8.6.1_
+ - Port layer function declarations are provided without corresponding
+   implementations to provide for ease of porting to a device. These definitions
+   cannot be implemented until a port is selected.
+
+#### Rule 21.3
+
+MISRA C-2012 Rule 21.3: The memory allocation and deallocation functions of
+<stdlib.h> shall not be used.
+
+_Ref 21.3_
+  - See justification from Directive 4.12
+
+    Affected Files:
+    - portable/MemMang/heap_*.c
+
+#### Rule 21.6
+
+MISRA C-2012 Rule 21.6: The Standard Library input/output functions shall not
+be used.
+
+_Ref 21.6.1_
+  - The Standard Library function `printf` is used in examples to provide a
+    simple getting started demonstration. This example is not considered part
+    of the kernel implementation.
+
+    Affected Files:
+    - examples/cmake_example/main.c

event_groups.c

@@ -511,7 +511,7 @@
             traceENTER_xEventGroupClearBitsFromISR( xEventGroup, uxBitsToClear );
 
             traceEVENT_GROUP_CLEAR_BITS_FROM_ISR( xEventGroup, uxBitsToClear );
-            xReturn = xTimerPendFunctionCallFromISR( vEventGroupClearBitsCallback, ( void * ) xEventGroup, ( uint32_t ) uxBitsToClear, NULL );
+            xReturn = xTimerPendFunctionCallFromISR( &vEventGroupClearBitsCallback, ( void * ) xEventGroup, ( uint32_t ) uxBitsToClear, NULL );
 
             traceRETURN_xEventGroupClearBitsFromISR( xReturn );
 
@@ -823,7 +823,7 @@
             traceENTER_xEventGroupSetBitsFromISR( xEventGroup, uxBitsToSet, pxHigherPriorityTaskWoken );
 
             traceEVENT_GROUP_SET_BITS_FROM_ISR( xEventGroup, uxBitsToSet );
-            xReturn = xTimerPendFunctionCallFromISR( vEventGroupSetBitsCallback, ( void * ) xEventGroup, ( uint32_t ) uxBitsToSet, pxHigherPriorityTaskWoken );
+            xReturn = xTimerPendFunctionCallFromISR( &vEventGroupSetBitsCallback, ( void * ) xEventGroup, ( uint32_t ) uxBitsToSet, pxHigherPriorityTaskWoken );
 
             traceRETURN_xEventGroupSetBitsFromISR( xReturn );
 

examples/cmake_example/main.c

@@ -69,7 +69,7 @@ int main( void )
 
     ( void ) printf( "Example FreeRTOS Project\n" );
 
-    ( void ) xTaskCreateStatic( exampleTask,
+    ( void ) xTaskCreateStatic( &exampleTask,
                                 "example",
                                 configMINIMAL_STACK_SIZE,
                                 NULL,

queue.c

@@ -3343,6 +3343,8 @@ BaseType_t xQueueIsQueueFullFromISR( const QueueHandle_t xQueue )
         configASSERT( pxQueueSetContainer ); /* LCOV_EXCL_BR_LINE */
         configASSERT( pxQueueSetContainer->uxMessagesWaiting < pxQueueSetContainer->uxLength );
 
+        /* pxQueue->pxQueueSetContainer is verified to be non-null by caller. */
+        /* coverity[dereference] */
         if( pxQueueSetContainer->uxMessagesWaiting < pxQueueSetContainer->uxLength )
         {
             const int8_t cTxLock = pxQueueSetContainer->cTxLock;